| v3.traincdn.com/_nuxt/desktop/default/runtime-774326dd.js | 185.244.209.62 | 200 OK | 15 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/runtime-774326dd.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (47028), with no line terminators Hash9154fe64ae35ee1804cd077358bfad90 3b7e02db72484c7400ed9d43369b0e1b9a21400d 84cb88955317f7c9a1825b0dda3806f73232341acb2b8bd177f9d66669bf5860
GET /_nuxt/desktop/default/runtime-774326dd.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:18 GMT
content-type: application/javascript; charset=utf-8
content-length: 14719
last-modified: Tue, 23 Apr 2024 13:15:15 GMT
etag: "6627b463-397f"
content-encoding: gzip
expires: Wed, 24 Apr 2024 14:28:29 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-4ffbbd656eac2ed35aa63e5625b99d29-be3a5842ec1e3f4e-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T14:28:29+00:00, 2024-04-23T14:28:59+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/1c94b87d.css | 185.244.209.62 | 200 OK | 7.3 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/1c94b87d.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (53523), with no line terminators Hash09f5d4ef76cd62ba561edcd01f6b5c5f 270b17bb922c6e3559a71fb9530ec41bd1b54f95 7e1af9add1d57b07ff5cdab9ee1af0b09253f3de94d42a4333a4f1603bce46bb
GET /_nuxt/desktop/default/css/1c94b87d.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:18 GMT
content-type: text/css
content-length: 7300
last-modified: Tue, 23 Apr 2024 12:08:33 GMT
etag: "6627a4c1-1c84"
content-encoding: gzip
expires: Wed, 24 Apr 2024 12:54:04 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-6cd857127cdb5d4bf70f15e0b340c0ee-f17dc4571b091919-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T12:54:04+00:00, 2024-04-23T12:57:34+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main-09271208.js | 185.244.209.62 | 200 OK | 58 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main-09271208.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (64940), with no line terminators Hash510ed48f64189337e8de2946d86f628b c31579baef67dbaf7cc2f17bed8e2335223e3f8e a236c2dd075d9f3fb5ba4ef3dec0efe9a6e60c79520bcc589a0f233dc96e54d2
GET /_nuxt/desktop/default/Page.Betting.Main-09271208.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:18 GMT
content-type: application/javascript; charset=utf-8
content-length: 57868
last-modified: Tue, 23 Apr 2024 13:15:15 GMT
etag: "6627b463-e20c"
content-encoding: gzip
expires: Wed, 24 Apr 2024 14:28:29 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-7afdd7fec14ab7baff6615ae6e35de10-ad07ea2c28ba0e90-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T14:28:29+00:00, 2024-04-23T14:28:59+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Main/Page.Betting.Main.Asian/registration.Main/user.userRegistration-61022f43.js | 185.244.209.62 | | 9.2 kB |
URL v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Main/Page.Betting.Main.Asian/registration.Main/user.userRegistration-61022f43.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (31451), with no line terminators Hashe56eb405b1675cee62515df2dd269796 9c9c94e310d2895822831bd3face015b1cbf6b06 d2dbde0611294046d74c6cfb5ef4fb9b3559df984253e2e490fe238b59303a54
GET /_nuxt/desktop/default/vendors/Page.Betting.Main/Page.Betting.Main.Asian/registration.Main/user.userRegistration-61022f43.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:18 GMT
content-type: application/javascript; charset=utf-8
content-length: 9167
last-modified: Tue, 23 Apr 2024 13:15:15 GMT
etag: "6627b463-23cf"
content-encoding: gzip
expires: Wed, 24 Apr 2024 14:28:30 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-ce7d653218ee90f590bd33f941465779-4095cbe206116671-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T14:28:30+00:00, 2024-04-23T14:28:59+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Main/Page.Betting.TeamGames-212b3d8d.js | 185.244.209.62 | 200 OK | 7.6 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Main/Page.Betting.TeamGames-212b3d8d.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (29993), with no line terminators Hash361fe5a6001442cf39008a4c1116f2e4 81884dd80c15438223e8d8d3e6c1ac1593d3e99a a75467a41371ace952fbdb97273852b0d3bde6c06e2f2405808601693201d89d
GET /_nuxt/desktop/default/vendors/Page.Betting.Main/Page.Betting.TeamGames-212b3d8d.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:18 GMT
content-type: application/javascript; charset=utf-8
content-length: 7632
last-modified: Tue, 23 Apr 2024 13:15:15 GMT
etag: "6627b463-1dd0"
content-encoding: gzip
expires: Wed, 24 Apr 2024 14:28:30 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-b3fcbe9910947fecf48e8b8a86b834d3-3256332c936da7f7-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T14:28:30+00:00, 2024-04-23T14:28:59+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/a7906856.css | 185.244.209.62 | 200 OK | 336 B |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/a7906856.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (1099), with no line terminators Hash6921418ff9395c44037498a4cf17ee66 31879049279e2cb5bc06b249d80d1735ef112b19 e6de221b29f3b4e47505c877067f28565ab5e1b419dc5003aca29c49596e73ab
GET /_nuxt/desktop/default/css/a7906856.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:18 GMT
content-type: text/css
content-length: 336
last-modified: Mon, 22 Apr 2024 10:55:54 GMT
etag: "6626423a-150"
content-encoding: gzip
expires: Tue, 23 Apr 2024 12:26:45 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-b0791f25906db61d19184b00003bfa1c-d49f33421b22d067-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-22T12:26:45+00:00, 2024-04-23T12:52:26+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.Homepage/Page.Betting.Main/Page.Betting.Main.Asian/Page.Betting.TeamGames/Page.New/a4ad9f6b-09f13029.js | 185.244.209.62 | 200 OK | 4.2 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.Homepage/Page.Betting.Main/Page.Betting.Main.Asian/Page.Betting.TeamGames/Page.New/a4ad9f6b-09f13029.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (14590), with no line terminators Hash73f82bd11055f942d7fdc91daeeeffe3 b105ad08a4eace9e06c2dccad185cffd174b2abb 599ee13f2007b11321a9bfaeee0b82ce9fceb73545b010019bedd35d2bdf491a
GET /_nuxt/desktop/default/Page.Betting.Asia.Homepage/Page.Betting.Main/Page.Betting.Main.Asian/Page.Betting.TeamGames/Page.New/a4ad9f6b-09f13029.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:18 GMT
content-type: application/javascript; charset=utf-8
content-length: 4207
last-modified: Tue, 23 Apr 2024 13:15:15 GMT
etag: "6627b463-106f"
content-encoding: gzip
expires: Wed, 24 Apr 2024 14:28:30 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-92dd26c09c0654f6d6a9faf287eb24b8-e3531b2742dc1329-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T14:28:30+00:00, 2024-04-23T14:28:59+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xbetnp.com/polyfills.js | 83.147.206.31 | 200 OK | 0 B |
IP83.147.206.31:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerLet's Encrypt Subject1xbetnp.com FingerprintA5:E2:50:EB:20:4D:9A:C7:80:84:AB:9B:12:20:6F:CE:4C:D0:CC:F7 ValidityMon, 12 Feb 2024 05:16:51 GMT - Sun, 12 May 2024 05:16:50 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /polyfills.js HTTP/1.1
Host: 1xbetnp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder; postback_watcher=; platform_type=desktop; auid=U5POH2Yoi1IeurcpAxSaAg==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:18 GMT
content-type: text/javascript; charset=utf-8
content-length: 0
vary: user-agent
cache-control: public, max-age=2678400, s-maxage=2678400
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-time-ng: 0.006
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.014
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/6cc025d5.css | 185.244.209.62 | 200 OK | 1.3 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/6cc025d5.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (6716), with no line terminators Hashbe35c859b4087d52ff863e02472b7438 acce1097a331dc2ec0669d17db06c679e7c81be6 af7c9af6bda4b329f14b870f4df09e1b11e87d8dba17c30eed496dc5d27dfc1f
GET /_nuxt/desktop/default/css/6cc025d5.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:18 GMT
content-type: text/css
content-length: 1324
last-modified: Mon, 22 Apr 2024 10:55:54 GMT
etag: "6626423a-52c"
content-encoding: gzip
expires: Tue, 23 Apr 2024 12:26:46 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-304a13e7eafa60aa2744984221e3adfe-00714571f20ece23-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-22T12:26:46+00:00, 2024-04-23T12:52:26+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main/Page.Betting.Main.BettingLeftAside/Page.Betting.TeamGames/betting.GamesSliderApp/b/e7e00398-9123e772.js | 185.244.209.62 | | 2.2 kB |
URL v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main/Page.Betting.Main.BettingLeftAside/Page.Betting.TeamGames/betting.GamesSliderApp/b/e7e00398-9123e772.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (7613), with no line terminators Hash6799557112e6479f4840348196eed7a5 046037566d79a018ad198bef462fa51c74bbb5a4 40caffbe2d55fa120e702fc464aac54e941c61b3031f22f5792205a572ff5ac7
GET /_nuxt/desktop/default/Page.Betting.Main/Page.Betting.Main.BettingLeftAside/Page.Betting.TeamGames/betting.GamesSliderApp/b/e7e00398-9123e772.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:18 GMT
content-type: application/javascript; charset=utf-8
content-length: 2212
last-modified: Tue, 23 Apr 2024 13:15:15 GMT
etag: "6627b463-8a4"
content-encoding: gzip
expires: Wed, 24 Apr 2024 14:28:30 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-7150b343df721765160f898cfc6967e2-886a761e6a4b1449-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T14:28:30+00:00, 2024-04-23T14:28:59+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/98ce2926.css | 185.244.209.62 | 200 OK | 1.5 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/98ce2926.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (8509), with no line terminators Hashb0cd3891fe08ec67c50bbdfd9f7e9181 205511f8e55a0498e8129c290759a26ba4a4db31 75c619e9cabd7b2c1939e6837909e12c51fb3e68888ba20d650cb1939f983f6e
GET /_nuxt/desktop/default/css/98ce2926.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:18 GMT
content-type: text/css
content-length: 1491
last-modified: Mon, 22 Apr 2024 10:55:54 GMT
etag: "6626423a-5d3"
content-encoding: gzip
expires: Tue, 23 Apr 2024 12:26:46 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-502f51f0ef9b834ec6e953e0b0638dc7-03839199f75e31a9-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-22T12:26:46+00:00, 2024-04-23T12:52:26+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside-500bea4e.js | 185.244.209.62 | | 17 kB |
URL v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside-500bea4e.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65113), with no line terminators Hash85aa5ed6fedc499534bfeb8eee571fb6 b751e2adaae96f130072f0e7eab069e15d196ec1 e5e627bc912c4a35155dec18e77f6d9bf9c211c970530570975b82c4409828f9
GET /_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside-500bea4e.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:18 GMT
content-type: application/javascript; charset=utf-8
content-length: 17005
last-modified: Tue, 23 Apr 2024 13:15:15 GMT
etag: "6627b463-426d"
content-encoding: gzip
expires: Wed, 24 Apr 2024 14:28:30 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-1f51a0b5fb32fed0b6a8f4dec4a2d2a6-72fb4131192e4245-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T14:28:30+00:00, 2024-04-23T14:28:59+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Main.BettingLeftAside-cff7ad48.js | 185.244.209.62 | 200 OK | 5.9 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Main.BettingLeftAside-cff7ad48.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (21263), with no line terminators Hash3f56cba5378467ab13f9b0306595ae53 2750c16fab16b27a053e7e98aac5e8f0208172d4 2401f7c429a40b5ff67fcbb6b78a804167da3d50d936c45b30e6fdcc990c04cb
GET /_nuxt/desktop/default/vendors/Page.Betting.Main.BettingLeftAside-cff7ad48.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:18 GMT
content-type: application/javascript; charset=utf-8
content-length: 5867
last-modified: Tue, 23 Apr 2024 13:15:15 GMT
etag: "6627b463-16eb"
content-encoding: gzip
expires: Wed, 24 Apr 2024 14:28:30 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-daed984c91d2d1ad7740b9656ce927e8-e6218dba836feee1-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T14:28:30+00:00, 2024-04-23T14:28:59+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/9eb4939a.css | 185.244.209.62 | 200 OK | 2.8 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/9eb4939a.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (20960), with no line terminators Hash6cae6098e169876c305ca92f82fe3cde d27c18f05738795d575c8ce370ed83cf07da0a5a 7095d096e88dd0a09d84d063de1e0eedd406b032150a5af99e796c2ac63bcfe5
GET /_nuxt/desktop/default/css/9eb4939a.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:18 GMT
content-type: text/css
content-length: 2763
last-modified: Mon, 22 Apr 2024 10:55:54 GMT
etag: "6626423a-acb"
content-encoding: gzip
expires: Tue, 23 Apr 2024 12:26:45 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-e2ec9363325b63ca73cc49155a3c0d12-c8dc071830182b2a-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-22T12:26:45+00:00, 2024-04-23T12:52:26+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside/Page.NewCyber.CyberChamps/Page.NewCyber.CyberDashboard/Page.NewCy/adc1b632-d5668a78.js | 185.244.209.62 | 200 OK | 3.5 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside/Page.NewCyber.CyberChamps/Page.NewCyber.CyberDashboard/Page.NewCy/adc1b632-d5668a78.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (13913), with no line terminators Hashfdb7a93a6ddb45c5aa62038f2425f285 a4836eee77f925e40da1e670590dd08faf87b992 4a0463cc93f9ab8a16261880e0ac51d30932b1d07553817879a0addb00af38e0
GET /_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside/Page.NewCyber.CyberChamps/Page.NewCyber.CyberDashboard/Page.NewCy/adc1b632-d5668a78.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:18 GMT
content-type: application/javascript; charset=utf-8
content-length: 3531
last-modified: Tue, 23 Apr 2024 13:15:15 GMT
etag: "6627b463-dcb"
content-encoding: gzip
expires: Wed, 24 Apr 2024 14:28:30 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-6c423ec04f8d7186973875000980536a-ccae5f21c56ecfa6-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T14:28:30+00:00, 2024-04-23T14:28:59+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside/betting.SportMenuApp-f5f00544.js | 185.244.209.62 | 200 OK | 10 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside/betting.SportMenuApp-f5f00544.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (41616), with no line terminators Hash09f939cf46957d82e821f8807e05968a 5e1ec26d95f29042bb2f78c902b37c44817cc109 771bb7992371b7c701a37d462456fc4529bc477b52a334c8667762ca4e5a306b
GET /_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside/betting.SportMenuApp-f5f00544.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:18 GMT
content-type: application/javascript; charset=utf-8
content-length: 10291
last-modified: Tue, 23 Apr 2024 13:15:15 GMT
etag: "6627b463-2833"
content-encoding: gzip
expires: Wed, 24 Apr 2024 14:28:30 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-7d6ff452ed7179eec57eefe13001019c-c9ca1e26cd383d4d-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T14:28:30+00:00, 2024-04-23T14:28:59+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/c3d37cc4.css | 185.244.209.62 | 200 OK | 194 B |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/c3d37cc4.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (395), with no line terminators Hash7f1ee7f9ec47159043591789124ec7cc bb021131214d4b70b327355a5a947b974f2eccbd 4041bafac614e354c03b647dc8d226e140460381c4816a65528e4ba428b0a0ad
GET /_nuxt/desktop/default/css/c3d37cc4.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:18 GMT
content-type: text/css
content-length: 194
last-modified: Mon, 22 Apr 2024 10:55:54 GMT
etag: "6626423a-c2"
content-encoding: gzip
expires: Wed, 24 Apr 2024 09:22:39 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-da7f05051231ee471b583df5fcbd9fa3-62cdf88dc44f4ea5-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T09:22:39+00:00, 2024-04-23T13:46:31+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingContent-2d71b204.js | 185.244.209.62 | 200 OK | 646 B |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingContent-2d71b204.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (1333), with no line terminators Hash195337917bfce628357a5db2aee5432f 154d69e35c36bd6e01d05b4045badf4872f9ebc3 c605b7891079605ad4b90aa944b0557202c0df060c4cfff972d413db0170fad3
GET /_nuxt/desktop/default/Page.Betting.Main.BettingContent-2d71b204.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:18 GMT
content-type: application/javascript; charset=utf-8
content-length: 646
last-modified: Tue, 23 Apr 2024 13:15:15 GMT
etag: "6627b463-286"
content-encoding: gzip
expires: Wed, 24 Apr 2024 14:28:30 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-442ef293d2dcd64ffdd30ccb0614b180-fe470846ca18eb83-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T14:28:30+00:00, 2024-04-23T14:28:59+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/885d64fc.css | 185.244.209.62 | | 332 B |
URL v3.traincdn.com/_nuxt/desktop/default/css/885d64fc.css IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (975), with no line terminators Hash31aa50dcbc858f61bf3ed903493b8431 abf67e7f02256d2d5c5e2054b2930aa9b5ece999 18337e3b3c6f57695afaca43e471c075fd711e0485b4e7f1fdc1b6fe4e8703d7
GET /_nuxt/desktop/default/css/885d64fc.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:18 GMT
content-type: text/css
content-length: 332
last-modified: Mon, 22 Apr 2024 10:55:54 GMT
etag: "6626423a-14c"
content-encoding: gzip
expires: Tue, 23 Apr 2024 12:16:13 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-2585172f65cdd32ff865eac6dd114542-9ab10841672c68ab-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-22T12:16:12+00:00, 2024-04-23T19:17:38+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Layout.Betting.ExpressDay-1d2478b0.js | 185.244.209.62 | 200 OK | 3.4 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/Layout.Betting.ExpressDay-1d2478b0.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (10178), with no line terminators Hashbadfd1b5440c69f594132dab6b8ece6f e1320ef520529473fd5de690b92bd42dd41eac81 12fc9f116dac766e665d2fd70f408cccc5497e8f6f25cc3c0ce3df667d43d693
GET /_nuxt/desktop/default/Layout.Betting.ExpressDay-1d2478b0.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:18 GMT
content-type: application/javascript; charset=utf-8
content-length: 3362
last-modified: Tue, 23 Apr 2024 13:15:15 GMT
etag: "6627b463-d22"
content-encoding: gzip
expires: Wed, 24 Apr 2024 14:28:31 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-1d521dee33ba67dca980b2be298e9782-ae7a4ce7846b8099-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T14:28:31+00:00, 2024-04-23T14:28:59+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/6c310293.css | 185.244.209.62 | 200 OK | 3.2 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/6c310293.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (31339), with no line terminators Hash3cc47f5bfd7fb2ef96257df775a1b810 bbb36b671dd4a1f6e24cce1a48368724994b3913 18aeb0ed76dd6ce1471582770244ed6c55b69fef2e84ffabdabdbf7f32600326
GET /_nuxt/desktop/default/css/6c310293.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:18 GMT
content-type: text/css
content-length: 3225
last-modified: Mon, 22 Apr 2024 10:55:54 GMT
etag: "6626423a-c99"
content-encoding: gzip
expires: Tue, 23 Apr 2024 12:26:46 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-6885798e2f95749ee009f5792b42d048-45e63780dbfb042d-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-22T12:26:46+00:00, 2024-04-23T12:52:26+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Layout.SeoModule.Lazy-133d5539.js | 185.244.209.62 | 200 OK | 2.3 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/Layout.SeoModule.Lazy-133d5539.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (8037), with no line terminators Hashceb24e94d87d9c04b6685d611e9050c1 781d9f7fb4ff0e09fa74cdcdc5b1e707a57b4539 bfc675160863b2fdb50b84830a53646a8c762836217ffc99ea6a8b5dc16cd734
GET /_nuxt/desktop/default/Layout.SeoModule.Lazy-133d5539.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:18 GMT
content-type: application/javascript; charset=utf-8
content-length: 2257
last-modified: Tue, 23 Apr 2024 13:15:15 GMT
etag: "6627b463-8d1"
content-encoding: gzip
expires: Wed, 24 Apr 2024 14:28:31 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-7b5b3037429cbee8ad0e7e656aaa210e-67dc588ddbfa4977-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T14:28:31+00:00, 2024-04-23T14:28:59+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/85148a0b.css | 185.244.209.62 | 200 OK | 4.0 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/85148a0b.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (32277), with no line terminators Hasheeaf257a8645b90669a2ea93b8fb534e d81289258b7a5c126dd860232760852cc8ad865e 3a170c88ab694ad7552f7a84baa04ddb248c32b7f8ffe16d55dd73685de87aa6
GET /_nuxt/desktop/default/css/85148a0b.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:18 GMT
content-type: text/css
content-length: 3964
last-modified: Tue, 23 Apr 2024 12:08:33 GMT
etag: "6627a4c1-f7c"
content-encoding: gzip
expires: Wed, 24 Apr 2024 12:54:04 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-4f1ab8783d0eccd664c0879aafcf2337-071be11d6466da52-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T12:54:04+00:00, 2024-04-23T12:57:34+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Layout.FooterComponent.Lazy-9abe035a.js | 185.244.209.62 | 200 OK | 7.8 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/Layout.FooterComponent.Lazy-9abe035a.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (28143), with no line terminators Hashc790413a6f4ea0dbbb7278d4ba07c8e2 aeea4548ef2d3820699053c3c6b7f653703688ec a85e58d257f382c639e0f17995d19e6e55271ee366813029aa709f067bbef4a2
GET /_nuxt/desktop/default/Layout.FooterComponent.Lazy-9abe035a.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:18 GMT
content-type: application/javascript; charset=utf-8
content-length: 7783
last-modified: Tue, 23 Apr 2024 13:15:15 GMT
etag: "6627b463-1e67"
content-encoding: gzip
expires: Wed, 24 Apr 2024 14:28:31 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-7a46821dfd560159d93bc303ec18e3c0-9f76616142a41faa-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T14:28:31+00:00, 2024-04-23T14:28:59+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/Layout.FooterComponent.Lazy-627abef7.js | 185.244.209.62 | 200 OK | 8.3 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/vendors/Layout.FooterComponent.Lazy-627abef7.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (29805), with no line terminators Hash4d2f484f3465b217acb7bc2c93924f01 f6274c5c70d187c221e04edacdc4e73bc90bae28 57931838efa5e848ac1467518ce0d43b9a11e44f53f41d0b48a8fc321ecebb7f
GET /_nuxt/desktop/default/vendors/Layout.FooterComponent.Lazy-627abef7.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:18 GMT
content-type: application/javascript; charset=utf-8
content-length: 8274
last-modified: Tue, 23 Apr 2024 13:15:15 GMT
etag: "6627b463-2052"
content-encoding: gzip
expires: Wed, 24 Apr 2024 14:28:31 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-ca20ffb4fd9977cb8e62fb68da218189-f47e0bf547463144-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T14:28:31+00:00, 2024-04-23T14:28:59+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/5cfdf959.css | 185.244.209.62 | 200 OK | 1.1 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/5cfdf959.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (4632), with no line terminators Hashf74d8b7e31b6ab236a9577348874385d 87091e6542649037a05fc137fa449b713c85225d b33d72295f1edbfc13da30236c4b811cffe4ba8ef758a515914cd69cf02edbf8
GET /_nuxt/desktop/default/css/5cfdf959.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:18 GMT
content-type: text/css
content-length: 1113
last-modified: Mon, 22 Apr 2024 10:55:54 GMT
etag: "6626423a-459"
content-encoding: gzip
expires: Wed, 24 Apr 2024 06:44:53 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-bd7b9c84fe2338a455e2b2879efe783a-c044d5fd4bc6b0c4-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T06:44:53+00:00, 2024-04-23T07:47:07+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Layout.FooterComponent.Lazy/Page.Game.Project-27024645.js | 185.244.209.62 | 200 OK | 6.3 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/Layout.FooterComponent.Lazy/Page.Game.Project-27024645.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (20014), with no line terminators Hashb69735a0304bc0ac21b40573ee550f0b 96f237bfaac6dab3ce2595e9961762984ae1545b 5defbae69d8affe7aa3e1eda4b2f1759900c2ce35985b69928b65cdfabfc78e3
GET /_nuxt/desktop/default/Layout.FooterComponent.Lazy/Page.Game.Project-27024645.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:18 GMT
content-type: application/javascript; charset=utf-8
content-length: 6262
last-modified: Tue, 23 Apr 2024 13:15:15 GMT
etag: "6627b463-1876"
content-encoding: gzip
expires: Wed, 24 Apr 2024 14:28:31 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-48e466747a0d20a23fa9f751a19915c3-908528e7b644b465-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T14:28:31+00:00, 2024-04-23T14:28:59+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/version.json | 185.244.209.62 | 200 OK | 44 B |
URL GET HTTP/2v3.traincdn.com/version.json IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
Hash4345e203b9221c238b4eff202389c855 f204aa66e418fd18236dca45cbb775e08a5e31ef 0ba26518b8f62ef2fae6ac0fcdc4f90be4641303d839517545037fe2e6fc9098
GET /version.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xbetnp.com
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:18 GMT
content-type: application/json
content-length: 44
last-modified: Tue, 23 Apr 2024 13:16:56 GMT
etag: "6627b4c8-2c"
content-encoding: gzip
expires: Tue, 23 Apr 2024 14:05:22 GMT
cache-control: max-age=60, max-age=60, s-maxage=60
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-5be2d7888f4ad32c72d3d681300e41ee-ba6b92ec3d6ccabe-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T14:05:21+00:00, 2024-04-24T04:31:36+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/commons/app-52fe5dc2.js | 185.244.209.62 | 200 OK | 47 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/commons/app-52fe5dc2.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65476) Hash67738af5bf23b478a572a381a2acc716 dd7280b456a511724f02c36bc432472d28897aef 38d639b8059f8649a3afd6bae7727428d389d106ba7f5f58abe27ef6d5a59183
GET /_nuxt/desktop/default/commons/app-52fe5dc2.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:18 GMT
content-type: application/javascript; charset=utf-8
content-length: 46792
last-modified: Tue, 23 Apr 2024 13:15:15 GMT
etag: "6627b463-b6c8"
content-encoding: gzip
expires: Wed, 24 Apr 2024 14:28:29 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-4de5b02f1664158b9e8f327479a67f1a-69efe07c5b745794-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T14:28:29+00:00, 2024-04-23T14:28:59+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/b31cf88f.css | 185.244.209.62 | 200 OK | 2.2 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/b31cf88f.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (9498), with no line terminators Hash96a29f0004392655cc9593713581f6bc 9e217c48ea7052b0df22bd29aa1b62afd807ef2d f38f8cbcdd652cad7465c60c1eff068b6d104e97f4603f1499cb790f81b17cff
GET /_nuxt/desktop/default/css/b31cf88f.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:18 GMT
content-type: text/css
content-length: 2186
last-modified: Mon, 22 Apr 2024 10:55:54 GMT
etag: "6626423a-88a"
content-encoding: gzip
expires: Tue, 23 Apr 2024 12:33:13 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-a96dfc122125f4618f7c513efb6b6d02-14eb4a25d2039b6e-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-22T12:33:13+00:00, 2024-04-23T12:52:26+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder | 83.147.206.31 | 200 OK | 440 kB |
URL User Request GET HTTP/21xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder IP83.147.206.31:443 ASN#202492 Silverhill Group Holding Ltd
CertificateIssuerLet's Encrypt Subject1xbetnp.com FingerprintA5:E2:50:EB:20:4D:9A:C7:80:84:AB:9B:12:20:6F:CE:4C:D0:CC:F7 ValidityMon, 12 Feb 2024 05:16:51 GMT - Sun, 12 May 2024 05:16:50 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (24992) Size440 kB (440329 bytes) Hashcc4a0e567f6085e6425831adf6c8daee 30a732b3e66cc934bdd18f335c8b230177037fc6 91e8383ebde21220e7ba0b1494fb0199dd623b285c9cde761921c9d46476a06b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder HTTP/1.1
Host: 1xbetnp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:18 GMT
content-type: text/html; charset=utf-8
content-encoding: br
server-timing: total;dur=1395;desc="Nuxt Server Time", dt_total;dur=1449.763, wf-uht;dur=1.471
set-cookie: lng=en; Path=/
cookies_agree_type=3; Path=/
tzo=2; Path=/
is12h=0; Path=/
referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; Path=/; Expires=Sun, 23 Jun 2024 04:32:16 GMT
reflinkid=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder; Path=/; Expires=Wed, 24 Apr 2024 05:32:16 GMT
postback_watcher=; Path=/; Expires=Wed, 24 Apr 2024 04:32:20 GMT
platform_type=desktop; Path=/; Expires=Sat, 27 Apr 2024 04:32:18 GMT; Secure; SameSite=None; Partitioned
auid=U5POH2Yoi1IeurcpAxSaAg==; path=/; secure; httponly; samesite=lax
traceparent: 00-48c1bc66f870e83c1c246749d7adad15-18da126414f3ed44-01
vary: Accept-Encoding
x-dt: 909
x-frame-options: SAMEORIGIN
x-time-ng: 1.422
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/e74c776d.css | 185.244.209.62 | 200 OK | 14 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/e74c776d.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hash46c8f0c05f1b041270e8e142c7ce5d70 2b14a5ef8669fe0e73a40a816b894a50c829219f eed5933b3a22f8155625627d59bf536ceda18acc679a4019833a890e75b07ba7
GET /_nuxt/desktop/default/css/e74c776d.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:18 GMT
content-type: text/css
content-length: 13767
last-modified: Tue, 23 Apr 2024 12:08:33 GMT
etag: "6627a4c1-35c7"
content-encoding: gzip
expires: Wed, 24 Apr 2024 12:54:04 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-6ba18be3e98b33798beea066da9113f5-cbff89f3021fd150-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T12:54:04+00:00, 2024-04-23T12:57:34+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/app-9bfdc10d.js | 185.244.209.62 | 200 OK | 225 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/app-9bfdc10d.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (64966), with no line terminators Size225 kB (224669 bytes) Hashc8c01a993d5261c4c204ae90d6ce23eb dd3c6cc08b656f010cef8e74b5cbde04967f3017 4300afa782ba38b169abe7283cb455180da2f0642265c55a4d9e0cc963d58479
GET /_nuxt/desktop/default/app-9bfdc10d.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:18 GMT
content-type: application/javascript; charset=utf-8
content-length: 224669
last-modified: Tue, 23 Apr 2024 13:15:15 GMT
etag: "6627b463-36d9d"
content-encoding: gzip
expires: Wed, 24 Apr 2024 14:28:29 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-0ba3166e0578ce6f38b845cb2905f51f-3fcfd98f29302c57-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T14:28:29+00:00, 2024-04-23T14:28:59+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2 | 185.244.209.62 | 200 OK | 64 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2 IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 63748, version 1.0 Hash6887b6f24414dbc612dbf42ccdc76b70 8068d3abfbc6cbf35b55919da45b1f4d2d136238 fc5c015fc32518f1ed810fa84ca28941eb9d5a3c81acc8df69a4dbbeedef7b0c
GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xbetnp.com
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:19 GMT
content-type: font/woff2
content-length: 63748
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "6887b6f24414dbc612dbf42ccdc76b70"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-8eafcfdbd303d18b125078bfacd45cab-0cde852be16286b8-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T07:13:59+00:00, 2024-04-24T03:35:05+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Medium.woff2 | 185.244.209.62 | 200 OK | 65 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Medium.woff2 IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 64732, version 1.0 Hash3ac5d40d1b3966fc5eb09ecca74d9cbf a69f32357765dd321519889aeacba5e9ca893bb0 3310766b8f58538d07abded74a2babe1acbe1a3ee820d5b8c8265da666f4fb0c
GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Medium.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xbetnp.com
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:19 GMT
content-type: font/woff2
content-length: 64732
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "3ac5d40d1b3966fc5eb09ecca74d9cbf"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-8820af862cb2b6757e3a0b2220dce150-b8d910a2eabffbf8-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T07:56:30+00:00, 2024-04-24T04:06:08+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2 | 185.244.209.62 | 200 OK | 64 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2 IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 63920, version 1.0 Hasha65527fcb58f66a7cfbc0e6b160538b4 45d260e7fa343401b5bb0df982a014f53e2d253b fb13c3a1cbac60649b76f7d7f85c1645d35ac69b85ce5f4eb0692505ecc2cd45
GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xbetnp.com
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:19 GMT
content-type: font/woff2
content-length: 63920
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "a65527fcb58f66a7cfbc0e6b160538b4"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-cb0aa0b7f48db2b61f677d7c1087d351-c69dd4c87d65491b-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T07:54:39+00:00, 2024-04-24T03:51:01+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/check-ob.js | 185.244.209.62 | 200 OK | 187 B |
URL GET HTTP/2v3.traincdn.com/_nuxt/check-ob.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text Hashced67278c38d1ce1297c121af69fff8a df6e1531fd84d956263b04254e6f94f5356623f4 2958134c3c00f7c6320858dd66e454c2856e4842821d3523c4cc5e44e1ec8616
GET /_nuxt/check-ob.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:19 GMT
content-type: application/javascript; charset=utf-8
content-length: 187
last-modified: Mon, 22 Apr 2024 10:53:54 GMT
etag: "662641c2-bb"
content-encoding: gzip
expires: Tue, 23 Apr 2024 12:50:55 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-280215c0b47d0fde3a38daecb75dd965-8c1ce8b036e600b2-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-22T12:50:55+00:00, 2024-04-23T11:36:05+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/1da51baa342984a84ca1ac8dd900998b.png | 185.244.209.62 | 200 OK | 653 B |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/1da51baa342984a84ca1ac8dd900998b.png IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typePNG image data, 32 x 32, 8-bit colormap, non-interlaced Hashe6f0766cbd95db33da44e7a9140648f2 5f196b1bfe8c3f92bd2ebcd67124e72e81ae6aaf c0399d478788d5d483f104a2e8cb7c32f41cb40e9df0c22e831b2bfa2db63ec0
GET /genfiles/cms/1-285/desktop/media_asset/1da51baa342984a84ca1ac8dd900998b.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:19 GMT
content-type: image/png
content-length: 653
