Report - refpaucqkl.top/L?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449

Report Overview

Submitted URL
refpaucqkl.top/L?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder&site=73595&ad=32273
IP
45.135.120.2
ASN
#56630 Melbikomas UAB
Submitted
2024-05-07 07:57:14
Access
public
Website Title
1xBet ᐉ Online sports betting ᐉ 1xBet online bookmaker log in ᐉ 1xlite-461430.top
Final URL
1xlite-461430.top/en?tag=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
68

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
services.addons.mozilla.org	6161	1998-01-24	2012-05-21	2024-05-06	677 B	1.8 kB	54.230.111.129
aus5.mozilla.org	2548	1998-01-24	2015-10-27	2024-05-05	521 B	480 B	35.244.181.201
refpaucqkl.top	unknown	2019-05-08	2019-06-07	2023-08-29	571 B	11 kB	45.135.120.2
radar.cedexis.com	3035	2009-01-07	2013-11-27	2024-05-06	822 B	1.1 kB	45.54.49.5
www.google.no	25607	2001-02-26	2016-04-05	2024-05-06	580 B	578 B	142.250.74.163
region1.analytics.google.com	unknown	1997-09-15	2022-03-17	2024-05-05	1.0 kB	448 B	216.239.32.36
pp23vi1.com	unknown	2023-03-09	2023-04-06	2024-04-26	439 B	387 B	178.253.14.123
1xlite-461430.top	unknown	2023-08-11	2023-08-11	2024-03-26	50 kB	269 kB	178.253.29.51
v3.traincdn.com	unknown	2022-11-10	2022-11-25	2024-05-04	79 kB	5.0 MB	185.244.209.62
widget.suphelper.top	unknown	2023-08-02	2023-10-04	2024-05-02	4.6 kB	697 kB	104.18.39.72
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-05-07	847 B	172 kB	142.250.74.40

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed

ThreatFox

No alerts detected

JavaScript (115)

	URL	Size	First Seen	Last Seen
	v3.traincdn.com/_nuxt/desktop/default/betting.SportsMenuCompact-e547fa93.js	7.8 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/betting.SportsMenuCompact-e547fa93.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:30 Last Seen2024-05-08 09:00:23 Times Seen21 Hash 3078429361b9801527b7f4deb1ff2633 c0bf69639f54697d7fcf5ee8ed06072a629b3fff 3042f5f56a8fae2d232bd88071179a50133e8d90fd11ec2f52259b23d8e0cb5a Loading...

	unknown	44 B	2023-04-14	2024-05-19
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-14 16:26:15 Last Seen2024-05-19 15:04:27 Times Seen944 Hash 00beb9884d0391b342eadd30744b539a 3124c0bd593822379d22f13d3e08e70a1bf5ea14 92394eec5690449a4f6cfc9a7f97497a69e926b2365cb9a9aad3507a844f835c Loading...

	v3.traincdn.com/_nuxt/desktop/default/betting.CentralMenuApp-a5b5de2e.js	76 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/betting.CentralMenuApp-a5b5de2e.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:31 Last Seen2024-05-08 01:37:00 Times Seen20 Hash 4fb1e7d0f5418f3df96622b000ebe6fb eef890c8cf6d2c72eae34e39ba2e8e6ff79c8754 fd9fede696dd12b00cc9af15ca68f1209b5fd351f5bc32052221adbbb12d8e8b Loading...

	unknown	47 B	2023-04-14	2024-05-19
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-14 16:26:15 Last Seen2024-05-19 15:04:27 Times Seen944 Hash a01893d8e129ad16c1e0fc5c7537f411 0e46d1bf2718f848d9d596fa269eaedb31204772 cbe7b89533bcd75b69f3e54807308551d68242ec1761e63bee1a99fc6e560175 Loading...

	v3.traincdn.com/_nuxt/desktop/default/Layout.FooterComponent.Lazy/Page.Game.Project-807a62cf.js	20 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/Layout.FooterComponent.Lazy/Page.Game.Project-807a62cf.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:30 Last Seen2024-05-08 09:00:23 Times Seen26 Hash adc7f8e289bd475a5a922c91b93591b2 540252cd02880714746d3656e61c67e7acab7fda 3b542ce26d333f558f94adb8cac49e58be95a5470eb3079d1dc0b2b7a7c97b6b Loading...

	data:text/javascript,export const meta = import.meta;	32 B	2023-12-06	2024-05-19
Pretty URL data:text/javascript,export const meta = import.meta; IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-06 14:32:28 Last Seen2024-05-19 15:04:27 Times Seen968 Hash 6d772b7d405b447ecee54ab61cdd5108 dd65fb9cd5a7cb94a40fe161f4f72303a61eb3b7 b90ff694e492935b6036fb7e878d365dab51aafa46f0afb1e33414e7ecc3307b Loading...

	v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/entry-414928da.js	2.3 MB	2024-04-27	2024-05-08
Pretty URL v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/entry-414928da.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-27 09:33:56 Last Seen2024-05-08 09:00:22 Times Seen16 Hash 2ff74ba461966e9ef07ec952168d3783 eac39aaad2751e37b7b7e1cf6d966696f9c1c044 2073d859a26714aca057e24cb8c9ac7e8fd7bc8a184406d49cf0c46980ab405d Loading...

	v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/92745f711024.js	188 kB	2024-04-27	2024-05-08
Pretty URL v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/92745f711024.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-27 09:33:56 Last Seen2024-05-08 09:00:22 Times Seen16 Hash fdfc9ec2fb0c6c09b91f4d7afd8b013e fda34cd7ed3c34c04b95aa7ef5c8602246560792 52c22cd0255170803b57877f20365b1cc0cee020b6fff69c71fe0f7f6c9f276f Loading...

	unknown	96 B	2023-12-06	2024-05-19
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-12-06 14:32:27 Last Seen2024-05-19 15:04:27 Times Seen968 Hash 94361ed86ab9b2fbb8d805c2025df46a 3f428332f7a1c7196a85c93a373a966d75708c19 eee4d228a49a86625f29410cf9a23d145e821a09cbb1f7a4d7557d206872715a Loading...

	v3.traincdn.com/_nuxt/desktop/default/vendors/GameProvider/Page.Betting.Asia.Homepage/Page.Betting.MultiLive/Page.CricketWorldCupPage/Page/17c2374e-b595fcd5.js	144 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/vendors/GameProvider/Page.Betting.Asia.Homepage/Page.Betting.MultiLive/Page.CricketWorldCupPage/Page/17c2374e-b595fcd5.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:27 Last Seen2024-05-08 09:00:23 Times Seen22 Hash aedaa99fcce183a213f358a727e9eb87 7fe33331acbced57be412f96baff3a4595e207fb 2ccadc0a2eea97aeeb5f1825ad9bdac3873481a54bcd3b42cf6724271cd0f6ac Loading...

	widget.suphelper.top/_next/static/chunks/0c294a17-329dda05de2a378d.js	10 kB	2024-01-20	2024-05-19
Pretty URL widget.suphelper.top/_next/static/chunks/0c294a17-329dda05de2a378d.js IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-20 01:21:35 Last Seen2024-05-19 15:04:28 Times Seen597 Hash 54b2d4e92e16d2ea51898124107af46a ab4225b696e63c9040de1511fa229cf65b4d3750 e17ccea95df87c35add9994b01ef7bb6e8b5c2ebea282c461199a140a5675662 Loading...

	v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/7bd3bc288fd4.js	450 B	2024-01-25	2024-05-18
Pretty URL v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/7bd3bc288fd4.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2024-01-25 11:06:32 Last Seen2024-05-18 12:55:26 Times Seen137 Hash 056ce527a12544a37f984ac598be2344 6946b65cf1c68960e5f9ac0900a0df66a13e7e85 cd7cdf53c803ca43a37171180d14c2374e45ab347d309f9b83a107b9ad9b4ed1 Loading...

	v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside/Page.NewCyber.CyberChamps/Page.NewCyber.CyberDashboard/Page.NewCy/adc1b632-4d951a46.js	14 kB	2024-04-27	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside/Page.NewCyber.CyberChamps/Page.NewCyber.CyberDashboard/Page.NewCy/adc1b632-4d951a46.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-27 18:05:15 Last Seen2024-05-08 09:00:23 Times Seen30 Hash 395deb0abfd0ea102c0c9aa4cf08b2f9 b53c99a2bce733f0a45a075000949d34e2fd0b17 f11d7b6985d7e97030628cf137377b14e9316f8919f80dff4cdd488366aa6652 Loading...

	v3.traincdn.com/_nuxt/desktop/default/betting.SportMenuApp-1f0079e1.js	110 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/betting.SportMenuApp-1f0079e1.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:27 Last Seen2024-05-08 09:00:23 Times Seen22 Hash 756179b1f968d35107908086a552c869 5c1f6c8a0c1eed4246c04dac52c4b7056fc991e8 37093cd5b15bf40421db8a64625a01317d043479685d2e1f84accb8fbf992ea6 Loading...

	v3.traincdn.com/_nuxt/desktop/default/Layout.FooterComponent.Lazy-0434410a.js	28 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/Layout.FooterComponent.Lazy-0434410a.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:27 Last Seen2024-05-08 09:00:23 Times Seen26 Hash 9167c6082d419d35f57a606871184d06 d4c4fac03b353c5881c352d6ac0c05947dc2e633 bed35ed9386f6d0d6f3096d00c7d14e042c5cb404f07ef0bb9abb4cc381e89c3 Loading...

	v3.traincdn.com/_nuxt/desktop/default/vendors/betting.SportMenuApp-bfe18bfa.js	31 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/vendors/betting.SportMenuApp-bfe18bfa.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:27 Last Seen2024-05-08 09:00:23 Times Seen22 Hash f9da465f4f7355523306ce6bbf89c0d5 c39974e7867bcdd6bbe385ba52c9be335afdfe6b a5ff3777031e8ee4babfe1d6a7a6fff1fb2fc0db58de71ea8202bc37a7aab0f2 Loading...

	v3.traincdn.com/_nuxt/desktop/default/vendors/DownloadAppWidget/modal.IplWorldInstallModal/modal.office.TwoFactorAuthEnableModal-74c102e0.js	16 kB	2024-04-27	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/vendors/DownloadAppWidget/modal.IplWorldInstallModal/modal.office.TwoFactorAuthEnableModal-74c102e0.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-27 18:05:16 Last Seen2024-05-08 09:00:23 Times Seen26 Hash 18f932fe4f53ce3de4a44b04b0524916 ed47f4f593c25b33012b0369c19883c23e7d3df1 c665029c63cfd9399be9c74e897668b621e3a6e690f0da69196f4c73c16f0cee Loading...

	v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/49e90f3b8dc2.js	2.1 kB	2024-04-27	2024-05-08
Pretty URL v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/49e90f3b8dc2.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-27 09:33:56 Last Seen2024-05-08 09:00:22 Times Seen16 Hash e4a5e0e3cafb59fadf6c400cfd363b1a 9782ef66f8c66b9daf7c71799bb64a36791aafcd 528a971a8fd97998b7c66f789d482b73572d3f2f0a1c621aa917552c0abf3c68 Loading...

	v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.Homepage/Page.Betting.Main/Page.Betting.Main.Asian/Page.Betting.TeamGames/Page.New/a4ad9f6b-09b98935.js	15 kB	2024-04-27	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.Homepage/Page.Betting.Main/Page.Betting.Main.Asian/Page.Betting.TeamGames/Page.New/a4ad9f6b-09b98935.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-27 18:05:15 Last Seen2024-05-08 09:00:23 Times Seen30 Hash 81deb8b2ab30cd1729e21622a32d9814 41b982e7a7e4eec22ce01ff1a3b854e51e385789 41159eb3d25b42d4e655a6a3f4e6b0777c2d8a572277d77f9104e171b8aa5589 Loading...

	v3.traincdn.com/_nuxt/desktop/default/commons/app-2e30fd7d.js	138 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/commons/app-2e30fd7d.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:29 Last Seen2024-05-08 09:00:23 Times Seen52 Hash 03b89bdb4f6013159d40de88c98403b6 cf41351caa86d91b56cf839d54ab28bf8f4f54f8 42d02ce0b520e2d8ce7341a0b07d92cd3833d762337b1f8aabc6f7f23e6fad4a Loading...

	v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.vue-js-modal-11d3184a.js	27 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.vue-js-modal-11d3184a.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:30 Last Seen2024-05-08 09:00:23 Times Seen54 Hash ead4a901af60e4b8138e732f0aea9637 7c1d57d444a07553738ddcb8b6a2bee305a0c215 e6bc116e4cb54d011d2a1fa1f87ab12d1f320aa8dc54c89b1f286f2b02ee14c0 Loading...

	v3.traincdn.com/_nuxt/desktop/default/ioc.dependencies.18-dc087bc0.js	3.1 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/ioc.dependencies.18-dc087bc0.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:28 Last Seen2024-05-08 09:00:23 Times Seen21 Hash 66c4eb11ec60384b198e73db080c0f32 6fb7618e384b9e01454c7b984728236f178192da b45c772a5a204e430a575b896edc43205412a5f28539c2e48c152df7669ad7cb Loading...

	widget.suphelper.top/_next/static/chunks/1743016e-d00d67a74426f155.js	481 kB	2024-01-20	2024-05-19
Pretty URL widget.suphelper.top/_next/static/chunks/1743016e-d00d67a74426f155.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-20 01:21:34 Last Seen2024-05-19 15:04:27 Times Seen591 Hash 46260bb46d51262abee818c0c3bcf1c6 fe3be222aec74704fad1fa2559788b1fa287094a 20700e65659e04d422580d9c792ba811b7b76de4ec1b3163c284af83bd5a7d6c Loading...

	widget.suphelper.top/_next/static/f385e6db/_buildManifest.js	519 B	2024-04-25	2024-05-19
Pretty URL widget.suphelper.top/_next/static/f385e6db/_buildManifest.js IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 18:56:14 Last Seen2024-05-19 15:04:27 Times Seen140 Hash 06c1d20d74764a4f7dea57ebb09df4d8 d6592eaad86ec7b7bc373774bf911385ea7cf07d 46185c722db3b74c04c371b445abb1da2fa2592059437ee508a23e96c1fdf169 Loading...

	v3.traincdn.com/_nuxt/desktop/default/vendors/Layout.FooterComponent.Lazy-8e891b7b.js	30 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/vendors/Layout.FooterComponent.Lazy-8e891b7b.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:30 Last Seen2024-05-08 09:00:23 Times Seen25 Hash 93a3cdd4ea0ae5eb295e71988355c5d4 0c9e334aebd99fb9c44575c99abda82d0b53acb1 104a5a19f0a8b4d443e55c32daf49eea2343ee96da27b48c21f09e1425081d62 Loading...

	v3.traincdn.com/_nuxt/desktop/default/betting.media-64ed71be.js	17 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/betting.media-64ed71be.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:27 Last Seen2024-05-08 09:00:23 Times Seen53 Hash fda91a0dd5e8251a0c4c540d7e54ed52 3c4a6e38286708cd62ff071ccf97e73f37200728 b3c3c2ee09cf4af0164878165cd9971fbfe83a461c18ad0ef7cfc33b36b782ef Loading...

	v3.traincdn.com/sys-static/shared-assets/__shared_chunk_M4D4AAJL.js	101 kB	2024-04-24	2024-05-15
Pretty URL v3.traincdn.com/sys-static/shared-assets/__shared_chunk_M4D4AAJL.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-24 06:33:08 Last Seen2024-05-15 18:55:38 Times Seen69 Hash 51ddc52774f4e5bd6a6f1c22e9d19674 374c2fbb2b68ad9c28898dfe60da3fd828ccf7c4 642e66ee14ca90b6ff8f91fbfdce400c6834a037dee18a60a72922ea727bb442 Loading...

	v3.traincdn.com/_nuxt/desktop/default/Layout.Betting.ExpressDay-c5a846fb.js	10 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/Layout.Betting.ExpressDay-c5a846fb.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:31 Last Seen2024-05-08 09:00:23 Times Seen22 Hash be042bab68dd466121fb1460a17b1795 3dfa3c583644e2aa71ff199a262a54e17cd378d6 2a7bf413f8f8d67f545da852425cdec3b3960fa2c62960ca49c5a2dc43108ac0 Loading...

	v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.vue-notification-4e9ad522.js	12 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.vue-notification-4e9ad522.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:31 Last Seen2024-05-08 09:00:23 Times Seen53 Hash 805e7c2cd861f2191db66c39ab28e86b a6353246547e9a9fd01093fcb784d708d187e3ef 82686dab55962ead6916346bd901b3fc03357bb2a0e74dfe966ff784d75b2368 Loading...

	v3.traincdn.com/sys-static/shared-assets/__shared_localforage_PLMWICWN.js	30 kB	2024-03-23	2024-05-19
Pretty URL v3.traincdn.com/sys-static/shared-assets/__shared_localforage_PLMWICWN.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2024-03-23 16:35:38 Last Seen2024-05-19 14:33:21 Times Seen106 Hash dfa127e93d125d4f6c566203eaf225f2 32c1fd89c4eeed7ac2a942582b3786659b15cd43 cf5077d1cff62ce76807408ebc2203563b7a221ddf1cf38339c6d54289bff390 Loading...

	v3.traincdn.com/_nuxt/desktop/default/vendors/conversion-f0624fc4.js	198 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/vendors/conversion-f0624fc4.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:28 Last Seen2024-05-08 09:00:26 Times Seen44 Hash 191ff223860f458112e0be2a63bd9857 850dd681d5b31321f00b8df955a455aa9478e44e 40e1fe6d194776c5fa845dda1dbebda9c2bc3154d8c45793ae74a2e1bf147016 Loading...

	unknown	34 B	2023-04-14	2024-05-19
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-14 16:26:15 Last Seen2024-05-19 15:04:27 Times Seen955 Hash 7bcdb973ab8af8e24ab11cb554a1ba6e 24e8a10f240f2b06f81d7c173cd0a90606641fc1 916ec4eb9b485eb47f43a17fe212e84e4b72600b45eb6d4588599ad495a57fcd Loading...

	v3.traincdn.com/_nuxt/desktop/default/betting.HomeSliderComponent-b079a12e.js	24 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/betting.HomeSliderComponent-b079a12e.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:28 Last Seen2024-05-08 01:37:00 Times Seen20 Hash dff08fc651e74f6ad7d80f2cb43e29e5 e1b0c10b245faa60623785bdefd27c9999483231 fb6ee46c49eb61f09a2dbfe856f0b41f4206323fd9dcc2dc8921ce951b9780bf Loading...

	v3.traincdn.com/_nuxt/desktop/default/vendors/RegistrationWidgetApp-4b1f6e54.js	76 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/vendors/RegistrationWidgetApp-4b1f6e54.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:28 Last Seen2024-05-08 09:00:23 Times Seen22 Hash 05e740893c07a5cc45b5f0f2d787dbf5 28c364157e02ce207609bca53064a4b513e8bda7 a2af38a1cec7178448ce8d1aee99190b643f50894d3d05cac2e5234caeac8e5e Loading...

	widget.suphelper.top/injector.js	208 kB	2023-12-17	2024-05-19
Pretty URL widget.suphelper.top/injector.js IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-17 15:23:16 Last Seen2024-05-19 15:04:27 Times Seen1026 Hash faa1c0b5a845868ac1a8071b6b87d458 71034e9bb2726a20b2afa197ff4e1b52c2ab976b d7585c13a4abd3b295a15b2bce2b2d7121a697f42ea85f89f40624ac26b075d0 Loading...

	1xlite-461430.top/polyfills.js	0 B	2023-03-07	2024-05-19
Pretty URL 1xlite-461430.top/polyfills.js IP 178.253.29.51 ASN #202492 Silverhill Group Holding Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-19 16:12:31 Times Seen37832145 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Main/Page.Betting.TeamGames-ffc54199.js	41 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Main/Page.Betting.TeamGames-ffc54199.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:30 Last Seen2024-05-08 09:00:23 Times Seen22 Hash 3645d2d457e7c89dbddbc70d1bb71d2e d91ac83ee98ca90c4a45448683041facd9b325cd a615e922b7060fe133277857d8a581923a62ce0da64aff95340bd9b884856a5a Loading...

	widget.suphelper.top/_next/static/chunks/663-81a4add2f1c95639.js	373 kB	2024-04-24	2024-05-19
Pretty URL widget.suphelper.top/_next/static/chunks/663-81a4add2f1c95639.js IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 06:33:05 Last Seen2024-05-19 15:04:28 Times Seen226 Hash 36e4e2c2a2498b008514f1f0250c8018 cfa53d1c8533fb5941d9ff4f1e45e8c831658693 42cd70d177e33b23f4982b671f4bb7f03a966053874a320af3f3ea7b7b7ca1f0 Loading...

	v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/cd57c0a6e95b.js	1.5 kB	2024-04-27	2024-05-08
Pretty URL v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/cd57c0a6e95b.js IP 0.0.0.0 ASN #0 Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-27 09:33:58 Last Seen2024-05-08 09:00:20 Times Seen16 Hash 76cb7b38bd7dd009e525ca10453839cd 6f243fa517f2f2eb7c5de651fca6efed3c6f7ded 91471eda0cfb8a92d2139d87180f101574355cc4009e8983507054f8f9883aa3 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-KFGPRJ2V	178 kB	2024-05-07	2024-05-07
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-KFGPRJ2V IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 09:57:20 Last Seen2024-05-07 09:57:24 Times Seen2 Hash 273eca3ce6428d022541aedaef733c21 54a7f799a9a1ecd20eb5b75bfaaeed71cae6c116 a73b1a4d89640d842dc8390be397b03bcae2da8f5c966d096a6000e20f4b2713 Loading...

	widget.suphelper.top/_next/static/chunks/framework-49f1e091cbf6b261.js	141 kB	2023-03-08	2024-05-19
Pretty URL widget.suphelper.top/_next/static/chunks/framework-49f1e091cbf6b261.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 08:26:33 Last Seen2024-05-19 15:04:28 Times Seen2522 Hash 896d1930437c1ab92b8a359c1d6fdaae 71e0e23d1af9722f356eb5d1c497d100ec8b0f7a 8c508636d885890bfb5c56bcd6dad1b8b64c498781d351b588a8de7f686774d4 Loading...

	widget.suphelper.top/_next/static/chunks/pages/_app-9c47c295eecaa68a.js	1.0 MB	2024-05-02	2024-05-15
Pretty URL widget.suphelper.top/_next/static/chunks/pages/_app-9c47c295eecaa68a.js IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 12:28:02 Last Seen2024-05-15 07:03:13 Times Seen91 Hash 5997e7f54cf2aebf463f16902ccbc7fc 659b9677d6196eabd63ce0feb5f4466accb72df7 08d0ab3696a84b16c7cc5306bf6d83dd27f99a2ce221ed337bf09dec8ebf95db Loading...

	v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/d492f4568b81.js	1.4 kB	2024-04-27	2024-05-08
Pretty URL v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/d492f4568b81.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-27 09:33:56 Last Seen2024-05-08 09:00:22 Times Seen16 Hash 1ca49088b69c49762c2b4dab10ebe060 d9b6754b9fd11ad9be0cec795758b89b3b9dc62b fc430e6fe7bd867ba551df2263494ba5dde0e1826aa3a16cd52af79430abec1a Loading...