last-modified: Tue, 25 Apr 2023 13:43:56 GMT
etag: "e6f0766cbd95db33da44e7a9140648f2"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-435ccc1697213b4ca3c401cf64876ee1-c142c990d735b0f9-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T07:12:59+00:00, 2024-04-24T03:54:41+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/f5105820.css | 185.244.209.62 | 200 OK | 194 B |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/f5105820.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (395), with no line terminators Hash2818ab9c6ece35261fbf658165189623 f01f8175a7a89449a1dad5f2a7df06c5866c10af b4f0b619b6f6ece6589df376a16eae022b084640348887d3c557e20a37207583
GET /_nuxt/desktop/default/css/f5105820.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:19 GMT
content-type: text/css
content-length: 194
last-modified: Mon, 22 Apr 2024 10:55:54 GMT
etag: "6626423a-c2"
content-encoding: gzip
expires: Wed, 24 Apr 2024 09:23:31 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-cdbf64fc02f8444873aba10e3b26a6d2-d27649064e61eb1f-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T09:23:31+00:00, 2024-04-23T15:46:45+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.BettingContent-e046fd95.js | 185.244.209.62 | 200 OK | 636 B |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.BettingContent-e046fd95.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (1235), with no line terminators Hash9e3ac47608f356bc1dc1a9e6416bb442 ee016384b8a9bd54bb3d9acb0e692fdf935eca37 363d977ed612005685ed3c836a5add69b008d52a94e3da92b0ee2dcbe92ac486
GET /_nuxt/desktop/default/Page.Betting.Asia.BettingContent-e046fd95.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:19 GMT
content-type: application/javascript; charset=utf-8
content-length: 636
last-modified: Tue, 23 Apr 2024 13:15:15 GMT
etag: "6627b463-27c"
content-encoding: gzip
expires: Wed, 24 Apr 2024 14:28:32 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-917be5f7ab1d940298332a2cc5a92b10-76a6413c11d51d7c-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T14:28:32+00:00, 2024-04-23T14:29:05+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.BettingLeftAside/Page.Betting.Main.Asian/betting.CentralMenuApp/betting.SportsMenuCompact-4ac47a98.js | 185.244.209.62 | 200 OK | 4.2 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.BettingLeftAside/Page.Betting.Main.Asian/betting.CentralMenuApp/betting.SportsMenuCompact-4ac47a98.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (14574), with no line terminators Hashc57084469422f881a05ddd74499c60ff 739fdc06fcdfbcd15f86b58445fa17026fa33dc5 7abe74e474edb41787c9e7b7a653a3660adaab357d4544c631adc41b6241dcb5
GET /_nuxt/desktop/default/Page.Betting.Asia.BettingLeftAside/Page.Betting.Main.Asian/betting.CentralMenuApp/betting.SportsMenuCompact-4ac47a98.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:19 GMT
content-type: application/javascript; charset=utf-8
content-length: 4186
last-modified: Tue, 23 Apr 2024 13:15:15 GMT
etag: "6627b463-105a"
content-encoding: gzip
expires: Wed, 24 Apr 2024 14:28:32 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-47583aeb0343d9f9890ba4eaf72be20d-13458749c5074b51-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T14:28:32+00:00, 2024-04-23T14:29:06+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/2a37879e.css | 185.244.209.62 | 200 OK | 1.3 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/2a37879e.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (6872), with no line terminators Hash7727cc93d85a2459297f9b1237fc6a92 f37f7a3ec3d30df2513a38dd2c67fefaf038edec e4559060670fd8cf92ad4e830ae9237d2bbc735470f4597ad5d943388d9248d2
GET /_nuxt/desktop/default/css/2a37879e.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:19 GMT
content-type: text/css
content-length: 1331
last-modified: Mon, 22 Apr 2024 10:55:54 GMT
etag: "6626423a-533"
content-encoding: gzip
expires: Tue, 23 Apr 2024 12:26:51 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-8d93f768dbb1e5f5cf79edd9727d6baf-641e901c7f41bf53-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-22T12:26:51+00:00, 2024-04-23T13:17:06+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.BettingLeftAside-79ad2f0e.js | 185.244.209.62 | 200 OK | 10 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.BettingLeftAside-79ad2f0e.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (37195), with no line terminators Hash70a856ece2dd02e933e2fef3414ed184 1934275e14664f9ae568d5c584cf0d7bc405eb80 2436484f2b0d5cf261d2b340beb9d9d93998a13162919864119ac0cc0c13a8d6
GET /_nuxt/desktop/default/Page.Betting.Asia.BettingLeftAside-79ad2f0e.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:19 GMT
content-type: application/javascript; charset=utf-8
content-length: 10215
last-modified: Tue, 23 Apr 2024 13:15:15 GMT
etag: "6627b463-27e7"
content-encoding: gzip
expires: Wed, 24 Apr 2024 14:28:32 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-c0e2ea5b2d72d41ec0b34ca6ea414fae-fa1657ffa73d39e8-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T14:28:32+00:00, 2024-04-23T14:29:06+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/GameProvider/Page.Betting.Asia.Homepage/Page.Betting.MultiLive/Page.CricketWorldCupPage/Page/17c2374e-ae524f2a.js | 185.244.209.62 | | 37 kB |
URL v3.traincdn.com/_nuxt/desktop/default/vendors/GameProvider/Page.Betting.Asia.Homepage/Page.Betting.MultiLive/Page.CricketWorldCupPage/Page/17c2374e-ae524f2a.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65461) Hash886694940b166ad79a7c4b5a30eedb58 7ed534a6ed7b235ce25bc5376476ef84138432bc b0bc120f4a78e08b3d2765eb6da792d0d2232427317decb665bd6aac2fdc431e
GET /_nuxt/desktop/default/vendors/GameProvider/Page.Betting.Asia.Homepage/Page.Betting.MultiLive/Page.CricketWorldCupPage/Page/17c2374e-ae524f2a.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:19 GMT
content-type: application/javascript; charset=utf-8
content-length: 37175
last-modified: Tue, 23 Apr 2024 13:15:15 GMT
etag: "6627b463-9137"
content-encoding: gzip
expires: Wed, 24 Apr 2024 14:28:32 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-f0c7652619dfcd781d211464fa2c1050-5c89b0e1a0609698-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T14:28:32+00:00, 2024-04-23T14:29:06+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Asia.Homepage-997209ca.js | 185.244.209.62 | 200 OK | 10 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Asia.Homepage-997209ca.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (36639), with no line terminators Hash65e245bd372dea1e58738d756283e8f6 8f6563d4b9b19f66c4e537ab793c123599168d26 38c3961b371948346f708b3bf23d6f20b83e76f5b0b4102154c84bb50fe7ee5c
GET /_nuxt/desktop/default/vendors/Page.Betting.Asia.Homepage-997209ca.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:19 GMT
content-type: application/javascript; charset=utf-8
content-length: 10111
last-modified: Tue, 23 Apr 2024 13:15:15 GMT
etag: "6627b463-277f"
content-encoding: gzip
expires: Wed, 24 Apr 2024 14:28:32 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-fcfae326f0d7adae44f61d909fba7c58-197ce13354545309-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T14:28:32+00:00, 2024-04-23T14:29:06+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.Homepage/Page.NewCyber.Cyber/Page.NewCyber.CyberApp/Page.NewCyber.CyberChamp/Page./8c362243-c8580d37.js | 185.244.209.62 | 200 OK | 5.6 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.Homepage/Page.NewCyber.Cyber/Page.NewCyber.CyberApp/Page.NewCyber.CyberChamp/Page./8c362243-c8580d37.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (19536), with no line terminators Hash68b0e7b36aaabe3fc4c55b9b7a99b204 8e30dc11ce9406793473bdff9aac0101f562655e 2bdec28d6e101619011e495111f672ccba2334d2f089a5a87fca2512d86d7f0c
GET /_nuxt/desktop/default/Page.Betting.Asia.Homepage/Page.NewCyber.Cyber/Page.NewCyber.CyberApp/Page.NewCyber.CyberChamp/Page./8c362243-c8580d37.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:19 GMT
content-type: application/javascript; charset=utf-8
content-length: 5568
last-modified: Tue, 23 Apr 2024 13:15:15 GMT
etag: "6627b463-15c0"
content-encoding: gzip
expires: Wed, 24 Apr 2024 14:28:32 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-fe0b02e40431aacd699cbccbc9ea85e1-e5297f2b63652821-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T14:28:32+00:00, 2024-04-23T14:29:06+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/4b5c6c89.css | 185.244.209.62 | 200 OK | 6.7 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/4b5c6c89.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (53058), with no line terminators Hash173f5247c95e1b42bb3b77ed0a8eb44d 5b4b32ac3c6b995e254b7e8e1ecdf00ef4882aa9 f20b6d24581afe4c6af83abbc14b11194385c8e5f15a27e972724f61891c6dd0
GET /_nuxt/desktop/default/css/4b5c6c89.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:19 GMT
content-type: text/css
content-length: 6667
last-modified: Tue, 23 Apr 2024 12:08:33 GMT
etag: "6627a4c1-1a0b"
content-encoding: gzip
expires: Wed, 24 Apr 2024 12:54:20 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-864d6e79bdf491b283d3407de10d8f87-e6f6e3fdbe1678dc-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T12:54:20+00:00, 2024-04-23T12:57:35+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.Homepage-da45acc1.js | 185.244.209.62 | 200 OK | 32 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.Homepage-da45acc1.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (64912), with no line terminators Hashcbf2424a84930767b46aa8d32382630e 237dc0de3c9db7b080424eeb69e2feb2a6d7805e 4a2f536eada6636b0d6d1747962d8aa508c88405865199c32f05cd95605bdfbb
GET /_nuxt/desktop/default/Page.Betting.Asia.Homepage-da45acc1.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:19 GMT
content-type: application/javascript; charset=utf-8
content-length: 32515
last-modified: Tue, 23 Apr 2024 13:15:15 GMT
etag: "6627b463-7f03"
content-encoding: gzip
expires: Wed, 24 Apr 2024 14:28:33 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-82e25e41c29b8a75ea4dabb688d7b95f-c857dd1a6dff5fb6-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T14:28:33+00:00, 2024-04-23T14:29:06+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/f72f2b10.css | 185.244.209.62 | | 4.8 kB |
URL v3.traincdn.com/_nuxt/desktop/default/css/f72f2b10.css IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (38649), with no line terminators Hash8ab5f1e804e2a4565dea164054ff0907 7ee2bea2c9dcb6424f707c35588a316a249270fa ce3424802faaac382a0efe23fbc285123fae95d0461ecf26e4881e1907acd9ec
GET /_nuxt/desktop/default/css/f72f2b10.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:19 GMT
content-type: text/css
content-length: 4780
last-modified: Mon, 22 Apr 2024 10:55:54 GMT
etag: "6626423a-12ac"
content-encoding: gzip
expires: Tue, 23 Apr 2024 12:26:52 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-ffa94c754d9aa939fdc018af117006c7-662b860b3be90f15-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-22T12:26:52+00:00, 2024-04-23T13:18:52+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.Asian-cb1300f7.js | 185.244.209.62 | 200 OK | 29 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.Asian-cb1300f7.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (64788), with no line terminators Hash07824180288a9c6a3276f486612df7d7 ec83f284a957114b2bf1e709b574c8bab032bf19 b89df0b5e3c1a25a67b84e7fb42719fd512dbc49a8c3dda0e7dfe786f6ee573a
GET /_nuxt/desktop/default/Page.Betting.Main.Asian-cb1300f7.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:19 GMT
content-type: application/javascript; charset=utf-8
content-length: 28909
last-modified: Tue, 23 Apr 2024 13:15:15 GMT
etag: "6627b463-70ed"
content-encoding: gzip
expires: Wed, 24 Apr 2024 14:28:33 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-31f9c17d8e711e77ad1810ef2977033b-231f1a0920a338b2-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T14:28:33+00:00, 2024-04-23T14:29:06+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.v-tooltip-de9cbf4c.js | 185.244.209.62 | 200 OK | 22 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.v-tooltip-de9cbf4c.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65476) Hashe0798c11c128dde9a2f8cb7010b4f2ac b501199439c816e3ce7b4db9343be18c7176393f f4d06de3e82b9e4717168f7368574bd7878368633d05b5b2136645e9f0f41fcb
GET /_nuxt/desktop/default/vendors/plugins.v-tooltip-de9cbf4c.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:20 GMT
content-type: application/javascript; charset=utf-8
content-length: 21881
last-modified: Tue, 23 Apr 2024 13:15:15 GMT
etag: "6627b463-5579"
content-encoding: gzip
expires: Wed, 24 Apr 2024 14:28:33 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-31818702f2d7560328508abe616f746a-5a002425c9e5d898-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T14:28:33+00:00, 2024-04-23T14:29:07+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.vue-notification-be432464.js | 185.244.209.62 | | 4.6 kB |
URL v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.vue-notification-be432464.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (12527), with no line terminators Hash1f560cda98016a758f23b98bb6451629 601e2074c0bac9c95a4cde3a1b0c8b2c46fc4157 e56d555d970e127bfcc5baf5da80649f7db6e3b9b09795af851020ca565644cd
GET /_nuxt/desktop/default/vendors/plugins.vue-notification-be432464.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:20 GMT
content-type: application/javascript; charset=utf-8
content-length: 4556
last-modified: Tue, 23 Apr 2024 12:08:33 GMT
etag: "6627a4c1-11cc"
content-encoding: gzip
expires: Wed, 24 Apr 2024 12:54:15 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-42c07b0710654e36afa602e767e94111-94d1ab9669ee5420-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T12:54:15+00:00, 2024-04-23T12:57:37+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/e5c0e314.css | 185.244.209.62 | 200 OK | 953 B |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/e5c0e314.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (3352), with no line terminators Hash748da80084597d87b4ff5e98b017b07b db6ad2ec24bfcbe751a23061d935403e1163f471 4eaf4071f43aaa0243a4c6948131b7a3e03fe6ab1f4228da38e8588c15e01f24
GET /_nuxt/desktop/default/css/e5c0e314.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:20 GMT
content-type: text/css
content-length: 953
last-modified: Mon, 22 Apr 2024 10:55:54 GMT
etag: "6626423a-3b9"
content-encoding: gzip
expires: Wed, 24 Apr 2024 11:04:48 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-49be454351b50a2a4aaf6dcbb7801035-49eb63644f64f3e3-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T11:04:48+00:00, 2024-04-23T14:45:47+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.vue-js-modal-b4e5c536.js | 185.244.209.62 | 200 OK | 8.1 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.vue-js-modal-b4e5c536.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (26717), with no line terminators Hashd6c0749abfe6ac3fa12439f8c5280965 9f433c690b68983f71225293938bfbea88e432f1 fe95732bdaefa78507800cbdf5e127902eec74eef86bee6a9bf1eeafc915c26c
GET /_nuxt/desktop/default/vendors/plugins.vue-js-modal-b4e5c536.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:20 GMT
content-type: application/javascript; charset=utf-8
content-length: 8056
last-modified: Tue, 23 Apr 2024 12:08:33 GMT
etag: "6627a4c1-1f78"
content-encoding: gzip
expires: Wed, 24 Apr 2024 12:54:15 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-bed8cbc6a286d8d9a1d580dab01bed7b-0ff5e4bcc597b83c-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T12:54:15+00:00, 2024-04-23T12:57:37+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/date-fns-locale-21-1bddb75a.js | 185.244.209.62 | 200 OK | 2.1 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/date-fns-locale-21-1bddb75a.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (6960), with no line terminators Hash646a2b32c35fc60e6fe759e25b80b680 4bffb554df5ebcd3f96154047e39cc1efe9d4658 b8339391f1719293f8987d960120957904d99c0e4d634e48f6f16f3e2c25e812
GET /_nuxt/desktop/default/date-fns-locale-21-1bddb75a.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:20 GMT
content-type: application/javascript; charset=utf-8
content-length: 2118
last-modified: Tue, 23 Apr 2024 13:15:15 GMT
etag: "6627b463-846"
content-encoding: gzip
expires: Wed, 24 Apr 2024 14:28:33 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-d9f2a5635c54b448fd4a43f333c03f92-023ad517adfb3462-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T14:28:33+00:00, 2024-04-23T14:29:07+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/DC-5812449e.js | 185.244.209.62 | 200 OK | 1.0 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/DC-5812449e.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (2336), with no line terminators Hash5fd92d5e19084953d42f6435bf43dbc3 1605b683a815f82e1439bedd7f7acc9bef1d75c1 ad5547e0059467c7711c34a6627570759b87ea738c7659a3f169fe1871eb2dda
GET /_nuxt/desktop/default/DC-5812449e.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:20 GMT
content-type: application/javascript; charset=utf-8
content-length: 1000
last-modified: Tue, 23 Apr 2024 12:08:33 GMT
etag: "6627a4c1-3e8"
content-encoding: gzip
expires: Wed, 24 Apr 2024 12:54:16 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-2e98952d3c542fc08a5961a0873ff356-ca6a3c986826ec5a-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T12:54:16+00:00, 2024-04-23T12:57:37+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Betting.Core-2da25bff.js | 185.244.209.62 | | 1.5 kB |
URL v3.traincdn.com/_nuxt/desktop/default/Betting.Core-2da25bff.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (2336), with no line terminators Hashf88f1c63128f0e3a6cf0bba4c765e061 7a2de92a1dda143bc6d94e44bc3a23674ddfaddf 580a79f8488335066e36b2d1b85e478b4099cee50aab9363cf751f2534511554
GET /_nuxt/desktop/default/Betting.Core-2da25bff.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:20 GMT
content-type: application/javascript; charset=utf-8
content-length: 1497
last-modified: Tue, 23 Apr 2024 13:15:15 GMT
etag: "6627b463-5d9"
content-encoding: gzip
expires: Wed, 24 Apr 2024 14:28:33 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-3fe43db8eb908804001933fe6b9f40da-e3e65060b85a2f40-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T14:28:33+00:00, 2024-04-23T14:29:08+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xbetnp.com/genfiles/cms/1-909/desktop/media_asset/b0e819b4524813881afa0691c6a7b5b1.json | 83.147.206.31 | 200 OK | 1.9 kB |
URL GET HTTP/21xbetnp.com/genfiles/cms/1-909/desktop/media_asset/b0e819b4524813881afa0691c6a7b5b1.json IP83.147.206.31:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerLet's Encrypt Subject1xbetnp.com FingerprintA5:E2:50:EB:20:4D:9A:C7:80:84:AB:9B:12:20:6F:CE:4C:D0:CC:F7 ValidityMon, 12 Feb 2024 05:16:51 GMT - Sun, 12 May 2024 05:16:50 GMT
Hasheec4805fe0f6e17d5ade92a382f5b068 ca6a26fe8ea31e66c0bef88c4e7f489dce9f9a4b b50904054641c30b6b4ee7ed4290b52022825f2e9e9e3a4a060b8ecddf28c898
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /genfiles/cms/1-909/desktop/media_asset/b0e819b4524813881afa0691c6a7b5b1.json HTTP/1.1
Host: 1xbetnp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder; platform_type=desktop; auid=U5POH2Yoi1IeurcpAxSaAg==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:20 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Wed, 28 Feb 2024 21:43:12 GMT
etag: W/"eec4805fe0f6e17d5ade92a382f5b068"
content-encoding: br
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.031
X-Firefox-Spdy: h2
|
|
| 1xbetnp.com/version.json?timestamp=1713933140355 | 83.147.206.31 | | 44 B |
URL 1xbetnp.com/version.json?timestamp=1713933140355 IP83.147.206.31:0 ASN#202492 Silverhill Group Holding Ltd
CertificateIssuerLet's Encrypt Subject1xbetnp.com FingerprintA5:E2:50:EB:20:4D:9A:C7:80:84:AB:9B:12:20:6F:CE:4C:D0:CC:F7 ValidityMon, 12 Feb 2024 05:16:51 GMT - Sun, 12 May 2024 05:16:50 GMT
Hash4345e203b9221c238b4eff202389c855 f204aa66e418fd18236dca45cbb775e08a5e31ef 0ba26518b8f62ef2fae6ac0fcdc4f90be4641303d839517545037fe2e6fc9098
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /version.json?timestamp=1713933140355 HTTP/1.1
Host: 1xbetnp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder; platform_type=desktop; auid=U5POH2Yoi1IeurcpAxSaAg==; SESSION=485ae37fae7b9b76dfa895caab1409cf; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:20 GMT
content-type: application/json
content-length: 44
last-modified: Tue, 23 Apr 2024 13:16:56 GMT
vary: Accept-Encoding
etag: "6627b4c8-2c"
content-encoding: gzip
expires: Wed, 24 Apr 2024 04:33:20 GMT
access-control-allow-origin: *
cache-control: max-age=60, max-age=60, s-maxage=60
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.007
X-Firefox-Spdy: h2
|
|
| 1xbetnp.com/seo-module-api/api/public/v1/analytics-counters?url=https:%2F%2F1xbetnp.com&projectId=909 | 83.147.206.31 | 200 OK | 72 B |
URL GET HTTP/21xbetnp.com/seo-module-api/api/public/v1/analytics-counters?url=https:%2F%2F1xbetnp.com&projectId=909 IP83.147.206.31:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerLet's Encrypt Subject1xbetnp.com FingerprintA5:E2:50:EB:20:4D:9A:C7:80:84:AB:9B:12:20:6F:CE:4C:D0:CC:F7 ValidityMon, 12 Feb 2024 05:16:51 GMT - Sun, 12 May 2024 05:16:50 GMT
Hashd16a8ac1708c68ffe54008167c7b1788 cc0cedaa9215ddb62c7710b4c292a6f734b7f729 e96767324a6d812c43f3c1ad8c49540f61f8e2cf73f360c3b93e9aad26c1a21f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /seo-module-api/api/public/v1/analytics-counters?url=https:%2F%2F1xbetnp.com&projectId=909 HTTP/1.1
Host: 1xbetnp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder; platform_type=desktop; auid=U5POH2Yoi1IeurcpAxSaAg==; SESSION=485ae37fae7b9b76dfa895caab1409cf; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:20 GMT
content-type: application/json
content-length: 72
cache-control: max-age=1200, must-revalidate, public, s-maxage=1800, stale-if-error=86400, stale-while-revalidate=300
x-content-digest: en43c984bba6946316b6444bf2e6429a4c
age: 1337
x-request-id: 3bd5bd154a7abf22755fc44276f2af45
x-request-guid: 3bd5bd154a7abf22755fc44276f2af45
x-time-ng: 0.003
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: p;dur=1.9640922546387, wf-uht;dur=0.010
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/ioc.dependencies.18-6c0bd0e4.js | 185.244.209.62 | 200 OK | 1.3 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/ioc.dependencies.18-6c0bd0e4.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (3073), with no line terminators Hash8de2f812def30650dc849a6c4ad1d711 cb603fde42ac77caf6f5432c710cfe271dda3cef 537262d05d61223f1d34cb2ec7ec7240f6b49c1189d0b7d7cff0384a4292f150
GET /_nuxt/desktop/default/ioc.dependencies.18-6c0bd0e4.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:20 GMT
content-type: application/javascript; charset=utf-8
content-length: 1321
last-modified: Tue, 23 Apr 2024 13:15:15 GMT
etag: "6627b463-529"
content-encoding: gzip
expires: Wed, 24 Apr 2024 14:28:34 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-18075f2350469267e5567c32ebd0eaee-ee27ff4a40af4d8f-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T14:28:34+00:00, 2024-04-23T14:29:10+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Cyber.Game/Page.NewCyber.CyberApp/Page.NewCyber.CyberChamps/Page.NewCyber.CyberDashboar/ff3e75d4-3bf76071.js | 185.244.209.62 | 200 OK | 7.4 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Cyber.Game/Page.NewCyber.CyberApp/Page.NewCyber.CyberChamps/Page.NewCyber.CyberDashboar/ff3e75d4-3bf76071.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (32231), with no line terminators Hash73045dab5a0f1892f4ecaa63deac81c4 53f582f313d660bcb8bc204d4b9930878f667271 3da8040fa2cbba713382129ac29b73bbd06c920cd0086fd10edad8b85c413e23
GET /_nuxt/desktop/default/vendors/Page.Cyber.Game/Page.NewCyber.CyberApp/Page.NewCyber.CyberChamps/Page.NewCyber.CyberDashboar/ff3e75d4-3bf76071.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:20 GMT
content-type: application/javascript; charset=utf-8
content-length: 7382
last-modified: Tue, 23 Apr 2024 13:15:15 GMT
etag: "6627b463-1cd6"
content-encoding: gzip
expires: Wed, 24 Apr 2024 14:28:35 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-2ec1069d68ac960d229a2901ac8d7d86-7ec68410d0c50039-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T14:28:35+00:00, 2024-04-23T14:29:10+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/betting.SportMenuApp-c04577b2.js | 185.244.209.62 | | 5.3 kB |
URL v3.traincdn.com/_nuxt/desktop/default/vendors/betting.SportMenuApp-c04577b2.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (20674), with no line terminators Hash92f2228f7f2d8ea17cc1bbd2946c5235 79c8609806d6d5d95cc518023baecc8d1952e6e2 e097b717e3ae34e2ff062ec780fb4b9513f743f41ca1e0528f07361bb5dc3f48
GET /_nuxt/desktop/default/vendors/betting.SportMenuApp-c04577b2.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:20 GMT
content-type: application/javascript; charset=utf-8
content-length: 5347
last-modified: Tue, 23 Apr 2024 13:15:15 GMT
etag: "6627b463-14e3"
content-encoding: gzip
expires: Wed, 24 Apr 2024 14:28:35 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-945b339af090ad2ebd0406869512b353-def381e1bdd1cb71-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T14:28:35+00:00, 2024-04-23T14:29:10+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/ad481252.css | 185.244.209.62 | 200 OK | 3.0 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/ad481252.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (22886), with no line terminators Hashc7f34a5d51920cc71c1de5650e93ba9f c8e496bab9ced71a3160f0d30d5f061e9b9845b1 5768f888a21a23426a5ba6c204d97b7fc73ba52a24d503676206036ec84a1265
GET /_nuxt/desktop/default/css/ad481252.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:20 GMT
content-type: text/css
content-length: 3004
last-modified: Mon, 22 Apr 2024 10:55:54 GMT
etag: "6626423a-bbc"
content-encoding: gzip
expires: Tue, 23 Apr 2024 12:26:56 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-c25f46472ce52eaa53850292269be74d-17062ca5f8ea878d-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-22T12:26:56+00:00, 2024-04-23T14:18:39+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/betting.SportMenuApp-82ce6195.js | 185.244.209.62 | 200 OK | 25 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/betting.SportMenuApp-82ce6195.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65483), with no line terminators Hashcb65d148da616bc7624597ec1f9802da 51d8d278e180f09b548c0b123e3627840bce9244 2e27352090f3824edb7a7849a5daf063288ad34f11c710525c99b0bf1486b66f
GET /_nuxt/desktop/default/betting.SportMenuApp-82ce6195.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:20 GMT
content-type: application/javascript; charset=utf-8
content-length: 24915
last-modified: Tue, 23 Apr 2024 13:15:15 GMT
etag: "6627b463-6153"
content-encoding: gzip
expires: Wed, 24 Apr 2024 14:28:35 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-856933d6966a1794a950c0605c3a65ba-04a90964a63d8167-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T14:28:35+00:00, 2024-04-23T14:29:10+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/betting.HomeSliderComponent-74faad26.js | 185.244.209.62 | 200 OK | 7.4 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/vendors/betting.HomeSliderComponent-74faad26.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (27479), with no line terminators Hash36a40a25b745631e0e28cac4083cbeac 76ad3820c008567577fec994bf3e1e7440e2e77e af4793dd4927863c6ac8d66b033d5d7efb7bfa65a967208fc1c12a07bdc64436
GET /_nuxt/desktop/default/vendors/betting.HomeSliderComponent-74faad26.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:20 GMT
content-type: application/javascript; charset=utf-8
content-length: 7383
last-modified: Tue, 23 Apr 2024 13:15:15 GMT
etag: "6627b463-1cd7"
content-encoding: gzip
expires: Wed, 24 Apr 2024 14:28:35 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-cef732252dfa78488152b2a90b44a886-de0e6aa7433b0da0-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T14:28:35+00:00, 2024-04-23T14:29:10+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/85022173.css | 185.244.209.62 | | 1.7 kB |
URL v3.traincdn.com/_nuxt/desktop/default/css/85022173.css IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (9757), with no line terminators Hashd9ff2bf37891da2be05d7fd5442113f5 419f63a7b47f983139a1cdc040707ab4b90bc255 05d90d1e2368c45cf52f0796d76035b98b8ab02ff57d218005ddffbfc20963c5
GET /_nuxt/desktop/default/css/85022173.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:20 GMT
content-type: text/css
content-length: 1731
last-modified: Tue, 23 Apr 2024 12:08:33 GMT
etag: "6627a4c1-6c3"
content-encoding: gzip
expires: Wed, 24 Apr 2024 12:54:22 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-78bee8d9aa46080fb10d3e384e950045-7432db362c4812b8-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T12:54:22+00:00, 2024-04-23T13:00:10+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/betting.HomeSliderComponent-888df66d.js | 185.244.209.62 | 200 OK | 7.6 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/betting.HomeSliderComponent-888df66d.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (24523), with no line terminators Hash54be88936d941a65bd59d27f8bf96657 47a93d65c60bc45add632fcf288afff7ba6fe257 ee1dc1579a781b5d03318e39af446dfe8d2fd2c1cd6878a61882c21414d24a06
GET /_nuxt/desktop/default/betting.HomeSliderComponent-888df66d.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:20 GMT
content-type: application/javascript; charset=utf-8
content-length: 7601
last-modified: Tue, 23 Apr 2024 13:15:15 GMT
etag: "6627b463-1db1"
content-encoding: gzip
expires: Wed, 24 Apr 2024 14:28:35 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-9f6d0cefb66f597558c21d582161b2e0-1331bc162b90be4a-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T14:28:35+00:00, 2024-04-23T14:29:10+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/9f2746da.css | 185.244.209.62 | 200 OK | 1.3 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/9f2746da.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (6439), with no line terminators Hashcdd7464b2b178b37ed8a1368b6383203 0a13fc4908d91476649bb51e33d690b460a5a89c aeacff8e3f578ea2842f067e3f42d53e72a4f668cf526c60dc659bd89f5a3c6b
GET /_nuxt/desktop/default/css/9f2746da.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:20 GMT
content-type: text/css
content-length: 1305
last-modified: Mon, 22 Apr 2024 10:55:54 GMT
etag: "6626423a-519"
content-encoding: gzip
expires: Tue, 23 Apr 2024 12:26:56 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-a83334959b560da5dc530d7f5e95c53a-952fc3870fe79d9c-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-22T12:26:56+00:00, 2024-04-23T14:18:39+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/betting.CentralMenuApp-fcf94262.js | 185.244.209.62 | | 16 kB |
URL v3.traincdn.com/_nuxt/desktop/default/betting.CentralMenuApp-fcf94262.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (64597), with no line terminators Hash0b750d1eb8ed980568c3b2783bc73abe 2f4cbcbc29cf5174e2490d0723dffd13919391a4 36844a337b242c366f594f7cd16f1505aefa8c2c38dccaf97b78eec261021312
GET /_nuxt/desktop/default/betting.CentralMenuApp-fcf94262.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:20 GMT
content-type: application/javascript; charset=utf-8
content-length: 16497
last-modified: Tue, 23 Apr 2024 13:15:15 GMT
etag: "6627b463-4071"
content-encoding: gzip
expires: Wed, 24 Apr 2024 14:28:35 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-310420aad1443ed093efeed66ff94f3e-9ecbf0a3d704d90d-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T14:28:35+00:00, 2024-04-23T14:29:10+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/526e44d9.css | 185.244.209.62 | | 459 B |
URL v3.traincdn.com/_nuxt/desktop/default/css/526e44d9.css IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (1526), with no line terminators Hash97fdf5b6e7dfddf6ab251e984133b2c3 bb552fe685c52c34e0ed91e4dfaa9df2675ad086 92fcdb73c544b1f2befe78685340fd3371e920187a2232f8e4bffd73985d40e3
GET /_nuxt/desktop/default/css/526e44d9.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:20 GMT
content-type: text/css
content-length: 459
last-modified: Mon, 22 Apr 2024 10:55:54 GMT
etag: "6626423a-1cb"
content-encoding: gzip
expires: Wed, 24 Apr 2024 11:05:11 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-4394faccd9094fdb44b4244aac6f80d0-655b51ee460dd543-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T11:05:11+00:00, 2024-04-23T14:51:55+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/betting.media-969fa6be.js | 185.244.209.62 | 200 OK | 17 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/vendors/betting.media-969fa6be.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (41022), with NEL line terminators Hashed1aa306ac0483a61e03d12f0cf0c683 3688fabf92067a4cc58d87aec282cddc6a7e33f0 fdc6326914576f6b064f1b56dc5e153e8f601d12932d28cda623ea1c6670ffff
GET /_nuxt/desktop/default/vendors/betting.media-969fa6be.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:20 GMT
content-type: application/javascript; charset=utf-8
content-length: 16831
last-modified: Tue, 23 Apr 2024 12:08:33 GMT
etag: "6627a4c1-41bf"
content-encoding: gzip
expires: Wed, 24 Apr 2024 12:54:21 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-25e3acb7fbf1066361a0e3105253de16-73332b3e49ba6f67-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T12:54:21+00:00, 2024-04-23T12:57:37+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/ff267c5c.css | 185.244.209.62 | 200 OK | 1.5 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/ff267c5c.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (7000), with no line terminators Hashf379bc6f4b94f34d96f6fe51159bee63 f4c0d4dbef1e1e734e84e05d75e4ff950d06eb60 b2a5bd6495250a19500dd5a6ca62f045c8b70226a668dc63ef40c78883bdae11
GET /_nuxt/desktop/default/css/ff267c5c.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:20 GMT
content-type: text/css
content-length: 1486
last-modified: Tue, 23 Apr 2024 13:15:15 GMT
etag: "6627b463-5ce"
content-encoding: gzip
expires: Wed, 24 Apr 2024 14:33:15 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-820c361dff17b73ebb9e8b0acece8002-a29f9d44fca25008-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T14:33:15+00:00, 2024-04-23T16:10:03+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/betting.media-91c67102.js | 185.244.209.62 | | 4.7 kB |
URL v3.traincdn.com/_nuxt/desktop/default/betting.media-91c67102.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (16761), with no line terminators Hash9edd02014a4812685d800389066bc94b c89f400bb9b8ab7af4e7461a2d2ec002aea83bb8 23e9fe0dac6ac461e53781b9d407e7e3595eeea010fb4d6236eaa6b7699928ee
GET /_nuxt/desktop/default/betting.media-91c67102.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:20 GMT
content-type: application/javascript; charset=utf-8
content-length: 4731
last-modified: Tue, 23 Apr 2024 13:15:15 GMT
etag: "6627b463-127b"
content-encoding: gzip
expires: Wed, 24 Apr 2024 14:28:35 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-5463cdecde9d0493a5437d4b2237ec75-6d15cade03357018-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T14:28:35+00:00, 2024-04-23T14:29:10+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xbetnp.com/service-api/gamespreview/getbanner?whence=55&ref=1&gr=909&lng=en&fCountry=137 | 83.147.206.31 | 200 OK | 155 B |
URL GET HTTP/21xbetnp.com/service-api/gamespreview/getbanner?whence=55&ref=1&gr=909&lng=en&fCountry=137 IP83.147.206.31:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerLet's Encrypt Subject1xbetnp.com FingerprintA5:E2:50:EB:20:4D:9A:C7:80:84:AB:9B:12:20:6F:CE:4C:D0:CC:F7 ValidityMon, 12 Feb 2024 05:16:51 GMT - Sun, 12 May 2024 05:16:50 GMT