	1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder	2.0 kB	2024-05-07	2024-05-08
Pretty URL 1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-07 09:57:20 Last Seen2024-05-08 01:36:59 Times Seen6 Hash 991153757cb65d57b6e6a8783a559b80 75396d28d126eada9fd69f33367626010d646633 3a5ba93a4eb20431badba0e7b99b59d7f8643b62d74ae41af64bae7520d523d1 Loading...

	v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.v-tooltip-ff4800a4.js	77 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.v-tooltip-ff4800a4.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:28 Last Seen2024-05-08 09:00:23 Times Seen54 Hash 45f90516ee8a557d78c08e1e925c1490 adc0363ed75f47f9513a36a94173c6e4940a2adc f5b8b3c4e62dbb4ebc5fd634f5bb17b3145a14c21bdc3e9c0a4dcb45b9e573fe Loading...

	widget.suphelper.top/_next/static/chunks/webpack-fb94d2f19425a3e3.js	3.8 kB	2023-10-05	2024-05-19
Pretty URL widget.suphelper.top/_next/static/chunks/webpack-fb94d2f19425a3e3.js IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-05 09:17:37 Last Seen2024-05-19 15:04:27 Times Seen2065 Hash ba1681cca05ff7b4f8698587da76ab26 7113520b461dfcbdcbc1725a1acc6e05547bf20e bcfc83f65454f29634e61503e84d77f3fe8bc06451b90927bf842e9ad352ac64 Loading...

	v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/cb22691ee4d9.js	731 B	2024-04-27	2024-05-08
Pretty URL v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/cb22691ee4d9.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-27 09:33:55 Last Seen2024-05-08 09:00:21 Times Seen26 Hash bd6d9e7b07e097eb950f4b8bd6ada2b4 d332a4f5771e4f6d2cd47cd94ff85c5eb5847418 ea2bfc78a76204b704ee4ff215cfd6be3c7edb98b6c6e77501c5dbb88f261ea5 Loading...

	v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/f44f14b6b316.js	1.2 kB	2024-04-27	2024-05-08
Pretty URL v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/f44f14b6b316.js IP 0.0.0.0 ASN #0 Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-27 09:33:56 Last Seen2024-05-08 09:00:22 Times Seen16 Hash 22e67b67b6c959d57aa78ae317120f36 ba2fb2181061d5aed5b6c98ef0aa0bd0aa135ece c696029dc6e79eb249d40656e1842626f439c5ba2851629fa1b33faf884111a3 Loading...

	v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.Homepage/Page.NewCyber.Cyber/Page.NewCyber.CyberApp/Page.NewCyber.CyberChamp/Page./8c362243-68160950.js	20 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.Homepage/Page.NewCyber.Cyber/Page.NewCyber.CyberApp/Page.NewCyber.CyberChamp/Page./8c362243-68160950.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:30 Last Seen2024-05-08 09:00:23 Times Seen22 Hash 860ea683ac1ca8494adc10cb2ea4fcdf a1004cb9bb3a036d215dfbf6b9bade88ad81a7a3 e8fcc72111c9040f545dd314899e61e406ceaa76601c816dc3c1a7b407f88850 Loading...

	v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/5e0dc9f15b39.js	53 B	2024-04-24	2024-05-18
Pretty URL v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/5e0dc9f15b39.js IP 0.0.0.0 ASN #0 Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-24 06:33:07 Last Seen2024-05-18 12:55:23 Times Seen50 Hash bb7e15ec1662efa164ad912bd1c65e19 bdd420a5f5bf96a8a4f85abbbe3b0cd2ad547f52 a9378fb3de73c35f466dfae4d2956a63b95813d4eaf88ae7f4ce820d0992cc01 Loading...

	v3.traincdn.com/_nuxt/desktop/default/app-1483c42a.js	853 kB	2024-05-07	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/app-1483c42a.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 06:20:17 Last Seen2024-05-08 09:00:23 Times Seen22 Hash c4d75347728629ec3f0b90dc82f0a3d2 ff949fe02da04d39be746f8d091a1a7b30126f7a 8ca2bd3ad104c33fb6189e87cab8992734ca6bf99a631ed413f63444b834d33b Loading...

	v3.traincdn.com/_nuxt/desktop/default/consultant.supHelperV2-ef321a16.js	3.2 kB	2024-04-27	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/consultant.supHelperV2-ef321a16.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-27 13:30:37 Last Seen2024-05-08 09:00:23 Times Seen67 Hash 0cc9277dab4117c9b162cc01e1f0b97f 5b7d9007e2d99d3715c5f226aadf44aa4da4332b 6d7637a83c7812813039573e9c67efbb30e4021a971c546621a397eb72ea4bd0 Loading...

	widget.suphelper.top/_next/static/chunks/main-fa1d3b21fd97b583.js	108 kB	2023-11-02	2024-05-19
Pretty URL widget.suphelper.top/_next/static/chunks/main-fa1d3b21fd97b583.js IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-02 21:20:57 Last Seen2024-05-19 15:04:28 Times Seen2513 Hash 83680ce862de40c43fc92e04b1ad0a3d 67eb6762545f4e1fee446794f4738d0f0577b6b4 e70f39978f08895aef6849daf891af65bff03e476eb9b1384dfb36cd4ac9fe75 Loading...

	widget.suphelper.top/_next/static/chunks/81.9c6562bba5669b47.js	37 kB	2023-10-13	2024-05-19
Pretty URL widget.suphelper.top/_next/static/chunks/81.9c6562bba5669b47.js IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-13 06:04:09 Last Seen2024-05-19 15:04:28 Times Seen3224 Hash 6782c8abf3d14391f6ed5c805a973cf5 a08b255c0084e14d74199f5af64522ffaba14486 88331f3bf38157ecb0e64f22c08a582384dc74c8bae09d9f78b9eab5fe82cfa3 Loading...

	v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/60c7aeb54494.js	715 B	2024-04-27	2024-05-08
Pretty URL v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/60c7aeb54494.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-27 09:33:58 Last Seen2024-05-08 09:00:21 Times Seen28 Hash 0a4d6d7efa89ba140b62c6aee5e8fc6f 9e5b132d8df77dc2fe824cf30a362084400f23c5 60e4e95557382dcdc956e8e80595030789aedfcf6c9f2ff90e92c5f4a2631e0d Loading...

	v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/2c4bdd620ac9.js	6.7 kB	2024-04-27	2024-05-08
Pretty URL v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/2c4bdd620ac9.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-27 09:33:56 Last Seen2024-05-08 09:00:22 Times Seen16 Hash db345f9ab9f4b60494ed02dd78f38d79 cb9cbbfabcb9c33191f6dae2927282f0ff4fa236 e9fe103123d124c15580efc873171acc3a1235957353992c779f9ab30938aab4 Loading...

	v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/ea5e649383e3.js	5.0 kB	2024-04-27	2024-05-08
Pretty URL v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/ea5e649383e3.js IP 0.0.0.0 ASN #0 Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-27 09:33:58 Last Seen2024-05-08 09:00:20 Times Seen16 Hash feb5d0c05443398468224d2944536b10 d795e84479919f2fca3e48ddb1c9fea251260f92 d613b9c5f54a7d16fcfaf0ee200b05548ff0cc03a52ea1c3ef75c0315f5582e5 Loading...

	v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Asia.Homepage-b9493cb9.js	37 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Asia.Homepage-b9493cb9.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:30 Last Seen2024-05-08 09:00:23 Times Seen22 Hash 63e1a6027725eca572736670eb935432 e3578492cf68e66a44f556a98545294a5b1bed5a e96e0e4abe03d7fb0d2449e0f2bf27bb0ee85cdd4d7b4098276c712842b45d8c Loading...

	v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.Homepage-633ca92a.js	134 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.Homepage-633ca92a.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:28 Last Seen2024-05-08 09:00:23 Times Seen22 Hash 474bfa89621896100251055f7c19712b 0e19c615fc77f9ed2d69d74b7f8a42d41c6f5138 ea0fef6e0a33df0b36bdce2df6b8bf50eef0dd3b71c7c6fc567a7d7c5d39fdd3 Loading...

	v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/3a9e96a04d11.js	4.2 kB	2024-04-27	2024-05-08
Pretty URL v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/3a9e96a04d11.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-27 09:33:58 Last Seen2024-05-08 09:00:22 Times Seen16 Hash da4fcf0e06e63dbfcf3058f435e0a172 7c544d459b9305c651de2b6c6a48a8188504c3ae f2735fd1ef60ddd6d03eb6c9a4b37b94913c89775308c2880f8dcdf8a321e115 Loading...

	v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main/Page.Betting.Main.BettingLeftAside/Page.Betting.TeamGames/betting.GamesSliderApp/b/e7e00398-3883d633.js	7.6 kB	2024-04-27	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main/Page.Betting.Main.BettingLeftAside/Page.Betting.TeamGames/betting.GamesSliderApp/b/e7e00398-3883d633.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-27 18:05:15 Last Seen2024-05-08 09:00:23 Times Seen30 Hash 68b874a85269b1e64bfd1065d0254a1a 46d5559120d28058a530b18616085b6826bb03c3 7a51983ef71867325dd5d9bf7b7eadc66b567a882f50c1d09158bf4f7de8b587 Loading...

	v3.traincdn.com/_nuxt/desktop/default/betting.coupon2-183c618c.js	1.0 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/betting.coupon2-183c618c.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:30 Last Seen2024-05-08 09:00:23 Times Seen21 Hash 54f54116f151f6469527d5f5c584887c 8078098cda5d50eeb285da4fc78655562f8324ed 8112adb0bbfa619109d5a6c3263e5e1761599c14b3c474b58b2f5ca512b46efb Loading...

	v3.traincdn.com/_nuxt/desktop/default/DownloadAppWidgetAnalytics-2f154c8d.js	416 B	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/DownloadAppWidgetAnalytics-2f154c8d.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:28 Last Seen2024-05-08 09:00:21 Times Seen17 Hash f82b46dce7c19fd9f12e08311e06b4d7 a22d1a217e0b5665e976cecf1cba74c7f884ba21 a5a3de88355ca693c9e33b10b37c3f175362fb3c581ab02c44fbb4fc424c4b1d Loading...

	v3.traincdn.com/sys-static/shared-assets/__shared_accept_language_parser_QKZ6ULEV.js	1.3 kB	2024-03-23	2024-05-19
Pretty URL v3.traincdn.com/sys-static/shared-assets/__shared_accept_language_parser_QKZ6ULEV.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2024-03-23 16:35:35 Last Seen2024-05-19 14:33:19 Times Seen74 Hash 518e0ae196483ada8b528a1f2b7df0a1 50e66030d9aca44adb3bd7893ef3c42593e26be4 529ca09688eb85183a34a43651cad1e8fabae2a02924753d54786f3de5e85693 Loading...

	v3.traincdn.com/_nuxt/desktop/default/vendors/Registration.Fields-07683518.js	40 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/vendors/Registration.Fields-07683518.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:28 Last Seen2024-05-08 09:00:27 Times Seen46 Hash 5609f3d5d46109e5230f492c3d89cdcd 522c0a551da1db7753e72b6a629064a6170791d9 13f2ef217e2e8cc997cbcaa97126a6c31430ae1d073e406944364fb5f45f70e7 Loading...

	www.googletagmanager.com/gtag/js?id=G-7JGWL9SV66	322 kB	2024-05-07	2024-05-07
Pretty URL www.googletagmanager.com/gtag/js?id=G-7JGWL9SV66 IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 09:57:20 Last Seen2024-05-07 09:57:24 Times Seen2 Hash 31daf8be57e0235a4b0a4fd27fa1d8e0 ca728ad16304fa5ff21e6cca47244885e441953d d28a3267d7fd77a199362702e83352578652bd14431283f513ec1b94f0d2a242 Loading...

	v3.traincdn.com/_nuxt/desktop/default/vendors/betting.HomeSliderComponent-f347b217.js	28 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/vendors/betting.HomeSliderComponent-f347b217.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:29 Last Seen2024-05-08 01:37:00 Times Seen20 Hash 18963957c8f45d24c0819a973d362e7b 5a1846a89c5cc9e8028044ff5948bd94f428c412 d1c98b4199c034c2a115ba70268a3e536640ca8b992887df0b085d476ab1275f Loading...

	v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside/betting.SportMenuApp-87a02531.js	42 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside/betting.SportMenuApp-87a02531.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:31 Last Seen2024-05-08 09:00:23 Times Seen22 Hash 21a80fe42c418607606b5ee8ebc9ebe2 b93c8e0a2f18dd371501e1a8739e9445b2c1d9d1 880f72443c469f2d2e9421789eaeb1f2042a8c4ccfc8ce9057a685d588a97ff3 Loading...

	v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside-9ec0f9e5.js	66 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside-9ec0f9e5.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:27 Last Seen2024-05-08 09:00:23 Times Seen22 Hash 5c486444497d7afeea7cabf3a651d76a a5c40dee88530a85a4c061ad4379b13e3b8df745 9c3b64738e185dacb94ddfa13c1807be093f49e0a3b5810f92db524ea9f60020 Loading...

	v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.Asian-2f003ed9.js	122 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.Asian-2f003ed9.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:28 Last Seen2024-05-08 01:37:00 Times Seen20 Hash 6bb873114649db4b87839383a7d31921 91b56ad064a4b8fd0d7edb89a040c6b9d06866aa 6dc41e4f75d65dd3dc2f311198e1a9b2b65e0687c2d905b7d64cf9265f7bda2d Loading...

	widget.suphelper.top/	196 B	2023-07-20	2024-05-19
Pretty URL widget.suphelper.top/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-07-20 14:42:12 Last Seen2024-05-19 15:04:27 Times Seen2115 Hash aa729c2ec64b60ce3b2052cc8edaa329 0f673deff4bffdd337a6220feb0b7b5b5ff666c4 9693391d461678be59d683100b1442f4ee65d2cf5bda3904fbf6232a7eb921ca Loading...

	v3.traincdn.com/sys-static/shared-assets/__shared_vue_final_modal_XPPMTKII.js	25 kB	2024-04-24	2024-05-15
Pretty URL v3.traincdn.com/sys-static/shared-assets/__shared_vue_final_modal_XPPMTKII.js IP 0.0.0.0 ASN #0 Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-24 06:33:06 Last Seen2024-05-15 18:55:36 Times Seen55 Hash 701ad5a22b8ea7213a53e334d0898349 87749d947f6aa40eb671447b58261d710ec5479b 07669c2ea7c29dd69e47f5518ba73b76389f3479e19f7362b461ef0fff96c1f0 Loading...

	v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/62bd07c5cb50.js	2.6 kB	2024-04-27	2024-05-08
Pretty URL v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/62bd07c5cb50.js IP 0.0.0.0 ASN #0 Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-27 09:33:56 Last Seen2024-05-08 09:00:21 Times Seen16 Hash 942da12c1a44ccf257f6ea3e09ed3175 117b957d554602393aed24ffb08c957f89dc622c ecb8f76caef1e9eda494ea85e50bfa687baf1a99774b32edd34b03e8215f4075 Loading...

	v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/7b53ac9cad2f.js	41 kB	2024-04-27	2024-05-08
Pretty URL v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/7b53ac9cad2f.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-27 09:33:56 Last Seen2024-05-08 09:00:27 Times Seen21 Hash de79bf6739658de7bc537d692f3638fe 1e7a3af0be67bc48ac8f184324daff5f1422ac26 35f8f183f2c85dfafed1127ec3f72da678b9eea861b4083672ae4580ff6a0af0 Loading...

	v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.BettingLeftAside/Page.Betting.Main.Asian/betting.CentralMenuApp/betting.SportsMenuCompact-cca22477.js	15 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.BettingLeftAside/Page.Betting.Main.Asian/betting.CentralMenuApp/betting.SportsMenuCompact-cca22477.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:30 Last Seen2024-05-08 09:00:23 Times Seen22 Hash 2f5a8b05ac32c583fcde180d9d46fce9 86cc94f0c76922b731336bb6c13ff2839f37d689 6f2a20b4cda56cb4d92bd6d3817945c5e659723eaf3e5c85f0a00274c909a9cd Loading...

	v3.traincdn.com/_nuxt/desktop/default/Betting.Core-d4a24bae.js	2.4 kB	2024-05-07	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/Betting.Core-d4a24bae.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 06:20:17 Last Seen2024-05-08 09:00:23 Times Seen21 Hash 3a0e4a54185bcc66d2e032dd30a385eb 627755ca54def0761f25f827d5b4cb483e1ca83d e0bc5ffed1e6fd6285fea94e991fa8ec48a5f17677519c766d7ee7e757a02239 Loading...

	v3.traincdn.com/sys-static/shared-assets/__shared_chunk_Y7BFQXXC.js	1.0 kB	2024-03-23	2024-05-19
Pretty URL v3.traincdn.com/sys-static/shared-assets/__shared_chunk_Y7BFQXXC.js IP 0.0.0.0 ASN #0 Introduced by importedModule Embedded in HTML false Observations First Seen2024-03-23 16:35:38 Last Seen2024-05-19 14:33:18 Times Seen74 Hash 8fecd56fc5520134f3c39b17431fe0c2 e0cedac030a1fcf68779a592ed9e0775beb45123 3e01dfddf1e68faa32769d615eeb0e838a29241d18a57090040c595ee05f0ba8 Loading...

	1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder	924 B	2024-02-25	2024-05-19
Pretty URL 1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-02-25 06:56:59 Last Seen2024-05-19 15:04:27 Times Seen143 Hash 92bf20f2f922cc746bec8fe320b23ed3 768e5dbe711e1b62cad807b11ded99ef85001483 b81f4c4f575092cb52a07f89a96291f8e258b3f6bf61e51df0fec3bcc3132fea Loading...

	v3.traincdn.com/_nuxt/desktop/default/runtime-baf5b66c.js	47 kB	2024-05-07	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/runtime-baf5b66c.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 06:20:18 Last Seen2024-05-08 09:00:23 Times Seen22 Hash ef9def5f3c8a190bfffb14ce24c6eb58 c5fa568c8f9bee2aa988c80a7246e07edd8d84ba d5d3ad6908352036bda426fe1fdc6f1dc03ac13a7029bbf25fa50580abd9064f Loading...

	v3.traincdn.com/_nuxt/desktop/default/vendors/betting.media-233f5bf5.js	56 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/vendors/betting.media-233f5bf5.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:31 Last Seen2024-05-08 09:00:23 Times Seen52 Hash 45302df89a240c65824afccc0240c030 84573118a402aa9a4ee0321ccf3f914c438a8369 25b695450684f580508f24855ea2d181ecd499e26573010621dd4a2ddc5af16a Loading...

	1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder	696 kB	2024-05-07	2024-05-07
Pretty URL 1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-07 09:57:21 Last Seen2024-05-07 09:57:21 Times Seen1 Hash 2e57520e358495f5c4ca586cee749037 3c72a66b253f1927597ff099af83693d0fb95c1a 3a0892090f9f68c44adb89a97e58ea523491115fa99465ac84ce032deb06a677 Loading...

	unknown	39 B	2023-04-14	2024-05-19
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-14 16:26:15 Last Seen2024-05-19 15:04:27 Times Seen947 Hash bc51ed8c76553717f10d58b2df60fd76 e2d03a8fd8d280074b226c288880f9df299c7cb1 bee994eaf88453f6343ba57571a069054c12c9b4e42f8cbad4f2ad75c7fb264c Loading...

	1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder	15 kB	2024-05-02	2024-05-14
Pretty URL 1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-02 16:50:31 Last Seen2024-05-14 10:51:33 Times Seen17 Hash 3e520df15f0dee47790b221cd7d47d5b a9dc00c41ac65b02bce01a2deaf9a44379f25e8d e14077003b6f51a50d2c053edcace82150b0f1b20373a11ca7dc57e4231cbf34 Loading...

	v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingContent-636888aa.js	1.3 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingContent-636888aa.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:27 Last Seen2024-05-08 09:00:23 Times Seen22 Hash 59e405a5c84540fd5cd4a47c01954bb9 877928ec86d9742b605ab481e28e4ca40163154b a50357ec75eb7f36a26bfe20b003e614f8bfd8298d502b26c9dc36cbdc1d362a Loading...

	v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main-499ac9a4.js	237 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main-499ac9a4.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:27 Last Seen2024-05-08 09:00:23 Times Seen22 Hash 8b5b82fea92540c112a534ae258307e2 380afabff0faa228d8c4f10cc9947b310d1bab68 ab31af22488ac9b76c9790f4d3cf1096a9402e7ab4a5b8e09d373cb5b62bc651 Loading...

	v3.traincdn.com/_nuxt/desktop/default/DC-7e6a4aad.js	2.3 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/DC-7e6a4aad.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:29 Last Seen2024-05-08 09:00:23 Times Seen50 Hash b44bc16cd2630bfada5ec9cbdbfcafab 43918946155d48f6cc8ecba42e2cf2cab28debd7 189ec6fd8e44cc47498706a2d2c815da1dc255040ef5ef57f5faa7c10c05ae42 Loading...

	v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Cyber.Game/Page.NewCyber.CyberApp/Page.NewCyber.CyberChamps/Page.NewCyber.CyberDashboar/ff3e75d4-74b93b4d.js	32 kB	2024-04-27	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Cyber.Game/Page.NewCyber.CyberApp/Page.NewCyber.CyberChamps/Page.NewCyber.CyberDashboar/ff3e75d4-74b93b4d.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-27 13:30:37 Last Seen2024-05-08 09:00:23 Times Seen56 Hash 56a0eecb3ec4576e9abf6f8f3e2707f9 6ddfcb4b1669c1323d87906b720fe8e4c258c143 81a5331c3ce30f9e8f21bf5e69591e24dd0c77d9b69157bf0a5e2242fc299ed4 Loading...

	v3.traincdn.com/_nuxt/desktop/default/DownloadAppWidget-b6662b37.js	12 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/DownloadAppWidget-b6662b37.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:29 Last Seen2024-05-08 09:00:23 Times Seen21 Hash d5bb5783c476219b31ce5582083fd74b 326b40532b72988c1d23fb931daabead75d18482 2724a816ddb0fd1234ca8cebf9db4fd60290f282fcfcb5619ffe70be9c0160b7 Loading...

	widget.suphelper.top/_next/static/chunks/pages/index-ed7cd77912c6e3a9.js	107 kB	2024-04-25	2024-05-19
Pretty URL widget.suphelper.top/_next/static/chunks/pages/index-ed7cd77912c6e3a9.js IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 18:56:15 Last Seen2024-05-19 15:04:28 Times Seen232 Hash d0a7ecc59065580118a9ea8880c58962 21573546ac5011592094ef6aea0696ccdeb2164d e1b09efa81ca44cda394e366b64fbf2b3f0725eab9ad24782839cbb8f66842b5 Loading...

	widget.suphelper.top/_next/static/f385e6db/_middlewareManifest.js	92 B	2023-03-07	2024-05-19
Pretty URL widget.suphelper.top/_next/static/f385e6db/_middlewareManifest.js IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:01 Last Seen2024-05-19 15:04:28 Times Seen7995 Hash 7c3f7e060745668041278118c0bb3d6d e639f56695b3cc30d78dce7a0084aa8299a1311a de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a Loading...

	v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/5f591efad77b.js	1.5 kB	2024-04-27	2024-05-08
Pretty URL v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/5f591efad77b.js IP 0.0.0.0 ASN #0 Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-27 09:33:57 Last Seen2024-05-08 09:00:21 Times Seen16 Hash 7def1ae39ae3ec1a1a1d626c24e5a7f2 c01023fb1bb0149d53435f5e665c7936ce88aee6 9b43d70a4acc4172dd9c3fceaa2e5f0585b1263516eb3b1f05c363980294152e Loading...

	v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/c7de6303dfb7.js	424 B	2024-04-27	2024-05-08
Pretty URL v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/c7de6303dfb7.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-27 09:33:58 Last Seen2024-05-08 09:00:20 Times Seen23 Hash 33e7498a57ccd45d4321735d481a7313 46b45796c16d136c29f360cbb68d5b205904bcfd 778fa85294ad50c151be62183dbe5c18d754019a84e6c8a929b2c641d38ce3e4 Loading...

	v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/635ff2d38c89.js	435 B	2024-04-27	2024-05-08
Pretty URL v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/635ff2d38c89.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-27 09:33:58 Last Seen2024-05-08 09:00:22 Times Seen25 Hash 213bb33769eecf49a9d71c164b83a3d6 2caacec15b0665fc36759a6bdf499512788dd7f3 75e86ca16a3f828026bc32b7aab627175289750ac184bd505d531c591d2bf011 Loading...

	v3.traincdn.com/_nuxt/desktop/default/vendors/Auth.Forms/RegistrationWidgetApp/components/userControl.auth_form_extended/registration.Main/da7322db-022bbfcd.js	26 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/vendors/Auth.Forms/RegistrationWidgetApp/components/userControl.auth_form_extended/registration.Main/da7322db-022bbfcd.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:28 Last Seen2024-05-08 09:00:23 Times Seen49 Hash e30c678eadf7bd0fcc773e1599b97ddf 41243dc14d9eb2569fa832a3b8c27fc0158991aa a4334d54b8db6d6eceb88c48ee428dfbb0ad3749d4137439f77859e205b52806 Loading...

	v3.traincdn.com/sys-static/shared-assets/__shared_vue_deps_OVKZGHR6.js	81 kB	2024-04-24	2024-05-07
Pretty URL v3.traincdn.com/sys-static/shared-assets/__shared_vue_deps_OVKZGHR6.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-24 06:33:05 Last Seen2024-05-07 09:57:21 Times Seen4 Hash 39ee2eb3f7c493e991990cc0353dba17 1d467b8bfc8cc173bc2e09b18604f6663a3e805d f5f0228411b266e2943823e6456a6a29bbcc427bbca1d85291c768d59cc8804a Loading...

	v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Main.BettingLeftAside-14b63672.js	21 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Main.BettingLeftAside-14b63672.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:29 Last Seen2024-05-08 09:00:23 Times Seen22 Hash fb60e20d94667a730b2505f72a36269f 9553f3349aae185bd43d95b7ea735790b5ac35d4 24b7cc1abd1d6224f08db147e7c866945d1f205b36b55ac5a5f1c47ed96d69ab Loading...

	v3.traincdn.com/_nuxt/desktop/default/vendors/app-d26cc899.js	954 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/vendors/app-d26cc899.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:29 Last Seen2024-05-08 09:00:23 Times Seen54 Hash 1992415420cd9d59941e07133aa0c521 308a748fa982a440a112cb9e449f25a23bd6d83e 94a8f060251c7e705ee8c823783cb067e2844edb0f3900b6b0e91948d92ce907 Loading...

	v3.traincdn.com/_nuxt/desktop/default/date-fns-locale-21-290f49eb.js	7.0 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/date-fns-locale-21-290f49eb.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:29 Last Seen2024-05-08 09:00:23 Times Seen54 Hash 91d17dbf833b48149a8b5d2f21895879 bd71a45fa4419ab4ddbc676f0a9cca2be05e1703 f085ff2e310ab82817411e3ed64d0902de49e149d0958cadb91d518ed5854335 Loading...

	v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/0f8a3bdbdd12.js	1.0 kB	2024-04-27	2024-05-08
Pretty URL v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/0f8a3bdbdd12.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-27 09:33:57 Last Seen2024-05-08 09:00:22 Times Seen16 Hash b49b08255ad6dd3864f907913b849ebe d795fb55582cfc60ad8e9316849952ace5cdfd29 3fbd78a17348b646b42ee72bcebc1c930f88f26e3b9e42ae3c488637e1e4a655 Loading...

	v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/03e03ebafcdc.js	372 B	2024-04-27	2024-05-08
Pretty URL v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/03e03ebafcdc.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-27 09:33:58 Last Seen2024-05-08 09:00:20 Times Seen23 Hash 441a6448f5a4242779baf6fc1399b13e b646aa02b2ed08c1590c6f4536341cb2e51a4f1c 0eede7ea7bad647cc90b8044489561c58d2d5865e88ecc59a572589c6ccea6b7 Loading...

	unknown	47 B	2023-04-14	2024-05-19
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-14 16:26:15 Last Seen2024-05-19 15:04:27 Times Seen942 Hash 580b3e56fc9ab6e8b4655f43ee057cc1 5dfce565e446f4a167195de9a1a5dd26163c711c 446f07b6e56de61d2c2d5b6ba408cc580b492a6d1ede8fc51cfde4ef75a2b382 Loading...

	v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Main/Page.Betting.Main.Asian/registration.Main/user.userRegistration-b32053db.js	32 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Main/Page.Betting.Main.Asian/registration.Main/user.userRegistration-b32053db.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:30 Last Seen2024-05-08 09:00:23 Times Seen49 Hash 3f5e6415a870624bda2cd9741726af93 a5f7d27d2ca9f7e89a230ad43754f4e0390f293a 68449536372a92443232c2c9299ebc24a5f62543e6b12cd0a137b078f50d6e9b Loading...

	v3.traincdn.com/_nuxt/desktop/default/Layout.SeoModule.Lazy-db205bbd.js	8.7 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/Layout.SeoModule.Lazy-db205bbd.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:30 Last Seen2024-05-08 09:00:23 Times Seen53 Hash a5db05d47f7f37c06acc29a0f4eeb447 b9ddddb586721548eaa4a62d7ae420bfcfc5bddb 4053d0ffbd3af6bc022131a3f123bd4e88825f1b5f06a74dd2072a2b0fe3f243 Loading...

	widget.suphelper.top/_next/static/chunks/7413e8b9-8adee4b5b5407a55.js	78 kB	2024-01-20	2024-05-19
Pretty URL widget.suphelper.top/_next/static/chunks/7413e8b9-8adee4b5b5407a55.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-20 01:21:34 Last Seen2024-05-19 15:04:28 Times Seen601 Hash dc6852529f28802d37affa5953d07260 4edd220fe8df4b009a1775ebe57f19d40999659f 4aefb18221e4fb46818b0f52302b7c7717e45701e26990726cce645d8c80ed84 Loading...

	v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.BettingLeftAside-9f71ae9a.js	37 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.BettingLeftAside-9f71ae9a.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:28 Last Seen2024-05-08 09:00:23 Times Seen22 Hash 149f1f916b0c47494c7bdc15122390d4 f6be7ef6c3649f4b83fd19f7459dbce46ff15925 f8ecbd7355d64beb3e23daea185a634fa436012d707160381bb3b65548a9c92b Loading...

	v3.traincdn.com/sys-static/shared-assets/__shared_sweetalert2_X3CQ7PJQ.js	69 kB	2024-03-23	2024-05-19
Pretty URL v3.traincdn.com/sys-static/shared-assets/__shared_sweetalert2_X3CQ7PJQ.js IP 0.0.0.0 ASN #0 Introduced by importedModule Embedded in HTML false Observations First Seen2024-03-23 16:35:38 Last Seen2024-05-19 14:33:20 Times Seen108 Hash 138de5d55ee831195dd90bbf5c557926 4413082980942643803d8d4567df2f8395c0e868 55a6d9d38b0c68a21367ae7ae43333bfa61e2eddd38b2376eb5b192f0a0383cd Loading...

	v3.traincdn.com/_nuxt/desktop/default/analytics-a8ae3276.js	6.4 kB	2024-04-27	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/analytics-a8ae3276.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-27 13:30:35 Last Seen2024-05-08 09:00:26 Times Seen65 Hash 60f915b0daad3af04303726381897e81 133c20a7f58c18758483c23f595d5a4f22ba9371 320b5a7d25c926dc55eb7a53f4348bf7c34bd7f5bc6ad3bcd1d16029239dc3a1 Loading...

	radar.cedexis.com/1/23802/radar.js	390 B	2024-02-13	2024-05-19
Pretty URL radar.cedexis.com/1/23802/radar.js IP 45.54.49.5 ASN #63911 NetActuate, Inc Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-13 14:23:26 Last Seen2024-05-19 15:04:27 Times Seen288 Hash 82dec77fd0353c7c71ce053b8601387e fbbca95419e1d0c042e0a5fdf10f380aca66188c 39f2b7b0fa78d37d0c84d2d6618bd635d86fd683d9bcdd5729850cb2a62522f7 Loading...

	v3.traincdn.com/_nuxt/check-ob.js	211 B	2024-04-24	2024-05-19
Pretty URL v3.traincdn.com/_nuxt/check-ob.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 06:33:10 Last Seen2024-05-19 15:04:27 Times Seen263 Hash ced67278c38d1ce1297c121af69fff8a df6e1531fd84d956263b04254e6f94f5356623f4 2958134c3c00f7c6320858dd66e454c2856e4842821d3523c4cc5e44e1ec8616 Loading...

	v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.BettingContent-3ca7fb18.js	1.2 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.BettingContent-3ca7fb18.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:29 Last Seen2024-05-08 09:00:23 Times Seen21 Hash 52ab057c90af6d742e95f43ff97e95ff dfdce102add5fc4fa06ac366a663e7a732bd9352 feedd981d953d2933cbb35a49608ebf408f13f457399c2b11aa1ef5eb76db547 Loading...

	widget.suphelper.top/_next/static/f385e6db/_ssgManifest.js	77 B	2023-03-07	2024-05-19
Pretty URL widget.suphelper.top/_next/static/f385e6db/_ssgManifest.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:02 Last Seen2024-05-19 16:08:55 Times Seen87544 Hash b6652df95db52feb4daf4eca35380933 65451d110137761b318c82d9071c042db80c4036 6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e Loading...

	v3.traincdn.com/sys-static/shared-assets/__shared_popper_js_MO5RLEN3.js	21 kB	2024-03-23	2024-05-19
Pretty URL v3.traincdn.com/sys-static/shared-assets/__shared_popper_js_MO5RLEN3.js IP 0.0.0.0 ASN #0 Introduced by importedModule Embedded in HTML false Observations First Seen2024-03-23 16:35:33 Last Seen2024-05-19 14:33:19 Times Seen107 Hash 598d5481ac96b9bf8013b0eb1413b8e5 cc7e3384da379a215ac43b2385e901e22ceb6327 1488ecc35389c72a3aa26d468420069f6b719db456ea82605762311da663b65f Loading...

	v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/e8b8c79f9b52.js	504 B	2024-04-27	2024-05-08
Pretty URL v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/e8b8c79f9b52.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-27 09:33:58 Last Seen2024-05-08 09:00:24 Times Seen30 Hash 5387051085dcc459e7077d5d8000b85d d22afab6c65228f0056f66e4f150783f6014e36b 34377c13fd72112cac96fba3642f084661361aea701a70ba3702c82c9bb42790 Loading...

		Size	First Seen	Last Seen
	#1 Eval - e76fa7f4e1f195c172aa054603498a94	107 kB	2024-05-07	2024-05-07
Pretty Observations First Seen2024-05-07 09:57:21 Last Seen2024-05-07 09:57:21 Times Seen1 Hash e76fa7f4e1f195c172aa054603498a94 6b45e384abf94b12b3f28596a7e453e6ee0fe893 c95af54e4bd1e27c52a5fa800fd22c3a68914a1957510edb86db14fd03381bf8 Loading...

	#2 Eval - 63e86823b889f1d276df7be860fd0903	32 kB	2024-05-07	2024-05-07
Pretty Observations First Seen2024-05-07 09:57:21 Last Seen2024-05-07 09:57:21 Times Seen1 Hash 63e86823b889f1d276df7be860fd0903 751f18dd200f3df85bb900e15d72a5e4998ecde4 6235b37fc94ad09453a534d59d2b825fce3d45f51fa5da91c796e5e594479c21 Loading...

HTTP Transactions (219)

URL IP Response Size

refpaucqkl.top/L?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder&site=73595&ad=32273

45.135.120.2

11 kB

URL
refpaucqkl.top/L?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder&site=73595&ad=32273
IP
45.135.120.2:0
ASN
#56630 Melbikomas UAB

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3
Size
11 kB (11024 bytes)
Hash
fef2b2d947ad491b371bd0b7c26b28a9
73c0ff1a17d772556d30c73ab091972a40707200
e9ad1ba6c79b7d78a38b44b4977939edd1378aaf4d0853c062e41f55b98423f2

HTTP Headers

GET /L?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder&site=73595&ad=32273 HTTP/1.1
Host: refpaucqkl.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 303 See Other
server: nginx
date: Tue, 07 May 2024 07:56:32 GMT
cache-control: private
location: https://1xlite-461430.top:443/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder
x-aspnetmvc-version: 5.0
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.003
X-Firefox-Spdy: h2

1xlite-461430.top/polyfills.js

178.253.29.51

0 B

URL
1xlite-461430.top/polyfills.js
IP
178.253.29.51:0
ASN
#202492 Silverhill Group Holding Ltd

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /polyfills.js HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder; postback_watcher=; platform_type=desktop; auid=sv0dM2Y53rKJcwD9AxxYAg==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:34 GMT
content-type: text/javascript; charset=utf-8
content-length: 0
vary: user-agent
cache-control: public, max-age=2678400, s-maxage=2678400
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-time-ng: 0.004
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.012
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/runtime-baf5b66c.js

185.244.209.62

15 kB

URL
v3.traincdn.com/_nuxt/desktop/default/runtime-baf5b66c.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
JavaScript source, ASCII text, with very long lines (47215), with no line terminators
Size
15 kB (14752 bytes)
Hash
ef9def5f3c8a190bfffb14ce24c6eb58
c5fa568c8f9bee2aa988c80a7246e07edd8d84ba
d5d3ad6908352036bda426fe1fdc6f1dc03ac13a7029bbf25fa50580abd9064f

HTTP Headers

GET /_nuxt/desktop/default/runtime-baf5b66c.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 14752
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-39a0"
content-encoding: gzip
expires: Tue, 07 May 2024 10:54:45 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-ffa2d5c43b6e9cd21937a38099ef73f3-fe943832ff5d7938-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T10:54:45+00:00, 2024-05-06T10:56:33+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/css/a4f501bb.css

185.244.209.62

7.4 kB

URL
v3.traincdn.com/_nuxt/desktop/default/css/a4f501bb.css
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
ASCII text, with very long lines (54112), with no line terminators
Size
7.4 kB (7418 bytes)
Hash
32a89d535782c71f2aee2541afe97325
9ad12cc6ccd6b059073f779e9d91c6c6674e1289
ea1bc845a76d5e0e7738e217f8f0c47ac62ace9bddebba5059499b3451aa6ef8

HTTP Headers

GET /_nuxt/desktop/default/css/a4f501bb.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:35 GMT
content-type: text/css
content-length: 7418
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-1cfa"
content-encoding: gzip
expires: Tue, 07 May 2024 10:53:28 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-bf27653a53bc7a7f37daa5edcb28fadc-0a2560abd314c124-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T10:53:28+00:00, 2024-05-06T11:16:00+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main-499ac9a4.js

185.244.209.62

58 kB

URL
v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main-499ac9a4.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (64940), with no line terminators
Size
58 kB (58244 bytes)
Hash
8b5b82fea92540c112a534ae258307e2
380afabff0faa228d8c4f10cc9947b310d1bab68
ab31af22488ac9b76c9790f4d3cf1096a9402e7ab4a5b8e09d373cb5b62bc651

HTTP Headers

GET /_nuxt/desktop/default/Page.Betting.Main-499ac9a4.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 58244
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-e384"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:00 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-88a8d04a0d750557ce761be95a9ca9aa-18b330b85c2a946b-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:00+00:00, 2024-05-06T14:47:23+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/css/a7906856.css

185.244.209.62

336 B

URL
v3.traincdn.com/_nuxt/desktop/default/css/a7906856.css
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
ASCII text, with very long lines (1099), with no line terminators
Size
336 B (336 bytes)
Hash
6921418ff9395c44037498a4cf17ee66
31879049279e2cb5bc06b249d80d1735ef112b19
e6de221b29f3b4e47505c877067f28565ab5e1b419dc5003aca29c49596e73ab

HTTP Headers

GET /_nuxt/desktop/default/css/a7906856.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:35 GMT
content-type: text/css
content-length: 336
last-modified: Mon, 06 May 2024 10:23:04 GMT
etag: "6638af88-150"
content-encoding: gzip
expires: Tue, 07 May 2024 12:27:19 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-fa0fa184c899fadd71950ac1c19025fc-8aec3395ef6bf1da-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T12:27:19+00:00, 2024-05-06T13:53:34+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Main/Page.Betting.TeamGames-ffc54199.js

185.244.209.62

10 kB

URL
v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Main/Page.Betting.TeamGames-ffc54199.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
JavaScript source, ASCII text, with very long lines (40656), with no line terminators
Size
10 kB (9977 bytes)
Hash
3645d2d457e7c89dbddbc70d1bb71d2e
d91ac83ee98ca90c4a45448683041facd9b325cd
a615e922b7060fe133277857d8a581923a62ce0da64aff95340bd9b884856a5a

HTTP Headers

GET /_nuxt/desktop/default/vendors/Page.Betting.Main/Page.Betting.TeamGames-ffc54199.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 9977
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-26f9"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:00 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-dd582f3403f7865fd918e0c23451cb86-45a1df90aef48aef-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:00+00:00, 2024-05-06T14:47:23+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Main/Page.Betting.Main.Asian/registration.Main/user.userRegistration-b32053db.js

185.244.209.62

9.2 kB

URL
v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Main/Page.Betting.Main.Asian/registration.Main/user.userRegistration-b32053db.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (31683), with no line terminators
Size
9.2 kB (9205 bytes)
Hash
3f5e6415a870624bda2cd9741726af93
a5f7d27d2ca9f7e89a230ad43754f4e0390f293a
68449536372a92443232c2c9299ebc24a5f62543e6b12cd0a137b078f50d6e9b

HTTP Headers

GET /_nuxt/desktop/default/vendors/Page.Betting.Main/Page.Betting.Main.Asian/registration.Main/user.userRegistration-b32053db.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 9205
last-modified: Mon, 06 May 2024 10:23:04 GMT
etag: "6638af88-23f5"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:00 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-c014498a896816d80f1c3ce748d83fc8-b3bbc7225010aade-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:00+00:00, 2024-05-06T14:47:23+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.Homepage/Page.Betting.Main/Page.Betting.Main.Asian/Page.Betting.TeamGames/Page.New/a4ad9f6b-09b98935.js

185.244.209.62

4.2 kB

URL
v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.Homepage/Page.Betting.Main/Page.Betting.Main.Asian/Page.Betting.TeamGames/Page.New/a4ad9f6b-09b98935.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
JavaScript source, ASCII text, with very long lines (14590), with no line terminators
Size
4.2 kB (4207 bytes)
Hash
81deb8b2ab30cd1729e21622a32d9814
41b982e7a7e4eec22ce01ff1a3b854e51e385789
41159eb3d25b42d4e655a6a3f4e6b0777c2d8a572277d77f9104e171b8aa5589

HTTP Headers

GET /_nuxt/desktop/default/Page.Betting.Asia.Homepage/Page.Betting.Main/Page.Betting.Main.Asian/Page.Betting.TeamGames/Page.New/a4ad9f6b-09b98935.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 4207
last-modified: Thu, 02 May 2024 12:52:18 GMT
etag: "66338c82-106f"
content-encoding: gzip
expires: Sat, 04 May 2024 08:41:36 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-5e5d5844438e66d956fe27d023e3a3ee-4a3e757408c54d57-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-03T08:41:36+00:00, 2024-05-06T09:49:54+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main/Page.Betting.Main.BettingLeftAside/Page.Betting.TeamGames/betting.GamesSliderApp/b/e7e00398-3883d633.js

185.244.209.62

2.2 kB

URL
v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main/Page.Betting.Main.BettingLeftAside/Page.Betting.TeamGames/betting.GamesSliderApp/b/e7e00398-3883d633.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
JavaScript source, ASCII text, with very long lines (7613), with no line terminators
Size
2.2 kB (2209 bytes)
Hash
68b874a85269b1e64bfd1065d0254a1a
46d5559120d28058a530b18616085b6826bb03c3
7a51983ef71867325dd5d9bf7b7eadc66b567a882f50c1d09158bf4f7de8b587

HTTP Headers

GET /_nuxt/desktop/default/Page.Betting.Main/Page.Betting.Main.BettingLeftAside/Page.Betting.TeamGames/betting.GamesSliderApp/b/e7e00398-3883d633.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 2209
last-modified: Thu, 02 May 2024 12:52:18 GMT
etag: "66338c82-8a1"
content-encoding: gzip
expires: Sat, 04 May 2024 08:41:31 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-d85aad2c2e8a236756df39267c62cc00-61cfa476ec51e7df-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-03T08:41:31+00:00, 2024-05-06T09:49:54+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/css/98ce2926.css

185.244.209.62

1.5 kB

URL
v3.traincdn.com/_nuxt/desktop/default/css/98ce2926.css
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
ASCII text, with very long lines (8509), with no line terminators
Size
1.5 kB (1491 bytes)
Hash
b0cd3891fe08ec67c50bbdfd9f7e9181
205511f8e55a0498e8129c290759a26ba4a4db31
75c619e9cabd7b2c1939e6837909e12c51fb3e68888ba20d650cb1939f983f6e

HTTP Headers

GET /_nuxt/desktop/default/css/98ce2926.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:35 GMT
content-type: text/css
content-length: 1491
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-5d3"
content-encoding: gzip
expires: Tue, 07 May 2024 12:27:19 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-5e33dba53a511310fbdd3e6ec71fabdb-2a6f35ed4eee3049-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T12:27:19+00:00, 2024-05-06T13:53:34+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/css/6cc025d5.css

185.244.209.62

1.3 kB

URL
v3.traincdn.com/_nuxt/desktop/default/css/6cc025d5.css
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
ASCII text, with very long lines (6716), with no line terminators
Size
1.3 kB (1324 bytes)
Hash
be35c859b4087d52ff863e02472b7438
acce1097a331dc2ec0669d17db06c679e7c81be6
af7c9af6bda4b329f14b870f4df09e1b11e87d8dba17c30eed496dc5d27dfc1f

HTTP Headers

GET /_nuxt/desktop/default/css/6cc025d5.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:35 GMT
content-type: text/css
content-length: 1324
last-modified: Mon, 06 May 2024 10:23:04 GMT
etag: "6638af88-52c"
content-encoding: gzip
expires: Tue, 07 May 2024 12:27:19 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-6e3950ddaf169590bef13ccf74800263-044847e49a16d633-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T12:27:19+00:00, 2024-05-06T13:53:34+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside-9ec0f9e5.js

185.244.209.62

200 OK

17 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside-9ec0f9e5.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65113), with no line terminators
Size
17 kB (17011 bytes)
Hash
5c486444497d7afeea7cabf3a651d76a
a5c40dee88530a85a4c061ad4379b13e3b8df745
9c3b64738e185dacb94ddfa13c1807be093f49e0a3b5810f92db524ea9f60020

HTTP Headers

GET /_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside-9ec0f9e5.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 17011
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-4273"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:00 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-cc52fdd53cf1b2a7f6779ed74f150c42-ee7011001ddc2060-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:00+00:00, 2024-05-06T14:47:23+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Main.BettingLeftAside-14b63672.js

185.244.209.62

5.9 kB

URL
v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Main.BettingLeftAside-14b63672.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
JavaScript source, ASCII text, with very long lines (21262), with no line terminators
Size
5.9 kB (5874 bytes)
Hash
fb60e20d94667a730b2505f72a36269f
9553f3349aae185bd43d95b7ea735790b5ac35d4
24b7cc1abd1d6224f08db147e7c866945d1f205b36b55ac5a5f1c47ed96d69ab

HTTP Headers

GET /_nuxt/desktop/default/vendors/Page.Betting.Main.BettingLeftAside-14b63672.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 5874
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-16f2"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:00 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-d1130398c78ec3db486d5df028094bf7-c44f2315fa8a7e02-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:00+00:00, 2024-05-06T14:47:23+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside/Page.NewCyber.CyberChamps/Page.NewCyber.CyberDashboard/Page.NewCy/adc1b632-4d951a46.js

185.244.209.62

3.5 kB

URL
v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside/Page.NewCyber.CyberChamps/Page.NewCyber.CyberDashboard/Page.NewCy/adc1b632-4d951a46.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
JavaScript source, ASCII text, with very long lines (13913), with no line terminators
Size
3.5 kB (3531 bytes)
Hash
395deb0abfd0ea102c0c9aa4cf08b2f9
b53c99a2bce733f0a45a075000949d34e2fd0b17
f11d7b6985d7e97030628cf137377b14e9316f8919f80dff4cdd488366aa6652

HTTP Headers

GET /_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside/Page.NewCyber.CyberChamps/Page.NewCyber.CyberDashboard/Page.NewCy/adc1b632-4d951a46.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 3531
last-modified: Thu, 02 May 2024 12:52:18 GMT
etag: "66338c82-dcb"
content-encoding: gzip
expires: Sat, 04 May 2024 08:41:30 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-ecaa034c07fae0e94aadbbd4b51da816-e33bdda43174a5c0-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-03T08:41:30+00:00, 2024-05-06T09:49:54+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/css/9eb4939a.css

185.244.209.62

2.8 kB

URL
v3.traincdn.com/_nuxt/desktop/default/css/9eb4939a.css
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
ASCII text, with very long lines (20960), with no line terminators
Size
2.8 kB (2763 bytes)
Hash
6cae6098e169876c305ca92f82fe3cde
d27c18f05738795d575c8ce370ed83cf07da0a5a
7095d096e88dd0a09d84d063de1e0eedd406b032150a5af99e796c2ac63bcfe5

HTTP Headers

GET /_nuxt/desktop/default/css/9eb4939a.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:35 GMT
content-type: text/css
content-length: 2763
last-modified: Mon, 06 May 2024 10:23:04 GMT
etag: "6638af88-acb"
content-encoding: gzip
expires: Tue, 07 May 2024 12:27:19 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-36340b54182d2a8ea2ef86e1751dcea2-1a79f91eb2c9b5ff-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T12:27:19+00:00, 2024-05-06T13:53:34+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside/betting.SportMenuApp-87a02531.js

185.244.209.62

200 OK

10 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside/betting.SportMenuApp-87a02531.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (41615), with no line terminators
Size
10 kB (10290 bytes)
Hash
21a80fe42c418607606b5ee8ebc9ebe2
b93c8e0a2f18dd371501e1a8739e9445b2c1d9d1
880f72443c469f2d2e9421789eaeb1f2042a8c4ccfc8ce9057a685d588a97ff3

HTTP Headers

GET /_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside/betting.SportMenuApp-87a02531.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 10290
last-modified: Mon, 06 May 2024 10:23:04 GMT
etag: "6638af88-2832"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:00 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-5f1cddacf875d5570535b5c27abe6483-a3f4b268fe1c5b67-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:00+00:00, 2024-05-06T14:47:23+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/css/c3d37cc4.css

185.244.209.62

194 B

URL
v3.traincdn.com/_nuxt/desktop/default/css/c3d37cc4.css
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
ASCII text, with very long lines (395), with no line terminators
Size
194 B (194 bytes)
Hash
7f1ee7f9ec47159043591789124ec7cc
bb021131214d4b70b327355a5a947b974f2eccbd
4041bafac614e354c03b647dc8d226e140460381c4816a65528e4ba428b0a0ad

HTTP Headers

GET /_nuxt/desktop/default/css/c3d37cc4.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:35 GMT
content-type: text/css
content-length: 194
last-modified: Mon, 06 May 2024 07:48:14 GMT
etag: "66388b3e-c2"
content-encoding: gzip
expires: Tue, 07 May 2024 09:23:37 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-30dd891efa550422d22f04139b702037-c6cdce0042edcea8-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T09:23:37+00:00, 2024-05-06T14:27:34+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/css/885d64fc.css

185.244.209.62

332 B

URL
v3.traincdn.com/_nuxt/desktop/default/css/885d64fc.css
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
ASCII text, with very long lines (975), with no line terminators
Size
332 B (332 bytes)
Hash
31aa50dcbc858f61bf3ed903493b8431
abf67e7f02256d2d5c5e2054b2930aa9b5ece999
18337e3b3c6f57695afaca43e471c075fd711e0485b4e7f1fdc1b6fe4e8703d7

HTTP Headers

GET /_nuxt/desktop/default/css/885d64fc.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:35 GMT
content-type: text/css
content-length: 332
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-14c"
content-encoding: gzip
expires: Tue, 07 May 2024 12:17:32 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-ab44fa9d82999c0cd09b4d14fc43e7a1-3af66aa4f63fb8b2-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T12:17:32+00:00, 2024-05-06T20:06:17+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/version.json

185.244.209.62

44 B

URL
v3.traincdn.com/version.json
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
ASCII text
Size
44 B (44 bytes)
Hash
265e4e9c948f929631d7e9bcf0d19d5b
c70f40cde4e09003b980fdae5130f3695de16add
62ec6fa5c15470b882bd7e05f5651b0a265a0cb2857cffa5cbfa34b3d2cf42ba

HTTP Headers

GET /version.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:35 GMT
content-type: application/json
content-length: 44
last-modified: Mon, 06 May 2024 10:24:15 GMT
etag: "6638afcf-2c"
content-encoding: gzip
expires: Mon, 06 May 2024 10:50:26 GMT
cache-control: max-age=60, max-age=60, s-maxage=60
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-5481383ee2197faf7e023e5dc2f60efe-f4c75537be61608e-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T10:49:26+00:00, 2024-05-07T07:56:20+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingContent-636888aa.js

185.244.209.62

200 OK

644 B

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingContent-636888aa.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (1333), with no line terminators
Size
644 B (644 bytes)
Hash
59e405a5c84540fd5cd4a47c01954bb9
877928ec86d9742b605ab481e28e4ca40163154b
a50357ec75eb7f36a26bfe20b003e614f8bfd8298d502b26c9dc36cbdc1d362a

HTTP Headers

GET /_nuxt/desktop/default/Page.Betting.Main.BettingContent-636888aa.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 644
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-284"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:00 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-bdd6006526fc277dd23d267dc5f66d6a-65d74d0f1f995684-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:00+00:00, 2024-05-06T14:47:23+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/Layout.Betting.ExpressDay-c5a846fb.js

185.244.209.62

3.4 kB

URL
v3.traincdn.com/_nuxt/desktop/default/Layout.Betting.ExpressDay-c5a846fb.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
JavaScript source, ASCII text, with very long lines (10178), with no line terminators
Size
3.4 kB (3365 bytes)
Hash
be042bab68dd466121fb1460a17b1795
3dfa3c583644e2aa71ff199a262a54e17cd378d6
2a7bf413f8f8d67f545da852425cdec3b3960fa2c62960ca49c5a2dc43108ac0

HTTP Headers

GET /_nuxt/desktop/default/Layout.Betting.ExpressDay-c5a846fb.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 3365
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-d25"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:00 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-24d31fa02bb36757bdbcd44f5cb749a8-52b8688d580a3623-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:00+00:00, 2024-05-06T14:47:23+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/css/ca542d7f.css

185.244.209.62

3.2 kB

URL
v3.traincdn.com/_nuxt/desktop/default/css/ca542d7f.css
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
ASCII text, with very long lines (31339), with no line terminators
Size
3.2 kB (3226 bytes)
Hash
9e9b190c1ab8126c2576203d5d43ec63
a80ccb6739023605edbd86be13f38a58ff7f4906
c4a28e2bbc67a853613460727d4abba3687be55593a7513a4079ea34579fbb02

HTTP Headers

GET /_nuxt/desktop/default/css/ca542d7f.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:35 GMT
content-type: text/css
content-length: 3226
last-modified: Mon, 06 May 2024 07:48:14 GMT
etag: "66388b3e-c9a"
content-encoding: gzip
expires: Tue, 07 May 2024 09:58:00 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-1f26d64b0e93dde02fbefebe6f072c6f-790e4443a85d9a95-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T09:58:00+00:00, 2024-05-06T10:39:54+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/Layout.SeoModule.Lazy-db205bbd.js

185.244.209.62

2.5 kB

URL
v3.traincdn.com/_nuxt/desktop/default/Layout.SeoModule.Lazy-db205bbd.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
JavaScript source, ASCII text, with very long lines (8663), with no line terminators
Size
2.5 kB (2475 bytes)
Hash
a5db05d47f7f37c06acc29a0f4eeb447
b9ddddb586721548eaa4a62d7ae420bfcfc5bddb
4053d0ffbd3af6bc022131a3f123bd4e88825f1b5f06a74dd2072a2b0fe3f243

HTTP Headers

GET /_nuxt/desktop/default/Layout.SeoModule.Lazy-db205bbd.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 2475
last-modified: Mon, 06 May 2024 10:23:04 GMT
etag: "6638af88-9ab"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:00 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-279f2b88a7d93e35c6b4d0657300ba50-ddf9a50eb9f7b98e-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:00+00:00, 2024-05-06T14:47:23+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/css/85148a0b.css

185.244.209.62

4.0 kB

URL
v3.traincdn.com/_nuxt/desktop/default/css/85148a0b.css
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
ASCII text, with very long lines (32277), with no line terminators
Size
4.0 kB (3964 bytes)
Hash
eeaf257a8645b90669a2ea93b8fb534e
d81289258b7a5c126dd860232760852cc8ad865e
3a170c88ab694ad7552f7a84baa04ddb248c32b7f8ffe16d55dd73685de87aa6

HTTP Headers

GET /_nuxt/desktop/default/css/85148a0b.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:35 GMT
content-type: text/css
content-length: 3964
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-f7c"
content-encoding: gzip
expires: Tue, 07 May 2024 12:54:58 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-54d08619ace378fd41e0ffd1c99b8a4a-509052865a0a1121-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T12:54:58+00:00, 2024-05-06T13:53:34+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/Layout.FooterComponent.Lazy-0434410a.js

185.244.209.62

7.8 kB

URL
v3.traincdn.com/_nuxt/desktop/default/Layout.FooterComponent.Lazy-0434410a.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (28142), with no line terminators
Size
7.8 kB (7775 bytes)
Hash
9167c6082d419d35f57a606871184d06
d4c4fac03b353c5881c352d6ac0c05947dc2e633
bed35ed9386f6d0d6f3096d00c7d14e042c5cb404f07ef0bb9abb4cc381e89c3

HTTP Headers

GET /_nuxt/desktop/default/Layout.FooterComponent.Lazy-0434410a.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 7775
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-1e5f"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:00 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-1725645870672113fb79686328c8c2d9-9da178fb886705aa-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:00+00:00, 2024-05-06T14:47:23+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/vendors/Layout.FooterComponent.Lazy-8e891b7b.js