Hashd9c4e764d0719887a701a2fd57d2ed20 dd9132eb122454d6202e18dc89cf3f813bd28eea bfb3eb33d14d3606f7ef2f2ebf7194a6eba1837022e2cce1a5adaebff4226d10
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/gamespreview/getbanner?whence=55&ref=1&gr=909&lng=en&fCountry=137 HTTP/1.1
Host: 1xbetnp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xbetnp.com/en?tag=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder; platform_type=desktop; auid=U5POH2Yoi1IeurcpAxSaAg==; SESSION=485ae37fae7b9b76dfa895caab1409cf; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:21 GMT
content-type: application/json; charset=utf-8
content-length: 155
x-time-ng: 0.002
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.010
X-Firefox-Spdy: h2
|
|
| 1xbetnp.com/session-api/sessions/user | 83.147.206.31 | 200 OK | 16 B |
URL GET HTTP/21xbetnp.com/session-api/sessions/user IP83.147.206.31:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerLet's Encrypt Subject1xbetnp.com FingerprintA5:E2:50:EB:20:4D:9A:C7:80:84:AB:9B:12:20:6F:CE:4C:D0:CC:F7 ValidityMon, 12 Feb 2024 05:16:51 GMT - Sun, 12 May 2024 05:16:50 GMT
Hash646b2e82b65602d35f7aa6283c387e3a b163a70c5df8e4b0861a23a04f8a6f78393747f4 b68bf12405ee2cb5b76764df21dbc2df0953ddff4072ddc5281d1aab05e8c4ab
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /session-api/sessions/user HTTP/1.1
Host: 1xbetnp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xbetnp.com/en?tag=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder; platform_type=desktop; auid=U5POH2Yoi1IeurcpAxSaAg==; SESSION=485ae37fae7b9b76dfa895caab1409cf; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:21 GMT
content-type: application/json
content-length: 16
cache-control: no-cache, private
x-time-ng: 0.004
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: p;dur=1.9199848175049, wf-uht;dur=0.013
X-Firefox-Spdy: h2
|
|
| 1xbetnp.com/bff-api/event-logo/v2/suitable.json?lang=en | 83.147.206.31 | 200 OK | 2 B |
URL GET HTTP/21xbetnp.com/bff-api/event-logo/v2/suitable.json?lang=en IP83.147.206.31:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerLet's Encrypt Subject1xbetnp.com FingerprintA5:E2:50:EB:20:4D:9A:C7:80:84:AB:9B:12:20:6F:CE:4C:D0:CC:F7 ValidityMon, 12 Feb 2024 05:16:51 GMT - Sun, 12 May 2024 05:16:50 GMT
Hashd751713988987e9331980363e24189ce 97d170e1550eee4afc0af065b78cda302a97674c 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /bff-api/event-logo/v2/suitable.json?lang=en HTTP/1.1
Host: 1xbetnp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xbetnp.com/en?tag=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder; platform_type=desktop; auid=U5POH2Yoi1IeurcpAxSaAg==; SESSION=485ae37fae7b9b76dfa895caab1409cf; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:21 GMT
content-type: application/json
content-length: 2
cache-control: no-cache, private
server-timing: bff;dur=13.36, dt_total;dur=14.290, wf-uht;dur=0.022
traceparent: 00-1b7c3fabf7f17c8b28e9f9581a644c90-b5a34ad440961909-01
x-dt: 909
x-time-ng: 0.014
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/88cfac66.css | 185.244.209.62 | 200 OK | 97 B |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/88cfac66.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash9deb70dd3fbdc7061ed21c5632fbc55b 22ae1cadf75b3fdd5e3e3762842b1b7a6f6e7ed8 be8196057ac43ab3882caf30239c364e1ef4ceda087e92ca87187ce239f022f9
GET /_nuxt/desktop/default/css/88cfac66.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:21 GMT
content-type: text/css
content-length: 97
last-modified: Mon, 22 Apr 2024 10:55:54 GMT
etag: "6626423a-61"
content-encoding: gzip
expires: Tue, 23 Apr 2024 14:02:53 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-52b01d4a7fa3d413f0630c70cb7496d2-22ed0360f9b2c297-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-22T14:02:53+00:00, 2024-04-23T11:50:31+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-icons/1.0.328/285/common.svg | 185.244.209.62 | 200 OK | 68 kB |
URL GET HTTP/2v3.traincdn.com/sys-icons/1.0.328/285/common.svg IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash65e10afa593f1a1c2e3489ef87b96c1e b06b75e4244b53b023e4566cc9b4ba604a269fe4 303e85a0f844bc8ea2c3179b47c9187adbc416b02b7d843ac3a307e691cd9d2a
GET /sys-icons/1.0.328/285/common.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xbetnp.com
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:21 GMT
content-type: image/svg+xml
last-modified: Mon, 15 Apr 2024 07:13:32 GMT
etag: W/"7bf3e9e7d79beac942f5e7748a3af2e6"
x-amz-meta-mtime: 1713165210.217888091
content-encoding: gzip
expires: Tue, 23 Apr 2024 10:38:01 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-c8e078b333bff87a215e2654d2d42bc2-17dc6b2f8a853503-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-22T10:38:01+00:00, 2024-04-23T11:09:09+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/25e24e18.css | 185.244.209.62 | 200 OK | 1.5 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/25e24e18.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (6262), with no line terminators Hash09f1bd90913ad83743065cc13ee3e0c6 0f1d49d4ddfccf474d882839c1ac901a8c1d91e6 b0222e16baaccc20a1143166da7715bbab586f1d8d8bebf26f91e98738a55a92
GET /_nuxt/desktop/default/css/25e24e18.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:21 GMT
content-type: text/css
content-length: 1505
last-modified: Mon, 22 Apr 2024 10:55:54 GMT
etag: "6626423a-5e1"
content-encoding: gzip
expires: Tue, 23 Apr 2024 12:26:56 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-d2a88e2acac28045be0e9e5f4f6e15ee-180a7c58271e7652-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-22T12:26:56+00:00, 2024-04-23T13:46:38+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/RegistrationWidgetApp-41260109.js | 185.244.209.62 | | 21 kB |
URL v3.traincdn.com/_nuxt/desktop/default/vendors/RegistrationWidgetApp-41260109.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash21a835136b8ae33cd00097879bb168a6 0be03e28575e2d36f43af705a84d6696e07717d1 cb12d647211b4890761ff8ece8e9fb9b0de34219e200e7a2c8dcc123c3417632
GET /_nuxt/desktop/default/vendors/RegistrationWidgetApp-41260109.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:21 GMT
content-type: application/javascript; charset=utf-8
content-length: 20723
last-modified: Tue, 23 Apr 2024 13:15:15 GMT
etag: "6627b463-50f3"
content-encoding: gzip
expires: Wed, 24 Apr 2024 14:28:35 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-cec8de5a5d414759de4edbb205e2c16e-62fec5a50f384aaf-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T14:28:35+00:00, 2024-04-23T14:29:10+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/betting.coupon2-1ecfb74c.js | 185.244.209.62 | 200 OK | 580 B |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/betting.coupon2-1ecfb74c.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (1003), with no line terminators Hash14565039f0ad5d77219bca259af6c150 e4a754546968a83c871aa2a5f4d88ba141a15fc6 6558d81c13b54927cf40265b22f5c1c9184571e740da752071d574092556fc90
GET /_nuxt/desktop/default/betting.coupon2-1ecfb74c.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:21 GMT
content-type: application/javascript; charset=utf-8
content-length: 580
last-modified: Tue, 23 Apr 2024 13:15:15 GMT
etag: "6627b463-244"
content-encoding: gzip
expires: Wed, 24 Apr 2024 14:28:36 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-913c4cef6b8b6adb6a9e3a22bdc2f877-c74a6c4cda44ab2f-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T14:28:36+00:00, 2024-04-23T14:29:10+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xbetnp.com/service-api/LiveFeed/GetTopGamesStatZip?lng=en&antisports=66 | 83.147.206.31 | 200 OK | 2.5 kB |
URL GET HTTP/21xbetnp.com/service-api/LiveFeed/GetTopGamesStatZip?lng=en&antisports=66 IP83.147.206.31:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerLet's Encrypt Subject1xbetnp.com FingerprintA5:E2:50:EB:20:4D:9A:C7:80:84:AB:9B:12:20:6F:CE:4C:D0:CC:F7 ValidityMon, 12 Feb 2024 05:16:51 GMT - Sun, 12 May 2024 05:16:50 GMT
Hash42d0dd2bb56af7ea18693b2223ecf44b 0814d9319a2c8104ba46b3456052708f4f2f4eaf 86d6ac57e1e132a2dd9dde59c379b23cb24e643c1a27947386f23dc5de19ac73
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/GetTopGamesStatZip?lng=en&antisports=66 HTTP/1.1
Host: 1xbetnp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xbetnp.com/en?tag=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder; platform_type=desktop; auid=U5POH2Yoi1IeurcpAxSaAg==; SESSION=485ae37fae7b9b76dfa895caab1409cf; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:21 GMT
content-type: application/json; charset=utf-8
content-length: 2528
cache-control: public, max-age=5
content-encoding: br
last-modified: Wed, 24 Apr 2024 04:32:21 GMT
vary: Accept-Encoding
x-time-ng: 0.004
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.012
X-Firefox-Spdy: h2
|
|
| 1xbetnp.com/service-api/LiveFeed/WebGetTopChampsZip?lng=en&gr=909&country=137 | 83.147.206.31 | 200 OK | 258 B |
URL GET HTTP/21xbetnp.com/service-api/LiveFeed/WebGetTopChampsZip?lng=en&gr=909&country=137 IP83.147.206.31:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerLet's Encrypt Subject1xbetnp.com FingerprintA5:E2:50:EB:20:4D:9A:C7:80:84:AB:9B:12:20:6F:CE:4C:D0:CC:F7 ValidityMon, 12 Feb 2024 05:16:51 GMT - Sun, 12 May 2024 05:16:50 GMT
Hash6b410dd2c07ab8dc7ea3612945386685 9d9b746ddabe121ffedb7dff9e0aff03b92998b1 aa7e649282a2bbf5af23394e678496503278768e36b9f21c74ebe474806513e8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/WebGetTopChampsZip?lng=en&gr=909&country=137 HTTP/1.1
Host: 1xbetnp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xbetnp.com/en?tag=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder; platform_type=desktop; auid=U5POH2Yoi1IeurcpAxSaAg==; SESSION=485ae37fae7b9b76dfa895caab1409cf; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:21 GMT
content-type: application/json; charset=utf-8
content-length: 258
cache-control: no-cache
content-encoding: br
last-modified: Wed, 24 Apr 2024 04:32:21 GMT
vary: Accept-Encoding
x-time-ng: 0.013
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.021
X-Firefox-Spdy: h2
|
|
| 1xbetnp.com/genfiles/cms/desktop/contact/bbe311f5109a8883f7f66da03096adb9.svg | 83.147.206.31 | 200 OK | 939 B |
URL GET HTTP/21xbetnp.com/genfiles/cms/desktop/contact/bbe311f5109a8883f7f66da03096adb9.svg IP83.147.206.31:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerLet's Encrypt Subject1xbetnp.com FingerprintA5:E2:50:EB:20:4D:9A:C7:80:84:AB:9B:12:20:6F:CE:4C:D0:CC:F7 ValidityMon, 12 Feb 2024 05:16:51 GMT - Sun, 12 May 2024 05:16:50 GMT
File typeSVG Scalable Vector Graphics image Hashdd0ba7f11dc5dc2262d85c17e005e3a7 6cbcc88ad5697d6f6613613833612a221f2f68c7 10b334138b216c1a31ef0e70bcaee9650f4c2839b5131ef5a4e0ee49e5f2bfdf
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /genfiles/cms/desktop/contact/bbe311f5109a8883f7f66da03096adb9.svg HTTP/1.1
Host: 1xbetnp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/en?tag=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder; platform_type=desktop; auid=U5POH2Yoi1IeurcpAxSaAg==; SESSION=485ae37fae7b9b76dfa895caab1409cf; window_width=1280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:21 GMT
content-type: image/svg+xml
content-length: 939
last-modified: Fri, 23 Feb 2024 11:01:54 GMT
etag: "dd0ba7f11dc5dc2262d85c17e005e3a7"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.007
X-Firefox-Spdy: h2
|
|
| 1xbetnp.com/genfiles/cms/desktop/contact/86f18367ce2829388dcdabccb99b1740.svg | 83.147.206.31 | 200 OK | 263 B |
URL GET HTTP/21xbetnp.com/genfiles/cms/desktop/contact/86f18367ce2829388dcdabccb99b1740.svg IP83.147.206.31:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerLet's Encrypt Subject1xbetnp.com FingerprintA5:E2:50:EB:20:4D:9A:C7:80:84:AB:9B:12:20:6F:CE:4C:D0:CC:F7 ValidityMon, 12 Feb 2024 05:16:51 GMT - Sun, 12 May 2024 05:16:50 GMT
File typeSVG Scalable Vector Graphics image Hash28e2c161800b61b985a163f5c492ae51 8845ea940210b4ccb195cca855a598e6aaa58ed0 77c93c24e4eb0f8815a7526d405818c9a38ba6e4317f1fee588fffbc00cb17de
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /genfiles/cms/desktop/contact/86f18367ce2829388dcdabccb99b1740.svg HTTP/1.1
Host: 1xbetnp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/en?tag=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder; platform_type=desktop; auid=U5POH2Yoi1IeurcpAxSaAg==; SESSION=485ae37fae7b9b76dfa895caab1409cf; window_width=1280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:21 GMT
content-type: image/svg+xml
content-length: 263
last-modified: Fri, 23 Feb 2024 10:01:24 GMT
etag: "28e2c161800b61b985a163f5c492ae51"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.011
X-Firefox-Spdy: h2
|
|
| 1xbetnp.com/genfiles/cms/desktop/contact/6726b16cfb4e516989153ce398d4a0e4.svg | 83.147.206.31 | 200 OK | 506 B |
URL GET HTTP/21xbetnp.com/genfiles/cms/desktop/contact/6726b16cfb4e516989153ce398d4a0e4.svg IP83.147.206.31:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerLet's Encrypt Subject1xbetnp.com FingerprintA5:E2:50:EB:20:4D:9A:C7:80:84:AB:9B:12:20:6F:CE:4C:D0:CC:F7 ValidityMon, 12 Feb 2024 05:16:51 GMT - Sun, 12 May 2024 05:16:50 GMT
File typeSVG Scalable Vector Graphics image Hash9c340eae608db0c25657b4a73d769afe 988fbf333a2e9290211cd9e6b7c98c59719012b0 b92e969acd8a1e0f9cfd1f84080ca5ccb8cb49b105299434c275a8813faf841e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /genfiles/cms/desktop/contact/6726b16cfb4e516989153ce398d4a0e4.svg HTTP/1.1
Host: 1xbetnp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/en?tag=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder; platform_type=desktop; auid=U5POH2Yoi1IeurcpAxSaAg==; SESSION=485ae37fae7b9b76dfa895caab1409cf; window_width=1280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:21 GMT
content-type: image/svg+xml
content-length: 506
last-modified: Fri, 23 Feb 2024 10:03:36 GMT
etag: "9c340eae608db0c25657b4a73d769afe"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.008
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/DownloadAppWidgetAnalytics-0a5e307c.js | 185.244.209.62 | | 365 B |
URL v3.traincdn.com/_nuxt/desktop/default/DownloadAppWidgetAnalytics-0a5e307c.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (416), with no line terminators Hashbda5f679331e3f3a71a5ab33a44cfc03 4aed09967637f2771aa64524e3b2a5a4279466f9 dce768bc7197479f989e5b23944b49c774309864a2d42f9ce0e6da3ffd54a262
GET /_nuxt/desktop/default/DownloadAppWidgetAnalytics-0a5e307c.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:21 GMT
content-type: application/javascript; charset=utf-8
content-length: 365
last-modified: Tue, 23 Apr 2024 13:15:15 GMT
etag: "6627b463-16d"
content-encoding: gzip
expires: Wed, 24 Apr 2024 14:28:36 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-b5b0693890b10b7a562ed3aa48ddf44f-cd4f0a805bda75e3-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T14:28:36+00:00, 2024-04-23T14:29:10+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xbetnp.com/genfiles/cms/desktop/contact/dbc1950bbcc8e27b5dbec1f42635e8d0.svg | 83.147.206.31 | 200 OK | 296 B |
URL GET HTTP/21xbetnp.com/genfiles/cms/desktop/contact/dbc1950bbcc8e27b5dbec1f42635e8d0.svg IP83.147.206.31:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerLet's Encrypt Subject1xbetnp.com FingerprintA5:E2:50:EB:20:4D:9A:C7:80:84:AB:9B:12:20:6F:CE:4C:D0:CC:F7 ValidityMon, 12 Feb 2024 05:16:51 GMT - Sun, 12 May 2024 05:16:50 GMT
File typeSVG Scalable Vector Graphics image Hashb1bf63d00887bb0354e9d89c7d790a01 2d64ab25c9afff682abd6732f62ba62a197e972b a6a4fbbd99a0a82de03f05da827ccd9d019574bf3450727530403c2b5ce92df0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /genfiles/cms/desktop/contact/dbc1950bbcc8e27b5dbec1f42635e8d0.svg HTTP/1.1
Host: 1xbetnp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/en?tag=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder; platform_type=desktop; auid=U5POH2Yoi1IeurcpAxSaAg==; SESSION=485ae37fae7b9b76dfa895caab1409cf; window_width=1280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:21 GMT
content-type: image/svg+xml
content-length: 296
last-modified: Fri, 23 Feb 2024 10:03:47 GMT
etag: "b1bf63d00887bb0354e9d89c7d790a01"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.030
X-Firefox-Spdy: h2
|
|
| 1xbetnp.com/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json | 83.147.206.31 | | 23 B |
URL 1xbetnp.com/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json IP83.147.206.31:0 ASN#202492 Silverhill Group Holding Ltd
CertificateIssuerLet's Encrypt Subject1xbetnp.com FingerprintA5:E2:50:EB:20:4D:9A:C7:80:84:AB:9B:12:20:6F:CE:4C:D0:CC:F7 ValidityMon, 12 Feb 2024 05:16:51 GMT - Sun, 12 May 2024 05:16:50 GMT
Hash80b205f93005ad393abdc2cd0e526442 7d420e31e17d81a472f8664a690f1d0837085ca5 41985827990dd6f971cfe78528622356dd78fae7f9026b47b5b83e573e9ad734
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json HTTP/1.1
Host: 1xbetnp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xbetnp.com/en?tag=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder
Content-Type: application/json
X-Lang: en
X-Uuid: 97e79b2f-6dce-4ff1-8649-eeee4117cb2c
Content-Length: 81
Origin: https://1xbetnp.com
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder; platform_type=desktop; auid=U5POH2Yoi1IeurcpAxSaAg==; SESSION=485ae37fae7b9b76dfa895caab1409cf; window_width=1280; _glhf=1713950917
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:21 GMT
content-type: application/json
content-length: 23
x-time-ng: 0.000
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.007
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/DownloadAppWidget/modal.IplWorldInstallModal/modal.office.TwoFactorAuthEnableModal-fc97ad68.js | 185.244.209.62 | 200 OK | 5.6 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/vendors/DownloadAppWidget/modal.IplWorldInstallModal/modal.office.TwoFactorAuthEnableModal-fc97ad68.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (15997) Hash12c0a8a167063fa1743b27ac4e537460 a51e99cf826d86a23bf7e166f833b46b517ccdbb a49ece220afcdcf483c4b1a36e0813329c879079080cd81008709687811d1125
GET /_nuxt/desktop/default/vendors/DownloadAppWidget/modal.IplWorldInstallModal/modal.office.TwoFactorAuthEnableModal-fc97ad68.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:21 GMT
content-type: application/javascript; charset=utf-8
content-length: 5562
last-modified: Tue, 23 Apr 2024 12:08:33 GMT
etag: "6627a4c1-15ba"
content-encoding: gzip
expires: Wed, 24 Apr 2024 12:54:26 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-960ad6455802475758b0a671eedf06b4-69a670143da2a7cd-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T12:54:26+00:00, 2024-04-23T13:00:14+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/0e3e1e8d.css | 185.244.209.62 | | 1.2 kB |
URL v3.traincdn.com/_nuxt/desktop/default/css/0e3e1e8d.css IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (5638), with no line terminators Hashbe85f100312ee4f9396b6e89cbcb0fef 3934783d38d182ddcaccfdedbbe4fb65c266864c 06a9b859f60f7872c7beaa8286d3c1f45708dd0e1dee20f4c0d55c8719cc2983
GET /_nuxt/desktop/default/css/0e3e1e8d.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:21 GMT
content-type: text/css
content-length: 1193
last-modified: Mon, 22 Apr 2024 10:55:54 GMT
etag: "6626423a-4a9"
content-encoding: gzip
expires: Tue, 23 Apr 2024 12:26:58 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-405f750cfffdbeb2b4e4d2de531dcdf0-b34679e7e49509e9-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-22T12:26:58+00:00, 2024-04-23T13:46:43+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xbetnp.com/web-api/external-api/config/getVideoAccessConfig | 83.147.206.31 | 200 OK | 6.9 kB |
URL GET HTTP/21xbetnp.com/web-api/external-api/config/getVideoAccessConfig IP83.147.206.31:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerLet's Encrypt Subject1xbetnp.com FingerprintA5:E2:50:EB:20:4D:9A:C7:80:84:AB:9B:12:20:6F:CE:4C:D0:CC:F7 ValidityMon, 12 Feb 2024 05:16:51 GMT - Sun, 12 May 2024 05:16:50 GMT
Hashcb0bc8eedc642fc591c0eef57e6c67e5 6c62aeececef0a5ff474bb21bf569ad8d48f6bd0 c57136f602923fc19534e58f7da5a483616d80031222372e19a29fd6f22b0a0e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /web-api/external-api/config/getVideoAccessConfig HTTP/1.1
Host: 1xbetnp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xbetnp.com/en?tag=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder; platform_type=desktop; auid=U5POH2Yoi1IeurcpAxSaAg==; SESSION=485ae37fae7b9b76dfa895caab1409cf; window_width=1280; _glhf=1713950917; che_g=23437f56-cfbd-f999-10f6-bc1a50bce12e
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:21 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: br
server-timing: p;dur=19, dt_total;dur=20.949, wf-uht;dur=0.033
traceparent: 00-edf2f84e9d2c654bbf52ccd67282ea33-47fd18e15be4cc41-01
vary: Accept-Encoding
x-dt: 909
x-time-ng: 0.020
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/fad63d98dbd2f6d48b2f66940a47167f.webp | 185.244.209.62 | 200 OK | 794 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/fad63d98dbd2f6d48b2f66940a47167f.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash513c314a4a9674ff63a0c772c9ccaa60 a8e2b1405569eb3feff8d06f5707c15136e0b95d 608f6256481f8cf1653943de0b6a83226300c04a63e0f60f86df1f2232ec2e89
GET /resized/size16/sfiles/logo_teams/fad63d98dbd2f6d48b2f66940a47167f.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:21 GMT
content-type: image/webp
content-length: 794
cache-control: max-age=94608000
content-disposition: inline; filename="fad63d98dbd2f6d48b2f66940a47167f.webp"
content-security-policy: script-src 'none'
expires: Mon, 18 Jan 2027 06:30:31 GMT
x-request-id: bff92db1a4d6517c8e18d6d7a1e4edf5
strict-transport-security: max-age=15724800; includeSubDomains
x-time-ng: 0.000
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-8d430d4a25a2391e2d0bddf807bcf067-f07c3c3b9071f1aa-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-01-19T06:30:31+00:00, 2024-01-19T09:24:02+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/3878bf2552540f58b96e9bd1ad4c5048.webp | 185.244.209.62 | 200 OK | 804 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/3878bf2552540f58b96e9bd1ad4c5048.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash4c0002155d90ee06f44b166ddf646e46 ce432d91e4a4668a44e0de625811cf569c9d25e1 1842fe246ea21b9d01c79ed78c27a9100547a7291347045a55929cd11e6b7308
GET /resized/size16/sfiles/logo_teams/3878bf2552540f58b96e9bd1ad4c5048.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:21 GMT
content-type: image/webp
content-length: 804
cache-control: max-age=94608000
content-disposition: inline; filename="3878bf2552540f58b96e9bd1ad4c5048.webp"
content-security-policy: script-src 'none'
expires: Tue, 19 Jan 2027 08:03:36 GMT
x-request-id: 0f6362178e74241f95b1fc311cf1d9d8
strict-transport-security: max-age=15724800; includeSubDomains
x-time-ng: 0.026
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-50a2ca6069def62a3a6a4f91db59fbc8-26304bdc596b9757-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-01-20T08:03:36+00:00, 2024-01-20T11:37:01+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sfiles/logo-champ/246a944858d7a07393dd4f6739f94bf9.webp | 185.244.209.62 | 200 OK | 7.1 kB |
URL GET HTTP/2v3.traincdn.com/sfiles/logo-champ/246a944858d7a07393dd4f6739f94bf9.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash14b81bb2a70130c395b98ba4cb1f4a3a 378094090781a2d412f234bff2bb311adf0a22d0 11128b17e044b6dfe4d716c11854e95486c9e942a942064c82968f6a34c777bb
GET /sfiles/logo-champ/246a944858d7a07393dd4f6739f94bf9.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:21 GMT
content-type: image/webp
content-length: 7066
last-modified: Wed, 04 Jan 2023 07:42:08 GMT
etag: "14b81bb2a70130c395b98ba4cb1f4a3a"
cache-control: public, max-age=86400, public
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-d977c8ffebc7c0fb907dae8e7406c2d6-413af7ff48487fd8-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T00:05:10+00:00, 2024-04-23T19:58:52+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/8508.webp | 185.244.209.62 | 200 OK | 794 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/8508.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash0a34e0cc5272cd7643503d1421fd9350 51dfd8d988e1d33c4802f85d50f2d7191c53e588 3053ad80c4649830dc547ad9c671bd68f810757113e2d79a1218b34342e98e68
GET /resized/size16/sfiles/logo_teams/8508.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:21 GMT
content-type: image/webp
content-length: 794
cache-control: max-age=94608000
content-disposition: inline; filename="8508.webp"
content-security-policy: script-src 'none'
expires: Thu, 11 Mar 2027 12:37:08 GMT
x-request-id: 1b2f97d573b6cccfaa957f1075692bc1
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-fd07aead1ffa438b1c6decfd0a42772c-8dd5403d9892887c-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-03-11T12:37:08+00:00, 2024-03-11T18:35:48+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/8502.webp | 185.244.209.62 | | 860 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/8502.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash56b1f12068dee353ffac779adba34732 6cc710db5bb4d891868f9c08e5a6ad6efbc381cb 262e29cec66343abbf6b2eccf8aeae5944517c70b0bedd22c4a67bba2ce91863
GET /resized/size16/sfiles/logo_teams/8502.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:21 GMT
content-type: image/webp
content-length: 860
cache-control: max-age=94608000
content-disposition: inline; filename="8502.webp"
content-security-policy: script-src 'none'
expires: Tue, 02 Feb 2027 20:44:39 GMT
x-request-id: c6bdeef8dda3adaca19bd5ba4d97f65a
strict-transport-security: max-age=15724800; includeSubDomains
x-time-ng: 0.000
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-d312866fbd6200c930b7effc7b43e100-d556d591af2859f1-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-02-03T20:44:39+00:00, 2024-02-08T10:31:15+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/bbfba1cb49d1dcc01acaec8cdc3e0458.webp | 185.244.209.62 | 200 OK | 728 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/bbfba1cb49d1dcc01acaec8cdc3e0458.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash5be729a25aeaa6190d33668e34aeeb70 7621228195255591c98466c06dcca2554f6b0086 8bf6d34ccd36562e7f5a6499ed8aeb51f2c877487c052d2b2d36c95da969378e
GET /resized/size16/sfiles/logo_teams/bbfba1cb49d1dcc01acaec8cdc3e0458.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:21 GMT
content-type: image/webp
content-length: 728
cache-control: max-age=94608000
content-disposition: inline; filename="bbfba1cb49d1dcc01acaec8cdc3e0458.webp"
content-security-policy: script-src 'none'
expires: Tue, 20 Apr 2027 13:23:02 GMT
x-request-id: 02569eff7761c41ede977c91ecad4f74
x-time-ng: 0.058
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-d2caeeaad11035d4102515d438667a0f-3ca8db8fa59fc8c3-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-20T13:23:02+00:00, 2024-04-20T17:08:48+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/70b0419108dadf3db7d6774f70a3247c.webp | 185.244.209.62 | 200 OK | 776 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/70b0419108dadf3db7d6774f70a3247c.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash0d94ade2c7ba3ebf315af3efbaa951c8 019a36e711f90a09c39d7180300bb1b4fff4a34d 09b16befc4507ab5246b56291c8883a15339065d9dc7f0e574d8f305572f1a84
GET /resized/size16/sfiles/logo_teams/70b0419108dadf3db7d6774f70a3247c.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:21 GMT
content-type: image/webp
content-length: 776
cache-control: max-age=94608000
content-disposition: inline; filename="70b0419108dadf3db7d6774f70a3247c.webp"
content-security-policy: script-src 'none'
expires: Tue, 20 Apr 2027 22:23:18 GMT
x-request-id: b6464fd46c8f6e2251c843df6ac65ca9
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-21fd7b498ae9f43bd95bc8a0f5eb7a74-e2525ffe2aff5dad-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-20T22:23:18+00:00, 2024-04-24T01:51:31+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/4630e90dac2677f2cabd296ebda409a3.webp | 185.244.209.62 | 200 OK | 566 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/4630e90dac2677f2cabd296ebda409a3.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash367bdd08e93a58de8b41126909816bd6 9ee470b411e82d115e56ab1fd124d4c100fbd697 d64e82ec4787c3464a121c430253d90259a49784da79328a1d68d9d3374f557b
GET /resized/size16/sfiles/logo_teams/4630e90dac2677f2cabd296ebda409a3.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:21 GMT
content-type: image/webp
content-length: 566
cache-control: max-age=94608000
content-disposition: inline; filename="4630e90dac2677f2cabd296ebda409a3.webp"
content-security-policy: script-src 'none'
expires: Tue, 20 Apr 2027 13:57:52 GMT
x-request-id: 425c72ece42ec76d24dc83c03fd767ae
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-4878af440f29fc09cc4724a062b27609-197cb7d729d4e74c-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-20T13:57:52+00:00, 2024-04-20T17:08:43+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/344a50d43a7afe8291aebe2a0728ecb1.webp | 185.244.209.62 | 200 OK | 630 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/344a50d43a7afe8291aebe2a0728ecb1.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash28f96d156a51963fc21b76e10e707bc1 b1de39d8554e0f3d596ad606d7003ab45e711490 6e931981139d20cb1dcc7fe61692d95f44a2dbadf593a5d2ed1afa7ee09e2502
GET /resized/size16/sfiles/logo_teams/344a50d43a7afe8291aebe2a0728ecb1.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:21 GMT
content-type: image/webp
content-length: 630
cache-control: max-age=94608000
content-disposition: inline; filename="344a50d43a7afe8291aebe2a0728ecb1.webp"
content-security-policy: script-src 'none'
expires: Tue, 20 Apr 2027 13:57:52 GMT
x-request-id: 691040e805fba19fa14c18aebccbe82f
x-time-ng: 0.043
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-74e5c0ef75c24115f15440ece599b175-35ccb27c68ec5583-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-20T13:57:52+00:00, 2024-04-20T17:08:43+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/45631.webp | 185.244.209.62 | 200 OK | 864 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/45631.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash360f6bf6ae3930ef0c19e8d90b9042fd 48ea13288c00fc1784b040acbf7ccbb92384c6e6 43ba55ebc1afc59ced8d99e8c261c7eb1be9ac07a61b338abd7cc06092b9cc3d
GET /resized/size16/sfiles/logo_teams/45631.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:21 GMT
content-type: image/webp
content-length: 864
cache-control: max-age=94608000
content-disposition: inline; filename="45631.webp"
content-security-policy: script-src 'none'
expires: Fri, 23 Apr 2027 10:55:38 GMT
x-request-id: 1bcd107fc71db0aada35d734cd351de8
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-164df041b67c4527aa5fc0a068f59e65-aa06e4c5f8f822d9-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T10:55:38+00:00, 2024-04-24T04:16:11+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/45431.webp | 185.244.209.62 | 200 OK | 826 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/45431.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash0cf565171497fbb546e9a6fe42f32be5 241c712d9f554d9d94ff91cc13ab1b16ab9e2f78 5ca385e4986cc602e4f5f6e8853bb6c8eff34d9cc8e4af5cd9bb593f0dcec5f4
GET /resized/size16/sfiles/logo_teams/45431.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:21 GMT
content-type: image/webp
content-length: 826
cache-control: max-age=94608000
content-disposition: inline; filename="45431.webp"
content-security-policy: script-src 'none'
expires: Fri, 23 Apr 2027 10:55:38 GMT
x-request-id: 0a9bef881c3d6903b78284b16a47dd20
x-time-ng: 0.037
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-40a52ed78128b6a58e9c17fabfd56e72-3ec722d54f7ac974-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T10:55:38+00:00, 2024-04-24T04:16:11+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/6e4f44970f29778a75071f29092e9766.webp | 185.244.209.62 | 200 OK | 580 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/6e4f44970f29778a75071f29092e9766.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashf2a208d0952030f93f4dcab8e7d59c18 94b8df9564794df9f1a7e37b2f87cdd5a853133c 23c6aad0db937571e95225668327568c56c9cb467121ff25f0fd0889c13d6e19
GET /resized/size16/sfiles/logo_teams/6e4f44970f29778a75071f29092e9766.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:21 GMT
content-type: image/webp
content-length: 580
cache-control: max-age=94608000
content-disposition: inline; filename="6e4f44970f29778a75071f29092e9766.webp"
content-security-policy: script-src 'none'
expires: Thu, 22 Apr 2027 09:49:32 GMT
x-request-id: b9d26e7907cafe3c3f3a47a06808f4c8
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-4fcef0eb24761c7ac54ec5ffa95c7322-54a77c1e744ea22b-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-22T09:49:32+00:00, 2024-04-24T03:22:16+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/2264ac91ece5997fe29d15ab52a93d29.webp | 185.244.209.62 | 200 OK | 596 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/2264ac91ece5997fe29d15ab52a93d29.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash41d5fc31f29235f5ebb38bfe1ef36602 ebc41dd39ec647b5ee4283e6b978c3ea90f614be cda13ed14c213f09d94f0f48bc9e51502e9996cab1bdcc96806fc456dcf389d6
GET /resized/size16/sfiles/logo_teams/2264ac91ece5997fe29d15ab52a93d29.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:21 GMT
content-type: image/webp
content-length: 596
cache-control: max-age=94608000
content-disposition: inline; filename="2264ac91ece5997fe29d15ab52a93d29.webp"
content-security-policy: script-src 'none'
expires: Tue, 20 Apr 2027 04:21:34 GMT
x-request-id: ff7644f0567c8645be268b857baf3292
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-56b04ba303a4f538c3ea324d3b4ad844-e6a588b37b1808a6-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-20T04:21:34+00:00, 2024-04-24T03:22:16+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/21941.webp | 185.244.209.62 | 200 OK | 598 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/21941.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash1bac659efbbf78d0d370a503c532d279 3e30cf3a5b52587540ef60ae04ec0c75a0e4bf81 2a50182524499b81052ca86db1368a2f4a8aaa76c6eeecd0f270337874ea7a4b
GET /resized/size16/sfiles/logo_teams/21941.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:21 GMT
content-type: image/webp
content-length: 598
cache-control: max-age=94608000
content-disposition: inline; filename="21941.webp"
content-security-policy: script-src 'none'
expires: Wed, 21 Apr 2027 13:35:02 GMT
x-request-id: add2d9ecf474dfb1b4447a244181911a
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-3f722075811b6f3ade9497f0545bd6f6-7ec21c7b6e796a42-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-21T13:35:02+00:00, 2024-04-22T07:38:41+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/f2d3364f28d132f86bc374a8d22470d9.webp | 185.244.209.62 | 200 OK | 616 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/f2d3364f28d132f86bc374a8d22470d9.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash3c30a2f36a0e99341a365ccafe53b051 48e2a93b00644639e6748782338ded4f7f7141aa 9adeebf7ae29f9d06b49dda12201d2decc91843c4819fe906fc4eae0fd9c2e5e
GET /resized/size16/sfiles/logo_teams/f2d3364f28d132f86bc374a8d22470d9.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:21 GMT
content-type: image/webp
content-length: 616
cache-control: max-age=94608000
content-disposition: inline; filename="f2d3364f28d132f86bc374a8d22470d9.webp"
content-security-policy: script-src 'none'
expires: Fri, 23 Apr 2027 00:09:22 GMT
x-request-id: c4f943b3970e7d3bbfc1b1e462e48e81
x-time-ng: 0.047
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-40fc8241ad8a82081b3cb6d8736424cd-4cc1cb2ece951f80-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T00:09:22+00:00, 2024-04-24T04:09:53+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/d57dad252f607e39642c92c89f7450dc.webp | 185.244.209.62 | 200 OK | 574 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/d57dad252f607e39642c92c89f7450dc.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash3033aab14d01c9a8f3d34c22c785b2dd 404197abc49a0db27b2c441085057ad67a2c047d cc22b406f1026348ecd8fb09b1fbe6877d516d0bed120e2dd2b90ef248d5cea7
GET /resized/size16/sfiles/logo_teams/d57dad252f607e39642c92c89f7450dc.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:21 GMT
content-type: image/webp
content-length: 574
cache-control: max-age=94608000
content-disposition: inline; filename="d57dad252f607e39642c92c89f7450dc.webp"
content-security-policy: script-src 'none'
expires: Fri, 23 Apr 2027 10:09:32 GMT
x-request-id: 12718138ca9af00de43b3c2647946fd5
x-time-ng: 0.035
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-7f90c6d61b9672462459dd8f0b3f6d8b-b5b0d1e09160157f-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T10:09:32+00:00, 2024-04-24T03:53:16+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/ddc4d153502f626be4352c1ab9d2b680.webp | 185.244.209.62 | | 688 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/ddc4d153502f626be4352c1ab9d2b680.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashb0f5232d92dd61c192d5b0f3bb844aa3 2934cd5202ed3a29b92a57a541989a180f2a2996 5d80685c9b48359e316c180955b8a0c8d410a117450abea9fb63029d8f0402b5
GET /resized/size16/sfiles/logo_teams/ddc4d153502f626be4352c1ab9d2b680.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:21 GMT
content-type: image/webp
content-length: 688
cache-control: max-age=94608000
content-disposition: inline; filename="ddc4d153502f626be4352c1ab9d2b680.webp"
content-security-policy: script-src 'none'
expires: Wed, 21 Apr 2027 13:35:02 GMT
x-request-id: 37d6d40323a59ab0eae2cad5a4b598e1
x-time-ng: 0.037
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-3f7d3224bb35f4e6b4056a95fbe86503-927fbe6734245041-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-21T13:35:02+00:00, 2024-04-22T04:27:14+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xbetnp.com/service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=909&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true | 83.147.206.31 | 200 OK | 9.4 kB |
URL GET HTTP/21xbetnp.com/service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=909&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true IP83.147.206.31:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerLet's Encrypt Subject1xbetnp.com FingerprintA5:E2:50:EB:20:4D:9A:C7:80:84:AB:9B:12:20:6F:CE:4C:D0:CC:F7 ValidityMon, 12 Feb 2024 05:16:51 GMT - Sun, 12 May 2024 05:16:50 GMT
Hash10b6dc9895ec061a0a30e69128eb06f2 a601911a0de7e2b6b45b7b7083323d31e7026844 75df4d357471a7350fcafb1e3d11a1c44e26f87fd0336b6706d26b6b1d371f61
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=909&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true HTTP/1.1
Host: 1xbetnp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xbetnp.com/en?tag=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder; platform_type=desktop; auid=U5POH2Yoi1IeurcpAxSaAg==; SESSION=485ae37fae7b9b76dfa895caab1409cf; window_width=1280; _glhf=1713950917; che_g=23437f56-cfbd-f999-10f6-bc1a50bce12e; application_locale=en
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:22 GMT
content-type: application/json; charset=utf-8
content-length: 9431
cache-control: public, max-age=5
content-encoding: br
last-modified: Wed, 24 Apr 2024 04:32:22 GMT
vary: Accept-Encoding
x-time-ng: 0.013
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.021
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/betting.SportsMenuCompact-942b40c1.js | 185.244.209.62 | 200 OK | 2.3 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/betting.SportsMenuCompact-942b40c1.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (7751), with no line terminators Hash232ecfa8f26b49fb3480baefeb590279 833cd5b10a0705d28a970a8bc3a3ab5c66553a84 fca603603d836bc26b0b016e308ef7a897c3109b0a2b25b9c7c87ae0c7e160a1
GET /_nuxt/desktop/default/betting.SportsMenuCompact-942b40c1.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:22 GMT
content-type: application/javascript; charset=utf-8
content-length: 2297
last-modified: Tue, 23 Apr 2024 13:15:15 GMT
etag: "6627b463-8f9"
content-encoding: gzip
expires: Wed, 24 Apr 2024 14:28:37 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-b44f4fdb59c2daca8a24fad877966c88-67fa5821d4b497a1-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T14:28:37+00:00, 2024-04-23T14:40:26+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xbetnp.com/checker/redirect/stat/run/ | 83.147.206.31 | 200 OK | 751 B |
URL GET HTTP/21xbetnp.com/checker/redirect/stat/run/ IP83.147.206.31:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerLet's Encrypt Subject1xbetnp.com FingerprintA5:E2:50:EB:20:4D:9A:C7:80:84:AB:9B:12:20:6F:CE:4C:D0:CC:F7 ValidityMon, 12 Feb 2024 05:16:51 GMT - Sun, 12 May 2024 05:16:50 GMT
Hash741934b89418d344f6b45d01fe7ddae7 2875d1bff3ba4850c36d335664cb596c17eb6fcf 488059f86ea7968767b02087d83b3e500aa5b3686e6b2522d967ff80eb6c6af9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /checker/redirect/stat/run/ HTTP/1.1
Host: 1xbetnp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xbetnp.com/en?tag=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder; platform_type=desktop; auid=U5POH2Yoi1IeurcpAxSaAg==; SESSION=485ae37fae7b9b76dfa895caab1409cf; window_width=1280; _glhf=1713950917; che_g=23437f56-cfbd-f999-10f6-bc1a50bce12e
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:21 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-time-ng: 0.001
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.009
X-Firefox-Spdy: h2
|
|
| 1xbetnp.com/service-api/LiveFeed/GetSportsShortZip?lng=en&gr=909&country=137&virtualSports=true&groupChamps=true | 83.147.206.31 | 200 OK | 2.7 kB |
URL GET HTTP/21xbetnp.com/service-api/LiveFeed/GetSportsShortZip?lng=en&gr=909&country=137&virtualSports=true&groupChamps=true IP83.147.206.31:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerLet's Encrypt Subject1xbetnp.com FingerprintA5:E2:50:EB:20:4D:9A:C7:80:84:AB:9B:12:20:6F:CE:4C:D0:CC:F7 ValidityMon, 12 Feb 2024 05:16:51 GMT - Sun, 12 May 2024 05:16:50 GMT
Hashae650481c8361be816f83f4ad92750f3 ce73c3121e5079a542a4c0d0d54e4cd4309d4b0c 7c84db30ea0e763f1772899351a0d0cb7d2e6f3b35b901c6ac058cd0a0af12b2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/GetSportsShortZip?lng=en&gr=909&country=137&virtualSports=true&groupChamps=true HTTP/1.1
Host: 1xbetnp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xbetnp.com/en?tag=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder; platform_type=desktop; auid=U5POH2Yoi1IeurcpAxSaAg==; SESSION=485ae37fae7b9b76dfa895caab1409cf; window_width=1280; _glhf=1713950917; che_g=23437f56-cfbd-f999-10f6-bc1a50bce12e; application_locale=en
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:22 GMT
content-type: application/json; charset=utf-8
content-length: 2666
cache-control: public, max-age=5
content-encoding: br
last-modified: Wed, 24 Apr 2024 04:32:22 GMT
vary: Accept-Encoding
x-time-ng: 0.010
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.017
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sfiles/games-images/game-previews/190x102/games-no-faceless.webp | 185.244.209.62 | 200 OK | 6.9 kB |
URL GET HTTP/2v3.traincdn.com/sfiles/games-images/game-previews/190x102/games-no-faceless.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 380x204, Scaling: [none]x[none], YUV color, decoders should clamp Hashb7304b532dca88cc708b1c81edf7e051 d9ca9db864badb40bcab6d846ba7110413a339d3 324b9021e7fa1a227b418f5b0707e174d86aa20decea945eab3cea41aac8d2ca
GET /sfiles/games-images/game-previews/190x102/games-no-faceless.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:22 GMT
content-type: application/octet-stream
content-length: 6884
last-modified: Thu, 31 Aug 2023 08:11:01 GMT
etag: "b7304b532dca88cc708b1c81edf7e051"
x-amz-meta-origin-date-iso8601: 2023-08-31T08:04:10.000Z
expires: Tue, 14 Nov 2023 18:21:42 GMT
cache-control: max-age=86400, public
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-c174b44d959b76c91a0a4c014e5cd102-b53a215722d18f5f-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-17T18:59:15+00:00, 2024-04-23T20:16:19+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sfiles/games-images/game-previews/190x102/game-58.webp | 185.244.209.62 | | 8.9 kB |
URL v3.traincdn.com/sfiles/games-images/game-previews/190x102/game-58.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 380x204, Scaling: [none]x[none], YUV color, decoders should clamp Hash7a49dad906575c61dd636edbe1201479 d4bf0fbfadca8c6d3a7ec8f3d34d08fced98a21d 0e0cd085244f6272acfa6794d90e32685fa203973e85c62fa96f02cddf7172c6
GET /sfiles/games-images/game-previews/190x102/game-58.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:22 GMT
content-type: application/octet-stream
content-length: 8880
last-modified: Thu, 31 Aug 2023 08:11:00 GMT
etag: "7a49dad906575c61dd636edbe1201479"
x-amz-meta-origin-date-iso8601: 2023-08-31T08:03:42.000Z
expires: Tue, 14 Nov 2023 18:21:44 GMT
cache-control: max-age=86400, public
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-2d3fd81adc2d8e57c84dad1d81dff57f-f21257233d3d41bc-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-17T19:17:28+00:00, 2024-04-23T20:16:20+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sfiles/games-images/game-previews/190x102/game-371.webp | 185.244.209.62 | 200 OK | 6.2 kB |
URL GET HTTP/2v3.traincdn.com/sfiles/games-images/game-previews/190x102/game-371.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 380x204, Scaling: [none]x[none], YUV color, decoders should clamp Hash64ff358fd3a82358542d29d53649dd85 0a15b0731a9468fe49e3b512febe91d951ef6156 a9ae35f930c0bf59e407a0c082347049ae11738d330df4e32f4b2b1129d1470c
GET /sfiles/games-images/game-previews/190x102/game-371.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:22 GMT
content-type: application/octet-stream
content-length: 6158
last-modified: Thu, 31 Aug 2023 08:10:58 GMT
etag: "64ff358fd3a82358542d29d53649dd85"
x-amz-meta-origin-date-iso8601: 2023-08-31T08:04:04.000Z
expires: Tue, 14 Nov 2023 18:22:10 GMT
cache-control: max-age=86400, public
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-9102b79bc4625c4fa06aa0f54a5f0839-dac98dfb9d364b66-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-17T19:17:28+00:00, 2024-04-23T20:16:20+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sfiles/games-images/game-previews/190x102/game-249.webp | 185.244.209.62 | | 20 kB |
URL v3.traincdn.com/sfiles/games-images/game-previews/190x102/game-249.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 380x204, Scaling: [none]x[none], YUV color, decoders should clamp Hash2c02d34e261b48da9db2682ad433c5e8 e6b9618ac0040910f755a6f24dcb2f5500bb9aca d8db064ea1623849ccee86b27bdb7825aa0dc452293576de352f9269af60ecfe
GET /sfiles/games-images/game-previews/190x102/game-249.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:22 GMT
content-type: application/octet-stream
content-length: 19770
last-modified: Thu, 31 Aug 2023 08:10:56 GMT
etag: "2c02d34e261b48da9db2682ad433c5e8"
x-amz-meta-origin-date-iso8601: 2023-08-31T08:04:00.000Z
expires: Tue, 14 Nov 2023 18:22:10 GMT
cache-control: max-age=86400, public
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-d5fd2ff01993af6f3fe0d7508e8276f3-82eaf0b3f9aa54a7-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-17T19:17:28+00:00, 2024-04-23T20:16:20+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/7c43e6fa10d0665cf556d13ff2a1906d.svg | 185.244.209.62 | 200 OK | 2.7 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/7c43e6fa10d0665cf556d13ff2a1906d.svg IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Hashbb724485e2b0e20d27c59042b80e7bd0 618f6384379ce225a04933362412133d9e9f657c 4c4f366b349dbed10784c3b87e38779ca9ae1a3b27bc2ee0f76e2955c84fac16
GET /genfiles/cms/1-285/desktop/media_asset/7c43e6fa10d0665cf556d13ff2a1906d.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:18 GMT
content-type: image/svg+xml
last-modified: Tue, 02 May 2023 10:06:49 GMT
etag: W/"7cca3986f7a5c4c164144ff11df71073"
content-encoding: gzip
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-d56a94260a9dd42e5be00d54e55efa7b-ffbc1d23672d8e27-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-01-11T08:32:05+00:00, 2024-04-24T03:35:45+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sfiles/games-images/game-previews/190x102/game-69.webp | 185.244.209.62 | 200 OK | 4.3 kB |
URL GET HTTP/2v3.traincdn.com/sfiles/games-images/game-previews/190x102/game-69.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 380x204, Scaling: [none]x[none], YUV color, decoders should clamp Hash8c2b80027d3818f6bc91227418589ee6 c6d3c4595860bd3d685e4ddea5d4610a6f642a9b cec387d33e94b8222d71031dbda50143a7ea2e1470d2c96c9e147aa4c4a43960
GET /sfiles/games-images/game-previews/190x102/game-69.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:22 GMT
content-type: application/octet-stream
content-length: 4256
last-modified: Thu, 31 Aug 2023 08:11:01 GMT
etag: "8c2b80027d3818f6bc91227418589ee6"
x-amz-meta-origin-date-iso8601: 2023-08-31T08:03:42.000Z
expires: Tue, 14 Nov 2023 18:22:10 GMT
cache-control: max-age=86400, public
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
x-cached-since: 2023-12-17T19:23:21+00:00
traceparent: 00-600d92e1c63ea8fd8bdd522082bd55eb-e1df849b4ac35e44-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/3083a20a3f73c30fce38710d7ada9cbb.svg | 185.244.209.62 | 200 OK | 1.0 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/3083a20a3f73c30fce38710d7ada9cbb.svg IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Hashe919ca3a5a1f1678d4d03e019c8c72f2 1d69ac69209e0c53ca80c00250ce10aaf2bd90ab bee6f54a18286df1659435d1b5c2e7af6d31087b76e7c240d93442b9c733d779
GET /genfiles/cms/1-285/desktop/media_asset/3083a20a3f73c30fce38710d7ada9cbb.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:22 GMT
content-type: image/svg+xml
last-modified: Wed, 19 Apr 2023 11:51:30 GMT
etag: W/"3ae81b002dca46d3b732ce3e03ae35c6"
content-encoding: gzip
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-16e2eb88b3181d37c901d3ee63d3f244-341e87820a1e123b-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T08:36:11+00:00, 2024-04-24T03:51:27+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| widget.suphelper.top/sounds/new-message.mp3 | 104.18.39.72 | | 30 kB |
URL widget.suphelper.top/sounds/new-message.mp3 IP104.18.39.72:0
File typeMPEG ADTS, layer III, v1, 192 kbps, 48 kHz, JntStereo Hashef9af24dc7dbd24ffd99c832e1300351 f78744a5013038446c468de14f205f2d52373fd6 5049d7fe87a7327a291441181d1a328a15f46a21081b970502c540406011c9b9
GET /sounds/new-message.mp3 HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:32:24 GMT
content-type: audio/mpeg
content-length: 29952
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=14400
last-modified: Tue, 16 Apr 2024 09:44:52 GMT
etag: W/"7500-18ee64b83a2"
cf-cache-status: HIT
age: 960
expires: Wed, 24 Apr 2024 08:32:24 GMT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 87935e8b7f090b65-OSL
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size14/sfiles/logo_teams/8508.webp | 185.244.209.62 | | 786 B |
URL v3.traincdn.com/resized/size14/sfiles/logo_teams/8508.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash598898cf7cc9044a737887d2e0eee308 066e8676dc1b6ffd5453cbf7b48da0a1d2e0761e b75bbce146a83fc2eb4cb45b654181481be86fc4b4e3ffed137ae0925604d7d0
GET /resized/size14/sfiles/logo_teams/8508.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:25 GMT
content-type: image/webp
content-length: 786
cache-control: max-age=94608000
content-disposition: inline; filename="8508.webp"
content-security-policy: script-src 'none'
expires: Sun, 07 Mar 2027 16:32:38 GMT
x-request-id: 76c78acf3f08797ceaaa3863c5ba12ce
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-6a8ce38dbccd04ae5352fac0479fa47b-c083ce73cbd3ca31-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-03-07T16:32:38+00:00, 2024-04-01T20:55:39+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| widget.suphelper.top/_next/static/chunks/0c294a17-329dda05de2a378d.js | 104.18.39.72 | 200 OK | 2.5 kB |
URL GET HTTP/2widget.suphelper.top/_next/static/chunks/0c294a17-329dda05de2a378d.js IP104.18.39.72:443
Requested byhttps://widget.suphelper.top/ CertificateIssuerGoogle Trust Services LLC Subjectsuphelper.top Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36 ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT
File typegzip compressed data, from Unix Hash9dbfec0e34acc380542d33052cfcc824 04cddfbf25e746610d11f30b447ae33e5a36ee30 d142cae9192608ef0da94551475ded6a07f52e2f48dfeaf4b835d1ef32b94cc6
GET /_next/static/chunks/0c294a17-329dda05de2a378d.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:32:22 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Wed, 17 Jan 2024 06:19:55 GMT
etag: W/"2925-18d161388b8"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 8460545
expires: Thu, 24 Apr 2025 04:32:22 GMT
server: cloudflare
cf-ray: 87935e7f8c360b65-OSL
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/banner/d94c9b1508a286d270c77946ff0972fa.webp | 185.244.209.62 | 200 OK | 15 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1/desktop/banner/d94c9b1508a286d270c77946ff0972fa.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1380x248, Scaling: [none]x[none], YUV color, decoders should clamp Hash2ccdf625b855ce93bc9b56a671accd6e bc8f3a791f6251b714bafad614d15c477ba428e4 c5012a832581da604a5c57e8f822008f749fe484c6d24127ca91232af71169cd
GET /genfiles/cms/1/desktop/banner/d94c9b1508a286d270c77946ff0972fa.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:25 GMT
content-type: image/webp
content-length: 14610
last-modified: Thu, 08 Jun 2023 09:20:03 GMT
etag: "2ccdf625b855ce93bc9b56a671accd6e"
x-time-ng: 0.002
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-67868fbab60fa87d67166713c85e09ef-b206ced7dd0927ba-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-02-27T14:22:50+00:00, 2024-04-24T04:21:20+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/banner/bf26d696b76130d9781b16f89f1de4cc.webp | 185.244.209.62 | 200 OK | 20 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1/desktop/banner/bf26d696b76130d9781b16f89f1de4cc.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1380x248, Scaling: [none]x[none], YUV color, decoders should clamp Hash95767496ab1dce71f394c97620666756 127389c7327fec508549222dd477edbd524e33dd fca493b566204dfff5ef8b8cd6c74c40659c812ac6665696dd5c66c664a31c7e
GET /genfiles/cms/1/desktop/banner/bf26d696b76130d9781b16f89f1de4cc.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:25 GMT
content-type: image/webp
content-length: 20522
last-modified: Thu, 08 Jun 2023 18:05:27 GMT
etag: "95767496ab1dce71f394c97620666756"
x-time-ng: 0.006
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-d35b4c332b3931fbdabd5e42839a58c6-a9695d3e97c13746-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-02-27T14:22:50+00:00, 2024-04-24T04:21:20+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| widget.suphelper.top/_next/static/chunks/framework-49f1e091cbf6b261.js | 104.18.39.72 | 200 OK | 73 kB |
URL GET HTTP/2widget.suphelper.top/_next/static/chunks/framework-49f1e091cbf6b261.js IP104.18.39.72:443
Requested byhttps://widget.suphelper.top/ CertificateIssuerGoogle Trust Services LLC Subjectsuphelper.top Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36 ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT
File typegzip compressed data, from Unix Hash333e19a50452791110a3d3ff612d1733 b215f8b5bb8ba16cbda42dbc80f2616b4a9f875e 6ab8625173b51726d9fe62ee3321d2ad62a2adf687dfd4231aaaf0aac2e3c4a0
GET /_next/static/chunks/framework-49f1e091cbf6b261.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:32:22 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Thu, 02 Nov 2023 12:45:49 GMT
etag: W/"22695-18b9011853a"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 13307731
expires: Thu, 24 Apr 2025 04:32:22 GMT
server: cloudflare
cf-ray: 87935e7f7c2b0b65-OSL
X-Firefox-Spdy: h2
|
|
| 1xbetnp.com/web-api/registration | 83.147.206.31 | | 28 kB |
URL 1xbetnp.com/web-api/registration IP83.147.206.31:0 ASN#202492 Silverhill Group Holding Ltd
CertificateIssuerLet's Encrypt Subject1xbetnp.com FingerprintA5:E2:50:EB:20:4D:9A:C7:80:84:AB:9B:12:20:6F:CE:4C:D0:CC:F7 ValidityMon, 12 Feb 2024 05:16:51 GMT - Sun, 12 May 2024 05:16:50 GMT
Hash0e7ee737f7df5203ec0256073ce166a6 65bb683ae527ffb05ca042e8f1216385d1ddf0f2 2fe6fcb700fbc5c7c47e22387caf18cf63cb2b74a9d6b6a09dc0560da8136e23
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /web-api/registration HTTP/1.1
Host: 1xbetnp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xbetnp.com/en?tag=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
Content-Length: 17
Origin: https://1xbetnp.com
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder; platform_type=desktop; auid=U5POH2Yoi1IeurcpAxSaAg==; SESSION=485ae37fae7b9b76dfa895caab1409cf; window_width=1280; _glhf=1713950917; che_g=23437f56-cfbd-f999-10f6-bc1a50bce12e; application_locale=en; sh.session.id=22f7505e-674c-44dc-9e3f-56fc7d22179b; ggru=181
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:24 GMT
content-type: application/vnd.api+json
vary: Accept-Encoding
cache-control: no-cache, private
server-timing: p;dur=31, dt_total;dur=32.643, wf-uht;dur=0.045
traceparent: 00-c506e96974cf981253c839ad548fc040-b6c82ea4ad0e73f5-01
x-dt: 909
x-time-ng: 0.033
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-icons/1.0.328/285/coloredSvg.svg | 185.244.209.62 | 200 OK | 49 kB |
URL GET HTTP/2v3.traincdn.com/sys-icons/1.0.328/285/coloredSvg.svg IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Hashe135882f93a30ed5fcbfb4bc3a02c3db ff36983cb35b4800fae8a56e40c465c77dc33b87 a82671c6d69cf6b45f952074c96dc68431eee8d7dd85cc2ee4fa9b04eaec1a7f
GET /sys-icons/1.0.328/285/coloredSvg.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xbetnp.com
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:22 GMT
content-type: image/svg+xml
last-modified: Mon, 15 Apr 2024 07:13:32 GMT
etag: W/"fd241a06afa4bae60c4bbab7fa1a9a5b"
x-amz-meta-mtime: 1713165210.217888091
content-encoding: gzip
expires: Tue, 23 Apr 2024 10:38:11 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-f175a21a9d0b7d1910a739d5951e4f4e-fecb846265f16e38-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-22T10:38:11+00:00, 2024-04-23T10:56:31+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/shared-assets/__shared_vue_deps_OVKZGHR6.js | 185.244.209.62 | 200 OK | 52 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/shared-assets/__shared_vue_deps_OVKZGHR6.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Hash00ced45bac27cc1f8b8cf2996f80458b 3d1abd46c691c46a242b72b5d84cb32249e0bc00 5c79fe7b376fcb56a162ccdefc5eddafb6b8e70627a863b33d5c36a4561450d4
GET /sys-static/shared-assets/__shared_vue_deps_OVKZGHR6.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xbetnp.com
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:25 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 23 Apr 2024 10:31:52 GMT
etag: W/"39ee2eb3f7c493e991990cc0353dba17"
x-amz-meta-mtime: 1713868214.097985498
content-encoding: gzip
expires: Wed, 24 Apr 2024 12:41:53 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-3d16b3e15797a00c1e8146b7876f0eaf-fa25869c60d7a716-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T12:41:53+00:00, 2024-04-23T12:43:25+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/43ff3a0b18a2578335c04bb1e9691889.webp | 185.244.209.62 | | 792 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/43ff3a0b18a2578335c04bb1e9691889.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash2d81f05e523bde7a23e16033985570f8 e219a842c0f6bc7ededede3d51ed3369154eb750 905002b7052b4545025c52fb35c49da77b40278f7b62f1a3ac1f25f8b983ebcf
GET /resized/size16/sfiles/logo_teams/43ff3a0b18a2578335c04bb1e9691889.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:25 GMT
content-type: image/webp
content-length: 792
cache-control: max-age=94608000
content-disposition: inline; filename="43ff3a0b18a2578335c04bb1e9691889.webp"
content-security-policy: script-src 'none'
expires: Thu, 22 Apr 2027 12:17:39 GMT
x-request-id: fa39dd58f0ec0446208520f590b0f0a5
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-784e40ffa9cdda2cdb6b28186a6d7a6f-20ebf2e31800c6eb-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-22T12:17:39+00:00, 2024-04-24T03:51:43+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/19385.webp | 185.244.209.62 | 200 OK | 620 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/19385.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashd9709da05764c84e6e2a20b678129a27 15390aeac3a89d5ee4b9d54b33fed322d81e8fd8 b0c1fbeef3f0836b952766ff25ff99875621c2acb25244691b3b421847a17d01
GET /resized/size16/sfiles/logo_teams/19385.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:25 GMT
content-type: image/webp
content-length: 620
cache-control: max-age=94608000
content-disposition: inline; filename="19385.webp"
content-security-policy: script-src 'none'
expires: Tue, 20 Apr 2027 15:51:37 GMT
x-request-id: 8b2a474ae480bd988e3fb4ec581b0e9e
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-1ceef03165fcefe26d23ac496f1a8ede-e7b26be1f331c7b6-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-20T15:51:37+00:00, 2024-04-24T03:51:43+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/shared-assets/__shared_chunk_Y7BFQXXC.js | 185.244.209.62 | 200 OK | 1.2 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/shared-assets/__shared_chunk_Y7BFQXXC.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Hasheccad885ff5a929ee09985deba22fa93 ee357d012f843ecc834dad9dac3b6a3f7fb319e9 c73e4e3a257fd45a70f5898bff8d0528f4a83314dc129b6e732d2e65b31be480
GET /sys-static/shared-assets/__shared_chunk_Y7BFQXXC.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xbetnp.com
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:25 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 23 Apr 2024 12:53:18 GMT
etag: W/"8fecd56fc5520134f3c39b17431fe0c2"
x-amz-meta-mtime: 1713876636.329746084
content-encoding: gzip
expires: Wed, 24 Apr 2024 15:17:51 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-a40af3eaa5826a897ff773e060cfd4f7-fdc31562b2250b6a-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T15:17:51+00:00, 2024-04-23T15:51:24+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/d317929c667abb8042040690aa5e5e1e.webp | 185.244.209.62 | | 604 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/d317929c667abb8042040690aa5e5e1e.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hasha01d4885193f1250f60f7130ad9db9c8 b516f4e956c17b29f04e204002d1e181e3a2ed5e 4173434a5eca96dda9d613d3f2c83c25649e3f7ffa3d3f2ee0cd9cb71b6a575c
GET /resized/size16/sfiles/logo_teams/d317929c667abb8042040690aa5e5e1e.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:25 GMT
content-type: image/webp
content-length: 604
cache-control: max-age=94608000
content-disposition: inline; filename="d317929c667abb8042040690aa5e5e1e.webp"
content-security-policy: script-src 'none'
expires: Fri, 23 Apr 2027 15:52:35 GMT
x-request-id: 3f152453dc687ff89ed631fb15d9de1f
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-b33a99acf9fe7e896d256a7c41d82178-f5cb23507d875aba-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T15:52:35+00:00, 2024-04-24T03:20:32+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/545659.webp | 185.244.209.62 | 200 OK | 636 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/545659.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash66f517063462394b9c4004bc4c9ec532 3f109a52664a3fbb1fda2663df42cd7c36a57f42 181347307b2c61d4779b2c26fd14a489d2decef029404e4c3b74d486276113a3
GET /resized/size16/sfiles/logo_teams/545659.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:25 GMT
content-type: image/webp
content-length: 636
cache-control: max-age=94608000
content-disposition: inline; filename="545659.webp"
content-security-policy: script-src 'none'
expires: Thu, 22 Apr 2027 11:45:24 GMT
x-request-id: f01665b294aa9a6699770743c1728322
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-ce6012c1f3efb8952d0d27b0a1d066e2-b76d7e8a736cb618-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-22T11:45:24+00:00, 2024-04-24T03:34:58+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/445509.webp | 185.244.209.62 | 200 OK | 628 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/445509.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashff2536989451a260bfb9175912966f17 ca8b362df820c24ced0580b18012ff75e392e920 7c50f7daff5b86a636566a042a6eead71ae374f71d7d179869364a81d0bb3c56
GET /resized/size16/sfiles/logo_teams/445509.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:25 GMT
content-type: image/webp
content-length: 628
cache-control: max-age=94608000
content-disposition: inline; filename="445509.webp"
content-security-policy: script-src 'none'
expires: Tue, 20 Apr 2027 15:09:52 GMT
x-request-id: 8686cd0930896f85d4877629445aeaa7
x-time-ng: 0.058
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-72e741e09b961a961b96a1d8fa6f7c92-dd9e7d5eeabe0770-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-20T15:09:52+00:00, 2024-04-20T17:09:06+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/165227.webp | 185.244.209.62 | 200 OK | 606 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/165227.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash72f0d081f05cb0d24d91870f6670baaa 07d1a53a71d7badb16bd3ff44623dd8fca90a32b b545fbe0d6ac9f0f5bbbc4acf3b512350179fd698cb270cd150dd32130fd568e
GET /resized/size16/sfiles/logo_teams/165227.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:25 GMT
content-type: image/webp
content-length: 606
cache-control: max-age=94608000
content-disposition: inline; filename="165227.webp"
content-security-policy: script-src 'none'
expires: Tue, 20 Apr 2027 15:28:37 GMT
x-request-id: a83e2392c560040f9c62e4c43818452d
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-daf3b9a660e25e0f1bef55de25e07abb-c3c2068d634391f3-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-20T15:28:37+00:00, 2024-04-20T15:57:56+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/447893.webp | 185.244.209.62 | | 624 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/447893.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash94cae8672624f744a9e07582ebf204f8 2db44644b91528356984f50f8f7364bcaa751c68 5e3b6ca36c91e412e20b83d68ba3a301d5ad4084e2e1b45c6a931cf1ba35df2a
GET /resized/size16/sfiles/logo_teams/447893.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:26 GMT
content-type: image/webp
content-length: 624
cache-control: max-age=94608000
content-disposition: inline; filename="447893.webp"
content-security-policy: script-src 'none'
expires: Wed, 21 Apr 2027 09:39:32 GMT
x-request-id: ae06230d22b738155106a2b06c32b918
x-time-ng: 0.074
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-826e1f7a4916baf44da3e59fdb0eb1eb-e2c4c544bc4b2a36-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-21T09:39:32+00:00, 2024-04-23T14:46:37+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/8d5429e383bf874d459d041cd01565dc.webp | 185.244.209.62 | 200 OK | 792 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/8d5429e383bf874d459d041cd01565dc.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash49c96beddf057f584568082be4dda242 445233d31086596caecb8dff0944fb6ac46999f8 3966998d74384f1f7ebaec06db412b793970bc21c1c047fc07699d20c1c3ef37
GET /resized/size16/sfiles/logo_teams/8d5429e383bf874d459d041cd01565dc.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:26 GMT
content-type: image/webp
content-length: 792
cache-control: max-age=94608000
content-disposition: inline; filename="8d5429e383bf874d459d041cd01565dc.webp"
content-security-policy: script-src 'none'
expires: Fri, 23 Apr 2027 12:10:00 GMT
x-request-id: 52c586040a31e650cec89e7166cb8878
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-ac2bf692b611d89ae18d071f0bb7996e-def0dca1257b1ef2-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T12:10:00+00:00, 2024-04-24T02:25:51+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/02c6f99326dba1d210cd02281f1a8d77.webp | 185.244.209.62 | 200 OK | 670 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/02c6f99326dba1d210cd02281f1a8d77.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashee07e97a158c775c28fe4ed9a313e40f 026b2750934fe8dcfcf5c81f0f6cd2924ce59af3 e84b753fac9544d70ae435c13d08b81763caff1c6391d4ba003ca06c8ea7a472
GET /resized/size16/sfiles/logo_teams/02c6f99326dba1d210cd02281f1a8d77.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:26 GMT
content-type: image/webp
content-length: 670
cache-control: max-age=94608000
content-disposition: inline; filename="02c6f99326dba1d210cd02281f1a8d77.webp"
content-security-policy: script-src 'none'
expires: Fri, 23 Apr 2027 12:10:00 GMT
x-request-id: 0099a43830a6754f4e6c3ae297800601
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-d78f20a87b89d85b465e5d0eb1ec0bba-c33d12a16782e4f5-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T12:10:00+00:00, 2024-04-24T02:25:51+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sfiles/logo-champ/4a8cf9e9de9619c1b863e081300cb7b2.webp | 185.244.209.62 | 200 OK | 2.0 kB |
URL GET HTTP/2v3.traincdn.com/sfiles/logo-champ/4a8cf9e9de9619c1b863e081300cb7b2.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashfd563848b186443992e774b65fa73462 1d76be844ea29de403be9d2f97f600762cc8d035 c208fa561c1e6d933b2c447f61c1c4508d19e65f557bf86bfe2ccc406499af17
GET /sfiles/logo-champ/4a8cf9e9de9619c1b863e081300cb7b2.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:26 GMT
content-type: image/webp
content-length: 2016
last-modified: Sun, 14 Apr 2024 20:59:30 GMT
etag: "fd563848b186443992e774b65fa73462"
cache-control: public, max-age=86400, public
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-4c2408c1464aa079e1b5000dc9fec52c-27c1c176d871b255-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-22T06:19:22+00:00, 2024-04-23T19:57:54+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/43033.webp | 185.244.209.62 | | 780 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/43033.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashdbc4313adbcce73020b22c1149cbd5a1 019e088e6461f2586a43f4ba711ae510ec6a1766 7ab1e498a3ee1be43b17638242a1e51250ed256e4644202aa7276e0bb8203631
GET /resized/size16/sfiles/logo_teams/43033.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:26 GMT
content-type: image/webp
content-length: 780
cache-control: max-age=94608000
content-disposition: inline; filename="43033.webp"
content-security-policy: script-src 'none'
expires: Thu, 22 Apr 2027 20:05:19 GMT
x-request-id: bdcc1dce0b6c269664cecebc4121a96f
x-time-ng: 0.041
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-a4ecfcd3a7c6fe5e6f18543f92901035-3aeacb7ad221c009-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-22T20:05:19+00:00, 2024-04-24T02:37:40+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/259033.webp | 185.244.209.62 | 200 OK | 802 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/259033.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashc6cf9d6c0bd9afd091b58b21596390d9 7237304dcb999e3da3ae16acd0ee0bf48671690c 856b5137abaf045c420ee5df491cc10eae079faa6d4d0fe8fad7cf5c9045fc25