185.244.209.62

8.3 kB

URL
v3.traincdn.com/_nuxt/desktop/default/vendors/Layout.FooterComponent.Lazy-8e891b7b.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
JavaScript source, ASCII text, with very long lines (29805), with no line terminators
Size
8.3 kB (8283 bytes)
Hash
93a3cdd4ea0ae5eb295e71988355c5d4
0c9e334aebd99fb9c44575c99abda82d0b53acb1
104a5a19f0a8b4d443e55c32daf49eea2343ee96da27b48c21f09e1425081d62

HTTP Headers

GET /_nuxt/desktop/default/vendors/Layout.FooterComponent.Lazy-8e891b7b.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 8283
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-205b"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:00 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-8617ae8319d5f53ecbb7371300041a4d-3512dbae9d433e62-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:00+00:00, 2024-05-06T14:47:23+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/css/5cfdf959.css

185.244.209.62

1.1 kB

URL
v3.traincdn.com/_nuxt/desktop/default/css/5cfdf959.css
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
ASCII text, with very long lines (4632), with no line terminators
Size
1.1 kB (1113 bytes)
Hash
f74d8b7e31b6ab236a9577348874385d
87091e6542649037a05fc137fa449b713c85225d
b33d72295f1edbfc13da30236c4b811cffe4ba8ef758a515914cd69cf02edbf8

HTTP Headers

GET /_nuxt/desktop/default/css/5cfdf959.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:35 GMT
content-type: text/css
content-length: 1113
last-modified: Thu, 02 May 2024 12:52:18 GMT
etag: "66338c82-459"
content-encoding: gzip
expires: Sat, 04 May 2024 06:45:29 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-b56bdd4804e8a9f783f65bbb3a61bedd-1dc2105135bb197c-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-03T06:45:29+00:00, 2024-05-06T08:35:07+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/Layout.FooterComponent.Lazy/Page.Game.Project-807a62cf.js

185.244.209.62

6.3 kB

URL
v3.traincdn.com/_nuxt/desktop/default/Layout.FooterComponent.Lazy/Page.Game.Project-807a62cf.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
JavaScript source, ASCII text, with very long lines (20014), with no line terminators
Size
6.3 kB (6258 bytes)
Hash
adc7f8e289bd475a5a922c91b93591b2
540252cd02880714746d3656e61c67e7acab7fda
3b542ce26d333f558f94adb8cac49e58be95a5470eb3079d1dc0b2b7a7c97b6b

HTTP Headers

GET /_nuxt/desktop/default/Layout.FooterComponent.Lazy/Page.Game.Project-807a62cf.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 6258
last-modified: Mon, 06 May 2024 10:23:04 GMT
etag: "6638af88-1872"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:00 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-f71e4ea65a65e3090bcb0fb3ea1ac091-5f363c72cdc3c5e2-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:00+00:00, 2024-05-06T14:47:23+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/app-1483c42a.js

185.244.209.62

225 kB

URL
v3.traincdn.com/_nuxt/desktop/default/app-1483c42a.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (64966), with no line terminators
Size
225 kB (224914 bytes)
Hash
c4d75347728629ec3f0b90dc82f0a3d2
ff949fe02da04d39be746f8d091a1a7b30126f7a
8ca2bd3ad104c33fb6189e87cab8992734ca6bf99a631ed413f63444b834d33b

HTTP Headers

GET /_nuxt/desktop/default/app-1483c42a.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 224914
last-modified: Mon, 06 May 2024 07:48:14 GMT
etag: "66388b3e-36e92"
content-encoding: gzip
expires: Tue, 07 May 2024 09:00:58 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-3babad19a491e881f0fc386b5d98f09a-43d59bb8a196ad06-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T09:00:58+00:00, 2024-05-06T09:01:09+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/css/75bcd414.css

185.244.209.62

2.3 kB

URL
v3.traincdn.com/_nuxt/desktop/default/css/75bcd414.css
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
ASCII text, with very long lines (9958), with no line terminators
Size
2.3 kB (2277 bytes)
Hash
76a1e3dd8e25bf9a48bdd896de779d20
38c3643e25808d1f3ab167273201eac8c113c088
aa36f7a0cd4e7059cfef75dda25cd20e0bd1fbbe3d10a4ed0697cb937f009273

HTTP Headers

GET /_nuxt/desktop/default/css/75bcd414.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:35 GMT
content-type: text/css
content-length: 2277
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-8e5"
content-encoding: gzip
expires: Tue, 07 May 2024 11:27:59 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-1a1f44d8798b7bdc3fedf1eb91d8bf97-cb7a04f181f01f5a-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T11:27:59+00:00, 2024-05-06T12:06:59+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/vendors/app-d26cc899.js

185.244.209.62

267 kB

URL
v3.traincdn.com/_nuxt/desktop/default/vendors/app-d26cc899.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (61101)
Size
267 kB (267237 bytes)
Hash
1992415420cd9d59941e07133aa0c521
308a748fa982a440a112cb9e449f25a23bd6d83e
94a8f060251c7e705ee8c823783cb067e2844edb0f3900b6b0e91948d92ce907

HTTP Headers

GET /_nuxt/desktop/default/vendors/app-d26cc899.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 267237
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-413e5"
content-encoding: gzip
expires: Tue, 07 May 2024 14:31:58 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-3b35307624683d54d7081853c7dd2773-f520870dfdeb87a6-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:31:58+00:00, 2024-05-06T14:47:23+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/commons/app-2e30fd7d.js

185.244.209.62

47 kB

URL
v3.traincdn.com/_nuxt/desktop/default/commons/app-2e30fd7d.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
JavaScript source, ASCII text, with very long lines (65476)
Size
47 kB (46801 bytes)
Hash
03b89bdb4f6013159d40de88c98403b6
cf41351caa86d91b56cf839d54ab28bf8f4f54f8
42d02ce0b520e2d8ce7341a0b07d92cd3833d762337b1f8aabc6f7f23e6fad4a

HTTP Headers

GET /_nuxt/desktop/default/commons/app-2e30fd7d.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 46801
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-b6d1"
content-encoding: gzip
expires: Tue, 07 May 2024 14:31:58 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-2057935305884e4d1535a53f290919a3-29cc4d4ad5c80028-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:31:58+00:00, 2024-05-06T14:47:23+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/css/035c0001.css

185.244.209.62

200 OK

14 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/default/css/035c0001.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
14 kB (13859 bytes)
Hash
ac3b78bdd1c881f78913b967fd22a91f
15295665baa2ccaf71e8a093f333d087621a17ee
ee4c84a2fe257a888fcec5809b67b563aba3a4c52f102154ffa19a685434d835

HTTP Headers

GET /_nuxt/desktop/default/css/035c0001.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:35 GMT
content-type: text/css
content-length: 13859
last-modified: Mon, 06 May 2024 07:48:14 GMT
etag: "66388b3e-3623"
content-encoding: gzip
expires: Tue, 07 May 2024 09:00:57 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-6420a075bd660b88600a5a49467e1dfc-5e6a3d62a3958773-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T09:00:57+00:00, 2024-05-06T09:01:09+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/sys-ui/2.2.11/Desktop/Default/client.css

185.244.209.62

242 kB

URL
v3.traincdn.com/sys-ui/2.2.11/Desktop/Default/client.css
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
gzip compressed data, max speed, from Unix
Size
242 kB (241796 bytes)
Hash
16de1f1b4057d8b564a0e9bbdd65be8d
ac92cc1e7457af0e2da459267d8cdceed1db4879
d00d8e713ed1548fadd6068150d9b9f3efec2dadaf52ad18b4d20a4ef0bd259b

HTTP Headers

GET /sys-ui/2.2.11/Desktop/Default/client.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:35 GMT
content-type: text/css; charset=utf-8
last-modified: Tue, 23 Apr 2024 11:41:52 GMT
etag: W/"5be31e73f9aaf3c05331c4f0cd80e4d9"
x-amz-meta-mtime: 1713872392.088051093
content-encoding: gzip
expires: Wed, 24 Apr 2024 14:28:29 GMT
cache-control: max-age=86400
x-time-ng: 0.008
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-6f3d1bd6f5f0de70352a563cac4ac635-26fe040159f1a37a-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T14:28:29+00:00, 2024-05-06T14:47:23+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Medium.woff2

185.244.209.62

200 OK

65 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Medium.woff2
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 64732, version 1.0
Size
65 kB (64732 bytes)
Hash
3ac5d40d1b3966fc5eb09ecca74d9cbf
a69f32357765dd321519889aeacba5e9ca893bb0
3310766b8f58538d07abded74a2babe1acbe1a3ee820d5b8c8265da666f4fb0c

HTTP Headers

GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Medium.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:36 GMT
content-type: font/woff2
content-length: 64732
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "3ac5d40d1b3966fc5eb09ecca74d9cbf"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-11f07109bbde6ceac771f97f29b4d6f3-cf91ecf95bcd4446-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T07:56:30+00:00, 2024-05-07T07:41:00+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2

185.244.209.62

64 kB

URL
v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
Web Open Font Format (Version 2), TrueType, length 63920, version 1.0
Size
64 kB (63920 bytes)
Hash
a65527fcb58f66a7cfbc0e6b160538b4
45d260e7fa343401b5bb0df982a014f53e2d253b
fb13c3a1cbac60649b76f7d7f85c1645d35ac69b85ce5f4eb0692505ecc2cd45

HTTP Headers

GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:36 GMT
content-type: font/woff2
content-length: 63920
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "a65527fcb58f66a7cfbc0e6b160538b4"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-96e4a60ac52a5986f94c70833b8307e3-7f934424c24e4426-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T07:54:39+00:00, 2024-05-07T07:30:48+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/check-ob.js

185.244.209.62

187 B

URL
v3.traincdn.com/_nuxt/check-ob.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
JavaScript source, ASCII text
Size
187 B (187 bytes)
Hash
ced67278c38d1ce1297c121af69fff8a
df6e1531fd84d956263b04254e6f94f5356623f4
2958134c3c00f7c6320858dd66e454c2856e4842821d3523c4cc5e44e1ec8616

HTTP Headers

GET /_nuxt/check-ob.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:36 GMT
content-type: application/javascript; charset=utf-8
content-length: 187
last-modified: Thu, 02 May 2024 12:51:43 GMT
etag: "66338c5f-bb"
content-encoding: gzip
expires: Sat, 04 May 2024 12:55:05 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-583bfbede638100f4e8ae197389ee469-943d968f76009616-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-03T12:55:05+00:00, 2024-05-06T11:36:38+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/1da51baa342984a84ca1ac8dd900998b.png

185.244.209.62

653 B

URL
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/1da51baa342984a84ca1ac8dd900998b.png
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
PNG image data, 32 x 32, 8-bit colormap, non-interlaced
Size
653 B (653 bytes)
Hash
e6f0766cbd95db33da44e7a9140648f2
5f196b1bfe8c3f92bd2ebcd67124e72e81ae6aaf
c0399d478788d5d483f104a2e8cb7c32f41cb40e9df0c22e831b2bfa2db63ec0

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/1da51baa342984a84ca1ac8dd900998b.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:36 GMT
content-type: image/png
content-length: 653
last-modified: Tue, 25 Apr 2023 13:43:56 GMT
etag: "e6f0766cbd95db33da44e7a9140648f2"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-829a78242bd5ad82442c0a12db313685-1bc996a50a7e9449-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T07:12:59+00:00, 2024-05-07T07:28:39+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/site-admin/colors/13f2420925687a194e4c38472ae71214.css

185.244.209.62

7.1 kB

URL
v3.traincdn.com/genfiles/site-admin/colors/13f2420925687a194e4c38472ae71214.css
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
ASCII text, with very long lines (36694), with no line terminators
Size
7.1 kB (7064 bytes)
Hash
14606d3db1f60fc226960ebde296d677
239876099e9076ccbec9a7436ce92ae1adea34d1
0cd971adce922a5f6369156dd9dd906b499c2fb08b0dcd80ad2b323a2d96d419

HTTP Headers

GET /genfiles/site-admin/colors/13f2420925687a194e4c38472ae71214.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:35 GMT
content-type: text/css
last-modified: Fri, 05 Apr 2024 07:40:06 GMT
etag: W/"4610c92e7697e57d1149e233ef5edab2"
content-encoding: gzip
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-9d892f79550230084dee54b1795e8db5-18d5c295694e3d97-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-05T09:04:13+00:00, 2024-05-07T07:20:44+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.BettingContent-3ca7fb18.js

185.244.209.62

633 B

URL
v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.BettingContent-3ca7fb18.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
JavaScript source, ASCII text, with very long lines (1235), with no line terminators
Size
633 B (633 bytes)
Hash
52ab057c90af6d742e95f43ff97e95ff
dfdce102add5fc4fa06ac366a663e7a732bd9352
feedd981d953d2933cbb35a49608ebf408f13f457399c2b11aa1ef5eb76db547

HTTP Headers

GET /_nuxt/desktop/default/Page.Betting.Asia.BettingContent-3ca7fb18.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:36 GMT
content-type: application/javascript; charset=utf-8
content-length: 633
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-279"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:12 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-6ddc84fe59d71d421c60c661b2b5a147-08febf823286ddb4-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:12+00:00, 2024-05-06T14:59:22+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.BettingLeftAside/Page.Betting.Main.Asian/betting.CentralMenuApp/betting.SportsMenuCompact-cca22477.js

185.244.209.62

4.2 kB

URL
v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.BettingLeftAside/Page.Betting.Main.Asian/betting.CentralMenuApp/betting.SportsMenuCompact-cca22477.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
JavaScript source, ASCII text, with very long lines (14574), with no line terminators
Size
4.2 kB (4187 bytes)
Hash
2f5a8b05ac32c583fcde180d9d46fce9
86cc94f0c76922b731336bb6c13ff2839f37d689
6f2a20b4cda56cb4d92bd6d3817945c5e659723eaf3e5c85f0a00274c909a9cd

HTTP Headers

GET /_nuxt/desktop/default/Page.Betting.Asia.BettingLeftAside/Page.Betting.Main.Asian/betting.CentralMenuApp/betting.SportsMenuCompact-cca22477.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:36 GMT
content-type: application/javascript; charset=utf-8
content-length: 4187
last-modified: Mon, 06 May 2024 10:23:04 GMT
etag: "6638af88-105b"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:12 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-379dbdc5cbb5dfda30e4cc259526a48d-b3f7ee9741cfe86a-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:12+00:00, 2024-05-06T14:59:22+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/css/2a37879e.css

185.244.209.62

1.3 kB

URL
v3.traincdn.com/_nuxt/desktop/default/css/2a37879e.css
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
ASCII text, with very long lines (6872), with no line terminators
Size
1.3 kB (1331 bytes)
Hash
7727cc93d85a2459297f9b1237fc6a92
f37f7a3ec3d30df2513a38dd2c67fefaf038edec
e4559060670fd8cf92ad4e830ae9237d2bbc735470f4597ad5d943388d9248d2

HTTP Headers

GET /_nuxt/desktop/default/css/2a37879e.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:36 GMT
content-type: text/css
content-length: 1331
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-533"
content-encoding: gzip
expires: Tue, 07 May 2024 12:28:13 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-ba2ae04a678b7f05d6ecc4619c6e0f83-272e1f75c7f3a00c-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T12:28:13+00:00, 2024-05-06T15:18:31+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.BettingLeftAside-9f71ae9a.js

185.244.209.62

10 kB

URL
v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.BettingLeftAside-9f71ae9a.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (37196), with no line terminators
Size
10 kB (10214 bytes)
Hash
149f1f916b0c47494c7bdc15122390d4
f6be7ef6c3649f4b83fd19f7459dbce46ff15925
f8ecbd7355d64beb3e23daea185a634fa436012d707160381bb3b65548a9c92b

HTTP Headers

GET /_nuxt/desktop/default/Page.Betting.Asia.BettingLeftAside-9f71ae9a.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:36 GMT
content-type: application/javascript; charset=utf-8
content-length: 10214
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-27e6"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:12 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-d36cc1f8ffd2e17c72b4b25deea7af4e-a4415723eb085dd6-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:12+00:00, 2024-05-06T14:59:22+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/vendors/GameProvider/Page.Betting.Asia.Homepage/Page.Betting.MultiLive/Page.CricketWorldCupPage/Page/17c2374e-b595fcd5.js

185.244.209.62

200 OK

37 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/default/vendors/GameProvider/Page.Betting.Asia.Homepage/Page.Betting.MultiLive/Page.CricketWorldCupPage/Page/17c2374e-b595fcd5.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65461)
Size
37 kB (37176 bytes)
Hash
aedaa99fcce183a213f358a727e9eb87
7fe33331acbced57be412f96baff3a4595e207fb
2ccadc0a2eea97aeeb5f1825ad9bdac3873481a54bcd3b42cf6724271cd0f6ac

HTTP Headers

GET /_nuxt/desktop/default/vendors/GameProvider/Page.Betting.Asia.Homepage/Page.Betting.MultiLive/Page.CricketWorldCupPage/Page/17c2374e-b595fcd5.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:36 GMT
content-type: application/javascript; charset=utf-8
content-length: 37176
last-modified: Mon, 06 May 2024 10:23:04 GMT
etag: "6638af88-9138"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:13 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-7f4e9a4bb9e1faa8ab6c20e0de7157d3-012fe491d0ebac1b-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:13+00:00, 2024-05-06T14:59:22+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Asia.Homepage-b9493cb9.js

185.244.209.62

10 kB

URL
v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Asia.Homepage-b9493cb9.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
JavaScript source, ASCII text, with very long lines (36638), with no line terminators
Size
10 kB (10115 bytes)
Hash
63e1a6027725eca572736670eb935432
e3578492cf68e66a44f556a98545294a5b1bed5a
e96e0e4abe03d7fb0d2449e0f2bf27bb0ee85cdd4d7b4098276c712842b45d8c

HTTP Headers

GET /_nuxt/desktop/default/vendors/Page.Betting.Asia.Homepage-b9493cb9.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:36 GMT
content-type: application/javascript; charset=utf-8
content-length: 10115
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-2783"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:13 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-5811d4b02eb05e68045ed3d38d8aa15d-bbe73afe74d196c3-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:13+00:00, 2024-05-06T14:59:22+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.Homepage/Page.NewCyber.Cyber/Page.NewCyber.CyberApp/Page.NewCyber.CyberChamp/Page./8c362243-68160950.js

185.244.209.62

5.6 kB

URL
v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.Homepage/Page.NewCyber.Cyber/Page.NewCyber.CyberApp/Page.NewCyber.CyberChamp/Page./8c362243-68160950.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
JavaScript source, ASCII text, with very long lines (19536), with no line terminators
Size
5.6 kB (5565 bytes)
Hash
860ea683ac1ca8494adc10cb2ea4fcdf
a1004cb9bb3a036d215dfbf6b9bade88ad81a7a3
e8fcc72111c9040f545dd314899e61e406ceaa76601c816dc3c1a7b407f88850

HTTP Headers

GET /_nuxt/desktop/default/Page.Betting.Asia.Homepage/Page.NewCyber.Cyber/Page.NewCyber.CyberApp/Page.NewCyber.CyberChamp/Page./8c362243-68160950.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:36 GMT
content-type: application/javascript; charset=utf-8
content-length: 5565
last-modified: Mon, 06 May 2024 10:23:04 GMT
etag: "6638af88-15bd"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:13 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-8e17ba4f853267c60f6b3eef4262e990-f6328593d5abd59f-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:13+00:00, 2024-05-06T14:59:22+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/7c43e6fa10d0665cf556d13ff2a1906d.svg

185.244.209.62

7.4 kB

URL
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/7c43e6fa10d0665cf556d13ff2a1906d.svg
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
SVG Scalable Vector Graphics image
Size
7.4 kB (7365 bytes)
Hash
c33fde6bd6996199bf54b80cdd5a02df
7e86dd2a9553c91da569a4bb97758662d09af13d
ada39806bbff4e281103b1d860f36abbf15820361ffcdf22b2b5e7d17c5956c1

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/7c43e6fa10d0665cf556d13ff2a1906d.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:35 GMT
content-type: image/svg+xml
last-modified: Tue, 02 May 2023 10:06:49 GMT
etag: W/"7cca3986f7a5c4c164144ff11df71073"
content-encoding: gzip
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-f7f09efe7adb36a3245f74a2d960d887-da501c9b350de4fc-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-01-11T08:32:05+00:00, 2024-05-07T07:17:15+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.Homepage-633ca92a.js

185.244.209.62

32 kB

URL
v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.Homepage-633ca92a.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (64912), with no line terminators
Size
32 kB (32522 bytes)
Hash
474bfa89621896100251055f7c19712b
0e19c615fc77f9ed2d69d74b7f8a42d41c6f5138
ea0fef6e0a33df0b36bdce2df6b8bf50eef0dd3b71c7c6fc567a7d7c5d39fdd3

HTTP Headers

GET /_nuxt/desktop/default/Page.Betting.Asia.Homepage-633ca92a.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:36 GMT
content-type: application/javascript; charset=utf-8
content-length: 32522
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-7f0a"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:13 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-d54566d73ce6708b2d6ca8efa6df847c-a417223ecf72dbba-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:13+00:00, 2024-05-06T14:59:22+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/css/f72f2b10.css

185.244.209.62

200 OK

4.8 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/default/css/f72f2b10.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (38649), with no line terminators
Size
4.8 kB (4780 bytes)
Hash
8ab5f1e804e2a4565dea164054ff0907
7ee2bea2c9dcb6424f707c35588a316a249270fa
ce3424802faaac382a0efe23fbc285123fae95d0461ecf26e4881e1907acd9ec

HTTP Headers

GET /_nuxt/desktop/default/css/f72f2b10.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:36 GMT
content-type: text/css
content-length: 4780
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-12ac"
content-encoding: gzip
expires: Tue, 07 May 2024 12:28:13 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-4274f669a086fbfe6c4872a4f19ea2cb-b08f1b7084bbc6b7-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T12:28:13+00:00, 2024-05-06T15:18:31+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.Asian-2f003ed9.js

185.244.209.62

200 OK

29 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.Asian-2f003ed9.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (64788), with no line terminators
Size
29 kB (28917 bytes)
Hash
6bb873114649db4b87839383a7d31921
91b56ad064a4b8fd0d7edb89a040c6b9d06866aa
6dc41e4f75d65dd3dc2f311198e1a9b2b65e0687c2d905b7d64cf9265f7bda2d

HTTP Headers

GET /_nuxt/desktop/default/Page.Betting.Main.Asian-2f003ed9.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:36 GMT
content-type: application/javascript; charset=utf-8
content-length: 28917
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-70f5"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:13 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-84f051b41518de021453bc2e46c15200-63023089e2985068-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:13+00:00, 2024-05-06T14:59:22+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.v-tooltip-ff4800a4.js

185.244.209.62

22 kB

URL
v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.v-tooltip-ff4800a4.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
JavaScript source, ASCII text, with very long lines (65476)
Size
22 kB (21889 bytes)
Hash
45f90516ee8a557d78c08e1e925c1490
adc0363ed75f47f9513a36a94173c6e4940a2adc
f5b8b3c4e62dbb4ebc5fd634f5bb17b3145a14c21bdc3e9c0a4dcb45b9e573fe

HTTP Headers

GET /_nuxt/desktop/default/vendors/plugins.v-tooltip-ff4800a4.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:36 GMT
content-type: application/javascript; charset=utf-8
content-length: 21889
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-5581"
content-encoding: gzip
expires: Tue, 07 May 2024 14:31:59 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-0faf174e49d46dc17bc8d3d45f8c5ae0-d699b6b7025828fb-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:31:59+00:00, 2024-05-06T14:47:25+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.vue-notification-4e9ad522.js

185.244.209.62

4.6 kB

URL
v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.vue-notification-4e9ad522.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
JavaScript source, ASCII text, with very long lines (12527), with no line terminators
Size
4.6 kB (4556 bytes)
Hash
805e7c2cd861f2191db66c39ab28e86b
a6353246547e9a9fd01093fcb784d708d187e3ef
82686dab55962ead6916346bd901b3fc03357bb2a0e74dfe966ff784d75b2368

HTTP Headers

GET /_nuxt/desktop/default/vendors/plugins.vue-notification-4e9ad522.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:36 GMT
content-type: application/javascript; charset=utf-8
content-length: 4556
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-11cc"
content-encoding: gzip
expires: Tue, 07 May 2024 14:31:59 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-719f7ce084c427d85cf89b940d719f9f-7f9555ec540723a6-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:31:59+00:00, 2024-05-06T14:47:25+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/css/e5c0e314.css

185.244.209.62

953 B

URL
v3.traincdn.com/_nuxt/desktop/default/css/e5c0e314.css
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
ASCII text, with very long lines (3352), with no line terminators
Size
953 B (953 bytes)
Hash
748da80084597d87b4ff5e98b017b07b
db6ad2ec24bfcbe751a23061d935403e1163f471
4eaf4071f43aaa0243a4c6948131b7a3e03fe6ab1f4228da38e8588c15e01f24

HTTP Headers

GET /_nuxt/desktop/default/css/e5c0e314.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:36 GMT
content-type: text/css
content-length: 953
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-3b9"
content-encoding: gzip
expires: Tue, 07 May 2024 11:05:11 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-ce7ccead5b94ec21f7e1afc238b55185-a209fa9f94ba05b1-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T11:05:10+00:00, 2024-05-06T15:18:32+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.vue-js-modal-11d3184a.js

185.244.209.62

8.1 kB

URL
v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.vue-js-modal-11d3184a.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
JavaScript source, ASCII text, with very long lines (26717), with no line terminators
Size
8.1 kB (8055 bytes)
Hash
ead4a901af60e4b8138e732f0aea9637
7c1d57d444a07553738ddcb8b6a2bee305a0c215
e6bc116e4cb54d011d2a1fa1f87ab12d1f320aa8dc54c89b1f286f2b02ee14c0

HTTP Headers

GET /_nuxt/desktop/default/vendors/plugins.vue-js-modal-11d3184a.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:36 GMT
content-type: application/javascript; charset=utf-8
content-length: 8055
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-1f77"
content-encoding: gzip
expires: Tue, 07 May 2024 14:31:59 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-43f64df53c26ef203e213167ae0e4f87-8a3f7e5aa5db84ff-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:31:59+00:00, 2024-05-06T14:47:25+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/date-fns-locale-21-290f49eb.js

185.244.209.62

2.1 kB

URL
v3.traincdn.com/_nuxt/desktop/default/date-fns-locale-21-290f49eb.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
JavaScript source, ASCII text, with very long lines (6960), with no line terminators
Size
2.1 kB (2120 bytes)
Hash
91d17dbf833b48149a8b5d2f21895879
bd71a45fa4419ab4ddbc676f0a9cca2be05e1703
f085ff2e310ab82817411e3ed64d0902de49e149d0958cadb91d518ed5854335

HTTP Headers

GET /_nuxt/desktop/default/date-fns-locale-21-290f49eb.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:36 GMT
content-type: application/javascript; charset=utf-8
content-length: 2120
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-848"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:15 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-4d2b420788472487aaea5860324a2045-33b042efb214c3f1-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:15+00:00, 2024-05-06T16:05:35+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/DC-7e6a4aad.js

185.244.209.62

999 B

URL
v3.traincdn.com/_nuxt/desktop/default/DC-7e6a4aad.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
JavaScript source, ASCII text, with very long lines (2336), with no line terminators
Size
999 B (999 bytes)
Hash
b44bc16cd2630bfada5ec9cbdbfcafab
43918946155d48f6cc8ecba42e2cf2cab28debd7
189ec6fd8e44cc47498706a2d2c815da1dc255040ef5ef57f5faa7c10c05ae42

HTTP Headers

GET /_nuxt/desktop/default/DC-7e6a4aad.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:37 GMT
content-type: application/javascript; charset=utf-8
content-length: 999
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-3e7"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:01 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-a88b4c8320eacb784b3bfe7d086fa19c-f5d7fc6c75c74180-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:01+00:00, 2024-05-06T14:47:26+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

1xlite-461430.top/seo-module-api/api/public/v1/analytics-counters?url=https:%2F%2F1xlite-461430.top&projectId=285

178.253.29.51

141 B

URL
1xlite-461430.top/seo-module-api/api/public/v1/analytics-counters?url=https:%2F%2F1xlite-461430.top&projectId=285
IP
178.253.29.51:0
ASN
#202492 Silverhill Group Holding Ltd

File type
JSON text data
Size
141 B (141 bytes)
Hash
bd9be2fa89d26e9e6f1b2e08ffcd0ed6
90eae25ee792254c7ca97e98c5782078f9bdc37f
c11510c5556799ec6bf918684e80903d08cf6237d3c4f94d32a8ebf35d067a1d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /seo-module-api/api/public/v1/analytics-counters?url=https:%2F%2F1xlite-461430.top&projectId=285 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder; platform_type=desktop; auid=sv0dM2Y53rKJcwD9AxxYAg==; SESSION=a2f5c34fdc98d4dc79ec14adc732be85; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:37 GMT
content-type: application/json
content-length: 141
cache-control: max-age=1200, must-revalidate, public, s-maxage=1800, stale-if-error=86400, stale-while-revalidate=300
x-content-digest: enebf83560af95b198ca2d2caf127b1151
age: 193
x-request-id: 501bfa6cf255c8853e47c787dcdc9eb0
x-request-guid: 501bfa6cf255c8853e47c787dcdc9eb0
x-time-ng: 0.012
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: p;dur=2.2389888763428, wf-uht;dur=
X-Firefox-Spdy: h2

1xlite-461430.top/version.json?timestamp=1715068597025

178.253.29.51

44 B

URL
1xlite-461430.top/version.json?timestamp=1715068597025
IP
178.253.29.51:0
ASN
#202492 Silverhill Group Holding Ltd

File type
ASCII text
Size
44 B (44 bytes)
Hash
265e4e9c948f929631d7e9bcf0d19d5b
c70f40cde4e09003b980fdae5130f3695de16add
62ec6fa5c15470b882bd7e05f5651b0a265a0cb2857cffa5cbfa34b3d2cf42ba

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /version.json?timestamp=1715068597025 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder; platform_type=desktop; auid=sv0dM2Y53rKJcwD9AxxYAg==; SESSION=a2f5c34fdc98d4dc79ec14adc732be85; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:37 GMT
content-type: application/json
content-length: 44
last-modified: Mon, 06 May 2024 10:24:15 GMT
vary: Accept-Encoding
etag: "6638afcf-2c"
content-encoding: gzip
expires: Tue, 07 May 2024 07:57:37 GMT
access-control-allow-origin: *
cache-control: max-age=60, max-age=60, s-maxage=60
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.007
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/Betting.Core-d4a24bae.js

185.244.209.62

200 OK

1.6 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/default/Betting.Core-d4a24bae.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (2425), with no line terminators
Size
1.6 kB (1577 bytes)
Hash
3a0e4a54185bcc66d2e032dd30a385eb
627755ca54def0761f25f827d5b4cb483e1ca83d
e0bc5ffed1e6fd6285fea94e991fa8ec48a5f17677519c766d7ee7e757a02239

HTTP Headers

GET /_nuxt/desktop/default/Betting.Core-d4a24bae.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:37 GMT
content-type: application/javascript; charset=utf-8
content-length: 1577
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-629"
content-encoding: gzip
expires: Tue, 07 May 2024 10:54:52 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-96e8550954b56be5b58a03b24ee3e01a-86fe48a860dfbe79-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T10:54:52+00:00, 2024-05-06T10:58:28+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/consultant.supHelperV2-ef321a16.js

185.244.209.62

1.5 kB

URL
v3.traincdn.com/_nuxt/desktop/default/consultant.supHelperV2-ef321a16.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
JavaScript source, ASCII text, with very long lines (3229), with no line terminators
Size
1.5 kB (1451 bytes)
Hash
0cc9277dab4117c9b162cc01e1f0b97f
5b7d9007e2d99d3715c5f226aadf44aa4da4332b
6d7637a83c7812813039573e9c67efbb30e4021a971c546621a397eb72ea4bd0

HTTP Headers

GET /_nuxt/desktop/default/consultant.supHelperV2-ef321a16.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:37 GMT
content-type: application/javascript; charset=utf-8
content-length: 1451
last-modified: Thu, 02 May 2024 12:52:18 GMT
etag: "66338c82-5ab"
content-encoding: gzip
expires: Sat, 04 May 2024 08:41:49 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-70b9d82485c2df14e5b9d2959dbe02d7-d8a43058c5b4fdf1-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-03T08:41:49+00:00, 2024-05-06T09:22:05+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

1xlite-461430.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json

178.253.29.51

200 OK

23 B

URL POST HTTP/2
1xlite-461430.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
23 B (23 bytes)
Hash
8b3e4db4a4e4ee2a17cfe37beb1e3d85
8e445730cf1b89070abc25e397195a883b3b91e4
d6b5db589a9ce0a16c5998df5ce66ddeafd6115824ad1f9121f73f941a4308fe

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder
Content-Type: application/json
X-Lang: en
X-Uuid: 1d8a2cad-be86-425c-8e6b-3d57d24bb8f2
Content-Length: 81
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder; platform_type=desktop; auid=sv0dM2Y53rKJcwD9AxxYAg==; SESSION=a2f5c34fdc98d4dc79ec14adc732be85; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:37 GMT
content-type: application/json
content-length: 23
x-time-ng: 0.000
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.007
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/ioc.dependencies.18-dc087bc0.js

185.244.209.62

1.3 kB

URL
v3.traincdn.com/_nuxt/desktop/default/ioc.dependencies.18-dc087bc0.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (3073), with no line terminators
Size
1.3 kB (1321 bytes)
Hash
66c4eb11ec60384b198e73db080c0f32
6fb7618e384b9e01454c7b984728236f178192da
b45c772a5a204e430a575b896edc43205412a5f28539c2e48c152df7669ad7cb

HTTP Headers

GET /_nuxt/desktop/default/ioc.dependencies.18-dc087bc0.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:37 GMT
content-type: application/javascript; charset=utf-8
content-length: 1321
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-529"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:15 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-ae2ab8245739267b9adbb9d2ada22abd-e81d9d64296e058f-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:15+00:00, 2024-05-06T15:01:40+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Cyber.Game/Page.NewCyber.CyberApp/Page.NewCyber.CyberChamps/Page.NewCyber.CyberDashboar/ff3e75d4-74b93b4d.js

185.244.209.62

7.4 kB

URL
v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Cyber.Game/Page.NewCyber.CyberApp/Page.NewCyber.CyberChamps/Page.NewCyber.CyberDashboar/ff3e75d4-74b93b4d.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (32231), with no line terminators
Size
7.4 kB (7381 bytes)
Hash
56a0eecb3ec4576e9abf6f8f3e2707f9
6ddfcb4b1669c1323d87906b720fe8e4c258c143
81a5331c3ce30f9e8f21bf5e69591e24dd0c77d9b69157bf0a5e2242fc299ed4

HTTP Headers

GET /_nuxt/desktop/default/vendors/Page.Cyber.Game/Page.NewCyber.CyberApp/Page.NewCyber.CyberChamps/Page.NewCyber.CyberDashboar/ff3e75d4-74b93b4d.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:37 GMT
content-type: application/javascript; charset=utf-8
content-length: 7381
last-modified: Thu, 02 May 2024 12:52:18 GMT
etag: "66338c82-1cd5"
content-encoding: gzip
expires: Sat, 04 May 2024 08:41:45 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-42139632498a389ae4a107672a20beda-890460bb6d376b3f-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-03T08:41:45+00:00, 2024-05-06T10:10:24+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/vendors/betting.SportMenuApp-bfe18bfa.js

185.244.209.62

7.7 kB

URL
v3.traincdn.com/_nuxt/desktop/default/vendors/betting.SportMenuApp-bfe18bfa.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
JavaScript source, ASCII text, with very long lines (31337), with no line terminators
Size
7.7 kB (7722 bytes)
Hash
f9da465f4f7355523306ce6bbf89c0d5
c39974e7867bcdd6bbe385ba52c9be335afdfe6b
a5ff3777031e8ee4babfe1d6a7a6fff1fb2fc0db58de71ea8202bc37a7aab0f2

HTTP Headers

GET /_nuxt/desktop/default/vendors/betting.SportMenuApp-bfe18bfa.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:37 GMT
content-type: application/javascript; charset=utf-8
content-length: 7722
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-1e2a"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:16 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-7f457847352b1dad370008ee0ce45d14-b4ed53ecd61e1692-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:16+00:00, 2024-05-06T15:01:40+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/vendors/betting.HomeSliderComponent-f347b217.js

185.244.209.62

200 OK

7.4 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/default/vendors/betting.HomeSliderComponent-f347b217.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (27479), with no line terminators
Size
7.4 kB (7388 bytes)
Hash
18963957c8f45d24c0819a973d362e7b
5a1846a89c5cc9e8028044ff5948bd94f428c412
d1c98b4199c034c2a115ba70268a3e536640ca8b992887df0b085d476ab1275f

HTTP Headers

GET /_nuxt/desktop/default/vendors/betting.HomeSliderComponent-f347b217.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:37 GMT
content-type: application/javascript; charset=utf-8
content-length: 7388
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-1cdc"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:16 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-4b61af6e29d93389a1fb3e668e9488d3-09f388a5073244e3-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:16+00:00, 2024-05-06T16:09:49+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/betting.SportMenuApp-1f0079e1.js

185.244.209.62

25 kB

URL
v3.traincdn.com/_nuxt/desktop/default/betting.SportMenuApp-1f0079e1.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65483), with no line terminators
Size
25 kB (24938 bytes)
Hash
756179b1f968d35107908086a552c869
5c1f6c8a0c1eed4246c04dac52c4b7056fc991e8
37093cd5b15bf40421db8a64625a01317d043479685d2e1f84accb8fbf992ea6

HTTP Headers

GET /_nuxt/desktop/default/betting.SportMenuApp-1f0079e1.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:37 GMT
content-type: application/javascript; charset=utf-8
content-length: 24938
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-616a"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:16 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-528c81b60f45fed9f863f56b22651c6a-44ceb6790d1c4e7c-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:16+00:00, 2024-05-06T15:01:40+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/css/85022173.css

185.244.209.62

1.7 kB

URL
v3.traincdn.com/_nuxt/desktop/default/css/85022173.css
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
ASCII text, with very long lines (9757), with no line terminators
Size
1.7 kB (1731 bytes)
Hash
d9ff2bf37891da2be05d7fd5442113f5
419f63a7b47f983139a1cdc040707ab4b90bc255
05d90d1e2368c45cf52f0796d76035b98b8ab02ff57d218005ddffbfc20963c5

HTTP Headers

GET /_nuxt/desktop/default/css/85022173.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:37 GMT
content-type: text/css
content-length: 1731
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-6c3"
content-encoding: gzip
expires: Tue, 07 May 2024 12:55:22 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-305399637dcaa6348c3b154e792fa5e6-d8a9c39436543057-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T12:55:22+00:00, 2024-05-06T16:09:49+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/css/ad481252.css

185.244.209.62

3.0 kB

URL
v3.traincdn.com/_nuxt/desktop/default/css/ad481252.css
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
ASCII text, with very long lines (22886), with no line terminators
Size
3.0 kB (3006 bytes)
Hash
f1e1bb557e1155bf9c70751dec445176
013c5224a1bbbf0d6603f25e31863aa90f279b40
7aa1af5184d161c5f279c0da3199cef2dfc0aac5e90cce3e880f1f89401a0a15

HTTP Headers

GET /_nuxt/desktop/default/css/ad481252.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:37 GMT
content-type: text/css
content-length: 3006
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-bbe"
content-encoding: gzip
expires: Tue, 07 May 2024 12:29:01 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-d741269192c923cd0588c27ff3dd3fe4-a79d873840ef9f6f-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T12:29:01+00:00, 2024-05-06T16:09:49+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/betting.HomeSliderComponent-b079a12e.js

185.244.209.62

200 OK

7.6 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/default/betting.HomeSliderComponent-b079a12e.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (24523), with no line terminators
Size
7.6 kB (7605 bytes)
Hash
dff08fc651e74f6ad7d80f2cb43e29e5
e1b0c10b245faa60623785bdefd27c9999483231
fb6ee46c49eb61f09a2dbfe856f0b41f4206323fd9dcc2dc8921ce951b9780bf

HTTP Headers

GET /_nuxt/desktop/default/betting.HomeSliderComponent-b079a12e.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:37 GMT
content-type: application/javascript; charset=utf-8
content-length: 7605
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-1db5"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:16 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-074a4cc7634c14638ebdb66224abb8e7-b362d7f378ef9e54-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:16+00:00, 2024-05-06T16:09:49+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/css/9f2746da.css

185.244.209.62

1.3 kB

URL
v3.traincdn.com/_nuxt/desktop/default/css/9f2746da.css
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
ASCII text, with very long lines (6439), with no line terminators
Size
1.3 kB (1305 bytes)
Hash
cdd7464b2b178b37ed8a1368b6383203
0a13fc4908d91476649bb51e33d690b460a5a89c
aeacff8e3f578ea2842f067e3f42d53e72a4f668cf526c60dc659bd89f5a3c6b

HTTP Headers

GET /_nuxt/desktop/default/css/9f2746da.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:37 GMT
content-type: text/css
content-length: 1305
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-519"
content-encoding: gzip
expires: Tue, 07 May 2024 12:29:01 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-b5246135da0d787ca5f377f73c85d9d4-18022650f16a5db6-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T12:29:01+00:00, 2024-05-06T16:09:49+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/css/526e44d9.css

185.244.209.62

459 B

URL
v3.traincdn.com/_nuxt/desktop/default/css/526e44d9.css
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
ASCII text, with very long lines (1526), with no line terminators
Size
459 B (459 bytes)
Hash
97fdf5b6e7dfddf6ab251e984133b2c3
bb552fe685c52c34e0ed91e4dfaa9df2675ad086
92fcdb73c544b1f2befe78685340fd3371e920187a2232f8e4bffd73985d40e3

HTTP Headers

GET /_nuxt/desktop/default/css/526e44d9.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:37 GMT
content-type: text/css
content-length: 459
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-1cb"
content-encoding: gzip
expires: Tue, 07 May 2024 11:05:30 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-0a0680f14d916297c2ce8697804e5694-af47f4a5ad66ff02-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T11:05:30+00:00, 2024-05-06T15:37:12+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/vendors/betting.media-233f5bf5.js

185.244.209.62

17 kB

URL
v3.traincdn.com/_nuxt/desktop/default/vendors/betting.media-233f5bf5.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (41022), with NEL line terminators
Size
17 kB (16831 bytes)
Hash
45302df89a240c65824afccc0240c030
84573118a402aa9a4ee0321ccf3f914c438a8369
25b695450684f580508f24855ea2d181ecd499e26573010621dd4a2ddc5af16a

HTTP Headers

GET /_nuxt/desktop/default/vendors/betting.media-233f5bf5.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:37 GMT
content-type: application/javascript; charset=utf-8
content-length: 16831
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-41bf"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:16 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-0a8ea444879b24df97c54f7d6c748994-3ed5bef6957927d4-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:16+00:00, 2024-05-06T15:01:40+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/css/ff267c5c.css

185.244.209.62

1.5 kB

URL
v3.traincdn.com/_nuxt/desktop/default/css/ff267c5c.css
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
ASCII text, with very long lines (7000), with no line terminators
Size
1.5 kB (1486 bytes)
Hash
f379bc6f4b94f34d96f6fe51159bee63
f4c0d4dbef1e1e734e84e05d75e4ff950d06eb60
b2a5bd6495250a19500dd5a6ca62f045c8b70226a668dc63ef40c78883bdae11

HTTP Headers

GET /_nuxt/desktop/default/css/ff267c5c.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:37 GMT
content-type: text/css
content-length: 1486
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-5ce"
content-encoding: gzip
expires: Tue, 07 May 2024 14:34:32 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-e7b46192c3629ff132ecd33eea70737d-fba83009fd4767a0-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:34:32+00:00, 2024-05-06T17:08:00+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/betting.media-64ed71be.js

185.244.209.62

4.7 kB

URL
v3.traincdn.com/_nuxt/desktop/default/betting.media-64ed71be.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
JavaScript source, ASCII text, with very long lines (16761), with no line terminators
Size
4.7 kB (4726 bytes)
Hash
fda91a0dd5e8251a0c4c540d7e54ed52
3c4a6e38286708cd62ff071ccf97e73f37200728
b3c3c2ee09cf4af0164878165cd9971fbfe83a461c18ad0ef7cfc33b36b782ef

HTTP Headers

GET /_nuxt/desktop/default/betting.media-64ed71be.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:37 GMT
content-type: application/javascript; charset=utf-8
content-length: 4726
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-1276"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:16 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-0a01a2a4cc5597e5c02670a385e81676-17c4a11f23e7b4d9-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:16+00:00, 2024-05-06T15:01:40+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/betting.CentralMenuApp-a5b5de2e.js

185.244.209.62

19 kB

URL
v3.traincdn.com/_nuxt/desktop/default/betting.CentralMenuApp-a5b5de2e.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65283), with no line terminators
Size
19 kB (18960 bytes)
Hash
4fb1e7d0f5418f3df96622b000ebe6fb
eef890c8cf6d2c72eae34e39ba2e8e6ff79c8754
fd9fede696dd12b00cc9af15ca68f1209b5fd351f5bc32052221adbbb12d8e8b

HTTP Headers

GET /_nuxt/desktop/default/betting.CentralMenuApp-a5b5de2e.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:37 GMT
content-type: application/javascript; charset=utf-8
content-length: 18960
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-4a10"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:16 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-7823cc7ad768361e28a3a7d5386f5a13-58333bd1cf8937c6-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:16+00:00, 2024-05-06T15:18:33+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

1xlite-461430.top/service-api/gamespreview/getbanner?whence=55&ref=1&gr=285&lng=en&fCountry=137

178.253.29.51

176 B

URL
1xlite-461430.top/service-api/gamespreview/getbanner?whence=55&ref=1&gr=285&lng=en&fCountry=137
IP
178.253.29.51:0
ASN
#202492 Silverhill Group Holding Ltd

File type
JSON text data
Size
176 B (176 bytes)
Hash
ac86deb03def477abf768a8455c8aa90
87bbc45a47946c01a6f494da652c5b1940e4a62c
6a19047f1e73a26daaac3ec171356c005d39984c931de6c0c0b4184ade05c55b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /service-api/gamespreview/getbanner?whence=55&ref=1&gr=285&lng=en&fCountry=137 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder; platform_type=desktop; auid=sv0dM2Y53rKJcwD9AxxYAg==; SESSION=a2f5c34fdc98d4dc79ec14adc732be85; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:37 GMT
content-type: application/json; charset=utf-8
content-length: 176
x-time-ng: 0.006
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.014
X-Firefox-Spdy: h2

1xlite-461430.top/session-api/sessions/user

178.253.29.51

16 B

URL
1xlite-461430.top/session-api/sessions/user
IP
178.253.29.51:0
ASN
#202492 Silverhill Group Holding Ltd

File type
JSON text data
Size
16 B (16 bytes)
Hash
646b2e82b65602d35f7aa6283c387e3a
b163a70c5df8e4b0861a23a04f8a6f78393747f4
b68bf12405ee2cb5b76764df21dbc2df0953ddff4072ddc5281d1aab05e8c4ab

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /session-api/sessions/user HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder; platform_type=desktop; auid=sv0dM2Y53rKJcwD9AxxYAg==; SESSION=a2f5c34fdc98d4dc79ec14adc732be85; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:37 GMT
content-type: application/json
content-length: 16
cache-control: no-cache, private
x-time-ng: 0.002
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: p;dur=1.3659000396729, wf-uht;dur=0.014
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/css/88cfac66.css

185.244.209.62

200 OK

97 B

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/default/css/88cfac66.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
97 B (97 bytes)
Hash
9deb70dd3fbdc7061ed21c5632fbc55b
22ae1cadf75b3fdd5e3e3762842b1b7a6f6e7ed8
be8196057ac43ab3882caf30239c364e1ef4ceda087e92ca87187ce239f022f9

HTTP Headers

GET /_nuxt/desktop/default/css/88cfac66.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:37 GMT
content-type: text/css
content-length: 97
last-modified: Thu, 02 May 2024 12:52:18 GMT
etag: "66338c82-61"
content-encoding: gzip
expires: Fri, 03 May 2024 15:57:32 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-6564a7e90441ecc8cd6cf6ba1af5701d-e36ed90527a63aab-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-02T15:57:32+00:00, 2024-05-06T13:27:20+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/sys-icons/1.0.328/285/common.svg

185.244.209.62

68 kB

URL
v3.traincdn.com/sys-icons/1.0.328/285/common.svg
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
SVG Scalable Vector Graphics image
Size
68 kB (68416 bytes)
Hash
41f87cfcf0fc20ef56078430710379e9
2a6b1bba9c41043a24e6052230faca7d3e9aa0c4
05f204bde079f8db5438e4d466fb40543c312a4522582ba0c7787d9c12c4891b

HTTP Headers

GET /sys-icons/1.0.328/285/common.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:37 GMT
content-type: image/svg+xml
last-modified: Mon, 15 Apr 2024 07:13:32 GMT
etag: W/"7bf3e9e7d79beac942f5e7748a3af2e6"
x-amz-meta-mtime: 1713165210.217888091
content-encoding: gzip
expires: Tue, 23 Apr 2024 10:38:01 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-e4c4af7c40b673c3d0fc8d2469c9d5e4-68a6a94363157bb7-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-22T10:38:01+00:00, 2024-05-06T12:11:32+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/css/25e24e18.css

185.244.209.62

1.5 kB

URL
v3.traincdn.com/_nuxt/desktop/default/css/25e24e18.css
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
ASCII text, with very long lines (6262), with no line terminators
Size
1.5 kB (1505 bytes)
Hash
09f1bd90913ad83743065cc13ee3e0c6
0f1d49d4ddfccf474d882839c1ac901a8c1d91e6
b0222e16baaccc20a1143166da7715bbab586f1d8d8bebf26f91e98738a55a92

HTTP Headers

GET /_nuxt/desktop/default/css/25e24e18.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:37 GMT
content-type: text/css
content-length: 1505
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-5e1"
content-encoding: gzip
expires: Tue, 07 May 2024 12:28:59 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-ea1ce2edfc78491db613e9e1dbbc46e1-f029dbb26922e4fc-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T12:28:59+00:00, 2024-05-06T16:17:02+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

1xlite-461430.top/bff-api/event-logo/v2/suitable.json?lang=en

178.253.29.51

2 B

URL
1xlite-461430.top/bff-api/event-logo/v2/suitable.json?lang=en
IP
178.253.29.51:0
ASN
#202492 Silverhill Group Holding Ltd

File type
JSON text data
Size
2 B (2 bytes)
Hash
d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /bff-api/event-logo/v2/suitable.json?lang=en HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder; platform_type=desktop; auid=sv0dM2Y53rKJcwD9AxxYAg==; SESSION=a2f5c34fdc98d4dc79ec14adc732be85; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:37 GMT
content-type: application/json
content-length: 2
cache-control: no-cache, private
server-timing: bff;dur=14.57, dt_total;dur=23.815, wf-uht;dur=0.046
traceparent: 00-3c4f36b2fcf4f8a850549a31c0dabfa6-137d5c42fc6bf07b-01
x-dt: 285
x-time-ng: 0.024
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/vendors/RegistrationWidgetApp-4b1f6e54.js

185.244.209.62

21 kB

URL
v3.traincdn.com/_nuxt/desktop/default/vendors/RegistrationWidgetApp-4b1f6e54.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
21 kB (20768 bytes)
Hash
05e740893c07a5cc45b5f0f2d787dbf5
28c364157e02ce207609bca53064a4b513e8bda7
a2af38a1cec7178448ce8d1aee99190b643f50894d3d05cac2e5234caeac8e5e

HTTP Headers

GET /_nuxt/desktop/default/vendors/RegistrationWidgetApp-4b1f6e54.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:37 GMT
content-type: application/javascript; charset=utf-8
content-length: 20768
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-5120"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:16 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-5a77af82496aff08aadc8fc2f971bd35-19ff0e29bf635544-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:16+00:00, 2024-05-06T16:17:02+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/betting.coupon2-183c618c.js

185.244.209.62

200 OK

579 B

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/default/betting.coupon2-183c618c.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (1003), with no line terminators
Size
579 B (579 bytes)
Hash
54f54116f151f6469527d5f5c584887c
8078098cda5d50eeb285da4fc78655562f8324ed
8112adb0bbfa619109d5a6c3263e5e1761599c14b3c474b58b2f5ca512b46efb

HTTP Headers

GET /_nuxt/desktop/default/betting.coupon2-183c618c.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:37 GMT
content-type: application/javascript; charset=utf-8
content-length: 579
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-243"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:16 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-f5c215faf5d646bbb6e8acea396c5588-3c97f4f9daeb79ed-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:16+00:00, 2024-05-06T15:01:41+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

1xlite-461430.top/service-api/LiveFeed/GetTopGamesStatZip?lng=en&antisports=66

178.253.29.51

200 OK

2.2 kB

URL GET HTTP/2
1xlite-461430.top/service-api/LiveFeed/GetTopGamesStatZip?lng=en&antisports=66
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
2.2 kB (2205 bytes)
Hash
9c47ad1d21a8bd686e00e8e4cd126430
9770ae1bdb09739672bf5d422d595c26fb1b961c
8485b83ac874d0f36d6dcee52bddba11f27c88749540b67c30260e3efb1d3fce

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /service-api/LiveFeed/GetTopGamesStatZip?lng=en&antisports=66 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder; platform_type=desktop; auid=sv0dM2Y53rKJcwD9AxxYAg==; SESSION=a2f5c34fdc98d4dc79ec14adc732be85; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:37 GMT
content-type: application/json; charset=utf-8
content-length: 2205
cache-control: public, max-age=5
content-encoding: br
last-modified: Tue, 07 May 2024 07:56:37 GMT
vary: Accept-Encoding
x-time-ng: 0.003
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.010
X-Firefox-Spdy: h2

1xlite-461430.top/service-api/LiveFeed/WebGetTopChampsZip?lng=en&gr=285&country=137