GET /resized/size16/sfiles/logo_teams/259033.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:26 GMT
content-type: image/webp
content-length: 802
cache-control: max-age=94608000
content-disposition: inline; filename="259033.webp"
content-security-policy: script-src 'none'
expires: Mon, 19 Apr 2027 13:31:38 GMT
x-request-id: e149e0df2eaa2de82ab2c47345ccf70f
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-61472bc89b3c3a41cd27ef7eb59cffe3-ebb0cb588ea08d32-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-19T13:31:38+00:00, 2024-04-24T00:09:31+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/5659fed6cb550eeaefcb308ccbc2a8be.webp | 185.244.209.62 | | 798 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/5659fed6cb550eeaefcb308ccbc2a8be.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash061bd9b73f2511fb653c86bcc81ca616 c696c129e2597a7a899df43f729a178d130512e3 b0695f7c19584ba0ead9f3ba11e452c505daaa2fdb4431250de18fe6e86fdd9f
GET /resized/size16/sfiles/logo_teams/5659fed6cb550eeaefcb308ccbc2a8be.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:26 GMT
content-type: image/webp
content-length: 798
cache-control: max-age=94608000
content-disposition: inline; filename="5659fed6cb550eeaefcb308ccbc2a8be.webp"
content-security-policy: script-src 'none'
expires: Wed, 21 Apr 2027 10:38:06 GMT
x-request-id: 9ef8be51249eb4232c6bf5d8b50eb8b0
x-time-ng: 0.055
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-fa9ae93f80f4c5d65a1c37ebfa72a1ce-89127c96b2e1c037-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-21T10:38:06+00:00, 2024-04-22T04:39:42+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/f5fc4930530797a82db38c2cc8fa8557.webp | 185.244.209.62 | | 656 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/f5fc4930530797a82db38c2cc8fa8557.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashb86fd4a0095c5474eb197614869941dc c0bac0876d91c86f4044285fe80b3a17dc26ff5b 1dccaa89d539bb247bf3107d6bf6cf3ef3631e5fa73cfb5668ab8da7b8bacb3e
GET /resized/size16/sfiles/logo_teams/f5fc4930530797a82db38c2cc8fa8557.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:26 GMT
content-type: image/webp
content-length: 656
cache-control: max-age=94608000
content-disposition: inline; filename="f5fc4930530797a82db38c2cc8fa8557.webp"
content-security-policy: script-src 'none'
expires: Thu, 22 Apr 2027 12:06:42 GMT
x-request-id: fd92470b20b8f65037bd9b294f78a411
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-e68093e9872d74d37df2fc0b2105ea8d-97eee082765610f6-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-22T12:06:42+00:00, 2024-04-22T19:44:43+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/416779.webp | 185.244.209.62 | | 586 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/416779.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash88ac65a45cc48804d98f66429fafad80 e2956044382fa8ecc33087af6d74460f0d8540d1 5ccee6d10c414b6ed298ae55b251b3c735f8dbbeb250aefbecb5676566572bcc
GET /resized/size16/sfiles/logo_teams/416779.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:26 GMT
content-type: image/webp
content-length: 586
cache-control: max-age=94608000
content-disposition: inline; filename="416779.webp"
content-security-policy: script-src 'none'
expires: Wed, 21 Apr 2027 10:38:05 GMT
x-request-id: d02554f3c823aa6891547358f28e625d
x-time-ng: 0.042
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-d37740e36943a25f47e2314826ccdf73-42e6f3c5a657bf00-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-21T10:38:05+00:00, 2024-04-22T02:13:36+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/a002f6b769ad5b60b5ae3e94a9615d09.webp | 185.244.209.62 | 200 OK | 658 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/a002f6b769ad5b60b5ae3e94a9615d09.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashcd6ff633771481701ffc6bb1a8fcb7fc cd1001daf5cf8ead5769d1ce2db071b34e4b1410 7e2ec4ee6c259d1513541589020942bc09548aa8abd4d578e38539cc08eee786
GET /resized/size16/sfiles/logo_teams/a002f6b769ad5b60b5ae3e94a9615d09.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:26 GMT
content-type: image/webp
content-length: 658
cache-control: max-age=94608000
content-disposition: inline; filename="a002f6b769ad5b60b5ae3e94a9615d09.webp"
content-security-policy: script-src 'none'
expires: Thu, 22 Apr 2027 11:53:07 GMT
x-request-id: 12b91ee4e8439e989201e155bf60b528
x-time-ng: 0.099
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-639c1825e9166c8a5ec5e491f8196bfe-c2fdc0f4bec132be-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-22T11:53:07+00:00, 2024-04-23T06:08:05+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/181981.webp | 185.244.209.62 | 200 OK | 776 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/181981.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash890439e59a5ed75bdb0c2c73936e4d93 0fdfb398b3609ec866c8b5abfedaa4b9174ecd00 9aaee2304474fb6851f2de22e73deca4be9451ad040112b58e6a10221ecaebaa
GET /resized/size16/sfiles/logo_teams/181981.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:26 GMT
content-type: image/webp
content-length: 776
cache-control: max-age=94608000
content-disposition: inline; filename="181981.webp"
content-security-policy: script-src 'none'
expires: Fri, 23 Apr 2027 12:37:45 GMT
x-request-id: ba32624f35649060b450895384e22fd1
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-5e7cb5e0487f1d85a2ad1647bbc97578-9dfa291bb9142c15-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T12:37:45+00:00, 2024-04-23T19:49:47+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/shared-assets/__shared_vue_final_modal_XPPMTKII.js | 185.244.209.62 | 200 OK | 10 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/shared-assets/__shared_vue_final_modal_XPPMTKII.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Hashf2ca1a159beedeb5740d4e16858dec27 526ded81f3cd18b8bafd033e1769352f087b61ff 54f5157254b9f42ebdbc6efe27bc1426005da0c569a8379c46ba8d58bbf98886
GET /sys-static/shared-assets/__shared_vue_final_modal_XPPMTKII.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xbetnp.com
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:25 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 23 Apr 2024 10:31:52 GMT
etag: W/"701ad5a22b8ea7213a53e334d0898349"
x-amz-meta-mtime: 1713868214.097985498
content-encoding: gzip
expires: Wed, 24 Apr 2024 12:41:53 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-2db8042c34c84f2ea625082498d87c1a-6e380e7801ab0bd0-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T12:41:53+00:00, 2024-04-23T12:43:26+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/4cdf84e1a7e36b3874e996d244fd7d85.webp | 185.244.209.62 | 200 OK | 606 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/4cdf84e1a7e36b3874e996d244fd7d85.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashc4ec2c73b89db4a72006e0c4d6c74fa7 95fbe44a2c621a3ccfdd291835272a3e10ebcd91 59b09caab97512670e2c55f3392b176744e43290519a821c31e68cd490f0748f
GET /resized/size16/sfiles/logo_teams/4cdf84e1a7e36b3874e996d244fd7d85.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:26 GMT
content-type: image/webp
content-length: 606
cache-control: max-age=94608000
content-disposition: inline; filename="4cdf84e1a7e36b3874e996d244fd7d85.webp"
content-security-policy: script-src 'none'
expires: Fri, 23 Apr 2027 12:37:45 GMT
x-request-id: af794b2c6579f07d1ac6d8813e93ddb9
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-af8d294d96965480fcd2b4de23124920-b8afffcf86ef6c56-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T12:37:45+00:00, 2024-04-23T19:49:47+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/9309289a80da1b5844a641a69626930d.webp | 185.244.209.62 | | 666 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/9309289a80da1b5844a641a69626930d.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashf14c80f7d102ab11a2550b5db01e328b 01cc21446361dd7da5e91b3d2787211d085d55b6 81b220e1a4313bdd7850f948aebb0dae7d1e51322844f87c2ae9ba7029038afc
GET /resized/size16/sfiles/logo_teams/9309289a80da1b5844a641a69626930d.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:26 GMT
content-type: image/webp
content-length: 666
cache-control: max-age=94608000
content-disposition: inline; filename="9309289a80da1b5844a641a69626930d.webp"
content-security-policy: script-src 'none'
expires: Fri, 23 Apr 2027 12:37:45 GMT
x-request-id: fe754befbe16b5786932ca7d322b005b
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-c514f0c1bdb3b360656f2b9dbcd1e6f7-0f532ea986df3535-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T12:37:45+00:00, 2024-04-23T19:49:47+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/e5eb737e.css | 185.244.209.62 | 200 OK | 1.1 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/e5eb737e.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (5171), with no line terminators Hash5d231bea9b7df6bc1e9e74e3c0a231e1 2ef607f0c766fff1b4b1e90a2d98e7094c81721e c43fd428fe6e9d25ddf385a1cf03891194126ebf9e83d086af655272e815445b
GET /_nuxt/desktop/default/css/e5eb737e.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:26 GMT
content-type: text/css
content-length: 1050
last-modified: Mon, 22 Apr 2024 10:55:54 GMT
etag: "6626423a-41a"
content-encoding: gzip
expires: Wed, 24 Apr 2024 08:08:17 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-fabb26e92dbc19bc7ed059a5c4f6a09b-07d69e85fbfca6be-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T08:08:17+00:00, 2024-04-23T10:15:39+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/shared-assets/__shared_sweetalert2_X3CQ7PJQ.js | 185.244.209.62 | 200 OK | 37 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/shared-assets/__shared_sweetalert2_X3CQ7PJQ.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Hash9a1f1a58141f942ca24e85802f63e027 ee7dc7fe3450a1434c8773fd24163727081688a9 ae46889630059a1bbf48089849c2672d8f72c827da762fa83b415eec326d19e5
GET /sys-static/shared-assets/__shared_sweetalert2_X3CQ7PJQ.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xbetnp.com
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:25 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 23 Apr 2024 12:53:18 GMT
etag: W/"138de5d55ee831195dd90bbf5c557926"
x-amz-meta-mtime: 1713876636.333746104
content-encoding: gzip
expires: Wed, 24 Apr 2024 15:18:00 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-1ae752a5d8cfa4a04e401b98f0431578-b75602a34ffb4d31-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T15:18:00+00:00, 2024-04-23T15:51:24+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| widget.suphelper.top/_next/static/chunks/81.9c6562bba5669b47.js | 104.18.39.72 | 200 OK | 10 kB |
URL GET HTTP/2widget.suphelper.top/_next/static/chunks/81.9c6562bba5669b47.js IP104.18.39.72:443
Requested byhttps://widget.suphelper.top/ CertificateIssuerGoogle Trust Services LLC Subjectsuphelper.top Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36 ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT
File typegzip compressed data, from Unix Hash8f2cb88b6086f668c6188e7b49a4b10b d31d2dc1f365db4f10e0cdf14147ee487773785a e2de4ebd6730416ebbc21afdb438be7e8e01f7d23793e601c6172e6276542e9f
GET /_next/static/chunks/81.9c6562bba5669b47.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:32:24 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://file-hosting-api-stage.kube.prod.cons.lan https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Thu, 09 Nov 2023 06:03:45 GMT
etag: W/"8f42-18bb2adf0eb"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 13305886
expires: Thu, 24 Apr 2025 04:32:24 GMT
server: cloudflare
cf-ray: 87935e8aaede0b65-OSL
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/d63b25015d05.js | 185.244.209.62 | 200 OK | 504 B |
URL GET HTTP/2v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/d63b25015d05.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJava source, ASCII text, with very long lines (503) Hashcdd39c58f3e34ab3b3329f45f9e6199e ec9449f5d9bcf93d4353bec1ba69d01e9d36bf7a ace508d846e5384ef8bab277ab6b1ebfa8cdb6d273c9c06a507a84531fe1a7eb
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/d63b25015d05.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xbetnp.com
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:27 GMT
content-type: text/javascript; charset=utf-8
content-length: 504
last-modified: Tue, 23 Apr 2024 12:34:23 GMT
etag: "cdd39c58f3e34ab3b3329f45f9e6199e"
x-amz-meta-mtime: 1713875281.741615558
expires: Wed, 24 Apr 2024 12:55:16 GMT
cache-control: max-age=86400
x-time-ng: 0.001
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-0b41bf21019e4d490acdd6b40ae4e452-efd2eccd488aa9fb-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T12:55:16+00:00, 2024-04-23T12:57:40+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/2e7e82ef0fd8.css | 185.244.209.62 | 200 OK | 12 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/2e7e82ef0fd8.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Hashaf71bee1b032b5fab05e4e8aca466f15 56b9bc3ff3f537fbacf445ba05cdaf9f1815dbdd 4c24848887fdc4300f4f9fad04095b91bee221d8aae77cf515d65446381c0433
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/2e7e82ef0fd8.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:27 GMT
content-type: text/css; charset=utf-8
last-modified: Tue, 23 Apr 2024 12:34:22 GMT
etag: W/"86bbeccf1800ba74e6c228c6ac503cef"
x-amz-meta-mtime: 1713875281.697615214
content-encoding: gzip
expires: Wed, 24 Apr 2024 12:55:15 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-40772da1c6d1aabaaeedb18b751ac107-6f79479152cb2051-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T12:55:15+00:00, 2024-04-23T12:57:40+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/shared-assets/__shared_chunk_M4D4AAJL.js | 185.244.209.62 | 200 OK | 45 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/shared-assets/__shared_chunk_M4D4AAJL.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Hash84466e803829957ffed4db841ebcd472 a3da84969cc566236e38bba2b54b64962e820c44 8f07a62f232b431e3a6e038cbbd3664056fa1a6c4154176702be7395d341d485
GET /sys-static/shared-assets/__shared_chunk_M4D4AAJL.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xbetnp.com
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:26 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 23 Apr 2024 10:31:52 GMT
etag: W/"51ddc52774f4e5bd6a6f1c22e9d19674"
x-amz-meta-mtime: 1713868214.097985498
content-encoding: gzip
expires: Wed, 24 Apr 2024 12:41:53 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-1c6a4b4b8159d64b28a820af4bbfc4fe-7c8b1fe7941ab4ea-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T12:41:53+00:00, 2024-04-23T12:43:26+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| widget.suphelper.top/services/widget/v2/most-required?projectId=5b61b42ffdf00b25dc78f342&credentials=%7B%22$type%22:%22GuestCredentials%22,%22id%22:%2222f7505e-674c-44dc-9e3f-56fc7d22179b%22%7D | 104.18.39.72 | 200 OK | 422 B |
URL GET HTTP/2widget.suphelper.top/services/widget/v2/most-required?projectId=5b61b42ffdf00b25dc78f342&credentials=%7B%22$type%22:%22GuestCredentials%22,%22id%22:%2222f7505e-674c-44dc-9e3f-56fc7d22179b%22%7D IP104.18.39.72:443
Requested byhttps://widget.suphelper.top/ CertificateIssuerGoogle Trust Services LLC Subjectsuphelper.top Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36 ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT
File typegzip compressed data, from Unix Hash266541652fdffd712d6d43a55f7a0cda 2bded8137654eef5dd0b8958c366cf1327db01b9 44a6da92a51b5c73bbba853d046569bf3c7ac5b85fe37bfa62130335ef27ee58
GET /services/widget/v2/most-required?projectId=5b61b42ffdf00b25dc78f342&credentials=%7B%22$type%22:%22GuestCredentials%22,%22id%22:%2222f7505e-674c-44dc-9e3f-56fc7d22179b%22%7D HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:32:24 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 87935e8a9ed80b65-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/694da3a9483f.js | 185.244.209.62 | 200 OK | 424 B |
URL GET HTTP/2v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/694da3a9483f.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJava source, ASCII text, with very long lines (423) Hash784714dbdeff946febf2eb88c77d6340 5da79cae3317a05b281ff8c256686a1a772b2352 1ba04d68c320b81d0d06784ac28bd95743cb6ef9ba02f34a3e733beca5e23c11
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/694da3a9483f.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xbetnp.com
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:27 GMT
content-type: text/javascript; charset=utf-8
content-length: 424
last-modified: Tue, 23 Apr 2024 12:34:23 GMT
etag: "784714dbdeff946febf2eb88c77d6340"
x-amz-meta-mtime: 1713875281.713615339
expires: Wed, 24 Apr 2024 12:55:17 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-0785dd1cbe5cb304211869d595525020-6ca46ef952117b06-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T12:55:17+00:00, 2024-04-23T12:57:40+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/093330da9752.js | 185.244.209.62 | 200 OK | 1.6 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/093330da9752.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Hash4b175743f86dcd6a477cba2af9666833 61788a2c2557494b4130c511eb761a22f7414c38 a2571834106fb7b566ad35c0928fc89d9b337272132149274445c7f719a2d42b
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/093330da9752.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xbetnp.com
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:27 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 23 Apr 2024 12:34:22 GMT
etag: W/"e99039abd8dac007c9c64df5cbb76091"
x-amz-meta-mtime: 1713875281.673615027
content-encoding: gzip
expires: Wed, 24 Apr 2024 12:55:16 GMT
cache-control: max-age=86400
x-time-ng: 0.001
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-299e1ac4438282d7d72486bf57e445cd-67fbb0081bd71922-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T12:55:16+00:00, 2024-04-23T12:57:40+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/9b1085266c45.js | 185.244.209.62 | 200 OK | 435 B |
URL GET HTTP/2v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/9b1085266c45.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJava source, ASCII text, with very long lines (434) Hashb075575bc06525b491d4fd8da21e93ff e62563ac20cfdd6b44cc0c3e86aacaf1358e48af a5080ee6ff8f42eb65b4a7efea6d14b91d954e2db650bf7027e85ebf2041dae6
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/9b1085266c45.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xbetnp.com
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:27 GMT
content-type: text/javascript; charset=utf-8
content-length: 435
last-modified: Tue, 23 Apr 2024 12:34:23 GMT
etag: "b075575bc06525b491d4fd8da21e93ff"
x-amz-meta-mtime: 1713875281.729615464
expires: Wed, 24 Apr 2024 12:55:17 GMT
cache-control: max-age=86400
x-time-ng: 0.001
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-6ef816c169407cd0c6ed249a424bfdac-e989209a929902cb-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T12:55:17+00:00, 2024-04-23T12:57:40+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/00526da4cdf3.css | 185.244.209.62 | 200 OK | 17 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/00526da4cdf3.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Hash5619ca393191a3e852f01d0fb8e0c4fd 9eefe5f263c2f8f28e80974c99dc7b317ccd889d e001ca1c96c07d470232e9cd27d96c7ab6dc0a858a9008d75b108c7dc49ef630
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/00526da4cdf3.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:27 GMT
content-type: text/css; charset=utf-8
last-modified: Tue, 23 Apr 2024 07:17:48 GMT
etag: W/"6aa11e1c24ebb592cd2fe02d36340453"
x-amz-meta-mtime: 1713856377.992405686
content-encoding: gzip
expires: Wed, 24 Apr 2024 12:27:31 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-acb314326e2565f80b29212c85349a7e-5ec3b21bc91db67d-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T12:27:31+00:00, 2024-04-23T13:51:02+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/034cd6868126.js | 185.244.209.62 | 200 OK | 128 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/034cd6868126.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Size128 kB (127815 bytes) Hasha62fd1072c3042f294cac2e6260704b2 820ed2d5a0b396d435af572085dbd53d2cfadea3 4e6f9ffcccea833bff95e89035d8aa3c8b1435ebce6f670db91c0dce3bd1c574
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/034cd6868126.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xbetnp.com
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:27 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 23 Apr 2024 12:34:22 GMT
etag: W/"a2bb3a4f84cc4e6bfba45a8e4c3932e1"
x-amz-meta-mtime: 1713875281.673615027
content-encoding: gzip
expires: Wed, 24 Apr 2024 12:55:16 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-c0c2b2096fe5e00106eded9adbd5906f-61996915fb40c2a1-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T12:55:16+00:00, 2024-04-23T12:57:40+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xbetnp.com/service-api/LiveFeed/GetSportsShortZip?lng=en&gr=909&country=137&virtualSports=true&groupChamps=true | 83.147.206.31 | 200 OK | 2.7 kB |
URL GET HTTP/21xbetnp.com/service-api/LiveFeed/GetSportsShortZip?lng=en&gr=909&country=137&virtualSports=true&groupChamps=true IP83.147.206.31:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerLet's Encrypt Subject1xbetnp.com FingerprintA5:E2:50:EB:20:4D:9A:C7:80:84:AB:9B:12:20:6F:CE:4C:D0:CC:F7 ValidityMon, 12 Feb 2024 05:16:51 GMT - Sun, 12 May 2024 05:16:50 GMT
Hash5085337a6eb9d1c26480b4e44eb2d071 8b6075de01a4e86a8a8bf157e729df8d12da4dcf d5e7a001a62cd87f85602f0abf70584553b302314d172b61c6b6701fed8536a3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/GetSportsShortZip?lng=en&gr=909&country=137&virtualSports=true&groupChamps=true HTTP/1.1
Host: 1xbetnp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xbetnp.com/en?tag=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder; platform_type=desktop; auid=U5POH2Yoi1IeurcpAxSaAg==; SESSION=485ae37fae7b9b76dfa895caab1409cf; window_width=1280; _glhf=1713950917; che_g=23437f56-cfbd-f999-10f6-bc1a50bce12e; application_locale=en; sh.session.id=22f7505e-674c-44dc-9e3f-56fc7d22179b; ggru=181
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:28 GMT
content-type: application/json; charset=utf-8
content-length: 2670
cache-control: public, max-age=5
content-encoding: br
last-modified: Wed, 24 Apr 2024 04:32:28 GMT
vary: Accept-Encoding
x-time-ng: 0.009
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.017
X-Firefox-Spdy: h2
|
|
| 1xbetnp.com/web-api/session | 83.147.206.31 | 204 No Content | 0 B |
URL GET HTTP/21xbetnp.com/web-api/session IP83.147.206.31:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerLet's Encrypt Subject1xbetnp.com FingerprintA5:E2:50:EB:20:4D:9A:C7:80:84:AB:9B:12:20:6F:CE:4C:D0:CC:F7 ValidityMon, 12 Feb 2024 05:16:51 GMT - Sun, 12 May 2024 05:16:50 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /web-api/session HTTP/1.1
Host: 1xbetnp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xbetnp.com/en?tag=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder; platform_type=desktop; auid=U5POH2Yoi1IeurcpAxSaAg==; SESSION=485ae37fae7b9b76dfa895caab1409cf; window_width=1280; _glhf=1713950917; che_g=23437f56-cfbd-f999-10f6-bc1a50bce12e; application_locale=en; sh.session.id=22f7505e-674c-44dc-9e3f-56fc7d22179b; ggru=181
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 24 Apr 2024 04:32:28 GMT
cache-control: no-cache, private
server-timing: p;dur=13, dt_total;dur=19.615, wf-uht;dur=0.027
traceparent: 00-17543ad61844c9e12eb66c76e2d4055a-a7711b583f7fad84-01
x-dt: 909
x-time-ng: 0.019
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/conversion-c1b13bbc.js | 185.244.209.62 | 200 OK | 67 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/vendors/conversion-c1b13bbc.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators Hash770cae056135fc518ad14933ba614b1f 210efe80b13338caa77279c4f9f89359f5537baa a42fa9336cfcae84bf3d7e45164a21b51b754fcdb2ed97824d183698b3d7ed20
GET /_nuxt/desktop/default/vendors/conversion-c1b13bbc.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:29 GMT
content-type: application/javascript; charset=utf-8
content-length: 66631
last-modified: Tue, 23 Apr 2024 13:15:15 GMT
etag: "6627b463-10447"
content-encoding: gzip
expires: Wed, 24 Apr 2024 14:28:43 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-191480c550717d644c4da6db239267f7-2cf870bd0f875b43-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T14:28:43+00:00, 2024-04-23T14:29:23+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2 | 185.244.209.62 | 200 OK | 64 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2 IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 63748, version 1.0 Hash6887b6f24414dbc612dbf42ccdc76b70 8068d3abfbc6cbf35b55919da45b1f4d2d136238 fc5c015fc32518f1ed810fa84ca28941eb9d5a3c81acc8df69a4dbbeedef7b0c
GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xbetnp.com
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:29 GMT
content-type: font/woff2
content-length: 63748
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "6887b6f24414dbc612dbf42ccdc76b70"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-e37a80e2581bb81a9b292acae079ccfa-3f15b2691934d433-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T07:13:59+00:00, 2024-04-24T03:35:05+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/994284d39ca5.js | 185.244.209.62 | 200 OK | 66 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/994284d39ca5.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Hash458ec6fc551e593895348cc98fcb35a3 57429523f0935c878c2230d8b39e115e59c18978 39696767bc0b0d46a270de7d4177201c9aa2786ae338aa3fdda18d1323fa5965
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/994284d39ca5.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xbetnp.com
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:27 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 23 Apr 2024 12:34:23 GMT
etag: W/"901f57b165b23c191081c0d0112a5eda"
x-amz-meta-mtime: 1713875281.725615432
content-encoding: gzip
expires: Wed, 24 Apr 2024 12:55:17 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-11c3684e0611e92c06f1ae72cc3401be-d9adb79a2eb886ba-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T12:55:17+00:00, 2024-04-23T12:57:40+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/3e98905ff0ef.js | 185.244.209.62 | 200 OK | 66 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/3e98905ff0ef.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Hashda663aceb3f988ed72e291e4fbbd38b7 efa02fbbe73bb81d7a05ba54f9af3aa8ce4e6838 feb8e387a5f5d9ff0d7a238ead1d35571388fae5ca97bb18974e934ea4698b10
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/3e98905ff0ef.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xbetnp.com
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:27 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 23 Apr 2024 12:34:22 GMT
etag: W/"ea85164f3c2c7d7e126e0e8be39d1ce0"
x-amz-meta-mtime: 1713875281.701615245
content-encoding: gzip
expires: Wed, 24 Apr 2024 12:55:18 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-9aa7ea6a971bb85bb2535fbf973a5869-dc2fbcf84d283927-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T12:55:18+00:00, 2024-04-23T12:57:40+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2 | 185.244.209.62 | 200 OK | 64 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2 IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 63748, version 1.0 Hash6887b6f24414dbc612dbf42ccdc76b70 8068d3abfbc6cbf35b55919da45b1f4d2d136238 fc5c015fc32518f1ed810fa84ca28941eb9d5a3c81acc8df69a4dbbeedef7b0c
GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xbetnp.com
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:30 GMT
content-type: font/woff2
content-length: 63748
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "6887b6f24414dbc612dbf42ccdc76b70"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-5d5440d22db6d95682b0ca1b5d42e5a3-36262fd7deda4147-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T07:13:59+00:00, 2024-04-24T03:35:05+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Medium.woff2 | 185.244.209.62 | 200 OK | 65 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Medium.woff2 IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 64732, version 1.0 Hash3ac5d40d1b3966fc5eb09ecca74d9cbf a69f32357765dd321519889aeacba5e9ca893bb0 3310766b8f58538d07abded74a2babe1acbe1a3ee820d5b8c8265da666f4fb0c
GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Medium.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xbetnp.com
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:30 GMT
content-type: font/woff2
content-length: 64732
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "3ac5d40d1b3966fc5eb09ecca74d9cbf"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-1b1beeef4fa7e497dc2bb63a34bf83c8-a08ea143d89dc084-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T07:56:30+00:00, 2024-04-24T04:06:08+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/e4f5a237b491.js | 185.244.209.62 | | 77 kB |
URL v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/e4f5a237b491.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Hash6b83470126ab7454f3752ed10a5f2227 e136ccaf94a35e89387c14bea7dc9de67d7640e9 866e7ad78d56096447528c4606d64b033996328c33c32437f8add1312a6aa8e8
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/e4f5a237b491.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xbetnp.com
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:27 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 23 Apr 2024 12:34:23 GMT
etag: W/"827336e53d45532bf8abee174a7db24c"
x-amz-meta-mtime: 1713875281.745615589
content-encoding: gzip
expires: Wed, 24 Apr 2024 12:55:13 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-12295699d25c0d91cf801918489436d0-6fe6d3ea956825be-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T12:55:13+00:00, 2024-04-23T12:57:40+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xbetnp.com/service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=909&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true | 83.147.206.31 | 200 OK | 9.5 kB |
URL GET HTTP/21xbetnp.com/service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=909&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true IP83.147.206.31:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerLet's Encrypt Subject1xbetnp.com FingerprintA5:E2:50:EB:20:4D:9A:C7:80:84:AB:9B:12:20:6F:CE:4C:D0:CC:F7 ValidityMon, 12 Feb 2024 05:16:51 GMT - Sun, 12 May 2024 05:16:50 GMT
Hash7f8a754cdcfd3a2751a09ca539f23ae7 02754a7f22a0992f4e214a18e701fb83ea69e1b5 de7a64811074e6e020b024ea5809c7ac8bf9cd3b2841e0bfa9547ea1e905f271
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=909&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true HTTP/1.1
Host: 1xbetnp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xbetnp.com/en?tag=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder; platform_type=desktop; auid=U5POH2Yoi1IeurcpAxSaAg==; SESSION=485ae37fae7b9b76dfa895caab1409cf; window_width=1280; _glhf=1713950917; che_g=23437f56-cfbd-f999-10f6-bc1a50bce12e; application_locale=en; sh.session.id=22f7505e-674c-44dc-9e3f-56fc7d22179b; ggru=181
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:31 GMT
content-type: application/json; charset=utf-8
content-length: 9477
cache-control: public, max-age=5
content-encoding: br
last-modified: Wed, 24 Apr 2024 04:32:31 GMT
vary: Accept-Encoding
x-time-ng: 0.013
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.021
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/banner/8c83a62ae8afe0aa371618f02b8e4a01.jpg | 185.244.209.62 | 200 OK | 82 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1/desktop/banner/8c83a62ae8afe0aa371618f02b8e4a01.jpg IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJPEG image data, progressive, precision 8, 1380x248, components 3 Hashad5f0025317357d48209be53322c4854 c95715c6077d270ab0d901fa43184565216d6177 e7d3aa1ad1cf16bb24ada1e8ab541fbd94aa6196e7f98e50b244c70b0d9b2204
GET /genfiles/cms/1/desktop/banner/8c83a62ae8afe0aa371618f02b8e4a01.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:31 GMT
content-type: image/jpeg
content-length: 81954
last-modified: Thu, 05 Oct 2023 10:29:43 GMT
etag: "ad5f0025317357d48209be53322c4854"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-82db55b9d08f122b41a766a6b827afe2-15d224a563f7500c-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T09:26:31+00:00, 2024-04-24T04:32:25+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xbetnp.com/web-api/mobile | 83.147.206.31 | 200 OK | 9.2 kB |
URL POST HTTP/21xbetnp.com/web-api/mobile IP83.147.206.31:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerLet's Encrypt Subject1xbetnp.com FingerprintA5:E2:50:EB:20:4D:9A:C7:80:84:AB:9B:12:20:6F:CE:4C:D0:CC:F7 ValidityMon, 12 Feb 2024 05:16:51 GMT - Sun, 12 May 2024 05:16:50 GMT
Hash932a22898c21f20ad24df368d892f471 2ca1f0b19878640b128cae77a5b72c1c159579b5 73fbf6d115c0fdc50719f136d4881e66f09228f53e55af5a7e3219cac10ec4c3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /web-api/mobile HTTP/1.1
Host: 1xbetnp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xbetnp.com/en?tag=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
Origin: https://1xbetnp.com
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder; platform_type=desktop; auid=U5POH2Yoi1IeurcpAxSaAg==; SESSION=485ae37fae7b9b76dfa895caab1409cf; window_width=1280; _glhf=1713950917; che_g=23437f56-cfbd-f999-10f6-bc1a50bce12e; application_locale=en; sh.session.id=22f7505e-674c-44dc-9e3f-56fc7d22179b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:22 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: br
server-timing: p;dur=17, dt_total;dur=19.503, wf-uht;dur=0.037
traceparent: 00-b89e006751ef1230e37e71ef5b5a74d6-bd5f3af22e2f854f-01
vary: Accept-Encoding
x-dt: 909
x-time-ng: 0.018
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/analytics-c706fc54.js | 185.244.209.62 | 200 OK | 2.4 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/analytics-c706fc54.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (6444), with no line terminators Hash14c0a5b475850d7da7e8459bf9df5766 f4cbfa40f0f3e3781d23a8a2e3715bf8252a2402 a6a30f6358ba3aea4d315b8838587ef81df7d171d0f84e2aa6d6faaadad614fd
GET /_nuxt/desktop/default/analytics-c706fc54.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:32 GMT
content-type: application/javascript; charset=utf-8
content-length: 2434
last-modified: Tue, 23 Apr 2024 13:15:15 GMT
etag: "6627b463-982"
content-encoding: gzip
expires: Wed, 24 Apr 2024 14:28:44 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-1d16637fd73b840bcfa1cb286be34160-25de088c1e0e6f97-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T14:28:44+00:00, 2024-04-23T14:29:19+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/88071a5d390d.js | 185.244.209.62 | 200 OK | 1.3 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/88071a5d390d.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Hash43af4b61202f2e7cd1b299ee4b617761 a3801795fd1700cef28d6e8274156cb86dff65af 44dae701ceccaf3eaa26345e5bec0dc397ac723d393d97db80a7679a5955c1cb
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/88071a5d390d.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xbetnp.com
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:27 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 23 Apr 2024 12:34:23 GMT
etag: W/"3084b8e581d711a9e12b5519b6d0d789"
x-amz-meta-mtime: 1713875281.721615401
content-encoding: gzip
expires: Wed, 24 Apr 2024 12:55:17 GMT
cache-control: max-age=86400
x-time-ng: 0.001
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-6cc78123251c728fdd70debd26127ccc-b860a68f811b6f04-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T12:55:17+00:00, 2024-04-23T12:57:40+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-7V60YW2S5H | 142.250.74.168 | 200 OK | 101 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=G-7V60YW2S5H IP142.250.74.168:443
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (5945) Size101 kB (100757 bytes) Hashfa155f9a76f98329bcd3ec1e34b4a0de 51405b16189c185d3b93cbfa3d62674821a6c249 1bbaf6cd50ceadbc39ffcff2ca3464c6dd20df7d493f3541c2eed502056d80c7
GET /gtag/js?id=G-7V60YW2S5H HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 24 Apr 2024 04:32:32 GMT
expires: Wed, 24 Apr 2024 04:32:32 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 100757
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| radar.cedexis.com/1/23802/radar.js | 45.54.49.5 | 302 Moved Temporarily | 154 B |
URL GET HTTP/1.1radar.cedexis.com/1/23802/radar.js IP45.54.49.5:443 ASN#63911 NetActuate, Inc
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerDigiCert Inc Subjectradar.cedexis.com Fingerprint33:58:79:8E:87:A5:C3:05:CA:E2:82:50:61:CF:72:83:BD:64:80:C1 ValidityFri, 29 Mar 2024 00:00:00 GMT - Fri, 28 Mar 2025 23:59:59 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hashcfbeaf604823f038b8b46f0ac862b98c 7b9eb1dac48e74fa5f418bc456cb410f88b81d98 20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /1/23802/radar.js HTTP/1.1
Host: radar.cedexis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Wed, 24 Apr 2024 04:32:33 GMT
Content-Type: text/html
Content-Length: 154
Connection: keep-alive
Location: /1707728419/stub.js
Expires: Wed, 24 Apr 2024 04:42:33 GMT
Cache-Control: max-age=600
Vary: User-Agent,DNT
|
|
| www.googletagmanager.com/gtag/js?id=UA-131019888-1&l=dataLayer&cx=c | 142.250.74.168 | | 69 kB |
URL www.googletagmanager.com/gtag/js?id=UA-131019888-1&l=dataLayer&cx=c IP142.250.74.168:0
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
File typeJavaScript source, ASCII text, with very long lines (2165) Hash4ceebe426f9f0131a7705826005ef2b4 2e64e8f94ef20e41b9c3dfa9870d0437b661b2d2 b30d8eadb479b8aa7302e36a556f34b1d57375d0dae3fd116a22f53bbde761e1
GET /gtag/js?id=UA-131019888-1&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 24 Apr 2024 04:32:33 GMT
expires: Wed, 24 Apr 2024 04:32:33 GMT
cache-control: private, max-age=900
last-modified: Wed, 24 Apr 2024 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 69103
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| radar.cedexis.com/1707728419/stub.js | 45.54.49.5 | 200 OK | 271 B |
URL GET HTTP/1.1radar.cedexis.com/1707728419/stub.js IP45.54.49.5:443 ASN#63911 NetActuate, Inc
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerDigiCert Inc Subjectradar.cedexis.com Fingerprint33:58:79:8E:87:A5:C3:05:CA:E2:82:50:61:CF:72:83:BD:64:80:C1 ValidityFri, 29 Mar 2024 00:00:00 GMT - Fri, 28 Mar 2025 23:59:59 GMT
File typeJavaScript source, ASCII text Hash82dec77fd0353c7c71ce053b8601387e fbbca95419e1d0c042e0a5fdf10f380aca66188c 39f2b7b0fa78d37d0c84d2d6618bd635d86fd683d9bcdd5729850cb2a62522f7
GET /1707728419/stub.js HTTP/1.1
Host: radar.cedexis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xbetnp.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 Apr 2024 04:32:33 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 12 Feb 2024 09:50:42 GMT
Vary: Accept-Encoding
ETag: W/"65c9e9f2-186"
Expires: Wed, 08 May 2024 04:32:33 GMT
Cache-Control: max-age=1209600, public
Content-Encoding: gzip
|
|
| www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7V60YW2S5H&cid=1268801329.1713933153>m=45je44m0v893859730za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=1203120534 | 142.250.74.163 | 200 OK | 42 B |
URL GET HTTP/2www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7V60YW2S5H&cid=1268801329.1713933153>m=45je44m0v893859730za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=1203120534 IP142.250.74.163:443
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerGoogle Trust Services LLC Subject*.google.no Fingerprint4E:BD:F9:72:97:67:A2:4B:EE:E4:B0:03:CD:C8:F3:30:53:27:53:1D ValidityMon, 18 Mar 2024 20:50:06 GMT - Mon, 10 Jun 2024 20:50:05 GMT
File typeGIF image data, version 89a, 1 x 1 Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7V60YW2S5H&cid=1268801329.1713933153>m=45je44m0v893859730za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=1203120534 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 24 Apr 2024 04:32:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 1xbetnp.com/service-api/LiveFeed/GetSportsShortZip?lng=en&gr=909&country=137&virtualSports=true&groupChamps=true | 83.147.206.31 | 200 OK | 2.7 kB |
URL GET HTTP/21xbetnp.com/service-api/LiveFeed/GetSportsShortZip?lng=en&gr=909&country=137&virtualSports=true&groupChamps=true IP83.147.206.31:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerLet's Encrypt Subject1xbetnp.com FingerprintA5:E2:50:EB:20:4D:9A:C7:80:84:AB:9B:12:20:6F:CE:4C:D0:CC:F7 ValidityMon, 12 Feb 2024 05:16:51 GMT - Sun, 12 May 2024 05:16:50 GMT
Hash5085337a6eb9d1c26480b4e44eb2d071 8b6075de01a4e86a8a8bf157e729df8d12da4dcf d5e7a001a62cd87f85602f0abf70584553b302314d172b61c6b6701fed8536a3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/GetSportsShortZip?lng=en&gr=909&country=137&virtualSports=true&groupChamps=true HTTP/1.1
Host: 1xbetnp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xbetnp.com/en?tag=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiYU5sRzlSMkQyRUw5NERjcnh5aEh5VDI1UFFVOHEzMUxsK3VvUEgybjZoSDZ4Zkt5TFU5UUtCZGpXekh1NUlCNEo4SncrazlzeXliYldnaGV1RnFyMGwvaEZtUFAvaDdHWUFkKzdhczRWdi9sQ2N5UTRYMGg4Q1g5TzhjMnQzbkJrQXgwOWc5d1RaRGxUeFZIelpOcTJPUGtFc3dlOU91ZU1ScE5kbVdSbkgweGx6YXlGSlJBT3ZzUFIxZU5sVHBRckxvMGtkNWZvVWlkUCtnMnB5NmRuVnJzSWxxQTI0K3Q5bVlXa1JJanZmUzhKOWxqTk9YZ3BaYVc5WGpNWEtQM2IwS3hBdXp6TzhCbVl5ZHRlNDY4NkhCbDdOMzhZM2ZuTDZLeVZLK3BQTm1HIiwiZXhwIjoxNzEzOTQ3NTUyLCJpYXQiOjE3MTM5MzMxNTJ9.A6TAUeJbML6W64bPqWPkqpm_p81TCj0ooaPgZxHq-XPUb4JLotbcEYqJSaVt24kk5IHhEe9nHVtKN5EU8sxiiw
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder; platform_type=desktop; auid=U5POH2Yoi1IeurcpAxSaAg==; SESSION=485ae37fae7b9b76dfa895caab1409cf; window_width=1280; _glhf=1713950917; che_g=23437f56-cfbd-f999-10f6-bc1a50bce12e; application_locale=en; sh.session.id=22f7505e-674c-44dc-9e3f-56fc7d22179b; ggru=181; _ga_7V60YW2S5H=GS1.1.1713933153.1.0.1713933153.60.0.0; _ga=GA1.1.1268801329.1713933153
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:33 GMT
content-type: application/json; charset=utf-8
content-length: 2670
cache-control: public, max-age=5
content-encoding: br
last-modified: Wed, 24 Apr 2024 04:32:28 GMT
vary: Accept-Encoding
x-time-ng: 0.009
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
X-Firefox-Spdy: h2
|
|
| region1.analytics.google.com/g/collect?v=2&tid=G-7V60YW2S5H>m=45je44m0v893859730za200&_p=1713933152905&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1268801329.1713933153&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1713933153&sct=1&seg=0&dl=https%3A%2F%2F1xbetnp.com%2Fen%3Ftag%3Dd_85563m_32273c_%255B%255DMS%255B%255Dnull%255B%255Dnull%255B%255Dgeneral%255B%255D%257Bsite_id%257D_d22490_l126882_clickunder&dt=1XBET%20Nepal%20%E2%80%93%20Betting%20company%20%E1%90%89%20Online%20sports%20betting%20%E2%80%93%20Login%201XBET%20%E1%90%89%201xbetnp.com&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.optimize_id=GTM-5R4MT54&tfd=16793 | 216.239.34.36 | 204 No Content | 0 B |
URL POST HTTP/2region1.analytics.google.com/g/collect?v=2&tid=G-7V60YW2S5H>m=45je44m0v893859730za200&_p=1713933152905&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1268801329.1713933153&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1713933153&sct=1&seg=0&dl=https%3A%2F%2F1xbetnp.com%2Fen%3Ftag%3Dd_85563m_32273c_%255B%255DMS%255B%255Dnull%255B%255Dnull%255B%255Dgeneral%255B%255D%257Bsite_id%257D_d22490_l126882_clickunder&dt=1XBET%20Nepal%20%E2%80%93%20Betting%20company%20%E1%90%89%20Online%20sports%20betting%20%E2%80%93%20Login%201XBET%20%E1%90%89%201xbetnp.com&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.optimize_id=GTM-5R4MT54&tfd=16793 IP216.239.34.36:443
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-7V60YW2S5H>m=45je44m0v893859730za200&_p=1713933152905&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1268801329.1713933153&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1713933153&sct=1&seg=0&dl=https%3A%2F%2F1xbetnp.com%2Fen%3Ftag%3Dd_85563m_32273c_%255B%255DMS%255B%255Dnull%255B%255Dnull%255B%255Dgeneral%255B%255D%257Bsite_id%257D_d22490_l126882_clickunder&dt=1XBET%20Nepal%20%E2%80%93%20Betting%20company%20%E1%90%89%20Online%20sports%20betting%20%E2%80%93%20Login%201XBET%20%E1%90%89%201xbetnp.com&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.optimize_id=GTM-5R4MT54&tfd=16793 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xbetnp.com
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://1xbetnp.com
date: Wed, 24 Apr 2024 04:32:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 1xbetnp.com/service-api/LineFeed/GetSportsShortZip?lng=en&country=137&virtualSports=true&gr=909&groupChamps=true | 83.147.206.31 | 200 OK | 2.0 kB |
URL GET HTTP/21xbetnp.com/service-api/LineFeed/GetSportsShortZip?lng=en&country=137&virtualSports=true&gr=909&groupChamps=true IP83.147.206.31:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerLet's Encrypt Subject1xbetnp.com FingerprintA5:E2:50:EB:20:4D:9A:C7:80:84:AB:9B:12:20:6F:CE:4C:D0:CC:F7 ValidityMon, 12 Feb 2024 05:16:51 GMT - Sun, 12 May 2024 05:16:50 GMT
Hash4b75ee308dfd5b7e9a5b0c7fdb3e0585 7e1c3094cc6d058aef8e73880262d5844ec8684c 9a34bc69ec0fc4d93938589f8ca111ccd986a9a06d9f1ae8b6675a8c388a2386
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LineFeed/GetSportsShortZip?lng=en&country=137&virtualSports=true&gr=909&groupChamps=true HTTP/1.1
Host: 1xbetnp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xbetnp.com/en?tag=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiYU5sRzlSMkQyRUw5NERjcnh5aEh5VDI1UFFVOHEzMUxsK3VvUEgybjZoSDZ4Zkt5TFU5UUtCZGpXekh1NUlCNEo4SncrazlzeXliYldnaGV1RnFyMGwvaEZtUFAvaDdHWUFkKzdhczRWdi9sQ2N5UTRYMGg4Q1g5TzhjMnQzbkJrQXgwOWc5d1RaRGxUeFZIelpOcTJPUGtFc3dlOU91ZU1ScE5kbVdSbkgweGx6YXlGSlJBT3ZzUFIxZU5sVHBRckxvMGtkNWZvVWlkUCtnMnB5NmRuVnJzSWxxQTI0K3Q5bVlXa1JJanZmUzhKOWxqTk9YZ3BaYVc5WGpNWEtQM2IwS3hBdXp6TzhCbVl5ZHRlNDY4NkhCbDdOMzhZM2ZuTDZLeVZLK3BQTm1HIiwiZXhwIjoxNzEzOTQ3NTUyLCJpYXQiOjE3MTM5MzMxNTJ9.A6TAUeJbML6W64bPqWPkqpm_p81TCj0ooaPgZxHq-XPUb4JLotbcEYqJSaVt24kk5IHhEe9nHVtKN5EU8sxiiw
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder; platform_type=desktop; auid=U5POH2Yoi1IeurcpAxSaAg==; SESSION=485ae37fae7b9b76dfa895caab1409cf; window_width=1280; _glhf=1713950917; che_g=23437f56-cfbd-f999-10f6-bc1a50bce12e; application_locale=en; sh.session.id=22f7505e-674c-44dc-9e3f-56fc7d22179b; ggru=181; _ga_7V60YW2S5H=GS1.1.1713933153.1.0.1713933153.60.0.0; _ga=GA1.1.1268801329.1713933153
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:34 GMT
content-type: application/json; charset=utf-8
content-length: 2029
cache-control: public, max-age=5
content-encoding: br
last-modified: Wed, 24 Apr 2024 04:32:34 GMT
vary: Accept-Encoding
x-time-ng: 0.055
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.063
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-icons/1.0.328/285/country.svg | 185.244.209.62 | 200 OK | 64 kB |
URL GET HTTP/2v3.traincdn.com/sys-icons/1.0.328/285/country.svg IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Hash2b6607f274b7355d48533d8ee6fcffdf 75ecdbac5ab774d29e6109388d4c4eb1b1282e8e fa7a8ab0bd4133f939bb54fb6b38730a9f05f19d2f26ac8b15ebc742e26fa611
GET /sys-icons/1.0.328/285/country.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xbetnp.com
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:26 GMT
content-type: image/svg+xml
last-modified: Mon, 15 Apr 2024 07:13:32 GMT
etag: W/"60caf0d666af828706b3d83c428a31e4"
x-amz-meta-mtime: 1713165210.217888091
content-encoding: gzip
expires: Tue, 23 Apr 2024 10:38:03 GMT
cache-control: max-age=86400
x-time-ng: 0.003
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-465070ea50beffb7e545df3b77efb854-adbf17b063b69caa-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-22T10:38:03+00:00, 2024-04-23T10:56:28+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xbetnp.com/service-api/LiveFeed/GetTopGamesStatZip?lng=en&antisports=66 | 83.147.206.31 | 200 OK | 2.5 kB |
URL GET HTTP/21xbetnp.com/service-api/LiveFeed/GetTopGamesStatZip?lng=en&antisports=66 IP83.147.206.31:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerLet's Encrypt Subject1xbetnp.com FingerprintA5:E2:50:EB:20:4D:9A:C7:80:84:AB:9B:12:20:6F:CE:4C:D0:CC:F7 ValidityMon, 12 Feb 2024 05:16:51 GMT - Sun, 12 May 2024 05:16:50 GMT
Hash2aa17502ec1e9844a97207a7b5f2763a 760fe8dee4430199826840ef4a2f64c59611e79a d36ff20fc4eceab0d4faacd01c19b7c90520d226e419d4ecc740de0efc4ac8f4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/GetTopGamesStatZip?lng=en&antisports=66 HTTP/1.1
Host: 1xbetnp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xbetnp.com/en?tag=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiYU5sRzlSMkQyRUw5NERjcnh5aEh5VDI1UFFVOHEzMUxsK3VvUEgybjZoSDZ4Zkt5TFU5UUtCZGpXekh1NUlCNEo4SncrazlzeXliYldnaGV1RnFyMGwvaEZtUFAvaDdHWUFkKzdhczRWdi9sQ2N5UTRYMGg4Q1g5TzhjMnQzbkJrQXgwOWc5d1RaRGxUeFZIelpOcTJPUGtFc3dlOU91ZU1ScE5kbVdSbkgweGx6YXlGSlJBT3ZzUFIxZU5sVHBRckxvMGtkNWZvVWlkUCtnMnB5NmRuVnJzSWxxQTI0K3Q5bVlXa1JJanZmUzhKOWxqTk9YZ3BaYVc5WGpNWEtQM2IwS3hBdXp6TzhCbVl5ZHRlNDY4NkhCbDdOMzhZM2ZuTDZLeVZLK3BQTm1HIiwiZXhwIjoxNzEzOTQ3NTUyLCJpYXQiOjE3MTM5MzMxNTJ9.A6TAUeJbML6W64bPqWPkqpm_p81TCj0ooaPgZxHq-XPUb4JLotbcEYqJSaVt24kk5IHhEe9nHVtKN5EU8sxiiw
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder; platform_type=desktop; auid=U5POH2Yoi1IeurcpAxSaAg==; SESSION=485ae37fae7b9b76dfa895caab1409cf; window_width=1280; _glhf=1713950917; che_g=23437f56-cfbd-f999-10f6-bc1a50bce12e; application_locale=en; sh.session.id=22f7505e-674c-44dc-9e3f-56fc7d22179b; ggru=181; _ga_7V60YW2S5H=GS1.1.1713933153.1.0.1713933153.60.0.0; _ga=GA1.1.1268801329.1713933153
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:35 GMT
content-type: application/json; charset=utf-8
content-length: 2540
cache-control: public, max-age=5
content-encoding: br
last-modified: Wed, 24 Apr 2024 04:32:35 GMT
vary: Accept-Encoding
x-time-ng: 0.004
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.012
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/banner/0cd280af89b0819825587a2cf75e33d0.jpg | 185.244.209.62 | 200 OK | 39 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1/desktop/banner/0cd280af89b0819825587a2cf75e33d0.jpg IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1380x248, components 3 Hashb40d0e8304343f7070eff5ee310d7a98 db6c62254d55d3c26384345945ba84b4bafbf65e 484c8af4bfd7677b00a2d5d1dc26ab05990dc674585f71f9e8b21a79d95deff9
GET /genfiles/cms/1/desktop/banner/0cd280af89b0819825587a2cf75e33d0.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:36 GMT
content-type: image/jpeg
content-length: 39085
last-modified: Fri, 12 Apr 2024 09:23:30 GMT
etag: "b40d0e8304343f7070eff5ee310d7a98"
x-time-ng: 0.038
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-e1c5a90d180ecb2c37e43339757530f4-28961418c0b96407-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-12T10:33:38+00:00, 2024-04-24T04:32:25+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xbetnp.com/service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=909&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true | 83.147.206.31 | 200 OK | 9.5 kB |
URL GET HTTP/21xbetnp.com/service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=909&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true IP83.147.206.31:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerLet's Encrypt Subject1xbetnp.com FingerprintA5:E2:50:EB:20:4D:9A:C7:80:84:AB:9B:12:20:6F:CE:4C:D0:CC:F7 ValidityMon, 12 Feb 2024 05:16:51 GMT - Sun, 12 May 2024 05:16:50 GMT
Hash7f8a754cdcfd3a2751a09ca539f23ae7 02754a7f22a0992f4e214a18e701fb83ea69e1b5 de7a64811074e6e020b024ea5809c7ac8bf9cd3b2841e0bfa9547ea1e905f271
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=909&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true HTTP/1.1
Host: 1xbetnp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xbetnp.com/en?tag=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiYU5sRzlSMkQyRUw5NERjcnh5aEh5VDI1UFFVOHEzMUxsK3VvUEgybjZoSDZ4Zkt5TFU5UUtCZGpXekh1NUlCNEo4SncrazlzeXliYldnaGV1RnFyMGwvaEZtUFAvaDdHWUFkKzdhczRWdi9sQ2N5UTRYMGg4Q1g5TzhjMnQzbkJrQXgwOWc5d1RaRGxUeFZIelpOcTJPUGtFc3dlOU91ZU1ScE5kbVdSbkgweGx6YXlGSlJBT3ZzUFIxZU5sVHBRckxvMGtkNWZvVWlkUCtnMnB5NmRuVnJzSWxxQTI0K3Q5bVlXa1JJanZmUzhKOWxqTk9YZ3BaYVc5WGpNWEtQM2IwS3hBdXp6TzhCbVl5ZHRlNDY4NkhCbDdOMzhZM2ZuTDZLeVZLK3BQTm1HIiwiZXhwIjoxNzEzOTQ3NTUyLCJpYXQiOjE3MTM5MzMxNTJ9.A6TAUeJbML6W64bPqWPkqpm_p81TCj0ooaPgZxHq-XPUb4JLotbcEYqJSaVt24kk5IHhEe9nHVtKN5EU8sxiiw
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder; platform_type=desktop; auid=U5POH2Yoi1IeurcpAxSaAg==; SESSION=485ae37fae7b9b76dfa895caab1409cf; window_width=1280; _glhf=1713950917; che_g=23437f56-cfbd-f999-10f6-bc1a50bce12e; application_locale=en; sh.session.id=22f7505e-674c-44dc-9e3f-56fc7d22179b; ggru=181; _ga_7V60YW2S5H=GS1.1.1713933153.1.0.1713933153.60.0.0; _ga=GA1.1.1268801329.1713933153
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:36 GMT
content-type: application/json; charset=utf-8
content-length: 9477
cache-control: public, max-age=5
content-encoding: br
last-modified: Wed, 24 Apr 2024 04:32:31 GMT
vary: Accept-Encoding
x-time-ng: 0.013
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
X-Firefox-Spdy: h2
|
|
| 1xbetnp.com/service-api/LiveFeed/GetSportsShortZip?lng=en&gr=909&country=137&virtualSports=true&groupChamps=true | 83.147.206.31 | 200 OK | 2.7 kB |
URL GET HTTP/21xbetnp.com/service-api/LiveFeed/GetSportsShortZip?lng=en&gr=909&country=137&virtualSports=true&groupChamps=true IP83.147.206.31:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerLet's Encrypt Subject1xbetnp.com FingerprintA5:E2:50:EB:20:4D:9A:C7:80:84:AB:9B:12:20:6F:CE:4C:D0:CC:F7 ValidityMon, 12 Feb 2024 05:16:51 GMT - Sun, 12 May 2024 05:16:50 GMT
Hash83e74fc287076b56603eefbe3f24237a 5a7d02151e147b8c566f5b9ec6ca76cab8867358 4a10fed6923e34b395720c1ac2f896d8da8c086e40defa1e68e1473f669ff15f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/GetSportsShortZip?lng=en&gr=909&country=137&virtualSports=true&groupChamps=true HTTP/1.1
Host: 1xbetnp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xbetnp.com/en?tag=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiYU5sRzlSMkQyRUw5NERjcnh5aEh5VDI1UFFVOHEzMUxsK3VvUEgybjZoSDZ4Zkt5TFU5UUtCZGpXekh1NUlCNEo4SncrazlzeXliYldnaGV1RnFyMGwvaEZtUFAvaDdHWUFkKzdhczRWdi9sQ2N5UTRYMGg4Q1g5TzhjMnQzbkJrQXgwOWc5d1RaRGxUeFZIelpOcTJPUGtFc3dlOU91ZU1ScE5kbVdSbkgweGx6YXlGSlJBT3ZzUFIxZU5sVHBRckxvMGtkNWZvVWlkUCtnMnB5NmRuVnJzSWxxQTI0K3Q5bVlXa1JJanZmUzhKOWxqTk9YZ3BaYVc5WGpNWEtQM2IwS3hBdXp6TzhCbVl5ZHRlNDY4NkhCbDdOMzhZM2ZuTDZLeVZLK3BQTm1HIiwiZXhwIjoxNzEzOTQ3NTUyLCJpYXQiOjE3MTM5MzMxNTJ9.A6TAUeJbML6W64bPqWPkqpm_p81TCj0ooaPgZxHq-XPUb4JLotbcEYqJSaVt24kk5IHhEe9nHVtKN5EU8sxiiw
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder; platform_type=desktop; auid=U5POH2Yoi1IeurcpAxSaAg==; SESSION=485ae37fae7b9b76dfa895caab1409cf; window_width=1280; _glhf=1713950917; che_g=23437f56-cfbd-f999-10f6-bc1a50bce12e; application_locale=en; sh.session.id=22f7505e-674c-44dc-9e3f-56fc7d22179b; ggru=181; _ga_7V60YW2S5H=GS1.1.1713933153.1.0.1713933153.60.0.0; _ga=GA1.1.1268801329.1713933153
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:38 GMT
content-type: application/json; charset=utf-8
content-length: 2672
cache-control: public, max-age=5
content-encoding: br
last-modified: Wed, 24 Apr 2024 04:32:38 GMT
vary: Accept-Encoding
x-time-ng: 0.009
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.017
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/banner/02ba76589565792069601ad523578b27.webp | 185.244.209.62 | | 23 kB |
URL GET v3.traincdn.com/genfiles/cms/1/desktop/banner/02ba76589565792069601ad523578b27.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1380x248, Scaling: [none]x[none], YUV color, decoders should clamp Hash94f24dc02426e0d7baf117e11bd3fd36 2482ed081abe85f9470a290ca0d362f0c9dd94a3 c4c5ae9f997b5aaa309494bcba42b17504a76daf7f0da2674df6314d8a9841fb
GET /genfiles/cms/1/desktop/banner/02ba76589565792069601ad523578b27.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:41 GMT
content-type: image/webp
content-length: 22774
last-modified: Thu, 07 Mar 2024 08:40:40 GMT
etag: "94f24dc02426e0d7baf117e11bd3fd36"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-1804217d8a972bb2dbc5d704148f775c-fc43e6b3127cbaed-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-22T22:00:55+00:00, 2024-04-24T04:22:12+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xbetnp.com/service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=909&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true | 83.147.206.31 | 200 OK | 9.4 kB |
URL GET HTTP/21xbetnp.com/service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=909&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true IP83.147.206.31:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerLet's Encrypt Subject1xbetnp.com FingerprintA5:E2:50:EB:20:4D:9A:C7:80:84:AB:9B:12:20:6F:CE:4C:D0:CC:F7 ValidityMon, 12 Feb 2024 05:16:51 GMT - Sun, 12 May 2024 05:16:50 GMT
Hash71b769ee07de8741df102e774a1c58fe 2e2799c59d11ef8fb5a1b944a0c2cec923f85831 db1617bd81b3a8c5b7118d42320e614628a9aefcb7625ec72b716db732851ad9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=909&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true HTTP/1.1
Host: 1xbetnp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xbetnp.com/en?tag=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiYU5sRzlSMkQyRUw5NERjcnh5aEh5VDI1UFFVOHEzMUxsK3VvUEgybjZoSDZ4Zkt5TFU5UUtCZGpXekh1NUlCNEo4SncrazlzeXliYldnaGV1RnFyMGwvaEZtUFAvaDdHWUFkKzdhczRWdi9sQ2N5UTRYMGg4Q1g5TzhjMnQzbkJrQXgwOWc5d1RaRGxUeFZIelpOcTJPUGtFc3dlOU91ZU1ScE5kbVdSbkgweGx6YXlGSlJBT3ZzUFIxZU5sVHBRckxvMGtkNWZvVWlkUCtnMnB5NmRuVnJzSWxxQTI0K3Q5bVlXa1JJanZmUzhKOWxqTk9YZ3BaYVc5WGpNWEtQM2IwS3hBdXp6TzhCbVl5ZHRlNDY4NkhCbDdOMzhZM2ZuTDZLeVZLK3BQTm1HIiwiZXhwIjoxNzEzOTQ3NTUyLCJpYXQiOjE3MTM5MzMxNTJ9.A6TAUeJbML6W64bPqWPkqpm_p81TCj0ooaPgZxHq-XPUb4JLotbcEYqJSaVt24kk5IHhEe9nHVtKN5EU8sxiiw
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder; platform_type=desktop; auid=U5POH2Yoi1IeurcpAxSaAg==; SESSION=485ae37fae7b9b76dfa895caab1409cf; window_width=1280; _glhf=1713950917; che_g=23437f56-cfbd-f999-10f6-bc1a50bce12e; application_locale=en; sh.session.id=22f7505e-674c-44dc-9e3f-56fc7d22179b; ggru=181; _ga_7V60YW2S5H=GS1.1.1713933153.1.0.1713933153.60.0.0; _ga=GA1.1.1268801329.1713933153
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:42 GMT
content-type: application/json; charset=utf-8
content-length: 9439
cache-control: public, max-age=5
content-encoding: br
last-modified: Wed, 24 Apr 2024 04:32:42 GMT
vary: Accept-Encoding
x-time-ng: 0.012
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.031
X-Firefox-Spdy: h2
|
|
| 1xbetnp.com/service-api/LiveFeed/WebGetTopChampsZip?lng=en&gr=909&country=137 | 83.147.206.31 | 200 OK | 258 B |
URL GET HTTP/21xbetnp.com/service-api/LiveFeed/WebGetTopChampsZip?lng=en&gr=909&country=137 IP83.147.206.31:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerLet's Encrypt Subject1xbetnp.com FingerprintA5:E2:50:EB:20:4D:9A:C7:80:84:AB:9B:12:20:6F:CE:4C:D0:CC:F7 ValidityMon, 12 Feb 2024 05:16:51 GMT - Sun, 12 May 2024 05:16:50 GMT
Hash6b410dd2c07ab8dc7ea3612945386685 9d9b746ddabe121ffedb7dff9e0aff03b92998b1 aa7e649282a2bbf5af23394e678496503278768e36b9f21c74ebe474806513e8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/WebGetTopChampsZip?lng=en&gr=909&country=137 HTTP/1.1
Host: 1xbetnp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xbetnp.com/en?tag=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiYU5sRzlSMkQyRUw5NERjcnh5aEh5VDI1UFFVOHEzMUxsK3VvUEgybjZoSDZ4Zkt5TFU5UUtCZGpXekh1NUlCNEo4SncrazlzeXliYldnaGV1RnFyMGwvaEZtUFAvaDdHWUFkKzdhczRWdi9sQ2N5UTRYMGg4Q1g5TzhjMnQzbkJrQXgwOWc5d1RaRGxUeFZIelpOcTJPUGtFc3dlOU91ZU1ScE5kbVdSbkgweGx6YXlGSlJBT3ZzUFIxZU5sVHBRckxvMGtkNWZvVWlkUCtnMnB5NmRuVnJzSWxxQTI0K3Q5bVlXa1JJanZmUzhKOWxqTk9YZ3BaYVc5WGpNWEtQM2IwS3hBdXp6TzhCbVl5ZHRlNDY4NkhCbDdOMzhZM2ZuTDZLeVZLK3BQTm1HIiwiZXhwIjoxNzEzOTQ3NTUyLCJpYXQiOjE3MTM5MzMxNTJ9.A6TAUeJbML6W64bPqWPkqpm_p81TCj0ooaPgZxHq-XPUb4JLotbcEYqJSaVt24kk5IHhEe9nHVtKN5EU8sxiiw
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder; platform_type=desktop; auid=U5POH2Yoi1IeurcpAxSaAg==; SESSION=485ae37fae7b9b76dfa895caab1409cf; window_width=1280; _glhf=1713950917; che_g=23437f56-cfbd-f999-10f6-bc1a50bce12e; application_locale=en; sh.session.id=22f7505e-674c-44dc-9e3f-56fc7d22179b; ggru=181; _ga_7V60YW2S5H=GS1.1.1713933153.1.0.1713933153.60.0.0; _ga=GA1.1.1268801329.1713933153
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:43 GMT
content-type: application/json; charset=utf-8
content-length: 258
cache-control: no-cache
content-encoding: br
last-modified: Wed, 24 Apr 2024 04:32:43 GMT
vary: Accept-Encoding
x-time-ng: 0.020
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.029
X-Firefox-Spdy: h2
|
|
| widget.suphelper.top/injector.js | 104.18.39.72 | 200 OK | 74 kB |
URL GET HTTP/2widget.suphelper.top/injector.js IP104.18.39.72:443
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerGoogle Trust Services LLC Subjectsuphelper.top Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36 ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT
File typegzip compressed data, from Unix Hashcb09bc3893844f9a46f9143c8a1c3485 9eb799389c422763a219bf39c43f71a1aac356db d571b9ed73516a59c5f649121fe6bb97a655b321811f0adfd62e95ba74f55d17
GET /injector.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:32:21 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=14400
last-modified: Tue, 16 Apr 2024 09:44:52 GMT
etag: W/"32e7a-18ee64b8392"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
expires: Wed, 24 Apr 2024 08:32:21 GMT
server: cloudflare
cf-ray: 87935e7599e00b65-OSL
X-Firefox-Spdy: h2
|
|
| 1xbetnp.com/service-api/LineFeed/GetSportsShortZip?lng=en&country=137&virtualSports=true&gr=909&groupChamps=true | 83.147.206.31 | 200 OK | 2.0 kB |
URL GET HTTP/21xbetnp.com/service-api/LineFeed/GetSportsShortZip?lng=en&country=137&virtualSports=true&gr=909&groupChamps=true IP83.147.206.31:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerLet's Encrypt Subject1xbetnp.com FingerprintA5:E2:50:EB:20:4D:9A:C7:80:84:AB:9B:12:20:6F:CE:4C:D0:CC:F7 ValidityMon, 12 Feb 2024 05:16:51 GMT - Sun, 12 May 2024 05:16:50 GMT
Hash4b75ee308dfd5b7e9a5b0c7fdb3e0585 7e1c3094cc6d058aef8e73880262d5844ec8684c 9a34bc69ec0fc4d93938589f8ca111ccd986a9a06d9f1ae8b6675a8c388a2386
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LineFeed/GetSportsShortZip?lng=en&country=137&virtualSports=true&gr=909&groupChamps=true HTTP/1.1
Host: 1xbetnp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xbetnp.com/en?tag=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiYU5sRzlSMkQyRUw5NERjcnh5aEh5VDI1UFFVOHEzMUxsK3VvUEgybjZoSDZ4Zkt5TFU5UUtCZGpXekh1NUlCNEo4SncrazlzeXliYldnaGV1RnFyMGwvaEZtUFAvaDdHWUFkKzdhczRWdi9sQ2N5UTRYMGg4Q1g5TzhjMnQzbkJrQXgwOWc5d1RaRGxUeFZIelpOcTJPUGtFc3dlOU91ZU1ScE5kbVdSbkgweGx6YXlGSlJBT3ZzUFIxZU5sVHBRckxvMGtkNWZvVWlkUCtnMnB5NmRuVnJzSWxxQTI0K3Q5bVlXa1JJanZmUzhKOWxqTk9YZ3BaYVc5WGpNWEtQM2IwS3hBdXp6TzhCbVl5ZHRlNDY4NkhCbDdOMzhZM2ZuTDZLeVZLK3BQTm1HIiwiZXhwIjoxNzEzOTQ3NTUyLCJpYXQiOjE3MTM5MzMxNTJ9.A6TAUeJbML6W64bPqWPkqpm_p81TCj0ooaPgZxHq-XPUb4JLotbcEYqJSaVt24kk5IHhEe9nHVtKN5EU8sxiiw
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder; platform_type=desktop; auid=U5POH2Yoi1IeurcpAxSaAg==; SESSION=485ae37fae7b9b76dfa895caab1409cf; window_width=1280; _glhf=1713950917; che_g=23437f56-cfbd-f999-10f6-bc1a50bce12e; application_locale=en; sh.session.id=22f7505e-674c-44dc-9e3f-56fc7d22179b; ggru=181; _ga_7V60YW2S5H=GS1.1.1713933153.1.0.1713933153.60.0.0; _ga=GA1.1.1268801329.1713933153
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:44 GMT
content-type: application/json; charset=utf-8
content-length: 2029
cache-control: public, max-age=5
content-encoding: br
last-modified: Wed, 24 Apr 2024 04:32:44 GMT
vary: Accept-Encoding
x-time-ng: 0.061
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.090
X-Firefox-Spdy: h2
|
|
| services.addons.mozilla.org/api/v4/addons/search/?guid=default-theme%40mozilla.org%2Caddons-search-detection%40mozilla.com%2Cgoogle%40search.mozilla.org%2Cwikipedia%40search.mozilla.org%2Cbing%40search.mozilla.org%2Cddg%40search.mozilla.org%2Cfirefox-compact-light%40mozilla.org%2Cfirefox-compact-dark%40mozilla.org%2Cfirefox-alpenglow%40mozilla.org%2Camazon%40search.mozilla.org&lang=en-US | 54.230.111.63 | | 82 B |
URL services.addons.mozilla.org/api/v4/addons/search/?guid=default-theme%40mozilla.org%2Caddons-search-detection%40mozilla.com%2Cgoogle%40search.mozilla.org%2Cwikipedia%40search.mozilla.org%2Cbing%40search.mozilla.org%2Cddg%40search.mozilla.org%2Cfirefox-compact-light%40mozilla.org%2Cfirefox-compact-dark%40mozilla.org%2Cfirefox-alpenglow%40mozilla.org%2Camazon%40search.mozilla.org&lang=en-US IP54.230.111.63:0
Hash4f822d39c269d2c47e3174b6c6bad3b7 d56bd07959c766e9c18faa9cf1070548f9236b65 cda00e555c758b1c13b6cbd17049ca8471057d16c60f08f551dbc331308eecf3
GET /api/v4/addons/search/?guid=default-theme%40mozilla.org%2Caddons-search-detection%40mozilla.com%2Cgoogle%40search.mozilla.org%2Cwikipedia%40search.mozilla.org%2Cbing%40search.mozilla.org%2Cddg%40search.mozilla.org%2Cfirefox-compact-light%40mozilla.org%2Cfirefox-compact-dark%40mozilla.org%2Cfirefox-alpenglow%40mozilla.org%2Camazon%40search.mozilla.org&lang=en-US HTTP/1.1
Host: services.addons.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
content-length: 82
server: openresty
date: Wed, 24 Apr 2024 03:36:41 GMT
allow: GET, HEAD, OPTIONS
x-amo-request-id: ac01cab2135d4917a8f376d8e795a365
content-security-policy: frame-src https://www.recaptcha.net/recaptcha/; default-src 'none'; media-src https://videos.cdn.mozilla.net; object-src 'none'; form-action 'self'; script-src https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/js https://www.recaptcha.net/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://addons.mozilla.org/static-server/; style-src 'unsafe-inline' https://addons.mozilla.org/static-server/; font-src 'self' https://addons.mozilla.org/static-server/; img-src 'self' blob: data: https://addons.mozilla.org/static-server/ https://addons.mozilla.org/user-media/; child-src https://www.recaptcha.net/recaptcha/; connect-src 'self' https://*.google-analytics.com; report-uri /__cspreport__
x-frame-options: DENY
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: same-origin
cross-origin-opener-policy: same-origin
cache-control: max-age=3600
public-key-pins: max-age=5184000; includeSubDomains; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="
via: 1.1 google, 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
etag: "4f822d39c269d2c47e3174b6c6bad3b7"
vary: origin,X-Country-Code,Accept-Language
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Vsq7fqCj6s7oEDxUksXYfDWVkcLYNJY3z9PgZdhQUtxbA8990lTXLQ==
age: 3363
X-Firefox-Spdy: h2
|
|
| aus5.mozilla.org/update/3/SystemAddons/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml | 35.244.181.201 | | 42 B |
URL aus5.mozilla.org/update/3/SystemAddons/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml IP35.244.181.201:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
File typeXML 1.0 document, ASCII text Hashf8f24fa0c857d8f2ee493e131b85ab62 cb6049f830a54d14a19d4104fc0bb5ab5fdedbe6 e0dadbc9cd1f1bd8ce3118cc3383e0d0f6d147f055265d498d99deea956ba00f
GET /update/3/SystemAddons/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:44 GMT
content-type: text/xml; charset=utf-8
content-length: 42
rule-id: unknown
rule-data-version: unknown
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: EXPIRED
via: 1.1 google
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| 1xbetnp.com/service-api/LiveFeed/GetTopGamesStatZip?lng=en&antisports=66 | 83.147.206.31 | 200 OK | 2.5 kB |
URL GET HTTP/21xbetnp.com/service-api/LiveFeed/GetTopGamesStatZip?lng=en&antisports=66 IP83.147.206.31:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerLet's Encrypt Subject1xbetnp.com FingerprintA5:E2:50:EB:20:4D:9A:C7:80:84:AB:9B:12:20:6F:CE:4C:D0:CC:F7 ValidityMon, 12 Feb 2024 05:16:51 GMT - Sun, 12 May 2024 05:16:50 GMT
Hashaea2b64ec2c9b33328293fdfabeca394 04887ac0afdf70310e1ed1d5410a8ea0f688df43 9101de349f8aa30c3c5caddc52e6771c69c2998ea5a5f4bf41ccc5bf2ae1aca0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/GetTopGamesStatZip?lng=en&antisports=66 HTTP/1.1
Host: 1xbetnp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xbetnp.com/en?tag=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiYU5sRzlSMkQyRUw5NERjcnh5aEh5VDI1UFFVOHEzMUxsK3VvUEgybjZoSDZ4Zkt5TFU5UUtCZGpXekh1NUlCNEo4SncrazlzeXliYldnaGV1RnFyMGwvaEZtUFAvaDdHWUFkKzdhczRWdi9sQ2N5UTRYMGg4Q1g5TzhjMnQzbkJrQXgwOWc5d1RaRGxUeFZIelpOcTJPUGtFc3dlOU91ZU1ScE5kbVdSbkgweGx6YXlGSlJBT3ZzUFIxZU5sVHBRckxvMGtkNWZvVWlkUCtnMnB5NmRuVnJzSWxxQTI0K3Q5bVlXa1JJanZmUzhKOWxqTk9YZ3BaYVc5WGpNWEtQM2IwS3hBdXp6TzhCbVl5ZHRlNDY4NkhCbDdOMzhZM2ZuTDZLeVZLK3BQTm1HIiwiZXhwIjoxNzEzOTQ3NTUyLCJpYXQiOjE3MTM5MzMxNTJ9.A6TAUeJbML6W64bPqWPkqpm_p81TCj0ooaPgZxHq-XPUb4JLotbcEYqJSaVt24kk5IHhEe9nHVtKN5EU8sxiiw
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder; platform_type=desktop; auid=U5POH2Yoi1IeurcpAxSaAg==; SESSION=485ae37fae7b9b76dfa895caab1409cf; window_width=1280; _glhf=1713950917; che_g=23437f56-cfbd-f999-10f6-bc1a50bce12e; application_locale=en; sh.session.id=22f7505e-674c-44dc-9e3f-56fc7d22179b; ggru=181; _ga_7V60YW2S5H=GS1.1.1713933153.1.0.1713933153.60.0.0; _ga=GA1.1.1268801329.1713933153
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:45 GMT
content-type: application/json; charset=utf-8
content-length: 2512
cache-control: public, max-age=5
content-encoding: br
last-modified: Wed, 24 Apr 2024 04:32:45 GMT
vary: Accept-Encoding
x-time-ng: 0.004
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.011
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/banner/b9d5cda0073b395cc1abc1aaecf29522.webp | 185.244.209.62 | | 20 kB |
URL v3.traincdn.com/genfiles/cms/1/desktop/banner/b9d5cda0073b395cc1abc1aaecf29522.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1380x248, Scaling: [none]x[none], YUV color, decoders should clamp Hash671f6145c08986dcf3794a32dc18266a e7301c6357b9a810c5f0a5188c8e93987919c219 3b0f0c9da428cfd5b411a35ac0b656602464bddd1ce6a8445a9175d59307c398
GET /genfiles/cms/1/desktop/banner/b9d5cda0073b395cc1abc1aaecf29522.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:46 GMT
content-type: image/webp
content-length: 20214
last-modified: Wed, 27 Mar 2024 11:44:55 GMT
etag: "671f6145c08986dcf3794a32dc18266a"
x-time-ng: 0.050
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
x-cached-since: 2024-04-01T08:00:06+00:00
traceparent: 00-e52fdd65a57ef63638175e6b6ab678e5-bbe0cecf39a51043-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xbetnp.com/service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=909&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true | 83.147.206.31 | 200 OK | 9.4 kB |
URL GET HTTP/21xbetnp.com/service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=909&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true IP83.147.206.31:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerLet's Encrypt Subject1xbetnp.com FingerprintA5:E2:50:EB:20:4D:9A:C7:80:84:AB:9B:12:20:6F:CE:4C:D0:CC:F7 ValidityMon, 12 Feb 2024 05:16:51 GMT - Sun, 12 May 2024 05:16:50 GMT