178.253.29.51

65 B

URL
1xlite-461430.top/service-api/LiveFeed/WebGetTopChampsZip?lng=en&gr=285&country=137
IP
178.253.29.51:0
ASN
#202492 Silverhill Group Holding Ltd

File type
JSON text data
Size
65 B (65 bytes)
Hash
a62a3d291c25728a06f15b4ee47d5e43
7613e665c8dd639f4f8b821f8337cc4629e3d942
1e2d5a52c362e3ab706e11a3ee2454024423019bd4976d4874df7681c7468b3c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /service-api/LiveFeed/WebGetTopChampsZip?lng=en&gr=285&country=137 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder; platform_type=desktop; auid=sv0dM2Y53rKJcwD9AxxYAg==; SESSION=a2f5c34fdc98d4dc79ec14adc732be85; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:37 GMT
content-type: application/json; charset=utf-8
content-length: 65
cache-control: no-cache
content-encoding: br
last-modified: Tue, 07 May 2024 07:56:37 GMT
vary: Accept-Encoding
x-time-ng: 0.015
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.022
X-Firefox-Spdy: h2

1xlite-461430.top/genfiles/cms/desktop/contact/86f18367ce2829388dcdabccb99b1740.svg

178.253.29.51

263 B

URL
1xlite-461430.top/genfiles/cms/desktop/contact/86f18367ce2829388dcdabccb99b1740.svg
IP
178.253.29.51:0
ASN
#202492 Silverhill Group Holding Ltd

File type
SVG Scalable Vector Graphics image
Size
263 B (263 bytes)
Hash
28e2c161800b61b985a163f5c492ae51
8845ea940210b4ccb195cca855a598e6aaa58ed0
77c93c24e4eb0f8815a7526d405818c9a38ba6e4317f1fee588fffbc00cb17de

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/desktop/contact/86f18367ce2829388dcdabccb99b1740.svg HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/en?tag=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder; platform_type=desktop; auid=sv0dM2Y53rKJcwD9AxxYAg==; SESSION=a2f5c34fdc98d4dc79ec14adc732be85; window_width=1280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:38 GMT
content-type: image/svg+xml
content-length: 263
last-modified: Fri, 23 Feb 2024 10:01:24 GMT
etag: "28e2c161800b61b985a163f5c492ae51"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
accept-ranges: bytes
X-Firefox-Spdy: h2

1xlite-461430.top/genfiles/cms/desktop/contact/dbc1950bbcc8e27b5dbec1f42635e8d0.svg

178.253.29.51

296 B

URL
1xlite-461430.top/genfiles/cms/desktop/contact/dbc1950bbcc8e27b5dbec1f42635e8d0.svg
IP
178.253.29.51:0
ASN
#202492 Silverhill Group Holding Ltd

File type
SVG Scalable Vector Graphics image
Size
296 B (296 bytes)
Hash
b1bf63d00887bb0354e9d89c7d790a01
2d64ab25c9afff682abd6732f62ba62a197e972b
a6a4fbbd99a0a82de03f05da827ccd9d019574bf3450727530403c2b5ce92df0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/desktop/contact/dbc1950bbcc8e27b5dbec1f42635e8d0.svg HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/en?tag=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder; platform_type=desktop; auid=sv0dM2Y53rKJcwD9AxxYAg==; SESSION=a2f5c34fdc98d4dc79ec14adc732be85; window_width=1280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:38 GMT
content-type: image/svg+xml
content-length: 296
last-modified: Fri, 23 Feb 2024 10:03:47 GMT
etag: "b1bf63d00887bb0354e9d89c7d790a01"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
accept-ranges: bytes
X-Firefox-Spdy: h2

1xlite-461430.top/genfiles/cms/desktop/contact/6726b16cfb4e516989153ce398d4a0e4.svg

178.253.29.51

506 B

URL
1xlite-461430.top/genfiles/cms/desktop/contact/6726b16cfb4e516989153ce398d4a0e4.svg
IP
178.253.29.51:0
ASN
#202492 Silverhill Group Holding Ltd

File type
SVG Scalable Vector Graphics image
Size
506 B (506 bytes)
Hash
9c340eae608db0c25657b4a73d769afe
988fbf333a2e9290211cd9e6b7c98c59719012b0
b92e969acd8a1e0f9cfd1f84080ca5ccb8cb49b105299434c275a8813faf841e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/desktop/contact/6726b16cfb4e516989153ce398d4a0e4.svg HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/en?tag=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder; platform_type=desktop; auid=sv0dM2Y53rKJcwD9AxxYAg==; SESSION=a2f5c34fdc98d4dc79ec14adc732be85; window_width=1280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:38 GMT
content-type: image/svg+xml
content-length: 506
last-modified: Fri, 23 Feb 2024 10:03:36 GMT
etag: "9c340eae608db0c25657b4a73d769afe"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/sys-icons/1.0.328/285/logos.svg

185.244.209.62

19 kB

URL
v3.traincdn.com/sys-icons/1.0.328/285/logos.svg
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
SVG Scalable Vector Graphics image
Size
19 kB (18950 bytes)
Hash
7e8bd1abf2a3b3b6349664b597c0c0f7
826590a1e0f339ebe3e8ef135a618794b3258d8e
9c23cd7f8ff3b26730f961590aba6e305f48f4975dc47be286bc74388cfbbc59

HTTP Headers

GET /sys-icons/1.0.328/285/logos.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:38 GMT
content-type: image/svg+xml
last-modified: Mon, 15 Apr 2024 07:13:32 GMT
etag: W/"c45fb3adb3e47bdbd03c88fc4c4309aa"
x-amz-meta-mtime: 1713165210.217888091
content-encoding: gzip
expires: Tue, 23 Apr 2024 10:38:05 GMT
cache-control: max-age=86400
x-time-ng: 0.003
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-77fbcc523075530716b9d0622b9845f3-ccc8915e5f8e364f-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-22T10:38:05+00:00, 2024-05-06T12:11:32+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

widget.suphelper.top/injector.js

104.18.39.72

77 kB

URL
widget.suphelper.top/injector.js
IP
104.18.39.72:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
77 kB (76897 bytes)
Hash
83aac4ad5ef534324323094c239bf166
29a8ab509f2166a49720357c2329bffe145d7557
e9ea40220ea5792be2e5225127a90cf23c3cb18b28caac7683638a25ffe3a3ca

HTTP Headers

GET /injector.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 07:56:38 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=14400
last-modified: Thu, 02 May 2024 07:01:48 GMT
etag: W/"32e7a-18f381bf77a"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 19
expires: Tue, 07 May 2024 11:56:38 GMT
server: cloudflare
cf-ray: 87ffa792b99c568a-OSL
X-Firefox-Spdy: h2

1xlite-461430.top/checker/redirect/stat/run/

178.253.29.51

4.0 kB

URL
1xlite-461430.top/checker/redirect/stat/run/
IP
178.253.29.51:0
ASN
#202492 Silverhill Group Holding Ltd

File type
JSON text data
Size
4.0 kB (4046 bytes)
Hash
741934b89418d344f6b45d01fe7ddae7
2875d1bff3ba4850c36d335664cb596c17eb6fcf
488059f86ea7968767b02087d83b3e500aa5b3686e6b2522d967ff80eb6c6af9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /checker/redirect/stat/run/ HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder; platform_type=desktop; auid=sv0dM2Y53rKJcwD9AxxYAg==; SESSION=a2f5c34fdc98d4dc79ec14adc732be85; window_width=1280; _glhf=1715086374; che_g=277ff3df-2e51-ec4f-06d0-569e93b07f06
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:38 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-time-ng: 0.000
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.008
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/DownloadAppWidget-b6662b37.js

185.244.209.62

200 OK

4.1 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/default/DownloadAppWidget-b6662b37.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (12039), with no line terminators
Size
4.1 kB (4124 bytes)
Hash
d5bb5783c476219b31ce5582083fd74b
326b40532b72988c1d23fb931daabead75d18482
2724a816ddb0fd1234ca8cebf9db4fd60290f282fcfcb5619ffe70be9c0160b7

HTTP Headers

GET /_nuxt/desktop/default/DownloadAppWidget-b6662b37.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:38 GMT
content-type: application/javascript; charset=utf-8
content-length: 4124
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-101c"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:35 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-e8eeea38b337a4a761daaccd3edade3d-f03ba4f932194414-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:35+00:00, 2024-05-06T15:01:52+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/resized/size16/sfiles/logo_teams/c160e2c3c4fe9efae0422eb3eae273e4.webp

185.244.209.62

820 B

URL
v3.traincdn.com/resized/size16/sfiles/logo_teams/c160e2c3c4fe9efae0422eb3eae273e4.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
RIFF (little-endian) data, Web/P image
Size
820 B (820 bytes)
Hash
c3564e4a78f7c0d00622ad30cebbba9b
3d20e1322cf42b6113cb261708bc20b81856d0a3
076ef88422fa6575d9724cbfc25f6af092011f68a8992cd60fbe69d035fd4698

HTTP Headers

GET /resized/size16/sfiles/logo_teams/c160e2c3c4fe9efae0422eb3eae273e4.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:38 GMT
content-type: image/webp
content-length: 820
cache-control: max-age=94608000
content-disposition: inline; filename="c160e2c3c4fe9efae0422eb3eae273e4.webp"
content-security-policy: script-src 'none'
expires: Fri, 07 May 2027 07:03:24 GMT
x-request-id: 7de1c591ed4505d9ed3fd15a32cd1f41
x-time-ng: 0.028
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-d168e9819d131612be9f61036cc2b7c3-63382f4acc20269c-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T07:03:24+00:00, 2024-05-07T07:04:32+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/sfiles/logo-champ/0dfc89d2253d58ea0dd40d1f17fb2af8.webp

185.244.209.62

3.7 kB

URL
v3.traincdn.com/sfiles/logo-champ/0dfc89d2253d58ea0dd40d1f17fb2af8.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
RIFF (little-endian) data, Web/P image
Size
3.7 kB (3682 bytes)
Hash
9a95e3840ab8ac77449d48901f23a27c
0bfd3f6376b613b4d18e0aa61b5913c7ab7df027
483fb0bc1076f87f81f8febc9c2e4b29570faf4065e4ecb07b7d35810db50033

HTTP Headers

GET /sfiles/logo-champ/0dfc89d2253d58ea0dd40d1f17fb2af8.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:38 GMT
content-type: image/webp
content-length: 3682
last-modified: Sat, 28 Jan 2023 07:31:59 GMT
etag: "9a95e3840ab8ac77449d48901f23a27c"
cache-control: public, max-age=86400, public
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-248b042356fbee262441c0dd7166d0ef-c853806faa640234-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T10:37:57+00:00, 2024-05-07T05:23:35+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/resized/size16/sfiles/logo_teams/976e8b74169c43d562cc4566cb368bae.webp

185.244.209.62

706 B

URL
v3.traincdn.com/resized/size16/sfiles/logo_teams/976e8b74169c43d562cc4566cb368bae.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
RIFF (little-endian) data, Web/P image
Size
706 B (706 bytes)
Hash
711ea8621c0177bb5d3162fd94dc5cc2
e7122126374fd5c11a57de818025fda07e76c64d
0b72c5cac0035edf01014efd42630275220c328bf25d5c6a12add0b3ccd33424

HTTP Headers

GET /resized/size16/sfiles/logo_teams/976e8b74169c43d562cc4566cb368bae.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:38 GMT
content-type: image/webp
content-length: 706
cache-control: max-age=94608000
content-disposition: inline; filename="976e8b74169c43d562cc4566cb368bae.webp"
content-security-policy: script-src 'none'
expires: Fri, 07 May 2027 07:44:18 GMT
x-request-id: afb061d80bfa7fa2dda996361e547801
x-time-ng: 0.027
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-84dd55ac821d6a8394c668d14d40e7e3-9a7b00e7aba0a0f6-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T07:44:18+00:00, 2024-05-07T07:44:19+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/resized/size16/sfiles/logo_teams/13000c25f379c5c3f970bca5130f7b21.webp

185.244.209.62

742 B

URL
v3.traincdn.com/resized/size16/sfiles/logo_teams/13000c25f379c5c3f970bca5130f7b21.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
RIFF (little-endian) data, Web/P image
Size
742 B (742 bytes)
Hash
9cf1fff076429833c78ebd3ab3654874
67f100878848c6ad7cce6fdb5ddda208f7a7638f
22c9e6feac8428d89e94d346cb64a8ee8f4bc70d830312c831b21d994e417715

HTTP Headers

GET /resized/size16/sfiles/logo_teams/13000c25f379c5c3f970bca5130f7b21.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:38 GMT
content-type: image/webp
content-length: 742
cache-control: max-age=94608000
content-disposition: inline; filename="13000c25f379c5c3f970bca5130f7b21.webp"
content-security-policy: script-src 'none'
expires: Fri, 07 May 2027 07:44:18 GMT
x-request-id: 1ef983305ad911d91b3afbb9dd50660f
x-time-ng: 0.031
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-95f6b1c32c8f9a6ccc58ca2ee6046026-a3c1eb7fd03fb3e5-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T07:44:18+00:00, 2024-05-07T07:44:19+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/resized/size16/sfiles/logo_teams/98df3cda9814021aa5e4b1cc477c1470.webp

185.244.209.62

864 B

URL
v3.traincdn.com/resized/size16/sfiles/logo_teams/98df3cda9814021aa5e4b1cc477c1470.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
RIFF (little-endian) data, Web/P image
Size
864 B (864 bytes)
Hash
bc385140f589752a771eb8b71fe6acfc
1f365d4a159bdffd5b90bf30e2cbcef90c72e683
fdecad3590dce753716afde7314488de9cf1e2141102fc503e1b1fa7683fd625

HTTP Headers

GET /resized/size16/sfiles/logo_teams/98df3cda9814021aa5e4b1cc477c1470.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:38 GMT
content-type: image/webp
content-length: 864
cache-control: max-age=94608000
content-disposition: inline; filename="98df3cda9814021aa5e4b1cc477c1470.webp"
content-security-policy: script-src 'none'
expires: Fri, 07 May 2027 06:23:18 GMT
x-request-id: ac1ffc684a3672bed6bdb1b2617212e0
x-time-ng: 0.078
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-e8e9e082d48c43636ef6f4c7204bf2d8-44b43a465eaaec22-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T06:23:18+00:00, 2024-05-07T06:23:19+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/resized/size16/sfiles/logo_teams/bbc4212bfd173cd4f0b097832c744832.webp

185.244.209.62

678 B

URL
v3.traincdn.com/resized/size16/sfiles/logo_teams/bbc4212bfd173cd4f0b097832c744832.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
RIFF (little-endian) data, Web/P image
Size
678 B (678 bytes)
Hash
570529bd10bcb908c65e61abad1cad24
66a661cebc2a1213d021597fac4d6f277227a8aa
d2659b526e1736bc936458e22e686820c47ad258b641514773f91feb7bb31c5b

HTTP Headers

GET /resized/size16/sfiles/logo_teams/bbc4212bfd173cd4f0b097832c744832.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:38 GMT
content-type: image/webp
content-length: 678
cache-control: max-age=94608000
content-disposition: inline; filename="bbc4212bfd173cd4f0b097832c744832.webp"
content-security-policy: script-src 'none'
expires: Fri, 07 May 2027 06:23:19 GMT
x-request-id: e26095af6c2928d22b652ac40acacf69
x-time-ng: 0.040
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-f35aa9c30283d02872bb3782d77a6233-7e2dd3050ae6a90d-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T06:23:19+00:00, 2024-05-07T06:23:19+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/resized/size16/sfiles/logo_teams/430705.webp

185.244.209.62

622 B

URL
v3.traincdn.com/resized/size16/sfiles/logo_teams/430705.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
RIFF (little-endian) data, Web/P image
Size
622 B (622 bytes)
Hash
a77bb757329de3126171cd6a8615b7dd
a4024534b6be04355a67c410e7753549c3189f1c
4cbb73f5b4f8c2ff2df030dfd4123d60a0d841c795e0fed943a2924cdf9f4db4

HTTP Headers

GET /resized/size16/sfiles/logo_teams/430705.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:38 GMT
content-type: image/webp
content-length: 622
cache-control: max-age=94608000
content-disposition: inline; filename="430705.webp"
content-security-policy: script-src 'none'
expires: Wed, 05 May 2027 20:43:01 GMT
x-request-id: 227ac2e2a282b1ced8cc2c7a84e9f5a7
x-time-ng: 0.027
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-4404c4edf864ea7a97601fc3bbf39e34-3a2139e150950bf9-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-05T20:43:01+00:00, 2024-05-05T21:03:21+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/resized/size16/sfiles/logo_teams/784a997603da4be13c9a37255f0630ed.webp

185.244.209.62

722 B

URL
v3.traincdn.com/resized/size16/sfiles/logo_teams/784a997603da4be13c9a37255f0630ed.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
RIFF (little-endian) data, Web/P image
Size
722 B (722 bytes)
Hash
a7c8b4530253f01717fa3931eafda5f1
27d260d85e2fe9bdb0a05d3def2c1d5b3c07f70c
eb1facddc06852c5c56c460733af5c799dedd3cb0bb0e5f27dfe5f2c786b825f

HTTP Headers

GET /resized/size16/sfiles/logo_teams/784a997603da4be13c9a37255f0630ed.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:38 GMT
content-type: image/webp
content-length: 722
cache-control: max-age=94608000
content-disposition: inline; filename="784a997603da4be13c9a37255f0630ed.webp"
content-security-policy: script-src 'none'
expires: Mon, 03 May 2027 07:09:44 GMT
x-request-id: 01c26655fc27fb91d48dec421ed8f2c0
x-time-ng: 0.041
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-ceb5557bfa21376f976c47d5512a89c3-3954e9fe1ffe9302-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-03T07:09:44+00:00, 2024-05-05T21:03:21+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/resized/size16/sfiles/logo_teams/777041.webp

185.244.209.62

612 B

URL
v3.traincdn.com/resized/size16/sfiles/logo_teams/777041.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
RIFF (little-endian) data, Web/P image
Size
612 B (612 bytes)
Hash
aa7c290828039a855a059b5e53442f17
079ed4d5ba69a0be8181fe07770df749d8a2138c
c1e5d54c34101affd40eb43cac8113a9b088a0bfbaf5934a9acf1e4fe7800933

HTTP Headers

GET /resized/size16/sfiles/logo_teams/777041.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:38 GMT
content-type: image/webp
content-length: 612
cache-control: max-age=94608000
content-disposition: inline; filename="777041.webp"
content-security-policy: script-src 'none'
expires: Wed, 05 May 2027 20:36:34 GMT
x-request-id: d7e55020d7e2023b18c6039a0bbc0da7
x-time-ng: 0.038
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-29e282fdaff2ebe7330e34f797309c29-f92b8ed6914918ea-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-05T20:36:34+00:00, 2024-05-05T21:03:20+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/resized/size16/sfiles/logo_teams/86bd8341acf17b60b9c0bfe058d5de3e.webp

185.244.209.62

708 B

URL
v3.traincdn.com/resized/size16/sfiles/logo_teams/86bd8341acf17b60b9c0bfe058d5de3e.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
RIFF (little-endian) data, Web/P image
Size
708 B (708 bytes)
Hash
61de4008d9e7756856988221cdac6edb
ab3b22a8165ea79c307445c8df2e747d6c03562a
bfb8bc3ee6436040000ea39dd89e7c0c1439efa9c15e1752314d17c09dc0708f

HTTP Headers

GET /resized/size16/sfiles/logo_teams/86bd8341acf17b60b9c0bfe058d5de3e.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:38 GMT
content-type: image/webp
content-length: 708
cache-control: max-age=94608000
content-disposition: inline; filename="86bd8341acf17b60b9c0bfe058d5de3e.webp"
content-security-policy: script-src 'none'
expires: Tue, 04 May 2027 20:27:03 GMT
x-request-id: d2a41664821325242d060b487c071853
x-time-ng: 0.096
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-27a54f4f5741b066c268936a38c0ceb8-8f86bcde5fa339e9-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-04T20:27:03+00:00, 2024-05-05T21:03:21+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/resized/size16/sfiles/logo_teams/b245376e893ffb2b23ed809b5e7511e8.webp

185.244.209.62

550 B

URL
v3.traincdn.com/resized/size16/sfiles/logo_teams/b245376e893ffb2b23ed809b5e7511e8.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
RIFF (little-endian) data, Web/P image
Size
550 B (550 bytes)
Hash
be6b6df78f95309623fd7698c7c35726
664172988d1d10cf662a9534f4f98fea42466dd7
9f59b55cd8cb17c9293331a6ff74b1bc4d23fdf03079a6dc9531f2428d8a23b2

HTTP Headers

GET /resized/size16/sfiles/logo_teams/b245376e893ffb2b23ed809b5e7511e8.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:38 GMT
content-type: image/webp
content-length: 550
cache-control: max-age=94608000
content-disposition: inline; filename="b245376e893ffb2b23ed809b5e7511e8.webp"
content-security-policy: script-src 'none'
expires: Tue, 04 May 2027 20:27:03 GMT
x-request-id: 456a23db0eb46e198eb078ed86458d81
x-time-ng: 0.070
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-5a36079977fa34ce164af77c2f368ce4-6ca41308ffa0fe87-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-04T20:27:03+00:00, 2024-05-05T21:03:21+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/resized/size16/sfiles/logo_teams/8f4cef351b6802098c83b0fa5179c415.webp

185.244.209.62

692 B

URL
v3.traincdn.com/resized/size16/sfiles/logo_teams/8f4cef351b6802098c83b0fa5179c415.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
RIFF (little-endian) data, Web/P image
Size
692 B (692 bytes)
Hash
0dfe172b3c7250698c2b9f828d24cde4
943bc6b254d18218c6c140e1c9396b7da775aef5
bdd91cf723adc621fccf3f7e6d0f3928076acbf4deac7874d9e98a2d17223e55

HTTP Headers

GET /resized/size16/sfiles/logo_teams/8f4cef351b6802098c83b0fa5179c415.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:38 GMT
content-type: image/webp
content-length: 692
cache-control: max-age=94608000
content-disposition: inline; filename="8f4cef351b6802098c83b0fa5179c415.webp"
content-security-policy: script-src 'none'
expires: Wed, 05 May 2027 20:36:34 GMT
x-request-id: 21399d5b0b02f89f9a3263a94d4a0721
x-time-ng: 0.024
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-46d46f12eca60a5650616245e724d602-959ca51c70b2848b-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-05T20:36:34+00:00, 2024-05-05T21:03:21+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/resized/size16/sfiles/logo_teams/21e96e94a20be89476d6bc4cd3e17487.webp

185.244.209.62

704 B

URL
v3.traincdn.com/resized/size16/sfiles/logo_teams/21e96e94a20be89476d6bc4cd3e17487.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
RIFF (little-endian) data, Web/P image
Size
704 B (704 bytes)
Hash
edb5c4151092632e108c301a7f9ad186
4f659112a673f9d00995b7bddb45af3bb7f4a91b
0eb36ee4160449d745e8d660274bdee45821cbecde0bafa3231d72ebe75d1e1d

HTTP Headers

GET /resized/size16/sfiles/logo_teams/21e96e94a20be89476d6bc4cd3e17487.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:38 GMT
content-type: image/webp
content-length: 704
cache-control: max-age=94608000
content-disposition: inline; filename="21e96e94a20be89476d6bc4cd3e17487.webp"
content-security-policy: script-src 'none'
expires: Tue, 04 May 2027 20:27:03 GMT
x-request-id: 3daedf5680e03a9759599a54ba73dd91
x-time-ng: 0.083
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-d16e448df8449cec66a4845728784074-31721c5fd9c3443f-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-04T20:27:03+00:00, 2024-05-05T21:03:21+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/resized/size16/sfiles/logo_teams/4788878dca0f5c261addd232f2543917.webp

185.244.209.62

744 B

URL
v3.traincdn.com/resized/size16/sfiles/logo_teams/4788878dca0f5c261addd232f2543917.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
RIFF (little-endian) data, Web/P image
Size
744 B (744 bytes)
Hash
9bb427532c019c0f22c174d94726ff19
962d4b3657b0a62158cd3db705b19067152b78c4
8774ae990f5d2b521c08192976368a352914c40aea8e2e40bac8fa1c3c9f4b68

HTTP Headers

GET /resized/size16/sfiles/logo_teams/4788878dca0f5c261addd232f2543917.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:38 GMT
content-type: image/webp
content-length: 744
cache-control: max-age=94608000
content-disposition: inline; filename="4788878dca0f5c261addd232f2543917.webp"
content-security-policy: script-src 'none'
expires: Tue, 04 May 2027 17:25:32 GMT
x-request-id: eabdb790ea2a68580d15ed657ee94add
x-time-ng: 0.048
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-d1c75139ceed43fb138e25f726ab9c24-64b638c37121fec2-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-04T17:25:32+00:00, 2024-05-05T21:03:21+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/resized/size16/sfiles/logo_teams/871935.webp

185.244.209.62

624 B

URL
v3.traincdn.com/resized/size16/sfiles/logo_teams/871935.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
RIFF (little-endian) data, Web/P image
Size
624 B (624 bytes)
Hash
53f4d3e69bfdd8f7b233103559d8e70f
30af144145e331651b0d27accb2c796c07af6aaf
6d26b125826253512eed7e696ce956ff9e388b8c098a57334b121032cc01a8ec

HTTP Headers

GET /resized/size16/sfiles/logo_teams/871935.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:38 GMT
content-type: image/webp
content-length: 624
cache-control: max-age=94608000
content-disposition: inline; filename="871935.webp"
content-security-policy: script-src 'none'
expires: Tue, 04 May 2027 23:24:27 GMT
x-request-id: 7dedbb8e3423d05f972bc7b465f54da0
x-time-ng: 0.041
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-4a041d121126f2b2ccc23e1ac9171570-8fba96efb76d7060-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-04T23:24:27+00:00, 2024-05-05T17:56:39+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/resized/size16/sfiles/logo_teams/0e6469e93da435d062073f66c1513d5d.webp

185.244.209.62

678 B

URL
v3.traincdn.com/resized/size16/sfiles/logo_teams/0e6469e93da435d062073f66c1513d5d.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
RIFF (little-endian) data, Web/P image
Size
678 B (678 bytes)
Hash
4684d698e854254e3eb0532ab0f20252
3c0a9053e9ac0243bb7dffb9c7ff84d03af84be5
329c25be67d6daebaee6618321d4a43ced39d0c9251bbe48c7b71c94c420ccd9

HTTP Headers

GET /resized/size16/sfiles/logo_teams/0e6469e93da435d062073f66c1513d5d.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:38 GMT
content-type: image/webp
content-length: 678
cache-control: max-age=94608000
content-disposition: inline; filename="0e6469e93da435d062073f66c1513d5d.webp"
content-security-policy: script-src 'none'
expires: Wed, 05 May 2027 08:55:12 GMT
x-request-id: 87665d9f6f50430655b855fee2f622df
x-time-ng: 0.035
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-56948fbc448db6e483e2314b9fd1950c-74835425f1a60800-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-05T08:55:12+00:00, 2024-05-05T17:56:39+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/resized/size16/sfiles/logo_teams/1811085.webp