Hash71b769ee07de8741df102e774a1c58fe 2e2799c59d11ef8fb5a1b944a0c2cec923f85831 db1617bd81b3a8c5b7118d42320e614628a9aefcb7625ec72b716db732851ad9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=909&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true HTTP/1.1
Host: 1xbetnp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xbetnp.com/en?tag=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiYU5sRzlSMkQyRUw5NERjcnh5aEh5VDI1UFFVOHEzMUxsK3VvUEgybjZoSDZ4Zkt5TFU5UUtCZGpXekh1NUlCNEo4SncrazlzeXliYldnaGV1RnFyMGwvaEZtUFAvaDdHWUFkKzdhczRWdi9sQ2N5UTRYMGg4Q1g5TzhjMnQzbkJrQXgwOWc5d1RaRGxUeFZIelpOcTJPUGtFc3dlOU91ZU1ScE5kbVdSbkgweGx6YXlGSlJBT3ZzUFIxZU5sVHBRckxvMGtkNWZvVWlkUCtnMnB5NmRuVnJzSWxxQTI0K3Q5bVlXa1JJanZmUzhKOWxqTk9YZ3BaYVc5WGpNWEtQM2IwS3hBdXp6TzhCbVl5ZHRlNDY4NkhCbDdOMzhZM2ZuTDZLeVZLK3BQTm1HIiwiZXhwIjoxNzEzOTQ3NTUyLCJpYXQiOjE3MTM5MzMxNTJ9.A6TAUeJbML6W64bPqWPkqpm_p81TCj0ooaPgZxHq-XPUb4JLotbcEYqJSaVt24kk5IHhEe9nHVtKN5EU8sxiiw
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder; platform_type=desktop; auid=U5POH2Yoi1IeurcpAxSaAg==; SESSION=485ae37fae7b9b76dfa895caab1409cf; window_width=1280; _glhf=1713950917; che_g=23437f56-cfbd-f999-10f6-bc1a50bce12e; application_locale=en; sh.session.id=22f7505e-674c-44dc-9e3f-56fc7d22179b; ggru=181; _ga_7V60YW2S5H=GS1.1.1713933153.1.0.1713933153.60.0.0; _ga=GA1.1.1268801329.1713933153
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:47 GMT
content-type: application/json; charset=utf-8
content-length: 9439
cache-control: public, max-age=5
content-encoding: br
last-modified: Wed, 24 Apr 2024 04:32:42 GMT
vary: Accept-Encoding
x-time-ng: 0.012
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
X-Firefox-Spdy: h2
|
|
| pp23vi1.com/static/pixel.gif?1713933169097 | 178.253.14.123 | | 43 B |
URL pp23vi1.com/static/pixel.gif?1713933169097 IP178.253.14.123:0 ASN#202492 Silverhill Group Holding Ltd
File typeGIF image data, version 89a, 1 x 1 Hashad4b0f606e0f8465bc4c4c170b37e1a3 50b30fd5f87c85fe5cba2635cb83316ca71250d7 cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /static/pixel.gif?1713933169097 HTTP/1.1
Host: pp23vi1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:49 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
X-Firefox-Spdy: h2
|
|
| 1xbetnp.com/checker/redirect/stat/ | 83.147.206.31 | | 2.7 kB |
URL 1xbetnp.com/checker/redirect/stat/ IP83.147.206.31:0 ASN#202492 Silverhill Group Holding Ltd
CertificateIssuerLet's Encrypt Subject1xbetnp.com FingerprintA5:E2:50:EB:20:4D:9A:C7:80:84:AB:9B:12:20:6F:CE:4C:D0:CC:F7 ValidityMon, 12 Feb 2024 05:16:51 GMT - Sun, 12 May 2024 05:16:50 GMT
File typeASCII text, with no line terminators Hashb326b5062b2f0e69046810717534cb09 5ffe533b830f08a0326348a9160afafc8ada44db b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /checker/redirect/stat/ HTTP/1.1
Host: 1xbetnp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xbetnp.com/en?tag=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiYU5sRzlSMkQyRUw5NERjcnh5aEh5VDI1UFFVOHEzMUxsK3VvUEgybjZoSDZ4Zkt5TFU5UUtCZGpXekh1NUlCNEo4SncrazlzeXliYldnaGV1RnFyMGwvaEZtUFAvaDdHWUFkKzdhczRWdi9sQ2N5UTRYMGg4Q1g5TzhjMnQzbkJrQXgwOWc5d1RaRGxUeFZIelpOcTJPUGtFc3dlOU91ZU1ScE5kbVdSbkgweGx6YXlGSlJBT3ZzUFIxZU5sVHBRckxvMGtkNWZvVWlkUCtnMnB5NmRuVnJzSWxxQTI0K3Q5bVlXa1JJanZmUzhKOWxqTk9YZ3BaYVc5WGpNWEtQM2IwS3hBdXp6TzhCbVl5ZHRlNDY4NkhCbDdOMzhZM2ZuTDZLeVZLK3BQTm1HIiwiZXhwIjoxNzEzOTQ3NTUyLCJpYXQiOjE3MTM5MzMxNTJ9.A6TAUeJbML6W64bPqWPkqpm_p81TCj0ooaPgZxHq-XPUb4JLotbcEYqJSaVt24kk5IHhEe9nHVtKN5EU8sxiiw
Content-Length: 35
Origin: https://1xbetnp.com
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder; platform_type=desktop; auid=U5POH2Yoi1IeurcpAxSaAg==; SESSION=485ae37fae7b9b76dfa895caab1409cf; window_width=1280; _glhf=1713950917; che_g=23437f56-cfbd-f999-10f6-bc1a50bce12e; application_locale=en; sh.session.id=22f7505e-674c-44dc-9e3f-56fc7d22179b; ggru=181; _ga_7V60YW2S5H=GS1.1.1713933153.1.0.1713933153.60.0.0; _ga=GA1.1.1268801329.1713933153; che_i=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:49 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
api-supported-versions: 1.0
x-time-ng: 0.001
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.009
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/banner/7f22db151e64b85f98ba34c28f22fea4.webp | 185.244.209.62 | | 20 kB |
URL v3.traincdn.com/genfiles/cms/1/desktop/banner/7f22db151e64b85f98ba34c28f22fea4.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1380x248, Scaling: [none]x[none], YUV color, decoders should clamp Hash5903097c10486456ce809f2fbb926b7d 166a5a160fadb8f61d56000a9d17280c32cba994 47a2495071cc9047c05cf72b866dd0d71e556708093ab11fb58ba6fb9b534bc4
GET /genfiles/cms/1/desktop/banner/7f22db151e64b85f98ba34c28f22fea4.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:51 GMT
content-type: image/webp
content-length: 20162
last-modified: Tue, 23 Jan 2024 09:04:31 GMT
etag: "5903097c10486456ce809f2fbb926b7d"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
x-cached-since: 2024-02-27T15:24:58+00:00
traceparent: 00-85c2f5cb4be2db3899e52261cfd3b824-5d2c95dc636e3695-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xbetnp.com/service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=909&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true | 83.147.206.31 | 200 OK | 9.4 kB |
URL GET HTTP/21xbetnp.com/service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=909&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true IP83.147.206.31:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerLet's Encrypt Subject1xbetnp.com FingerprintA5:E2:50:EB:20:4D:9A:C7:80:84:AB:9B:12:20:6F:CE:4C:D0:CC:F7 ValidityMon, 12 Feb 2024 05:16:51 GMT - Sun, 12 May 2024 05:16:50 GMT
Hash3e3b665ed0a36393057d63948bd085a1 93dcf3ef5e91b465287ba845ce147ad4604da8fe 3ab17b1c18d2dfd9b5976b96e56bb6dc6c441d0edee02287ca4daf6154a28d75
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=909&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true HTTP/1.1
Host: 1xbetnp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xbetnp.com/en?tag=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiYU5sRzlSMkQyRUw5NERjcnh5aEh5VDI1UFFVOHEzMUxsK3VvUEgybjZoSDZ4Zkt5TFU5UUtCZGpXekh1NUlCNEo4SncrazlzeXliYldnaGV1RnFyMGwvaEZtUFAvaDdHWUFkKzdhczRWdi9sQ2N5UTRYMGg4Q1g5TzhjMnQzbkJrQXgwOWc5d1RaRGxUeFZIelpOcTJPUGtFc3dlOU91ZU1ScE5kbVdSbkgweGx6YXlGSlJBT3ZzUFIxZU5sVHBRckxvMGtkNWZvVWlkUCtnMnB5NmRuVnJzSWxxQTI0K3Q5bVlXa1JJanZmUzhKOWxqTk9YZ3BaYVc5WGpNWEtQM2IwS3hBdXp6TzhCbVl5ZHRlNDY4NkhCbDdOMzhZM2ZuTDZLeVZLK3BQTm1HIiwiZXhwIjoxNzEzOTQ3NTUyLCJpYXQiOjE3MTM5MzMxNTJ9.A6TAUeJbML6W64bPqWPkqpm_p81TCj0ooaPgZxHq-XPUb4JLotbcEYqJSaVt24kk5IHhEe9nHVtKN5EU8sxiiw
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder; platform_type=desktop; auid=U5POH2Yoi1IeurcpAxSaAg==; SESSION=485ae37fae7b9b76dfa895caab1409cf; window_width=1280; _glhf=1713950917; che_g=23437f56-cfbd-f999-10f6-bc1a50bce12e; application_locale=en; sh.session.id=22f7505e-674c-44dc-9e3f-56fc7d22179b; ggru=181; _ga_7V60YW2S5H=GS1.1.1713933153.1.0.1713933153.60.0.0; _ga=GA1.1.1268801329.1713933153; che_i=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:53 GMT
content-type: application/json; charset=utf-8
content-length: 9441
cache-control: public, max-age=5
content-encoding: br
last-modified: Wed, 24 Apr 2024 04:32:52 GMT
vary: Accept-Encoding
x-time-ng: 0.014
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.022
X-Firefox-Spdy: h2
|
|
| 1xbetnp.com/service-api/LiveFeed/WebGetTopChampsZip?lng=en&gr=909&country=137 | 83.147.206.31 | 200 OK | 258 B |
URL GET HTTP/21xbetnp.com/service-api/LiveFeed/WebGetTopChampsZip?lng=en&gr=909&country=137 IP83.147.206.31:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerLet's Encrypt Subject1xbetnp.com FingerprintA5:E2:50:EB:20:4D:9A:C7:80:84:AB:9B:12:20:6F:CE:4C:D0:CC:F7 ValidityMon, 12 Feb 2024 05:16:51 GMT - Sun, 12 May 2024 05:16:50 GMT
Hash6b410dd2c07ab8dc7ea3612945386685 9d9b746ddabe121ffedb7dff9e0aff03b92998b1 aa7e649282a2bbf5af23394e678496503278768e36b9f21c74ebe474806513e8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/WebGetTopChampsZip?lng=en&gr=909&country=137 HTTP/1.1
Host: 1xbetnp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xbetnp.com/en?tag=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiYU5sRzlSMkQyRUw5NERjcnh5aEh5VDI1UFFVOHEzMUxsK3VvUEgybjZoSDZ4Zkt5TFU5UUtCZGpXekh1NUlCNEo4SncrazlzeXliYldnaGV1RnFyMGwvaEZtUFAvaDdHWUFkKzdhczRWdi9sQ2N5UTRYMGg4Q1g5TzhjMnQzbkJrQXgwOWc5d1RaRGxUeFZIelpOcTJPUGtFc3dlOU91ZU1ScE5kbVdSbkgweGx6YXlGSlJBT3ZzUFIxZU5sVHBRckxvMGtkNWZvVWlkUCtnMnB5NmRuVnJzSWxxQTI0K3Q5bVlXa1JJanZmUzhKOWxqTk9YZ3BaYVc5WGpNWEtQM2IwS3hBdXp6TzhCbVl5ZHRlNDY4NkhCbDdOMzhZM2ZuTDZLeVZLK3BQTm1HIiwiZXhwIjoxNzEzOTQ3NTUyLCJpYXQiOjE3MTM5MzMxNTJ9.A6TAUeJbML6W64bPqWPkqpm_p81TCj0ooaPgZxHq-XPUb4JLotbcEYqJSaVt24kk5IHhEe9nHVtKN5EU8sxiiw
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder; platform_type=desktop; auid=U5POH2Yoi1IeurcpAxSaAg==; SESSION=485ae37fae7b9b76dfa895caab1409cf; window_width=1280; _glhf=1713950917; che_g=23437f56-cfbd-f999-10f6-bc1a50bce12e; application_locale=en; sh.session.id=22f7505e-674c-44dc-9e3f-56fc7d22179b; ggru=181; _ga_7V60YW2S5H=GS1.1.1713933153.1.0.1713933153.60.0.0; _ga=GA1.1.1268801329.1713933153; che_i=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:53 GMT
content-type: application/json; charset=utf-8
content-length: 258
cache-control: no-cache
content-encoding: br
last-modified: Wed, 24 Apr 2024 04:32:53 GMT
vary: Accept-Encoding
x-time-ng: 0.014
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.022
X-Firefox-Spdy: h2
|
|
| 1xbetnp.com/web-api/default/img/icons/pixels2.svg?v=1713933146 | 83.147.206.31 | 200 OK | 90 B |
URL GET HTTP/21xbetnp.com/web-api/default/img/icons/pixels2.svg?v=1713933146 IP83.147.206.31:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerLet's Encrypt Subject1xbetnp.com FingerprintA5:E2:50:EB:20:4D:9A:C7:80:84:AB:9B:12:20:6F:CE:4C:D0:CC:F7 ValidityMon, 12 Feb 2024 05:16:51 GMT - Sun, 12 May 2024 05:16:50 GMT
File typePNG image data, 1 x 1, 8-bit/color RGB, non-interlaced Hashe45f90dcbe718dea3476c4b69b501a4e e9af26a93c467a77e4733ec537f4f5ce7a4ba089 a439dd8761d9fd4ff88e82e83200877703594491065880dbd4e59ddf4ce1b204
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /web-api/default/img/icons/pixels2.svg?v=1713933146 HTTP/1.1
Host: 1xbetnp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/en?tag=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder; platform_type=desktop; auid=U5POH2Yoi1IeurcpAxSaAg==; SESSION=485ae37fae7b9b76dfa895caab1409cf; window_width=1280; _glhf=1713950917; che_g=23437f56-cfbd-f999-10f6-bc1a50bce12e; application_locale=en; sh.session.id=22f7505e-674c-44dc-9e3f-56fc7d22179b; ggru=181
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:26 GMT
content-type: image/png
cache-control: no-cache, private
server-timing: p;dur=17, dt_total;dur=18.860, wf-uht;dur=0.031
traceparent: 00-001f37d18476245492dfaecb21259ec7-eeb1a3374b0562b2-01
x-dt: 909
x-time-ng: 0.018
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/01023f59e318.js | 185.244.209.62 | 200 OK | 372 B |
URL GET HTTP/2v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/01023f59e318.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (379), with no line terminators Hasha9fb392e33230f72fecbc7435c9fbade a958b3e0c8867d258c038b6960de42f4a14ff5ae 1cae956a6ca4b4cdcfc8944ba7b7e96c87f58a71b97ad1c064a5449638c1c527
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/01023f59e318.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xbetnp.com
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:27 GMT
content-type: text/javascript; charset=utf-8
content-length: 372
last-modified: Tue, 23 Apr 2024 12:34:22 GMT
etag: "95f43fd089613a8f57a2ddcbce517853"
x-amz-meta-mtime: 1713875281.673615027
expires: Wed, 24 Apr 2024 12:55:17 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-78456f3d4f8b55d9732832a17468a026-c6e4ffeb1cbb7932-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T12:55:17+00:00, 2024-04-23T12:57:40+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/7bd3bc288fd4.js | 185.244.209.62 | 200 OK | 450 B |
URL GET HTTP/2v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/7bd3bc288fd4.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (461), with no line terminators Hash94396d27c4d9bbfc299a901902e1f11d b3d5fb445111c1b6b783db81a899a548488ebf13 33fc76fe427142c306a281e02daec062575fe489c63851cb55b487e1b058699e
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/7bd3bc288fd4.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xbetnp.com
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:27 GMT
content-type: text/javascript; charset=utf-8
content-length: 450
last-modified: Tue, 23 Apr 2024 07:17:49 GMT
etag: "056ce527a12544a37f984ac598be2344"
x-amz-meta-mtime: 1713856378.020405784
expires: Wed, 24 Apr 2024 08:42:32 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-e72e5a82a08ec15dc35d27220eccc84f-66d66b28ae6da4fb-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T08:42:32+00:00, 2024-04-23T14:56:00+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| widget.suphelper.top/_next/static/e463c503/_buildManifest.js | 104.18.39.72 | 200 OK | 519 B |
URL GET HTTP/2widget.suphelper.top/_next/static/e463c503/_buildManifest.js IP104.18.39.72:443
Requested byhttps://widget.suphelper.top/ CertificateIssuerGoogle Trust Services LLC Subjectsuphelper.top Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36 ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT
File typeASCII text, with very long lines (547), with no line terminators Hash4841881f753d8c08b6bb5ec23401c3a0 fe123451163449a254bda7c66e1131daa522a152 dc0045d58d63d71a33c5cce8b75cbeaba6d5a3033cf25475e15d8c4b1a310d98
GET /_next/static/e463c503/_buildManifest.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:32:22 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Tue, 16 Apr 2024 09:44:52 GMT
etag: W/"207-18ee64b8562"
vary: Accept-Encoding
cf-cache-status: HIT
age: 555873
expires: Thu, 24 Apr 2025 04:32:22 GMT
server: cloudflare
cf-ray: 87935e7f8c3a0b65-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-icons/1.0.328/285/logos.svg | 185.244.209.62 | 200 OK | 43 kB |
URL GET HTTP/2v3.traincdn.com/sys-icons/1.0.328/285/logos.svg IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hashc45fb3adb3e47bdbd03c88fc4c4309aa 9ce991739a2879970ba12baf56108c8fcdefefb1 61d5aead50750c6e8a7bfde801abbf6f4ab75e387fdcc748ec6784e219e4d727
GET /sys-icons/1.0.328/285/logos.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xbetnp.com
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:21 GMT
content-type: image/svg+xml
last-modified: Mon, 15 Apr 2024 07:13:32 GMT
etag: W/"c45fb3adb3e47bdbd03c88fc4c4309aa"
x-amz-meta-mtime: 1713165210.217888091
content-encoding: gzip
expires: Tue, 23 Apr 2024 10:38:05 GMT
cache-control: max-age=86400
x-time-ng: 0.003
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-ede2275f82b990fcd7242d9c8d61f23a-738a3c7ec7585ec8-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-22T10:38:05+00:00, 2024-04-23T10:56:29+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sfiles/games-images/game-animations/game-85-animation.svg | 185.244.209.62 | 200 OK | 14 kB |
URL GET HTTP/2v3.traincdn.com/sfiles/games-images/game-animations/game-85-animation.svg IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash9e7af5cc8f19e556b8696b1f616368bb 5dfc0391d0b038c0a854280a40cd89a6e5ed970e bfb06010ec5c7f94e57ce0ee75b270c76559d76e8e49e8085866bc11408345fb
GET /sfiles/games-images/game-animations/game-85-animation.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:22 GMT
content-type: image/svg+xml
last-modified: Wed, 24 Jan 2024 13:34:39 GMT
etag: W/"9e7af5cc8f19e556b8696b1f616368bb"
x-amz-meta-origin-date-iso8601: 2024-01-24T13:05:40.000Z
expires: Fri, 19 Apr 2024 00:06:27 GMT
cache-control: max-age=86400, public
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-600daaa21a1cda7e2b758833f436f187-084a7601f41a6c96-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T03:23:59+00:00, 2024-04-24T00:08:33+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/DownloadAppWidget-23d987ff.js | 185.244.209.62 | 200 OK | 12 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/DownloadAppWidget-23d987ff.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (11892), with no line terminators Hash8404462012316144032423ce8fbb64eb 5c746a0ed3594abdc7d43a410293e265dd3b2fca b1f58b41aa6480dc6df0ae7a62b0726e2cb0b3e5623513aa8e954c87450f7aca
GET /_nuxt/desktop/default/DownloadAppWidget-23d987ff.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:21 GMT
content-type: application/javascript; charset=utf-8
content-length: 4082
last-modified: Tue, 23 Apr 2024 13:15:15 GMT
etag: "6627b463-ff2"
content-encoding: gzip
expires: Wed, 24 Apr 2024 14:28:37 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-0507cb54aedccb7f5d65bdacc0265fd0-5df3863c570e84d2-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T14:28:37+00:00, 2024-04-23T14:29:13+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xbetnp.com/sys-betting-app-front/en?tag=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder | 83.147.206.31 | 200 OK | 80 kB |
URL GET HTTP/21xbetnp.com/sys-betting-app-front/en?tag=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder IP83.147.206.31:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerLet's Encrypt Subject1xbetnp.com FingerprintA5:E2:50:EB:20:4D:9A:C7:80:84:AB:9B:12:20:6F:CE:4C:D0:CC:F7 ValidityMon, 12 Feb 2024 05:16:51 GMT - Sun, 12 May 2024 05:16:50 GMT
Hashc7439d474c1671e0e64958088ab00363 7c0b8ea2872a0db451f61760d5eaeed227dd2e04 d937241882a0204fe1f2d10a172fba304075f0331cc988ab6c03dcf285c668ea
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /sys-betting-app-front/en?tag=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder HTTP/1.1
Host: 1xbetnp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xbetnp.com/en?tag=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
mf-render-mode: json
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder; platform_type=desktop; auid=U5POH2Yoi1IeurcpAxSaAg==; SESSION=485ae37fae7b9b76dfa895caab1409cf; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:21 GMT
content-type: application/json
content-encoding: br
server-timing: total;dur=181;desc="Total __BETTING_APP__", dt_total;dur=184.614, wf-uht;dur=0.203
set-cookie: tzo=3; Path=/
traceparent: 00-4cd10d8d86afc00a65a0fabc406ad8b0-a781d10b7873a262-01
vary: Accept-Encoding, Accept-Encoding
x-dt: 909
x-time-ng: 0.184, 0.186
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/ff09be90.css | 185.244.209.62 | 200 OK | 4.7 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/ff09be90.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (4705), with no line terminators Hash2b6cccff5325f6e14ccd6ec354319cd6 f4ec05fc468d3daddec1a3d825c29a55ce4b2050 a153e31a0350b58aad71597632348e14c954738845b58f05ca04b8212dbaca38
GET /_nuxt/desktop/default/css/ff09be90.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:22 GMT
content-type: text/css
content-length: 705
last-modified: Tue, 23 Apr 2024 13:15:15 GMT
etag: "6627b463-2c1"
content-encoding: gzip
expires: Wed, 24 Apr 2024 14:34:25 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-96b48a8bafdadb84f812e1d9dce4fc96-cf88baf7f0e97d12-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T14:34:25+00:00, 2024-04-23T19:28:27+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xbetnp.com/web-api/api/v3/bonuses/welcome-bonuses | 83.147.206.31 | 200 OK | 681 B |
URL GET HTTP/21xbetnp.com/web-api/api/v3/bonuses/welcome-bonuses IP83.147.206.31:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerLet's Encrypt Subject1xbetnp.com FingerprintA5:E2:50:EB:20:4D:9A:C7:80:84:AB:9B:12:20:6F:CE:4C:D0:CC:F7 ValidityMon, 12 Feb 2024 05:16:51 GMT - Sun, 12 May 2024 05:16:50 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (775), with no line terminators Hash581612738b2f866f1459542e12d70b62 30d1811e3ce5846e8590cc0cf225580fc747f834 c0b8ffe4dae247cdf5316c9d719d81c8ab2cc91ef95baeb1317d83ce6138a5b6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /web-api/api/v3/bonuses/welcome-bonuses HTTP/1.1
Host: 1xbetnp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xbetnp.com/en?tag=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder; platform_type=desktop; auid=U5POH2Yoi1IeurcpAxSaAg==; SESSION=485ae37fae7b9b76dfa895caab1409cf; window_width=1280; _glhf=1713950917; che_g=23437f56-cfbd-f999-10f6-bc1a50bce12e; application_locale=en
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:22 GMT
content-type: application/vnd.api+json
vary: Accept-Encoding
cache-control: no-cache, private
server-timing: p;dur=18, dt_total;dur=63.692, wf-uht;dur=0.184
traceparent: 00-e5bddef5c8a27bf015567d7ee68fa353-2d999ddbd593a485-01
x-dt: 909
x-time-ng: 0.056
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| 1xbetnp.com/bff-api/config/all.json?lang=en | 83.147.206.31 | 200 OK | 120 kB |
URL GET HTTP/21xbetnp.com/bff-api/config/all.json?lang=en IP83.147.206.31:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerLet's Encrypt Subject1xbetnp.com FingerprintA5:E2:50:EB:20:4D:9A:C7:80:84:AB:9B:12:20:6F:CE:4C:D0:CC:F7 ValidityMon, 12 Feb 2024 05:16:51 GMT - Sun, 12 May 2024 05:16:50 GMT
Size120 kB (119872 bytes) Hashfced6992df69acfa6f8b9f30844284de a52bebfeffb0a035524ef48dbf81e663b1859202 ea1d07732785cb66918b410274edad26044b68cd727f81e56ffaa3975fd22dd7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /bff-api/config/all.json?lang=en HTTP/1.1
Host: 1xbetnp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xbetnp.com/en?tag=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
x-geoip2-country-code: ru
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder; platform_type=desktop; auid=U5POH2Yoi1IeurcpAxSaAg==; SESSION=485ae37fae7b9b76dfa895caab1409cf; window_width=1280; _glhf=1713950917; che_g=23437f56-cfbd-f999-10f6-bc1a50bce12e; application_locale=en; sh.session.id=22f7505e-674c-44dc-9e3f-56fc7d22179b; ggru=181
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:26 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: br
server-timing: bff;dur=222.15, dt_total;dur=229.828, wf-uht;dur=0.245
traceparent: 00-ea663fe73dc79e7b937e32162e2086a4-d5d7c3bf0508634a-01
vary: Accept-Encoding
x-dt: 909
x-time-ng: 0.223
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/6684c66fedf3.js | 185.244.209.62 | 200 OK | 715 B |
URL GET HTTP/2v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/6684c66fedf3.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (734), with no line terminators Hash2efb888dbb9343ee6d683e8d796d82f4 1e1e489141485affbc1919d379cf88f7d65d23e2 e019ff00da941f85d11e34442751266d09e627a7191f2b2177018c625ffe346c
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/6684c66fedf3.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xbetnp.com
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:27 GMT
content-type: text/javascript; charset=utf-8
content-length: 715
last-modified: Tue, 23 Apr 2024 12:34:23 GMT
etag: "363cae3f1a92357379ce31b700f431ee"
x-amz-meta-mtime: 1713875281.713615339
expires: Wed, 24 Apr 2024 12:55:16 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-7468c082411b7ac769ede04ca9a84086-97fa2c359e5f0a40-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T12:55:16+00:00, 2024-04-23T12:57:40+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xbetnp.com/hd-api/external/api/web/v1/converslon/load | 83.147.206.31 | 200 OK | 34 kB |
URL GET HTTP/21xbetnp.com/hd-api/external/api/web/v1/converslon/load IP83.147.206.31:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerLet's Encrypt Subject1xbetnp.com FingerprintA5:E2:50:EB:20:4D:9A:C7:80:84:AB:9B:12:20:6F:CE:4C:D0:CC:F7 ValidityMon, 12 Feb 2024 05:16:51 GMT - Sun, 12 May 2024 05:16:50 GMT
Hash8f906097e90762a30d355630251e3aeb bcea8c7e09d39f50d47afbad4b1a3c5c6436998d 71b6f7e74c45a3f214bd49050db8d6aaf35ab5040e92c426c9da1e557b01313b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /hd-api/external/api/web/v1/converslon/load HTTP/1.1
Host: 1xbetnp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xbetnp.com/en?tag=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder; platform_type=desktop; auid=U5POH2Yoi1IeurcpAxSaAg==; SESSION=485ae37fae7b9b76dfa895caab1409cf; window_width=1280; _glhf=1713950917; che_g=23437f56-cfbd-f999-10f6-bc1a50bce12e; application_locale=en; sh.session.id=22f7505e-674c-44dc-9e3f-56fc7d22179b; ggru=181
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:29 GMT
content-type: application/json
content-encoding: gzip
traceparent: 00-f19273c333c66a46b2d4526104389e00-1f01e66f5c9b90a1-01
vary: Accept-Encoding
x-dt: 909
x-request-guid: ef075d256ba2e234e1f6ed354f424939
x-time-ng: 0.015
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=28.609, wf-uht;dur=0.037
X-Firefox-Spdy: h2
|
|
| widget.suphelper.top/ | 104.18.39.72 | 200 OK | 496 kB |
IP104.18.39.72:443
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerGoogle Trust Services LLC Subjectsuphelper.top Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36 ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT
Size496 kB (496420 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:32:22 GMT
content-type: text/html; charset=utf-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=60, stale-while-revalidate=30
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 87935e7dfbc60b65-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| widget.suphelper.top/_next/static/chunks/7413e8b9-8adee4b5b5407a55.js | 104.18.39.72 | 200 OK | 78 kB |
URL GET HTTP/2widget.suphelper.top/_next/static/chunks/7413e8b9-8adee4b5b5407a55.js IP104.18.39.72:443
Requested byhttps://widget.suphelper.top/ CertificateIssuerGoogle Trust Services LLC Subjectsuphelper.top Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36 ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hashdc6852529f28802d37affa5953d07260 4edd220fe8df4b009a1775ebe57f19d40999659f 4aefb18221e4fb46818b0f52302b7c7717e45701e26990726cce645d8c80ed84
GET /_next/static/chunks/7413e8b9-8adee4b5b5407a55.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:32:22 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Wed, 17 Jan 2024 06:19:55 GMT
etag: W/"12fe9-18d161388b8"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 8460545
expires: Thu, 24 Apr 2025 04:32:22 GMT
server: cloudflare
cf-ray: 87935e7f8c350b65-OSL
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/shared-assets/__shared_accept_language_parser_QKZ6ULEV.js | 185.244.209.62 | 200 OK | 1.3 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/shared-assets/__shared_accept_language_parser_QKZ6ULEV.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (1315), with no line terminators Hash59eb3a17023ed081e317722b7fabcddc 5e0908391af13d117ecdd61ef7406f3eb9b0e792 df460865a4a9ae1d3c260be0dd7a8a7eef1bc4a0839fdd09fe22165e3754ba71
GET /sys-static/shared-assets/__shared_accept_language_parser_QKZ6ULEV.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xbetnp.com
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:25 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 23 Apr 2024 12:53:18 GMT
etag: W/"518e0ae196483ada8b528a1f2b7df0a1"
x-amz-meta-mtime: 1713876636.333746104
content-encoding: gzip
expires: Wed, 24 Apr 2024 15:17:58 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-ab19b3743ed8e4766d2800e5ec795f2f-e5d61fda379b6861-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T15:17:58+00:00, 2024-04-23T15:47:19+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/banner/0cd280af89b0819825587a2cf75e33d0.webp | 185.244.209.62 | 200 OK | 21 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1/desktop/banner/0cd280af89b0819825587a2cf75e33d0.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1380x248, Scaling: [none]x[none], YUV color, decoders should clamp Hash1e9191583a9bca6627e85945c6c5d3f1 f2d4d5e76e448d1dd986c9616a660ae6c7806dde 733d49aa25dab77ba7fe51a0a831f51e988d3201c5cfc6fbc808c3b2c59b48c1
GET /genfiles/cms/1/desktop/banner/0cd280af89b0819825587a2cf75e33d0.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:25 GMT
content-type: image/webp
content-length: 21412
last-modified: Fri, 12 Apr 2024 09:23:52 GMT
etag: "1e9191583a9bca6627e85945c6c5d3f1"
x-time-ng: 0.002
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-66c234d031e3ce3eaa4cb6b564a63008-fe839e39b46a2e84-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-12T09:33:12+00:00, 2024-04-24T04:21:20+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-icons/1.0.330/285/common.svg | 185.244.209.62 | 200 OK | 147 kB |
URL GET HTTP/2v3.traincdn.com/sys-icons/1.0.330/285/common.svg IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Size147 kB (146981 bytes) Hash7bf3e9e7d79beac942f5e7748a3af2e6 7c6896ef647506806f2cdbe998d8c9eb845a1754 663e2fc5004af9c6c1969fc5827d7ffdbfeec8d4753efd831208cb179f0a488f
GET /sys-icons/1.0.330/285/common.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xbetnp.com
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:27 GMT
content-type: image/svg+xml
last-modified: Tue, 16 Apr 2024 09:41:01 GMT
etag: W/"7bf3e9e7d79beac942f5e7748a3af2e6"
x-amz-meta-mtime: 1713260458.134664491
content-encoding: gzip
expires: Fri, 19 Apr 2024 12:42:12 GMT
cache-control: max-age=86400
x-time-ng: 0.001
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-8c78216b72ab5c29dc72db8a4dd52fbe-b965c603b8bc4952-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-18T12:42:12+00:00, 2024-04-23T13:23:10+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/Registration.Fields-3ce6506f.js | 185.244.209.62 | 200 OK | 40 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/vendors/Registration.Fields-3ce6506f.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (39925), with no line terminators Hash681145f0441284174ef426e56941290b 6e6844a39c0a7b28cd162391753ac6429a576728 a9b554dc85ad806c70c5a650600b4c39ea900812543992e8aa761b779600c3bb
GET /_nuxt/desktop/default/vendors/Registration.Fields-3ce6506f.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:26 GMT
content-type: application/javascript; charset=utf-8
content-length: 8875
last-modified: Tue, 23 Apr 2024 13:15:15 GMT
etag: "6627b463-22ab"
content-encoding: gzip
expires: Wed, 24 Apr 2024 14:28:38 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-68ba01f9d8b36481924a17db0304187e-cdc95a31da34b28b-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T14:28:38+00:00, 2024-04-23T14:29:13+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/banner/d94c9b1508a286d270c77946ff0972fa.jpg | 0.0.0.0 | | 0 B |
URL GET v3.traincdn.com/genfiles/cms/1/desktop/banner/d94c9b1508a286d270c77946ff0972fa.jpg IP0.0.0.0:0
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /genfiles/cms/1/desktop/banner/d94c9b1508a286d270c77946ff0972fa.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/93ec59abc015.js | 185.244.209.62 | 200 OK | 731 B |
URL GET HTTP/2v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/93ec59abc015.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (754), with no line terminators Hashd4e7ea71a87b1f1c120557c0645d517a 16245d27e56477993925754ded67747f4a22457a 55a7929fe0360afd2ceea901f484065432f5cbd00d12ce1bc4773407272d005f
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/93ec59abc015.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xbetnp.com
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:27 GMT
content-type: text/javascript; charset=utf-8
content-length: 731
last-modified: Tue, 23 Apr 2024 12:34:23 GMT
etag: "7d7870ff5bec46f886d9df91c47f1bd0"
x-amz-meta-mtime: 1713875281.725615432
expires: Wed, 24 Apr 2024 12:55:15 GMT
cache-control: max-age=86400
x-time-ng: 0.004
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-468f2e14d7b938ecd0aa06a6a030455e-a16d6d952c77fefa-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T12:55:15+00:00, 2024-04-23T12:57:40+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xbetnp.com/web-api/api/v3/bonuses/first-deposit | 83.147.206.31 | 200 OK | 429 B |
URL GET HTTP/21xbetnp.com/web-api/api/v3/bonuses/first-deposit IP83.147.206.31:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerLet's Encrypt Subject1xbetnp.com FingerprintA5:E2:50:EB:20:4D:9A:C7:80:84:AB:9B:12:20:6F:CE:4C:D0:CC:F7 ValidityMon, 12 Feb 2024 05:16:51 GMT - Sun, 12 May 2024 05:16:50 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (467), with no line terminators Hashc1fd65a0f4828a6c0bfcdc626b0ac26a d0e8a0638df755a9dcc2e1622f5b25f566b73e14 6c6790bca76ed315d1c45ce3b64af47bc7c24b31e95b1a0ad07f290b27265113
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /web-api/api/v3/bonuses/first-deposit HTTP/1.1
Host: 1xbetnp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xbetnp.com/en?tag=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder; platform_type=desktop; auid=U5POH2Yoi1IeurcpAxSaAg==; SESSION=485ae37fae7b9b76dfa895caab1409cf; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:21 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: br
server-timing: p;dur=36, dt_total;dur=62.465, wf-uht;dur=0.070
traceparent: 00-b81b45a916e4887e1f969bc59af51fc5-0549053845310242-01
vary: Accept-Encoding
x-dt: 909
x-time-ng: 0.041
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/betstemplates/bets_model_short_en_0.json | 185.244.209.62 | 200 OK | 14 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/betstemplates/bets_model_short_en_0.json IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /genfiles/cms/betstemplates/bets_model_short_en_0.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xbetnp.com/
Origin: https://1xbetnp.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:25 GMT
content-type: application/json
last-modified: Mon, 22 Apr 2024 13:47:00 GMT
etag: W/"d3e39abc76f19e176765d21ac9e70c5c"
content-encoding: gzip
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-47d12986ffd55650b04c9c337b9d8a25-1ee33b847f053830-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-22T16:29:01+00:00, 2024-04-24T03:53:41+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/5e0dc9f15b39.js | 185.244.209.62 | 200 OK | 53 B |
URL GET HTTP/2v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/5e0dc9f15b39.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hashc10595a768ce387c9ffc91fe3b1603fa 2d2c108cbf39742e7e56d98cda09d86f244b66c5 12989c5be25b32ca465df0ea9b73f585ce80a006b8c34973f3c1159697b24692
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/5e0dc9f15b39.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xbetnp.com
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:27 GMT
content-type: text/javascript; charset=utf-8
content-length: 53
last-modified: Fri, 19 Apr 2024 13:04:36 GMT
etag: "bb7e15ec1662efa164ad912bd1c65e19"
x-amz-meta-mtime: 1713531616.78919561
expires: Sat, 20 Apr 2024 19:48:00 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-d1e3a92bee9ac7bf662bacafaf8b9006-c9bd55f6b86ea07f-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-19T19:48:00+00:00, 2024-04-23T13:51:02+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xbetnp.com/web-api/default/img/icons/pixels2.svg?v=1713933142 | 83.147.206.31 | 200 OK | 90 B |
URL GET HTTP/21xbetnp.com/web-api/default/img/icons/pixels2.svg?v=1713933142 IP83.147.206.31:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerLet's Encrypt Subject1xbetnp.com FingerprintA5:E2:50:EB:20:4D:9A:C7:80:84:AB:9B:12:20:6F:CE:4C:D0:CC:F7 ValidityMon, 12 Feb 2024 05:16:51 GMT - Sun, 12 May 2024 05:16:50 GMT
File typePNG image data, 1 x 1, 8-bit/color RGB, non-interlaced Hashe45f90dcbe718dea3476c4b69b501a4e e9af26a93c467a77e4733ec537f4f5ce7a4ba089 a439dd8761d9fd4ff88e82e83200877703594491065880dbd4e59ddf4ce1b204
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /web-api/default/img/icons/pixels2.svg?v=1713933142 HTTP/1.1
Host: 1xbetnp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/en?tag=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder; platform_type=desktop; auid=U5POH2Yoi1IeurcpAxSaAg==; SESSION=485ae37fae7b9b76dfa895caab1409cf; window_width=1280; _glhf=1713950917; che_g=23437f56-cfbd-f999-10f6-bc1a50bce12e; application_locale=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:22 GMT
content-type: image/png
cache-control: no-cache, private
server-timing: p;dur=14, dt_total;dur=15.246, wf-uht;dur=0.027
traceparent: 00-1397e8a6d5289270c5d8b5026e96ba9a-a6d5c8516bafd7be-01
x-dt: 909
x-time-ng: 0.015
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| widget.suphelper.top/_next/static/chunks/663-81a4add2f1c95639.js | 104.18.39.72 | 200 OK | 373 kB |
URL GET HTTP/2widget.suphelper.top/_next/static/chunks/663-81a4add2f1c95639.js IP104.18.39.72:443
Requested byhttps://widget.suphelper.top/ CertificateIssuerGoogle Trust Services LLC Subjectsuphelper.top Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36 ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size373 kB (372954 bytes) Hash36e4e2c2a2498b008514f1f0250c8018 cfa53d1c8533fb5941d9ff4f1e45e8c831658693 42cd70d177e33b23f4982b671f4bb7f03a966053874a320af3f3ea7b7b7ca1f0
GET /_next/static/chunks/663-81a4add2f1c95639.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:32:22 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Thu, 28 Mar 2024 06:56:31 GMT
etag: W/"5b0da-18e83d890e3"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 2320236
expires: Thu, 24 Apr 2025 04:32:22 GMT
server: cloudflare
cf-ray: 87935e7f8c380b65-OSL
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/shared-assets/__shared_popper_js_MO5RLEN3.js | 185.244.209.62 | 200 OK | 21 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/shared-assets/__shared_popper_js_MO5RLEN3.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (21232) Hash598d5481ac96b9bf8013b0eb1413b8e5 cc7e3384da379a215ac43b2385e901e22ceb6327 1488ecc35389c72a3aa26d468420069f6b719db456ea82605762311da663b65f
GET /sys-static/shared-assets/__shared_popper_js_MO5RLEN3.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xbetnp.com
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:25 GMT
content-type: text/javascript; charset=utf-8
last-modified: Mon, 22 Apr 2024 14:10:40 GMT
etag: W/"598d5481ac96b9bf8013b0eb1413b8e5"
x-amz-meta-mtime: 1713794909.479238167
content-encoding: gzip
expires: Tue, 23 Apr 2024 15:31:05 GMT
cache-control: max-age=86400
x-time-ng: 0.001
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-442a483f9e8b7510a343d6ac49e0d14b-a8618ced57f36b9c-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-22T15:31:05+00:00, 2024-04-23T12:19:48+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/64dfdd8b8c9a.css | 185.244.209.62 | 200 OK | 289 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/64dfdd8b8c9a.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (65536), with no line terminators Size289 kB (289227 bytes) Hash2605377ca9d2798b33fd07bc8da267d2 eed73cfda60c9543e553820f2ad6e5595ab536dd 64dfdd8b8c9aac073358493bac418554f2e14624ba26bbd98d328ed23e80a58f
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/64dfdd8b8c9a.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:23 GMT
content-type: text/css; charset=utf-8
last-modified: Tue, 23 Apr 2024 12:34:23 GMT
etag: W/"2605377ca9d2798b33fd07bc8da267d2"
x-amz-meta-mtime: 1713875281.709615308
content-encoding: gzip
expires: Wed, 24 Apr 2024 12:55:05 GMT
cache-control: max-age=86400
x-time-ng: 0.003
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-4b2b5efd6b64396efcdc965c21df5497-201b2e3c92b291bb-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T12:55:05+00:00, 2024-04-23T12:57:38+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/site-admin/css_vars/f506188b04c16eaa9c664ed23f7ce58e.css | 185.244.209.62 | 200 OK | 46 B |
URL GET HTTP/2v3.traincdn.com/genfiles/site-admin/css_vars/f506188b04c16eaa9c664ed23f7ce58e.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hashf506188b04c16eaa9c664ed23f7ce58e 08d068d7fa5a84beb06ba924a35d84d6bfdab30a b9bfda0e940104e190b19543b94a10d120643bd1516d3ca2d266a0af6c0966e9
GET /genfiles/site-admin/css_vars/f506188b04c16eaa9c664ed23f7ce58e.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:23 GMT
content-type: text/css
content-length: 46
last-modified: Fri, 12 Apr 2024 13:46:52 GMT
etag: "f506188b04c16eaa9c664ed23f7ce58e"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-fd8ba5c82d447f87eb8f15c5583470f7-2f239835bcc09cc9-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-18T12:47:35+00:00, 2024-04-24T04:21:18+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/shared-assets/__shared_localforage_PLMWICWN.js | 185.244.209.62 | 200 OK | 30 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/shared-assets/__shared_localforage_PLMWICWN.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (30255) Hashdfa127e93d125d4f6c566203eaf225f2 32c1fd89c4eeed7ac2a942582b3786659b15cd43 cf5077d1cff62ce76807408ebc2203563b7a221ddf1cf38339c6d54289bff390
GET /sys-static/shared-assets/__shared_localforage_PLMWICWN.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xbetnp.com
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:25 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 23 Apr 2024 13:57:34 GMT
etag: W/"dfa127e93d125d4f6c566203eaf225f2"
x-amz-meta-mtime: 1713880533.576003689
content-encoding: gzip
expires: Wed, 24 Apr 2024 15:17:58 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-e6271ac6d090e49011ab70d4890bc92a-6431edf4d5733c88-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T15:17:58+00:00, 2024-04-23T15:49:04+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/Auth.Forms/RegistrationWidgetApp/components/userControl.auth_form_extended/registration.Main/da7322db-4c41d619.js | 185.244.209.62 | 200 OK | 26 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/vendors/Auth.Forms/RegistrationWidgetApp/components/userControl.auth_form_extended/registration.Main/da7322db-4c41d619.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (25972) Hash83575afda287eafafb4102f4463ea9a7 241502bfcd1fdaf75068e1f6497e65642ec7981d 6c7258871472c35e8d3f7f4c71550a079165d95f913297204b6746faf5f31f33
GET /_nuxt/desktop/default/vendors/Auth.Forms/RegistrationWidgetApp/components/userControl.auth_form_extended/registration.Main/da7322db-4c41d619.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:21 GMT
content-type: application/javascript; charset=utf-8
content-length: 8517
last-modified: Tue, 23 Apr 2024 13:15:15 GMT
etag: "6627b463-2145"
content-encoding: gzip
expires: Wed, 24 Apr 2024 14:28:35 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-4864e5fb3c0a16e551132994b406e865-6afc4c56a3807e8c-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T14:28:35+00:00, 2024-04-23T14:29:10+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/banner/8c83a62ae8afe0aa371618f02b8e4a01.webp | 185.244.209.62 | 200 OK | 28 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1/desktop/banner/8c83a62ae8afe0aa371618f02b8e4a01.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1380x248, Scaling: [none]x[none], YUV color, decoders should clamp Hash77673f5b9062ff0a3565cba49941a954 f1c6d769ad6f256677c8558f06c4ee98d8e403d3 e78791dcbada0412db798159d9e781f2a50c12f04be4d0a4ecf96a617ec8b33b
GET /genfiles/cms/1/desktop/banner/8c83a62ae8afe0aa371618f02b8e4a01.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:25 GMT
content-type: image/webp
content-length: 27922
last-modified: Thu, 05 Oct 2023 10:29:56 GMT
etag: "77673f5b9062ff0a3565cba49941a954"
x-time-ng: 0.002
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-41b6b99f09c70865732db10760fb9591-62ef8756e777e700-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-02-27T14:22:50+00:00, 2024-04-24T04:21:20+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xbetnp.com/hd-api/external/api/web/v1/j/906e9h0i341m3d49b3c18fecae836df031cb6eb5a0a8b47cba81 | 83.147.206.31 | 200 OK | 619 B |
URL POST HTTP/21xbetnp.com/hd-api/external/api/web/v1/j/906e9h0i341m3d49b3c18fecae836df031cb6eb5a0a8b47cba81 IP83.147.206.31:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerLet's Encrypt Subject1xbetnp.com FingerprintA5:E2:50:EB:20:4D:9A:C7:80:84:AB:9B:12:20:6F:CE:4C:D0:CC:F7 ValidityMon, 12 Feb 2024 05:16:51 GMT - Sun, 12 May 2024 05:16:50 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (625), with no line terminators Hash415afef77161975d17484948f5327c2e 71c11766b82dfcc56e222b1619d2824807b5f3d2 f243341a42723252014561e2a4ee0adea61e1094c9c7f0f9158521c753144619
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /hd-api/external/api/web/v1/j/906e9h0i341m3d49b3c18fecae836df031cb6eb5a0a8b47cba81 HTTP/1.1
Host: 1xbetnp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xbetnp.com/en?tag=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder
X-Requested-With: XMLHttpRequest
Content-Type: application/json
Content-Length: 105936
Origin: https://1xbetnp.com
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder; platform_type=desktop; auid=U5POH2Yoi1IeurcpAxSaAg==; SESSION=485ae37fae7b9b76dfa895caab1409cf; window_width=1280; _glhf=1713950917; che_g=23437f56-cfbd-f999-10f6-bc1a50bce12e; application_locale=en; sh.session.id=22f7505e-674c-44dc-9e3f-56fc7d22179b; ggru=181
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:32 GMT
content-type: application/json
content-length: 518
content-encoding: gzip
traceparent: 00-5ad7b6cae9474a9d8fc4388bcd1417ee-178f944d707bd957-01
vary: Accept-Encoding
x-dt: 909
x-request-guid: 5dcbc0f4ccf26d4cef9adb1f7ee95009
x-time-ng: 0.022
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=22.417, wf-uht;dur=0.046
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/banner/bf26d696b76130d9781b16f89f1de4cc.jpg | 0.0.0.0 | | 0 B |
URL GET v3.traincdn.com/genfiles/cms/1/desktop/banner/bf26d696b76130d9781b16f89f1de4cc.jpg IP0.0.0.0:0
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /genfiles/cms/1/desktop/banner/bf26d696b76130d9781b16f89f1de4cc.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| widget.suphelper.top/_next/static/chunks/main-fa1d3b21fd97b583.js | 104.18.39.72 | 200 OK | 108 kB |
URL GET HTTP/2widget.suphelper.top/_next/static/chunks/main-fa1d3b21fd97b583.js IP104.18.39.72:443
Requested byhttps://widget.suphelper.top/ CertificateIssuerGoogle Trust Services LLC Subjectsuphelper.top Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36 ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size108 kB (107844 bytes) Hash83680ce862de40c43fc92e04b1ad0a3d 67eb6762545f4e1fee446794f4738d0f0577b6b4 e70f39978f08895aef6849daf891af65bff03e476eb9b1384dfb36cd4ac9fe75
GET /_next/static/chunks/main-fa1d3b21fd97b583.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:32:22 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://file-hosting-api-stage.kube.prod.cons.lan https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Thu, 09 Nov 2023 06:03:45 GMT
etag: W/"1a544-18bb2adf0eb"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 13216609
expires: Thu, 24 Apr 2025 04:32:22 GMT
server: cloudflare
cf-ray: 87935e7f7c2e0b65-OSL
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/banner/29dd2b5a09fe4e96a7b713787183f597.webp | 185.244.209.62 | 200 OK | 27 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1/desktop/banner/29dd2b5a09fe4e96a7b713787183f597.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1380x248, Scaling: [none]x[none], YUV color, decoders should clamp Hash234b7215576d30793d525b847dd54694 a67893fb91daefe0d5576d0596387e5b89b70700 9b8287a313e05df6ef1244173a34cc1e93c8345432d481919296df8731383aef
GET /genfiles/cms/1/desktop/banner/29dd2b5a09fe4e96a7b713787183f597.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:25 GMT
content-type: image/webp
content-length: 27204
last-modified: Mon, 15 Apr 2024 10:22:26 GMT
etag: "234b7215576d30793d525b847dd54694"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-da2fd0856ab08b28c7873541405eb685-2b788f12eaa333d6-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-22T09:00:01+00:00, 2024-04-24T04:21:20+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-icons/1.0.328/285/sports.svg | 185.244.209.62 | 200 OK | 378 kB |
URL GET HTTP/2v3.traincdn.com/sys-icons/1.0.328/285/sports.svg IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Size378 kB (378005 bytes) Hash0c52e0c32f8f2667a72e0d57b63e02a3 a0fb81e89f2510e228c1298f2d107f5672c0a03d ed4dcc337364c73f4382c79e759156e064823c54a2f78d2747bafd87d41abe73
GET /sys-icons/1.0.328/285/sports.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xbetnp.com
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:22 GMT
content-type: image/svg+xml
last-modified: Mon, 15 Apr 2024 07:13:32 GMT
etag: W/"0c52e0c32f8f2667a72e0d57b63e02a3"
x-amz-meta-mtime: 1713165210.217888091
content-encoding: gzip
expires: Tue, 23 Apr 2024 10:38:02 GMT
cache-control: max-age=86400
x-time-ng: 0.004
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-cb32054a130c5fc6d3cff1d7bd170b93-377337a142f33878-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-22T10:38:02+00:00, 2024-04-23T10:56:28+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xbetnp.com/web-api/registration/fields | 83.147.206.31 | 200 OK | 30 kB |
URL POST HTTP/21xbetnp.com/web-api/registration/fields IP83.147.206.31:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerLet's Encrypt Subject1xbetnp.com FingerprintA5:E2:50:EB:20:4D:9A:C7:80:84:AB:9B:12:20:6F:CE:4C:D0:CC:F7 ValidityMon, 12 Feb 2024 05:16:51 GMT - Sun, 12 May 2024 05:16:50 GMT
Hashb1ab0ff84d1279a1b5a463d497e6c173 a2afb9c1099ea9106a48fbf9f0effe452626b34c 389858ce9e0812263c69d4801e5b5e696eec5e7550114fe8cbe9a45f5007aa43
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /web-api/registration/fields HTTP/1.1
Host: 1xbetnp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xbetnp.com/en?tag=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
Content-Length: 19
Origin: https://1xbetnp.com
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder; platform_type=desktop; auid=U5POH2Yoi1IeurcpAxSaAg==; SESSION=485ae37fae7b9b76dfa895caab1409cf; window_width=1280; _glhf=1713950917; che_g=23437f56-cfbd-f999-10f6-bc1a50bce12e; application_locale=en; sh.session.id=22f7505e-674c-44dc-9e3f-56fc7d22179b; ggru=181
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:25 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: br
server-timing: p;dur=77, dt_total;dur=79.769, wf-uht;dur=0.091
traceparent: 00-3dbfcbdb4646a444f9951994220f2084-977bdf620c8acd1e-01
vary: Accept-Encoding
x-dt: 909
x-time-ng: 0.079
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| 1xbetnp.com/web-api/api/web/v1/config/actualDomain | 83.147.206.31 | 200 OK | 251 B |
URL GET HTTP/21xbetnp.com/web-api/api/web/v1/config/actualDomain IP83.147.206.31:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerLet's Encrypt Subject1xbetnp.com FingerprintA5:E2:50:EB:20:4D:9A:C7:80:84:AB:9B:12:20:6F:CE:4C:D0:CC:F7 ValidityMon, 12 Feb 2024 05:16:51 GMT - Sun, 12 May 2024 05:16:50 GMT
File typeASCII text, with no line terminators Hasha8054892933cf1bb313af953a2c0a3d6 b965b1ea336d1b4e99dee682299bcb94ba73b88a 30eded621d2c8a0b1a9fa7e481daf3b6597442e92ba29dd805ef75940c90712c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /web-api/api/web/v1/config/actualDomain HTTP/1.1
Host: 1xbetnp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder; platform_type=desktop; auid=U5POH2Yoi1IeurcpAxSaAg==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:20 GMT
content-type: application/vnd.api+json
vary: Accept-Encoding
cache-control: no-cache, private
server-timing: p;dur=19, dt_total;dur=20.658, wf-uht;dur=0.035
set-cookie: SESSION=485ae37fae7b9b76dfa895caab1409cf; path=/; secure; HttpOnly; SameSite=Lax
ua=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
traceparent: 00-358829b82397a93bbe07a5066c4e6359-dd4345e29fe895b7-01
x-dt: 909
x-time-ng: 0.021
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| 1xbetnp.com/web-api/external-api/v3/banners?project_id=909&country_code=NO&language=en&platform=2§ion=6&is_auth=false&limit=100 | 83.147.206.31 | 200 OK | 20 kB |
URL GET HTTP/21xbetnp.com/web-api/external-api/v3/banners?project_id=909&country_code=NO&language=en&platform=2§ion=6&is_auth=false&limit=100 IP83.147.206.31:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerLet's Encrypt Subject1xbetnp.com FingerprintA5:E2:50:EB:20:4D:9A:C7:80:84:AB:9B:12:20:6F:CE:4C:D0:CC:F7 ValidityMon, 12 Feb 2024 05:16:51 GMT - Sun, 12 May 2024 05:16:50 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /web-api/external-api/v3/banners?project_id=909&country_code=NO&language=en&platform=2§ion=6&is_auth=false&limit=100 HTTP/1.1
Host: 1xbetnp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xbetnp.com/en?tag=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder; platform_type=desktop; auid=U5POH2Yoi1IeurcpAxSaAg==; SESSION=485ae37fae7b9b76dfa895caab1409cf; window_width=1280; _glhf=1713950917; che_g=23437f56-cfbd-f999-10f6-bc1a50bce12e; application_locale=en; sh.session.id=22f7505e-674c-44dc-9e3f-56fc7d22179b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:22 GMT
content-type: application/vnd.api+json
vary: Accept-Encoding
cache-control: no-cache, private
server-timing: p;dur=74, dt_total;dur=108.531, wf-uht;dur=0.117
traceparent: 00-fe94620af72843cc17748c72d0115589-130dc0cd2c217738-01
x-dt: 909
x-time-ng: 0.088
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| widget.suphelper.top/_next/static/chunks/webpack-fb94d2f19425a3e3.js | 104.18.39.72 | 200 OK | 3.8 kB |
URL GET HTTP/2widget.suphelper.top/_next/static/chunks/webpack-fb94d2f19425a3e3.js IP104.18.39.72:443
Requested byhttps://widget.suphelper.top/ CertificateIssuerGoogle Trust Services LLC Subjectsuphelper.top Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36 ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT
File typeJavaScript source, ASCII text, with very long lines (3855), with no line terminators Hash7288e202ab8e4cf1b7f60eed709e0986 c10effeb29bf129a7c81688b9f3a7d5485272e87 56e695b4675b50d55a92f006109771a67da822050f5ae03fd2ad02c1a9565b58
GET /_next/static/chunks/webpack-fb94d2f19425a3e3.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:32:22 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://file-hosting-api-stage.kube.prod.cons.lan https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Thu, 09 Nov 2023 06:03:45 GMT
etag: W/"ed0-18bb2adf0eb"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 13307731
expires: Thu, 24 Apr 2025 04:32:22 GMT
server: cloudflare
cf-ray: 87935e7f6c2a0b65-OSL
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/9a596f911770.js | 185.244.209.62 | 200 OK | 1.5 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/9a596f911770.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (1556), with no line terminators Hash21fc96d5cf58a7e83ad9c39e081b4926 8f3b38a3743cc5c7f6898e91c784611381de092e 42818bd31d84c24a7f003f9fdeb7ebe7e6d37125de6ca4c4daab8cdd134e494f
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/9a596f911770.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xbetnp.com
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:27 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 23 Apr 2024 12:34:23 GMT
etag: W/"37522b6a3d761c89809cb6f794ead60e"
x-amz-meta-mtime: 1713875281.725615432
content-encoding: gzip
expires: Wed, 24 Apr 2024 12:55:17 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-448efadd6faad9bc4a4c1a6583ee80d1-adc8cc4470d3aa42-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T12:55:17+00:00, 2024-04-23T12:57:40+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xbetnp.com/bff-api/config/contacts.json?type=2&lang=en | 83.147.206.31 | 200 OK | 3.8 kB |
URL GET HTTP/21xbetnp.com/bff-api/config/contacts.json?type=2&lang=en IP83.147.206.31:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerLet's Encrypt Subject1xbetnp.com FingerprintA5:E2:50:EB:20:4D:9A:C7:80:84:AB:9B:12:20:6F:CE:4C:D0:CC:F7 ValidityMon, 12 Feb 2024 05:16:51 GMT - Sun, 12 May 2024 05:16:50 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (4385), with no line terminators Hash42753b440838a062ca850f7f1987c5b3 4ecf28dc198964e20ce2b5c7e989414440707aec 4fd767556596401310c4e46cf635fc9635e22b05baafe82e4026d48004de0448
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /bff-api/config/contacts.json?type=2&lang=en HTTP/1.1
Host: 1xbetnp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xbetnp.com/en?tag=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder; platform_type=desktop; auid=U5POH2Yoi1IeurcpAxSaAg==; SESSION=485ae37fae7b9b76dfa895caab1409cf; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:21 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: br
server-timing: bff;dur=35.76, dt_total;dur=43.111, wf-uht;dur=0.051
traceparent: 00-80fc9a3b0bf78a558734f7a598755471-990e837583b66696-01
vary: Accept-Encoding
x-dt: 909
x-time-ng: 0.036
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/28a6402a2a0b.js | 185.244.209.62 | 200 OK | 1.5 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/28a6402a2a0b.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (1490), with no line terminators Hashbee6c1d898b622799896de84cf8cb395 7effc6d4c513dd89437bb246253038864c6e079d ce5f0db87a753bbe9bb563b1708206f16bf0d5ff7fa20c1b8a579b155ef11503
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/28a6402a2a0b.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xbetnp.com
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:27 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 23 Apr 2024 12:34:22 GMT
etag: W/"24906b7dbc572ec6dd8117e9bd9939e3"
x-amz-meta-mtime: 1713875281.693615182
content-encoding: gzip
expires: Wed, 24 Apr 2024 12:55:17 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-eda37dbe4e8698e978f15ec3ee6ccfe8-f556b67c1b2e49df-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T12:55:17+00:00, 2024-04-23T12:57:40+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/4efc36d7a3c7.js | 185.244.209.62 | 200 OK | 6.7 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/4efc36d7a3c7.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (6727), with no line terminators Hash38c809aa1e187f25bc4f7bd64b12db03 8788d01f8af28170fd10b16d3c3b7ee18cd09598 f815d98e555720c61dc56a53fe4a4efc6d9f649bab7a483a62a734799ba331ef
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/4efc36d7a3c7.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xbetnp.com
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:27 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 23 Apr 2024 12:34:22 GMT
etag: W/"d6054001e832a4dbc81c272445edf992"
x-amz-meta-mtime: 1713875281.705615276
content-encoding: gzip
expires: Wed, 24 Apr 2024 12:55:17 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-3b2ae13156c50039082486e31d585dbd-f11182fd094e2670-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T12:55:17+00:00, 2024-04-23T12:57:40+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/c65c754d498ddb25accb3498c1e7540b.png | 185.244.209.62 | 200 OK | 5.2 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/c65c754d498ddb25accb3498c1e7540b.png IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typePNG image data, 514 x 514, 8-bit colormap, non-interlaced Hashb9a636eef54b2844b571fe7de49184a7 bf653690790ced40eb3189da075a275d951d1607 001bfcdd52b658d46543a1aec889d35b73b3909b47097cc011b95e96fc9e3743
GET /genfiles/cms/1-285/desktop/media_asset/c65c754d498ddb25accb3498c1e7540b.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:28 GMT
content-type: image/png
content-length: 5202
last-modified: Wed, 28 Feb 2024 07:52:20 GMT
etag: "b9a636eef54b2844b571fe7de49184a7"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
x-cached-since: 2024-04-03T07:12:40+00:00
traceparent: 00-41775a491a09f84917cb63d77ea351a7-5f493c45dd11d8fc-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xbetnp.com/web-api/user/secure | 83.147.206.31 | 200 OK | 59 B |
URL POST HTTP/21xbetnp.com/web-api/user/secure IP83.147.206.31:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerLet's Encrypt Subject1xbetnp.com FingerprintA5:E2:50:EB:20:4D:9A:C7:80:84:AB:9B:12:20:6F:CE:4C:D0:CC:F7 ValidityMon, 12 Feb 2024 05:16:51 GMT - Sun, 12 May 2024 05:16:50 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hashd82d7fc59b1fdc443fef6248654a4609 028a94ca7bf69f710c2322bed9a3432a7ad41e24 03d7444a3663133f70fa39dae4336a7d8107875c126e9618f53be3c7c0980cc7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /web-api/user/secure HTTP/1.1
Host: 1xbetnp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xbetnp.com/en?tag=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
Origin: https://1xbetnp.com
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_85563m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l126882_clickunder; platform_type=desktop; auid=U5POH2Yoi1IeurcpAxSaAg==; SESSION=485ae37fae7b9b76dfa895caab1409cf; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:21 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: br
server-timing: p;dur=21, dt_total;dur=22.626, wf-uht;dur=0.034
set-cookie: _glhf=1713950917; expires=Wed, 24-Apr-2024 05:32:21 GMT; Max-Age=3600; path=/
traceparent: 00-189f96ad95427521f05de4e8d1248bb5-6af6f94c5d354d62-01
vary: Accept-Encoding
x-dt: 909
x-time-ng: 0.023
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/app-3a0481ca.js | 185.244.209.62 | 200 OK | 966 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/vendors/app-3a0481ca.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
Size966 kB (966207 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /_nuxt/desktop/default/vendors/app-3a0481ca.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:18 GMT
content-type: application/javascript; charset=utf-8
content-length: 270073
last-modified: Tue, 23 Apr 2024 13:15:15 GMT
etag: "6627b463-41ef9"
content-encoding: gzip
expires: Wed, 24 Apr 2024 14:28:29 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-3d339bac707bf6cbadcdfa653f697f2d-a2133c1e7508543a-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T14:28:29+00:00, 2024-04-23T14:28:59+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| widget.suphelper.top/_next/static/chunks/1743016e-d00d67a74426f155.js | 104.18.39.72 | 200 OK | 481 kB |
URL GET HTTP/2widget.suphelper.top/_next/static/chunks/1743016e-d00d67a74426f155.js IP104.18.39.72:443
Requested byhttps://widget.suphelper.top/ CertificateIssuerGoogle Trust Services LLC Subjectsuphelper.top Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36 ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size481 kB (480579 bytes) Hash46260bb46d51262abee818c0c3bcf1c6 fe3be222aec74704fad1fa2559788b1fa287094a 20700e65659e04d422580d9c792ba811b7b76de4ec1b3163c284af83bd5a7d6c
GET /_next/static/chunks/1743016e-d00d67a74426f155.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:32:22 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Wed, 17 Jan 2024 06:19:55 GMT
etag: W/"75543-18d161388b8"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 8458090
expires: Thu, 24 Apr 2025 04:32:22 GMT
server: cloudflare
cf-ray: 87935e7f7c320b65-OSL
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/banner/29dd2b5a09fe4e96a7b713787183f597.png | 0.0.0.0 | | 0 B |
URL GET v3.traincdn.com/genfiles/cms/1/desktop/banner/29dd2b5a09fe4e96a7b713787183f597.png IP0.0.0.0:0
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /genfiles/cms/1/desktop/banner/29dd2b5a09fe4e96a7b713787183f597.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| widget.suphelper.top/_next/static/e463c503/_middlewareManifest.js | 104.18.39.72 | 200 OK | 92 B |
URL GET HTTP/2widget.suphelper.top/_next/static/e463c503/_middlewareManifest.js IP104.18.39.72:443
Requested byhttps://widget.suphelper.top/ CertificateIssuerGoogle Trust Services LLC Subjectsuphelper.top Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36 ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT
File typeASCII text, with no line terminators Hash7c3f7e060745668041278118c0bb3d6d e639f56695b3cc30d78dce7a0084aa8299a1311a de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a
GET /_next/static/e463c503/_middlewareManifest.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:32:22 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Tue, 16 Apr 2024 09:44:52 GMT
etag: W/"5c-18ee64b8562"
vary: Accept-Encoding
cf-cache-status: HIT
age: 555873
expires: Thu, 24 Apr 2025 04:32:22 GMT
server: cloudflare
cf-ray: 87935e7f9c3c0b65-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/344e644612ea.js | 185.244.209.62 | 200 OK | 1.2 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/344e644612ea.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (1296), with no line terminators Hash20ced9cb4cee69ea064b1bb92b7a312b 70545823690dc7c9d82c497cb9f73ac0f975997b 9a12e579854e2d8d75460a627e63194b2bb43f7f3eb80074bb06ff27fec0885b
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/344e644612ea.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xbetnp.com
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:27 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 23 Apr 2024 12:34:22 GMT
etag: W/"e3860273696b2c2385615d1b02860059"
x-amz-meta-mtime: 1713875281.701615245
content-encoding: gzip
expires: Wed, 24 Apr 2024 12:55:17 GMT
cache-control: max-age=86400
x-time-ng: 0.001
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-fa97f8e6b8dd7b5a8e4a3593c5826b9f-fa5fe2fd65d4b165-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T12:55:17+00:00, 2024-04-23T12:57:40+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/117145.webp | 185.244.209.62 | 200 OK | 624 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/117145.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashe16f57a32c133db13b7d56a71ddb47c9 4308afb8665a0751e83e5f240908a930d608337c 5d605690b18e0568fa6fd65c70317769bb16b0dcdd2428d9493c0ab50efab208
GET /resized/size16/sfiles/logo_teams/117145.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:25 GMT
content-type: image/webp
content-length: 624
cache-control: max-age=94608000
content-disposition: inline; filename="117145.webp"
content-security-policy: script-src 'none'
expires: Tue, 20 Apr 2027 14:52:17 GMT
x-request-id: 8b4799d807eb23d2cbae302de247bd1e
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-9261d1e7095bb1ef24ab24f1fab9db49-408f60e856c8bda4-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-20T14:52:17+00:00, 2024-04-20T17:09:06+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/entry-372f5fe6.js | 185.244.209.62 | 200 OK | 2.3 MB |
URL GET HTTP/2v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/entry-372f5fe6.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
Size2.3 MB (2288233 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/entry-372f5fe6.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xbetnp.com
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:24 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 23 Apr 2024 12:34:23 GMT
etag: W/"e0292fb628a2f149f222bae2c2246200"
x-amz-meta-mtime: 1713875281.745615589
content-encoding: gzip
expires: Wed, 24 Apr 2024 12:55:06 GMT
cache-control: max-age=86400
x-time-ng: 0.010
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-f97a441b4e7531c322cb5dc82c5f46cc-047ccd0e412c1f2d-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T12:55:06+00:00, 2024-04-23T12:57:38+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/0b23288bd734.js | 185.244.209.62 | 200 OK | 5.0 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/0b23288bd734.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeUnicode text, UTF-8 text, with very long lines (5112), with no line terminators Hashf62a88781de39220857715ccf778cd5f 7fd960dd975df5c5eb01e7ca1ba32584c1e83b0c d32428ce471e690e77e959fe032a0ba30688c01e61d8e51ff47a350d28cb11db
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/0b23288bd734.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xbetnp.com
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:27 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 23 Apr 2024 12:34:22 GMT
etag: W/"ac462273a8335f158ccd0812c8d96cca"
x-amz-meta-mtime: 1713875281.673615027
content-encoding: gzip
expires: Wed, 24 Apr 2024 12:55:17 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-3167912ecf8ce2f9a9a837a056693e4a-249b65bd69597cf8-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T12:55:17+00:00, 2024-04-23T12:57:40+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/betstemplates/bets_model_full_en_0.json | 185.244.209.62 | 200 OK | 22 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/betstemplates/bets_model_full_en_0.json IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /genfiles/cms/betstemplates/bets_model_full_en_0.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xbetnp.com/
Origin: https://1xbetnp.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:22 GMT
content-type: application/json
last-modified: Mon, 22 Apr 2024 13:47:07 GMT
etag: W/"65c4f8441dea9f78c50a9fc7029f9193"
content-encoding: gzip
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-cf10aedc2dd5dee7b55f511d2e8b958e-fd59da3deab48cb2-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-22T14:27:17+00:00, 2024-04-24T03:43:55+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| widget.suphelper.top/_next/static/e463c503/_ssgManifest.js | 104.18.39.72 | 200 OK | 77 B |
URL GET HTTP/2widget.suphelper.top/_next/static/e463c503/_ssgManifest.js IP104.18.39.72:443
Requested byhttps://widget.suphelper.top/ CertificateIssuerGoogle Trust Services LLC Subjectsuphelper.top Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36 ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT
File typeASCII text, with no line terminators Hashb6652df95db52feb4daf4eca35380933 65451d110137761b318c82d9071c042db80c4036 6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
GET /_next/static/e463c503/_ssgManifest.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:32:22 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Tue, 16 Apr 2024 09:44:52 GMT
etag: W/"4d-18ee64b8562"
vary: Accept-Encoding
cf-cache-status: HIT
age: 555873
expires: Thu, 24 Apr 2025 04:32:22 GMT
server: cloudflare
cf-ray: 87935e7f8c3b0b65-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size14/sfiles/logo_teams/8502.webp | 185.244.209.62 | 200 OK | 808 B |
URL GET HTTP/2v3.traincdn.com/resized/size14/sfiles/logo_teams/8502.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xbetnp.com/en?tag=d_85563m_32273c_[]MS[]null[]null[]general[]{site_id}_d22490_l126882_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash4b52b6f2f5a9f8ae4d4d1507c958f14a f75dd584aad8a2549be325a9f1374f702af294a0 cf48f246e4842c89e60c3f13f767dbc33eaffcd6d36f2c1a08173f986403fd6c
GET /resized/size14/sfiles/logo_teams/8502.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xbetnp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:32:25 GMT
content-type: image/webp
content-length: 808
cache-control: max-age=94608000
content-disposition: inline; filename="8502.webp"
content-security-policy: script-src 'none'
expires: Sun, 18 Apr 2027 06:58:57 GMT
x-request-id: c51f956222b951af24b2ae5cf6b984da
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-a4d216775b8a543d21492e3f886d40ab-b50f0dc4d6baa083-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-18T06:58:57+00:00, 2024-04-18T16:09:48+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|