185.244.209.62

572 B

URL
v3.traincdn.com/resized/size16/sfiles/logo_teams/1811085.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
RIFF (little-endian) data, Web/P image
Size
572 B (572 bytes)
Hash
14c39a1cd7f364b0c63dd33701f3120d
74e87ae363a8a651caa06bea31d5c8380282ea92
e84e73f110ade47ae68c7dbdc72faf328b4a4d6130e2aaa918414f11452578f6

HTTP Headers

GET /resized/size16/sfiles/logo_teams/1811085.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:38 GMT
content-type: image/webp
content-length: 572
cache-control: max-age=94608000
content-disposition: inline; filename="1811085.webp"
content-security-policy: script-src 'none'
expires: Thu, 06 May 2027 17:43:23 GMT
x-request-id: 66eabaaf983287b9743cb66d99abcd48
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-fe0d36aabc8a0c7b203bfbc336a3dfa3-a7ec67f9c225f7b7-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T17:43:23+00:00, 2024-05-07T00:39:30+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/resized/size16/sfiles/logo_teams/9c229b4017ea1bca9f7780117ebaeb9e.webp

185.244.209.62

560 B

URL
v3.traincdn.com/resized/size16/sfiles/logo_teams/9c229b4017ea1bca9f7780117ebaeb9e.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
RIFF (little-endian) data, Web/P image
Size
560 B (560 bytes)
Hash
9c61bb9071bbe3049ec4072055ae9aa7
6bf1e270f92c1f6045aef30f8e4c0791e4551a0e
0bb4cd7596244b5813bcb0b808eb5f209d18813981d43801cfbdb0d56c25c54e

HTTP Headers

GET /resized/size16/sfiles/logo_teams/9c229b4017ea1bca9f7780117ebaeb9e.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:38 GMT
content-type: image/webp
content-length: 560
cache-control: max-age=94608000
content-disposition: inline; filename="9c229b4017ea1bca9f7780117ebaeb9e.webp"
content-security-policy: script-src 'none'
expires: Tue, 04 May 2027 19:53:43 GMT
x-request-id: 5ab4f3ea7914ec1c9bf06c1c3fe892d0
x-time-ng: 0.089
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-63354f58dd20968f49af7a4d8f4dbf27-6d441b9009a68d97-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-04T19:53:43+00:00, 2024-05-05T05:07:18+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/resized/size16/sfiles/logo_teams/19449.webp

185.244.209.62

622 B

URL
v3.traincdn.com/resized/size16/sfiles/logo_teams/19449.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
RIFF (little-endian) data, Web/P image
Size
622 B (622 bytes)
Hash
d36fa0689743ea4f2908c297199cfc63
25c750976cd6c8923e0249a1b2a632360fff2380
d1562e9ed17683b279d9c9227147ea915cd367c3cf70cb2fadfc9a3fe971681e

HTTP Headers

GET /resized/size16/sfiles/logo_teams/19449.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:38 GMT
content-type: image/webp
content-length: 622
cache-control: max-age=94608000
content-disposition: inline; filename="19449.webp"
content-security-policy: script-src 'none'
expires: Wed, 05 May 2027 08:55:12 GMT
x-request-id: 9657c998026a05f8fe01e003b4599c8e
x-time-ng: 0.051
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-6bf86163ae2f4593fef7fc63e576eafa-6b6a701c9eb8081d-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-05T08:55:12+00:00, 2024-05-05T17:56:39+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/resized/size16/sfiles/logo_teams/0d00f86f7dc2c6425816fe7dbd3ad440.webp

185.244.209.62

200 OK

598 B

URL GET HTTP/2
v3.traincdn.com/resized/size16/sfiles/logo_teams/0d00f86f7dc2c6425816fe7dbd3ad440.webp
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
598 B (598 bytes)
Hash
348839b8fd97d54cc1f5b8415010c5a4
70b41b100482d436a90f7b964376ae565700f2ad
64b9bf0f4fd8298ae87ed60000a7fe133067f07881a54cf3ba08bf2901df496a

HTTP Headers

GET /resized/size16/sfiles/logo_teams/0d00f86f7dc2c6425816fe7dbd3ad440.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:38 GMT
content-type: image/webp
content-length: 598
cache-control: max-age=94608000
content-disposition: inline; filename="0d00f86f7dc2c6425816fe7dbd3ad440.webp"
content-security-policy: script-src 'none'
expires: Wed, 05 May 2027 08:55:12 GMT
x-request-id: e0c8150a77a68bc0bf1a94ff59f12a21
x-time-ng: 0.050
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-5f1c903ec91b64d0103ba126954ad135-999dd23693a2b88c-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-05T08:55:12+00:00, 2024-05-05T17:56:39+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/resized/size16/sfiles/logo_teams/0956315a02a2848c72bdf1e906936fea.webp

185.244.209.62

734 B

URL
v3.traincdn.com/resized/size16/sfiles/logo_teams/0956315a02a2848c72bdf1e906936fea.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
RIFF (little-endian) data, Web/P image
Size
734 B (734 bytes)
Hash
e91d3c82625b0db8f71ce7a834807fd1
cba872f84a9dfad6177c0297417290dcb05b9a65
a4181429b5e096f716c21e7ae72d62cc501e67348723f98aba305e4125e7deaa

HTTP Headers

GET /resized/size16/sfiles/logo_teams/0956315a02a2848c72bdf1e906936fea.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:39 GMT
content-type: image/webp
content-length: 734
cache-control: max-age=94608000
content-disposition: inline; filename="0956315a02a2848c72bdf1e906936fea.webp"
content-security-policy: script-src 'none'
expires: Fri, 07 May 2027 07:01:37 GMT
x-request-id: 2615053247992eea344be7f772af8a53
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-3c1042ce247970596dbf5df50e316aaa-d2d537d284ac26a6-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T07:01:37+00:00, 2024-05-07T07:02:14+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

1xlite-461430.top/service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true

178.253.29.51

8.3 kB

URL
1xlite-461430.top/service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true
IP
178.253.29.51:0
ASN
#202492 Silverhill Group Holding Ltd

File type
JSON text data
Size
8.3 kB (8262 bytes)
Hash
006b6c55886b4dd22425c6407c5f5430
bc73466861d1ffb60b60dfbd93e171bddcf98856
f1cdef354ae5df7e15f96525168ab053e54630026d3d2505cc33cac7a2cf4a88

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder; platform_type=desktop; auid=sv0dM2Y53rKJcwD9AxxYAg==; SESSION=a2f5c34fdc98d4dc79ec14adc732be85; window_width=1280; _glhf=1715086374; che_g=277ff3df-2e51-ec4f-06d0-569e93b07f06; application_locale=en
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:39 GMT
content-type: application/json; charset=utf-8
content-length: 8262
cache-control: public, max-age=5
content-encoding: br
last-modified: Tue, 07 May 2024 07:56:39 GMT
vary: Accept-Encoding
x-time-ng: 0.013
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.022
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/css/ff09be90.css

185.244.209.62

705 B

URL
v3.traincdn.com/_nuxt/desktop/default/css/ff09be90.css
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
ASCII text, with very long lines (4705), with no line terminators
Size
705 B (705 bytes)
Hash
2b6cccff5325f6e14ccd6ec354319cd6
f4ec05fc468d3daddec1a3d825c29a55ce4b2050
a153e31a0350b58aad71597632348e14c954738845b58f05ca04b8212dbaca38

HTTP Headers

GET /_nuxt/desktop/default/css/ff09be90.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:39 GMT
content-type: text/css
content-length: 705
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-2c1"
content-encoding: gzip
expires: Tue, 07 May 2024 14:41:31 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-11cff44b1d320781087905bb2483adb0-2d17d490f57d8291-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:41:31+00:00, 2024-05-07T06:06:35+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/betting.SportsMenuCompact-e547fa93.js

185.244.209.62

2.3 kB

URL
v3.traincdn.com/_nuxt/desktop/default/betting.SportsMenuCompact-e547fa93.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
JavaScript source, ASCII text, with very long lines (7751), with no line terminators
Size
2.3 kB (2295 bytes)
Hash
3078429361b9801527b7f4deb1ff2633
c0bf69639f54697d7fcf5ee8ed06072a629b3fff
3042f5f56a8fae2d232bd88071179a50133e8d90fd11ec2f52259b23d8e0cb5a

HTTP Headers

GET /_nuxt/desktop/default/betting.SportsMenuCompact-e547fa93.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:39 GMT
content-type: application/javascript; charset=utf-8
content-length: 2295
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-8f7"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:43 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-9629775fc9ff60643b68f83e3413d442-47942ec7e0eb20d7-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:43+00:00, 2024-05-06T16:25:54+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/sfiles/games-images/game-previews/190x102/games-no-faceless.webp

185.244.209.62

200 OK

6.9 kB

URL GET HTTP/2
v3.traincdn.com/sfiles/games-images/game-previews/190x102/games-no-faceless.webp
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 380x204, Scaling: [none]x[none], YUV color, decoders should clamp
Size
6.9 kB (6884 bytes)
Hash
b7304b532dca88cc708b1c81edf7e051
d9ca9db864badb40bcab6d846ba7110413a339d3
324b9021e7fa1a227b418f5b0707e174d86aa20decea945eab3cea41aac8d2ca

HTTP Headers

GET /sfiles/games-images/game-previews/190x102/games-no-faceless.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:39 GMT
content-type: application/octet-stream
content-length: 6884
last-modified: Thu, 31 Aug 2023 08:11:01 GMT
etag: "b7304b532dca88cc708b1c81edf7e051"
x-amz-meta-origin-date-iso8601: 2023-08-31T08:04:10.000Z
expires: Tue, 14 Nov 2023 18:21:42 GMT
cache-control: max-age=86400, public
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-5cce0478ca1f6b0a15f5977a5723b62f-bc0efa01dfad3f75-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-17T18:59:15+00:00, 2024-05-07T07:17:16+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/sfiles/games-images/game-previews/190x102/game-58.webp

185.244.209.62

8.9 kB

URL
v3.traincdn.com/sfiles/games-images/game-previews/190x102/game-58.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 380x204, Scaling: [none]x[none], YUV color, decoders should clamp
Size
8.9 kB (8880 bytes)
Hash
7a49dad906575c61dd636edbe1201479
d4bf0fbfadca8c6d3a7ec8f3d34d08fced98a21d
0e0cd085244f6272acfa6794d90e32685fa203973e85c62fa96f02cddf7172c6

HTTP Headers

GET /sfiles/games-images/game-previews/190x102/game-58.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:39 GMT
content-type: application/octet-stream
content-length: 8880
last-modified: Thu, 31 Aug 2023 08:11:00 GMT
etag: "7a49dad906575c61dd636edbe1201479"
x-amz-meta-origin-date-iso8601: 2023-08-31T08:03:42.000Z
expires: Tue, 14 Nov 2023 18:21:44 GMT
cache-control: max-age=86400, public
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-426000907be5c9c21555b3eaa96cff06-4671acbdbf537459-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-17T19:17:28+00:00, 2024-05-07T07:17:16+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/sfiles/games-images/game-previews/190x102/game-371.webp

185.244.209.62

6.2 kB

URL
v3.traincdn.com/sfiles/games-images/game-previews/190x102/game-371.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 380x204, Scaling: [none]x[none], YUV color, decoders should clamp
Size
6.2 kB (6158 bytes)
Hash
64ff358fd3a82358542d29d53649dd85
0a15b0731a9468fe49e3b512febe91d951ef6156
a9ae35f930c0bf59e407a0c082347049ae11738d330df4e32f4b2b1129d1470c

HTTP Headers

GET /sfiles/games-images/game-previews/190x102/game-371.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:39 GMT
content-type: application/octet-stream
content-length: 6158
last-modified: Thu, 31 Aug 2023 08:10:58 GMT
etag: "64ff358fd3a82358542d29d53649dd85"
x-amz-meta-origin-date-iso8601: 2023-08-31T08:04:04.000Z
expires: Tue, 14 Nov 2023 18:22:10 GMT
cache-control: max-age=86400, public
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-d353c40ebe5b2eb70f9200a356f0849e-87b2ca2b708fc595-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-17T19:17:28+00:00, 2024-05-07T07:17:16+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/sfiles/games-images/game-previews/190x102/game-249.webp

185.244.209.62

20 kB

URL
v3.traincdn.com/sfiles/games-images/game-previews/190x102/game-249.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 380x204, Scaling: [none]x[none], YUV color, decoders should clamp
Size
20 kB (19770 bytes)
Hash
2c02d34e261b48da9db2682ad433c5e8
e6b9618ac0040910f755a6f24dcb2f5500bb9aca
d8db064ea1623849ccee86b27bdb7825aa0dc452293576de352f9269af60ecfe

HTTP Headers

GET /sfiles/games-images/game-previews/190x102/game-249.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:39 GMT
content-type: application/octet-stream
content-length: 19770
last-modified: Thu, 31 Aug 2023 08:10:56 GMT
etag: "2c02d34e261b48da9db2682ad433c5e8"
x-amz-meta-origin-date-iso8601: 2023-08-31T08:04:00.000Z
expires: Tue, 14 Nov 2023 18:22:10 GMT
cache-control: max-age=86400, public
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-a3b90ace16119b74d963f80c29fb772d-cd03475aec2af308-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-17T19:17:28+00:00, 2024-05-07T07:17:16+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/sfiles/games-images/game-previews/190x102/game-69.webp

185.244.209.62

4.3 kB

URL
v3.traincdn.com/sfiles/games-images/game-previews/190x102/game-69.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 380x204, Scaling: [none]x[none], YUV color, decoders should clamp
Size
4.3 kB (4256 bytes)
Hash
8c2b80027d3818f6bc91227418589ee6
c6d3c4595860bd3d685e4ddea5d4610a6f642a9b
cec387d33e94b8222d71031dbda50143a7ea2e1470d2c96c9e147aa4c4a43960

HTTP Headers

GET /sfiles/games-images/game-previews/190x102/game-69.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:39 GMT
content-type: application/octet-stream
content-length: 4256
last-modified: Thu, 31 Aug 2023 08:11:01 GMT
etag: "8c2b80027d3818f6bc91227418589ee6"
x-amz-meta-origin-date-iso8601: 2023-08-31T08:03:42.000Z
expires: Tue, 14 Nov 2023 18:22:10 GMT
cache-control: max-age=86400, public
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-491f3b8da3ce31ae8aa4cd681ca9c6a2-a52e603b9a659f7e-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-17T19:23:21+00:00, 2024-05-06T11:38:39+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

1xlite-461430.top/service-api/LineFeed/GetSportsShortZip?lng=en&country=137&virtualSports=true&gr=285&groupChamps=true

178.253.29.51

200 OK

2.1 kB

URL GET HTTP/2
1xlite-461430.top/service-api/LineFeed/GetSportsShortZip?lng=en&country=137&virtualSports=true&gr=285&groupChamps=true
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
2.1 kB (2062 bytes)
Hash
62c93797739be3159535fc0af898c367
a73556d1a0935e1ee811d52fed5108cabe44601d
5c9166fd3bde80e2c8fed1f87740273b29178c4deeca9c7fb4f7665f451fc6d1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /service-api/LineFeed/GetSportsShortZip?lng=en&country=137&virtualSports=true&gr=285&groupChamps=true HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder; platform_type=desktop; auid=sv0dM2Y53rKJcwD9AxxYAg==; SESSION=a2f5c34fdc98d4dc79ec14adc732be85; window_width=1280; _glhf=1715086374; che_g=277ff3df-2e51-ec4f-06d0-569e93b07f06; application_locale=en
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:39 GMT
content-type: application/json; charset=utf-8
content-length: 2062
cache-control: public, max-age=5
content-encoding: br
last-modified: Tue, 07 May 2024 07:56:39 GMT
vary: Accept-Encoding
x-time-ng: 0.070
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.077
X-Firefox-Spdy: h2

widget.suphelper.top/_next/static/chunks/pages/index-ed7cd77912c6e3a9.js

104.18.39.72

50 kB

URL
widget.suphelper.top/_next/static/chunks/pages/index-ed7cd77912c6e3a9.js
IP
104.18.39.72:0
ASN
#13335 CLOUDFLARENET

File type
gzip compressed data, from Unix
Size
50 kB (50507 bytes)
Hash
b4d129500981a3161aba03d100e4123f
905b4f7facc8447ca3938e3fe92780363b171722
988e248a89c01ed28ddc4a20d6f20865022ea2d8d3a0f91a687e9ddcf9a1ff9d

HTTP Headers

GET /_next/static/chunks/pages/index-ed7cd77912c6e3a9.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 07 May 2024 07:56:40 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Wed, 24 Apr 2024 22:20:24 GMT
etag: W/"1a2b2-18f12321a97"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 570526
expires: Wed, 07 May 2025 07:56:40 GMT
server: cloudflare
cf-ray: 87ffa79ed9c6568a-OSL
X-Firefox-Spdy: h2

widget.suphelper.top/sounds/new-message.mp3

104.18.39.72

200 OK

30 kB

URL GET HTTP/2
widget.suphelper.top/sounds/new-message.mp3
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://widget.suphelper.top/
Certificate
IssuerGoogle Trust Services LLC
Subjectsuphelper.top
Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36
ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT

File type
MPEG ADTS, layer III, v1, 192 kbps, 48 kHz, JntStereo
Size
30 kB (29952 bytes)
Hash
ef9af24dc7dbd24ffd99c832e1300351
f78744a5013038446c468de14f205f2d52373fd6
5049d7fe87a7327a291441181d1a328a15f46a21081b970502c540406011c9b9

HTTP Headers

GET /sounds/new-message.mp3 HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 07 May 2024 07:56:41 GMT
content-type: audio/mpeg
content-length: 29952
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=14400
last-modified: Thu, 02 May 2024 07:01:48 GMT
etag: W/"7500-18f381bf786"
cf-cache-status: HIT
age: 382
expires: Tue, 07 May 2024 11:56:41 GMT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ffa7a8ad1c568a-OSL
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/betstemplates/bets_model_full_en_0.json

185.244.209.62

12 kB

URL
v3.traincdn.com/genfiles/cms/betstemplates/bets_model_full_en_0.json
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
gzip compressed data, max speed, from Unix
Size
12 kB (11561 bytes)
Hash
3e5f65d23c3c24e05c9f59e91917de9c
5547cfb9315fcc99837f45eebd3e959e49a28c51
31dea28de69d58ba82e30f927f69afca78e7d4e4b73c53e52c273a3c3351a45d

HTTP Headers

GET /genfiles/cms/betstemplates/bets_model_full_en_0.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:40 GMT
content-type: application/json
last-modified: Thu, 02 May 2024 09:18:58 GMT
etag: W/"65c4f8441dea9f78c50a9fc7029f9193"
content-encoding: gzip
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-3cafbc509f7e307a6bb5df2cfce0873e-63bf5a12af742c86-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-02T10:43:17+00:00, 2024-05-07T07:37:30+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/sys-icons/1.0.328/285/sports.svg

185.244.209.62

200 OK

309 kB

URL GET HTTP/2
v3.traincdn.com/sys-icons/1.0.328/285/sports.svg
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
309 kB (309203 bytes)
Hash
c64f385c6c0bfd2bf8cfdd32db3aeb51
eeea23047458abc800073dfb10211fafa2891d74
924424255571381f1e50bac4759538fe8e561656808c715d51513dcada200684

HTTP Headers

GET /sys-icons/1.0.328/285/sports.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:39 GMT
content-type: image/svg+xml
last-modified: Mon, 15 Apr 2024 07:13:32 GMT
etag: W/"0c52e0c32f8f2667a72e0d57b63e02a3"
x-amz-meta-mtime: 1713165210.217888091
content-encoding: gzip
expires: Tue, 23 Apr 2024 10:38:02 GMT
cache-control: max-age=86400
x-time-ng: 0.004
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-eaabf0de6f7d4d530d27a832d99dd05a-d90273a41c7c93e2-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-22T10:38:02+00:00, 2024-05-06T13:30:36+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1/desktop/banner/1ef232ab28e984c65ad109ade8b650ed.webp

185.244.209.62

16 kB

URL
v3.traincdn.com/genfiles/cms/1/desktop/banner/1ef232ab28e984c65ad109ade8b650ed.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1380x248, Scaling: [none]x[none], YUV color, decoders should clamp
Size
16 kB (15874 bytes)
Hash
99937fec94322155d99465451e84e5f4
0549b153f8e34c242f71817a038f7ebad37d27be
d35bc328538e182310574b3ff1d58134efedc49c9f3dbb43ec6df65fed624f33

HTTP Headers

GET /genfiles/cms/1/desktop/banner/1ef232ab28e984c65ad109ade8b650ed.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:42 GMT
content-type: image/webp
content-length: 15874
last-modified: Fri, 26 Apr 2024 11:44:53 GMT
etag: "99937fec94322155d99465451e84e5f4"
x-time-ng: 0.002
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-7ca0f758ae5ab762d1b0f2a209b59157-1758e6c3f874f8be-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-26T11:45:30+00:00, 2024-05-07T07:17:17+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1/desktop/banner/bf26d696b76130d9781b16f89f1de4cc.webp

185.244.209.62

20 kB

URL
v3.traincdn.com/genfiles/cms/1/desktop/banner/bf26d696b76130d9781b16f89f1de4cc.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1380x248, Scaling: [none]x[none], YUV color, decoders should clamp
Size
20 kB (20522 bytes)
Hash
95767496ab1dce71f394c97620666756
127389c7327fec508549222dd477edbd524e33dd
fca493b566204dfff5ef8b8cd6c74c40659c812ac6665696dd5c66c664a31c7e

HTTP Headers

GET /genfiles/cms/1/desktop/banner/bf26d696b76130d9781b16f89f1de4cc.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:42 GMT
content-type: image/webp
content-length: 20522
last-modified: Thu, 08 Jun 2023 18:05:27 GMT
etag: "95767496ab1dce71f394c97620666756"
x-time-ng: 0.006
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-60fcf412e6b73823119bc78651106bf5-916c2bdf67851ded-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-02-27T14:22:50+00:00, 2024-05-07T07:17:17+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1/desktop/banner/37725dd3160e2621f084de11d4417228.webp

185.244.209.62

18 kB

URL
v3.traincdn.com/genfiles/cms/1/desktop/banner/37725dd3160e2621f084de11d4417228.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1380x248, Scaling: [none]x[none], YUV color, decoders should clamp
Size
18 kB (17490 bytes)
Hash
b7e3857cdc8cbde71f63af81a61f5cfb
deeb62ea6e9b702bb9e3f395483c3c00445adcf8
786e67817e82780aaeb0d2bca1e57e06fff5ae9fa89b2747b1af57913886e25f

HTTP Headers

GET /genfiles/cms/1/desktop/banner/37725dd3160e2621f084de11d4417228.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:42 GMT
content-type: image/webp
content-length: 17490
last-modified: Wed, 21 Jun 2023 09:54:55 GMT
etag: "b7e3857cdc8cbde71f63af81a61f5cfb"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-1f063496a77992c638272589aa371b43-c71f0afce517a538-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-02-27T15:26:35+00:00, 2024-05-07T07:17:17+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1/desktop/banner/8c83a62ae8afe0aa371618f02b8e4a01.webp

185.244.209.62

28 kB

URL
v3.traincdn.com/genfiles/cms/1/desktop/banner/8c83a62ae8afe0aa371618f02b8e4a01.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1380x248, Scaling: [none]x[none], YUV color, decoders should clamp
Size
28 kB (27922 bytes)
Hash
77673f5b9062ff0a3565cba49941a954
f1c6d769ad6f256677c8558f06c4ee98d8e403d3
e78791dcbada0412db798159d9e781f2a50c12f04be4d0a4ecf96a617ec8b33b

HTTP Headers

GET /genfiles/cms/1/desktop/banner/8c83a62ae8afe0aa371618f02b8e4a01.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:42 GMT
content-type: image/webp
content-length: 27922
last-modified: Thu, 05 Oct 2023 10:29:56 GMT
etag: "77673f5b9062ff0a3565cba49941a954"
x-time-ng: 0.002
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-2a0eb961f8d8f54c3a52d6f02f57c07c-b86bc338d32add8d-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-02-27T14:22:50+00:00, 2024-05-07T07:09:35+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/resized/size14/sfiles/logo_teams/2e936269094c0ba90ea9404123f94cb9.webp

185.244.209.62

786 B

URL
v3.traincdn.com/resized/size14/sfiles/logo_teams/2e936269094c0ba90ea9404123f94cb9.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
RIFF (little-endian) data, Web/P image
Size
786 B (786 bytes)
Hash
88ad825ad1b2ca3f4057f32503545ca5
677f73e6638a1a15e2c9c7c69e53fa11c2aae4fe
c9bc7805ff86c69b6e04087ec75769f3b7e88adf27c8129d7f466af61af87709

HTTP Headers

GET /resized/size14/sfiles/logo_teams/2e936269094c0ba90ea9404123f94cb9.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:43 GMT
content-type: image/webp
content-length: 786
cache-control: max-age=94608000
content-disposition: inline; filename="2e936269094c0ba90ea9404123f94cb9.webp"
content-security-policy: script-src 'none'
expires: Fri, 07 May 2027 06:13:37 GMT
x-request-id: 6dafcffa3fb2c59fce7783e5a9bc185b
x-time-ng: 0.026
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-79ea6485d7cf6f127e6034b496796238-a996a464cfd0a376-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T06:13:37+00:00, 2024-05-07T07:34:36+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

widget.suphelper.top/_next/static/chunks/0c294a17-329dda05de2a378d.js

104.18.39.72

2.5 kB

URL
widget.suphelper.top/_next/static/chunks/0c294a17-329dda05de2a378d.js
IP
104.18.39.72:0
ASN
#13335 CLOUDFLARENET

File type
gzip compressed data, from Unix
Size
2.5 kB (2465 bytes)
Hash
3cc8515bda69aac6c0987f3ad9a8e31c
90ce80ecfae2b9f11366c5843c4a3839fa99396a
2383851f2c0e3296d1dd230209c0330adcd54fb49929998f3345ed75c700920d

HTTP Headers

GET /_next/static/chunks/0c294a17-329dda05de2a378d.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 07 May 2024 07:56:40 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Wed, 17 Jan 2024 06:19:55 GMT
etag: W/"2925-18d161388b8"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 570526
expires: Wed, 07 May 2025 07:56:40 GMT
server: cloudflare
cf-ray: 87ffa79eb96e568a-OSL
X-Firefox-Spdy: h2

widget.suphelper.top/_next/static/chunks/pages/_app-9c47c295eecaa68a.js

104.18.39.72

291 kB

URL
widget.suphelper.top/_next/static/chunks/pages/_app-9c47c295eecaa68a.js
IP
104.18.39.72:0
ASN
#13335 CLOUDFLARENET

File type
gzip compressed data, from Unix
Size
291 kB (291175 bytes)
Hash
084ffbe405e11df9a92aad2740f878a6
49e1a904d88254515b7066fd66510e9661103ca1
ba6022b39136c45c9ff253f08f73ec33f5bd4be8d360ec1702c405958a876707

HTTP Headers

GET /_next/static/chunks/pages/_app-9c47c295eecaa68a.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 07 May 2024 07:56:40 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Thu, 02 May 2024 07:01:48 GMT
etag: W/"f8027-18f381bf92a"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 434950
expires: Wed, 07 May 2025 07:56:40 GMT
server: cloudflare
cf-ray: 87ffa79e9926568a-OSL
X-Firefox-Spdy: h2

1xlite-461430.top/service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true

178.253.29.51

120 kB

URL
1xlite-461430.top/service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true
IP
178.253.29.51:0
ASN
#202492 Silverhill Group Holding Ltd

File type
JSON text data
Size
120 kB (120019 bytes)
Hash
9c1741ba399ad4e499e3c6014ed85563
167fad4c0e78b731a38c9ad399be49d55b4b8520
b85baa0062a068f2fe2b2e99ba07be372026fa887011d632a711cf5bf734318f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder; platform_type=desktop; auid=sv0dM2Y53rKJcwD9AxxYAg==; SESSION=a2f5c34fdc98d4dc79ec14adc732be85; window_width=1280; _glhf=1715086374; che_g=277ff3df-2e51-ec4f-06d0-569e93b07f06; application_locale=en
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:39 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=5
last-modified: Tue, 07 May 2024 07:56:39 GMT
x-time-ng: 0.018
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.026
X-Firefox-Spdy: h2

widget.suphelper.top/_next/static/chunks/663-81a4add2f1c95639.js

104.18.39.72

108 kB

URL
widget.suphelper.top/_next/static/chunks/663-81a4add2f1c95639.js
IP
104.18.39.72:0
ASN
#13335 CLOUDFLARENET

File type
gzip compressed data, from Unix
Size
108 kB (108407 bytes)
Hash
c3e8709269df9d959a46677cc4087073
7304af115fa0b103aaf48aeea6bf2f8b7627f55d
3651f2afa60655e13c76a85d6ec47ee34c373dfed48e4b6b50d2053873af37f6

HTTP Headers

GET /_next/static/chunks/663-81a4add2f1c95639.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 07 May 2024 07:56:40 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Thu, 28 Mar 2024 06:56:31 GMT
etag: W/"5b0da-18e83d890e3"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 570526
expires: Wed, 07 May 2025 07:56:40 GMT
server: cloudflare
cf-ray: 87ffa79ed9b8568a-OSL
X-Firefox-Spdy: h2

v3.traincdn.com/resized/size16/sfiles/logo_teams/e2d0be2a4ce9cfbc3e90b497c1abd0ef.webp

185.244.209.62

608 B

URL
v3.traincdn.com/resized/size16/sfiles/logo_teams/e2d0be2a4ce9cfbc3e90b497c1abd0ef.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
RIFF (little-endian) data, Web/P image
Size
608 B (608 bytes)
Hash
2a8b3bf80806a677749f66e254c672e4
c21e9fced54ddf3fbf06131e097ae9119543592d
5f4c8042226c75dd6579f453022349e1e685955a84ac7dc30d39948f4ba8baf0

HTTP Headers

GET /resized/size16/sfiles/logo_teams/e2d0be2a4ce9cfbc3e90b497c1abd0ef.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:44 GMT
content-type: image/webp
content-length: 608
cache-control: max-age=94608000
content-disposition: inline; filename="e2d0be2a4ce9cfbc3e90b497c1abd0ef.webp"
content-security-policy: script-src 'none'
expires: Tue, 20 Apr 2027 15:11:55 GMT
x-request-id: 1dd81a9a7a19ce305cda81b166d08f09
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-5e0da01f2f8cab7c20eae54ba2aa3ab1-51cb99d1cfee131a-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-20T15:11:55+00:00, 2024-04-21T18:24:14+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/shared-assets/__shared_localforage_PLMWICWN.js

185.244.209.62

12 kB

URL
v3.traincdn.com/sys-static/shared-assets/__shared_localforage_PLMWICWN.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
gzip compressed data, max speed, from Unix
Size
12 kB (11658 bytes)
Hash
c6f74910fa3625870fb157d6f70e0afb
a6666effb412d1d587aa89a0ac09c3f1dbaa59d9
4b95f4755d913f37087044f87ee6da7abbad18c86534ee270d4eb334360b38b3

HTTP Headers

GET /sys-static/shared-assets/__shared_localforage_PLMWICWN.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:43 GMT
content-type: text/javascript; charset=utf-8
last-modified: Mon, 06 May 2024 14:40:26 GMT
etag: W/"dfa127e93d125d4f6c566203eaf225f2"
x-amz-meta-mtime: 1715006282.054749806
content-encoding: gzip
expires: Tue, 07 May 2024 15:18:11 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-216f26bfa31912774bd7ec65949567c5-509e9640dacba944-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T15:18:11+00:00, 2024-05-06T16:00:49+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/resized/size16/sfiles/logo_teams/5c99116269cdf61a42b7479bc77baefb.webp

185.244.209.62

200 OK

584 B

URL GET HTTP/2
v3.traincdn.com/resized/size16/sfiles/logo_teams/5c99116269cdf61a42b7479bc77baefb.webp
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
584 B (584 bytes)
Hash
577f47679f53067aea288fffc4354ab7
490443414e2b94d417e147abf0bb48349d150edb
5bc25b1ab00d734cd425ee41c2234f02cd1739f9934ac91dfbc93e7d45235b53

HTTP Headers

GET /resized/size16/sfiles/logo_teams/5c99116269cdf61a42b7479bc77baefb.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:44 GMT
content-type: image/webp
content-length: 584
cache-control: max-age=94608000
content-disposition: inline; filename="5c99116269cdf61a42b7479bc77baefb.webp"
content-security-policy: script-src 'none'
expires: Wed, 28 Apr 2027 10:47:14 GMT
x-request-id: e904583afa47e5c253d7f2bc7b729803
x-time-ng: 0.073
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-407509a7fdb6b2a045f2932222b7e665-c0d2b16c1a65ac0b-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-28T10:47:14+00:00, 2024-04-30T14:56:45+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/resized/size16/sfiles/logo_teams/df7e8ffba7584c7d6e8d30032ca12527.webp

185.244.209.62

594 B

URL
v3.traincdn.com/resized/size16/sfiles/logo_teams/df7e8ffba7584c7d6e8d30032ca12527.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
RIFF (little-endian) data, Web/P image
Size
594 B (594 bytes)
Hash
718fbb9eb4e0b2b85f62e307c1508bd2
89094b776577c714656de1d78723316a674ba429
8495eb1cd1bb56645b4a7ea0e6a7a3648a0a64d0cc5daf0681954a5bcd7e7172

HTTP Headers

GET /resized/size16/sfiles/logo_teams/df7e8ffba7584c7d6e8d30032ca12527.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:44 GMT
content-type: image/webp
content-length: 594
cache-control: max-age=94608000
content-disposition: inline; filename="df7e8ffba7584c7d6e8d30032ca12527.webp"
content-security-policy: script-src 'none'
expires: Tue, 04 May 2027 17:25:55 GMT
x-request-id: 349accac3d13aace199ef8fbe4af3595
x-time-ng: 0.076
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-d5b904e05da5ef3c27c1254709c71eaa-c6b7e63d28079a07-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-04T17:25:55+00:00, 2024-05-05T21:06:40+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

widget.suphelper.top/_next/static/f385e6db/_buildManifest.js

104.18.39.72

867 B

URL
widget.suphelper.top/_next/static/f385e6db/_buildManifest.js
IP
104.18.39.72:0
ASN
#13335 CLOUDFLARENET

File type
gzip compressed data, from Unix
Size
867 B (867 bytes)
Hash
a522e2a9aec80cc4ae0a9af550b75148
d6217c166619999008ee0805941b0d3640e506b8
d4e15bfa54305704337cb9f5809d273c6d1320a23cae015cb5ea7633a5042df2

HTTP Headers

GET /_next/static/f385e6db/_buildManifest.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 07 May 2024 07:56:40 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Thu, 02 May 2024 07:01:48 GMT
etag: W/"207-18f381bf92a"
vary: Accept-Encoding
cf-cache-status: HIT
age: 434944
expires: Wed, 07 May 2025 07:56:40 GMT
server: cloudflare
cf-ray: 87ffa79ed9c9568a-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

v3.traincdn.com/resized/size16/sfiles/logo_teams/c1e8a0176d15c3422de80009ed771b55.webp

185.244.209.62

660 B

URL
v3.traincdn.com/resized/size16/sfiles/logo_teams/c1e8a0176d15c3422de80009ed771b55.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
RIFF (little-endian) data, Web/P image
Size
660 B (660 bytes)
Hash
06572c5aebaaab4af3f01ba3079e09eb
944708c7ee817900eecc6569e7dea5613a2a7309
072e6b50e863f40e4d3f854419204911f3b735c0e4147277722ab7a6d3b5e0d1

HTTP Headers

GET /resized/size16/sfiles/logo_teams/c1e8a0176d15c3422de80009ed771b55.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:44 GMT
content-type: image/webp
content-length: 660
cache-control: max-age=94608000
content-disposition: inline; filename="c1e8a0176d15c3422de80009ed771b55.webp"
content-security-policy: script-src 'none'
expires: Sun, 02 May 2027 14:20:45 GMT
x-request-id: 42f5a78dfe5e299c04c3730715df6b60
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-b97b7faba92ba5059ed35795071a6362-dd2a490ff5d0e525-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-02T14:20:45+00:00, 2024-05-05T21:06:40+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/resized/size16/sfiles/logo_teams/7d8648bcb1883abeec83f1292e52819a.webp

185.244.209.62

784 B

URL
v3.traincdn.com/resized/size16/sfiles/logo_teams/7d8648bcb1883abeec83f1292e52819a.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
RIFF (little-endian) data, Web/P image
Size
784 B (784 bytes)
Hash
a30f5eeaa542f15042b79418b5cea3af
f5a7359f28149b66804de9d31306a5f3368963e9
6ce13a766ae93a94e3d125f839fe38db43dcb2029d01c9c5f3682ded2faf6526

HTTP Headers

GET /resized/size16/sfiles/logo_teams/7d8648bcb1883abeec83f1292e52819a.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:44 GMT
content-type: image/webp
content-length: 784
cache-control: max-age=94608000
content-disposition: inline; filename="7d8648bcb1883abeec83f1292e52819a.webp"
content-security-policy: script-src 'none'
expires: Wed, 28 Apr 2027 08:51:59 GMT
x-request-id: 5816e3c5d0480c68c9d9d6ca89192599
x-time-ng: 0.072
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-85668f5976fe485effd9b3ead55373cb-a4d4c351b5cf665b-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-28T08:51:59+00:00, 2024-05-07T06:19:05+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/resized/size16/sfiles/logo_teams/d1414bc726b387a615941a672f2b2f74.webp

185.244.209.62

784 B

URL
v3.traincdn.com/resized/size16/sfiles/logo_teams/d1414bc726b387a615941a672f2b2f74.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
RIFF (little-endian) data, Web/P image
Size
784 B (784 bytes)
Hash
a30f5eeaa542f15042b79418b5cea3af
f5a7359f28149b66804de9d31306a5f3368963e9
6ce13a766ae93a94e3d125f839fe38db43dcb2029d01c9c5f3682ded2faf6526

HTTP Headers

GET /resized/size16/sfiles/logo_teams/d1414bc726b387a615941a672f2b2f74.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:44 GMT
content-type: image/webp
content-length: 784
cache-control: max-age=94608000
content-disposition: inline; filename="d1414bc726b387a615941a672f2b2f74.webp"
content-security-policy: script-src 'none'
expires: Wed, 05 May 2027 18:52:35 GMT
x-request-id: a7535d516bb92d0abd7ad278fb4e6f5a
x-time-ng: 0.041
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-d082effce62327a563e6c45ec3c4ea90-b70712600efe61c2-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-05T18:52:35+00:00, 2024-05-07T07:01:28+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/resized/size16/sfiles/logo_teams/7c6f6a8d652b220d6d094d2bca1832e7.webp

185.244.209.62

200 OK

658 B

URL GET HTTP/2
v3.traincdn.com/resized/size16/sfiles/logo_teams/7c6f6a8d652b220d6d094d2bca1832e7.webp
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
658 B (658 bytes)
Hash
bed3a00d19fe9c0894ab144da2503744
51c31a5b02bd61660252a01be1341424c12ae984
303076fd79de72d7eec8d66224831f535b6b10473b651d18d5f2de0e9f812a5f

HTTP Headers

GET /resized/size16/sfiles/logo_teams/7c6f6a8d652b220d6d094d2bca1832e7.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:44 GMT
content-type: image/webp
content-length: 658
cache-control: max-age=94608000
content-disposition: inline; filename="7c6f6a8d652b220d6d094d2bca1832e7.webp"
content-security-policy: script-src 'none'
expires: Fri, 07 May 2027 06:53:30 GMT
x-request-id: 15397713e79c1ae4ac9c2c141f19f338
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-17706af4351d6dcedf9799ef74968677-f974f7afde858348-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T06:53:30+00:00, 2024-05-07T06:53:34+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/resized/size16/sfiles/logo_teams/7d80b427b1ad1c6fcf0d392ce6297b36.webp

185.244.209.62

702 B

URL
v3.traincdn.com/resized/size16/sfiles/logo_teams/7d80b427b1ad1c6fcf0d392ce6297b36.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
RIFF (little-endian) data, Web/P image
Size
702 B (702 bytes)
Hash
3707396fdf24d41aa23ab10db5e877fe
7f918907e8109f2e69adf8009d019408d71664cc
fc996e01a56c88b6d799cbb7f23f9993b26b96669fe0beebc0e6dba92f5bdd6c

HTTP Headers

GET /resized/size16/sfiles/logo_teams/7d80b427b1ad1c6fcf0d392ce6297b36.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:44 GMT
content-type: image/webp
content-length: 702
cache-control: max-age=94608000
content-disposition: inline; filename="7d80b427b1ad1c6fcf0d392ce6297b36.webp"
content-security-policy: script-src 'none'
expires: Fri, 07 May 2027 06:53:30 GMT
x-request-id: 1476678b8e3911c54d2060785e67c4a6
x-time-ng: 0.025
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-2ee46a6b330064ee8698b23408727910-7a473ba32eb521c2-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T06:53:30+00:00, 2024-05-07T07:01:28+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/resized/size16/sfiles/logo_teams/fe5680e857894808a5e58dfec2b93bc3.webp

185.244.209.62

754 B

URL
v3.traincdn.com/resized/size16/sfiles/logo_teams/fe5680e857894808a5e58dfec2b93bc3.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
RIFF (little-endian) data, Web/P image
Size
754 B (754 bytes)
Hash
387d6080b2bfe2fa34589a25b2ff7b7f
9cc0f04bc33befeea1bd120f75837fe89d80939c
2491ea631065dfbf9c0f640346a0844f3f0edb96279ba1fa23e9b052c5553025

HTTP Headers

GET /resized/size16/sfiles/logo_teams/fe5680e857894808a5e58dfec2b93bc3.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:44 GMT
content-type: image/webp
content-length: 754
cache-control: max-age=94608000
content-disposition: inline; filename="fe5680e857894808a5e58dfec2b93bc3.webp"
content-security-policy: script-src 'none'
expires: Fri, 07 May 2027 06:08:13 GMT
x-request-id: 96aad0edb659926b7a26c1e27f494933
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-a6907f1273c848c3e2de2808ba17ef81-bc11ddae1bc7c3cc-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T06:08:13+00:00, 2024-05-07T06:08:16+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/resized/size16/sfiles/logo_teams/329c6f41ba7160ae66b88945a6ec0ae7.webp

185.244.209.62

200 OK

726 B

URL GET HTTP/2
v3.traincdn.com/resized/size16/sfiles/logo_teams/329c6f41ba7160ae66b88945a6ec0ae7.webp
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
726 B (726 bytes)
Hash
90daeb58fc2fe2a68c98eeca07e6735f
0b308ca372b50dce6ed80398185844bb43021bf7
fb94eb8582464d06ffb9035234b6dbcf2b81d5b2f7ae5b2a8a7e110360b58343

HTTP Headers

GET /resized/size16/sfiles/logo_teams/329c6f41ba7160ae66b88945a6ec0ae7.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:44 GMT
content-type: image/webp
content-length: 726
cache-control: max-age=94608000
content-disposition: inline; filename="329c6f41ba7160ae66b88945a6ec0ae7.webp"
content-security-policy: script-src 'none'
expires: Fri, 07 May 2027 06:08:13 GMT
x-request-id: d79523689f9aee75c5550698ce52fbf5
x-time-ng: 0.050
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-bf5f9975a9cbea0f3092fa5fec117c1b-14be5cf3da3b035e-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T06:08:13+00:00, 2024-05-07T06:08:16+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/resized/size16/sfiles/logo_teams/2e936269094c0ba90ea9404123f94cb9.webp

185.244.209.62

838 B

URL
v3.traincdn.com/resized/size16/sfiles/logo_teams/2e936269094c0ba90ea9404123f94cb9.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
RIFF (little-endian) data, Web/P image
Size
838 B (838 bytes)
Hash
5569a70d1845300f20539b2891c664be
77418222f5dd6d35d90b61cc437263f6beeb2be7
75418394dd63ea1bc0aa048ab5734c6853e2582b0b9aa2c15c5b9b247f1cf84a

HTTP Headers

GET /resized/size16/sfiles/logo_teams/2e936269094c0ba90ea9404123f94cb9.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:44 GMT
content-type: image/webp
content-length: 838
cache-control: max-age=94608000
content-disposition: inline; filename="2e936269094c0ba90ea9404123f94cb9.webp"
content-security-policy: script-src 'none'
expires: Fri, 07 May 2027 06:13:35 GMT
x-request-id: cc2913b557cf35e9c217cbaa00a31a73
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-196d044ea4ff0dcc9558235c6c15a565-4e94cac5266565c8-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T06:13:35+00:00, 2024-05-07T06:13:38+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/resized/size16/sfiles/logo_teams/899888592bee454f8870b4d4d306f999.webp

185.244.209.62

200 OK

806 B

URL GET HTTP/2
v3.traincdn.com/resized/size16/sfiles/logo_teams/899888592bee454f8870b4d4d306f999.webp
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
806 B (806 bytes)
Hash
cb238aa5890755e6780bd9b840a80ecf
219dc403310ced921d788673dd2c1853cb4e668e
c0861bead4af58fa4ee662e14abfb6caca7d83e11e5e7a55df4a5fa2becd7979

HTTP Headers

GET /resized/size16/sfiles/logo_teams/899888592bee454f8870b4d4d306f999.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:44 GMT
content-type: image/webp
content-length: 806
cache-control: max-age=94608000
content-disposition: inline; filename="899888592bee454f8870b4d4d306f999.webp"
content-security-policy: script-src 'none'
expires: Fri, 07 May 2027 06:13:35 GMT
x-request-id: e822c4e1e25bb06784f0066413a27e9b
x-time-ng: 0.050
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-ebb30e3a061baebaf6b61030667c72ce-992b69c131bdf042-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T06:13:35+00:00, 2024-05-07T06:13:37+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/resized/size16/sfiles/logo_teams/1268.webp

185.244.209.62

568 B

URL
v3.traincdn.com/resized/size16/sfiles/logo_teams/1268.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
RIFF (little-endian) data, Web/P image
Size
568 B (568 bytes)
Hash
0bf9a85dfb54a5ee9d0ca9f69058d0c1
6ced9e9659effb94f48da5ee077cdcc02d34c0ae
98174b227aeec9b6171ba4fd5eebf83aecb3c93874c7d2c14e72f72924ae1d40

HTTP Headers

GET /resized/size16/sfiles/logo_teams/1268.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:44 GMT
content-type: image/webp
content-length: 568
cache-control: max-age=94608000
content-disposition: inline; filename="1268.webp"
content-security-policy: script-src 'none'
expires: Wed, 05 May 2027 16:48:28 GMT
x-request-id: 151eb054c467efd429637e9325c24bdb
x-time-ng: 0.055
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-5e7d3c0a394eaf2118698b5d0ac51ee2-e85e110015174737-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-05T16:48:28+00:00, 2024-05-06T09:42:03+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/resized/size16/sfiles/logo_teams/9c061aa5583430b3ea2b25d5a9af7a16.webp

185.244.209.62

638 B

URL
v3.traincdn.com/resized/size16/sfiles/logo_teams/9c061aa5583430b3ea2b25d5a9af7a16.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
RIFF (little-endian) data, Web/P image
Size
638 B (638 bytes)
Hash
446c5bc07a7bc37fe6c2c80a1c61a7bb
8fc14a2304382bf3e6a9f1aaebfe4ac826187be5
468ed6027619ea5d4b1817917d30c9de8671180ac070f21a3001331e58b54a63

HTTP Headers

GET /resized/size16/sfiles/logo_teams/9c061aa5583430b3ea2b25d5a9af7a16.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:44 GMT
content-type: image/webp
content-length: 638
cache-control: max-age=94608000
content-disposition: inline; filename="9c061aa5583430b3ea2b25d5a9af7a16.webp"
content-security-policy: script-src 'none'
expires: Wed, 05 May 2027 16:48:28 GMT
x-request-id: 3437b02581ba763c81bf80797011366d
x-time-ng: 0.028
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-f2552b401b41dcc42dd7d30be0faacc5-6ab7a86c2205c589-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-05T16:48:28+00:00, 2024-05-06T09:42:04+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/resized/size16/sfiles/logo_teams/28ef6e79333e238487f5c45f458c4dea.webp

185.244.209.62

638 B

URL
v3.traincdn.com/resized/size16/sfiles/logo_teams/28ef6e79333e238487f5c45f458c4dea.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
RIFF (little-endian) data, Web/P image
Size
638 B (638 bytes)
Hash
e71aeea88308e5ec903ddbd73956ab25
da59c64d542f051b71b7f4bb628f89c15ef0c9ef
b6f4ec66a671972f216948ae6cbb4ae020c05ccb44d10d36cad81b29fe30ce50

HTTP Headers

GET /resized/size16/sfiles/logo_teams/28ef6e79333e238487f5c45f458c4dea.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:44 GMT
content-type: image/webp
content-length: 638
cache-control: max-age=94608000
content-disposition: inline; filename="28ef6e79333e238487f5c45f458c4dea.webp"
content-security-policy: script-src 'none'
expires: Tue, 04 May 2027 22:19:38 GMT
x-request-id: c7fa6d80c800af750a6f8e5eb8e0032d
x-time-ng: 0.074
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-91348c554a68b13d0a87a3ca50773c6a-7c3e6238605659ff-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-04T22:19:38+00:00, 2024-05-06T12:04:16+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/resized/size16/sfiles/logo_teams/2a83f6aa304e42353f670a9e7503ab7e.webp

185.244.209.62

200 OK

666 B

URL GET HTTP/2
v3.traincdn.com/resized/size16/sfiles/logo_teams/2a83f6aa304e42353f670a9e7503ab7e.webp
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
666 B (666 bytes)
Hash
f0ddd87f319b6ce520d74a2498ee269f
12ba7b26f80a2fc8a7b28667609fa62bb6ab7bb1
5daf7ab93307ad3eed7d91adae2a9a7f58c1033a5ed37ec1744794fd7fb6f6e2

HTTP Headers

GET /resized/size16/sfiles/logo_teams/2a83f6aa304e42353f670a9e7503ab7e.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:44 GMT
content-type: image/webp
content-length: 666
cache-control: max-age=94608000
content-disposition: inline; filename="2a83f6aa304e42353f670a9e7503ab7e.webp"
content-security-policy: script-src 'none'
expires: Tue, 04 May 2027 21:51:57 GMT
x-request-id: 18d9b463a4e8144082d70176b284b25a
x-time-ng: 0.047
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-61100b9e981583a931cb704418661235-d90126778679d37a-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-04T21:51:57+00:00, 2024-05-06T07:55:16+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/resized/size16/sfiles/logo_teams/a5a66ba3da5dd791ef02bc95e1b011bd.webp

185.244.209.62

568 B

URL
v3.traincdn.com/resized/size16/sfiles/logo_teams/a5a66ba3da5dd791ef02bc95e1b011bd.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
RIFF (little-endian) data, Web/P image
Size
568 B (568 bytes)
Hash
76d6e4ed959b08f7e95273254adaf5ed
d7b796d60e8184703946b436f115f2bd8f988aa9
5e6b25f17bd56cc8a9c872d0331249d1a9ee3de12b6648e5b43f112ce6b567c7

HTTP Headers

GET /resized/size16/sfiles/logo_teams/a5a66ba3da5dd791ef02bc95e1b011bd.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:44 GMT
content-type: image/webp
content-length: 568
cache-control: max-age=94608000
content-disposition: inline; filename="a5a66ba3da5dd791ef02bc95e1b011bd.webp"
content-security-policy: script-src 'none'
expires: Wed, 05 May 2027 02:11:26 GMT
x-request-id: 97826346afcdc4a034df460d1556b29a
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-458b5c68a28215f53eaf0617dbbc6575-308b81df952b3112-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-05T02:11:26+00:00, 2024-05-06T09:30:12+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/resized/size16/sfiles/logo_teams/d2b928260edd80e03a82b2a1d024da02.webp

185.244.209.62

576 B

URL
v3.traincdn.com/resized/size16/sfiles/logo_teams/d2b928260edd80e03a82b2a1d024da02.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
RIFF (little-endian) data, Web/P image
Size
576 B (576 bytes)
Hash
604f1a208d377b01d47034c62cd087f6
38b0ecd98197a14124a4a8cc5505d5adebcb9e36
c65b618c626bd6667fb15624f6467a9f296edf793fb15a10826fa37fbc613315

HTTP Headers

GET /resized/size16/sfiles/logo_teams/d2b928260edd80e03a82b2a1d024da02.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:44 GMT
content-type: image/webp
content-length: 576
cache-control: max-age=94608000
content-disposition: inline; filename="d2b928260edd80e03a82b2a1d024da02.webp"
content-security-policy: script-src 'none'
expires: Thu, 06 May 2027 19:44:15 GMT
x-request-id: 03a261f0129ae6385adb156ed27373aa
x-time-ng: 0.058
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-f91035b6762c0e34877caab6887e79d5-1827911fd2e8737a-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T19:44:15+00:00, 2024-05-07T07:39:34+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/shared-assets/__shared_vue_deps_OVKZGHR6.js

185.244.209.62

200 OK

49 kB

URL GET HTTP/2
v3.traincdn.com/sys-static/shared-assets/__shared_vue_deps_OVKZGHR6.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
49 kB (48936 bytes)
Hash
b6dff49b0c76e74e21c1080bcb70bfe5
7b90c0f24a48d00d6cb4533f300245e9bf0b94f4
702887066b2cd5d5b4b91283bfe46957ab1a06ba4c55758dc866e5fd738f6287

HTTP Headers

GET /sys-static/shared-assets/__shared_vue_deps_OVKZGHR6.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:43 GMT
content-type: text/javascript; charset=utf-8
last-modified: Mon, 06 May 2024 10:22:32 GMT
etag: W/"39ee2eb3f7c493e991990cc0353dba17"
x-amz-meta-mtime: 1714990874.149504817
content-encoding: gzip
expires: Tue, 07 May 2024 12:42:06 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-81d85e06b0a80ee649c1ab84e6fa8ec8-c59f54998aa049e8-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T12:42:06+00:00, 2024-05-06T12:50:28+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/css/e5eb737e.css

185.244.209.62

1.1 kB

URL
v3.traincdn.com/_nuxt/desktop/default/css/e5eb737e.css
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
ASCII text, with very long lines (5171), with no line terminators
Size
1.1 kB (1050 bytes)
Hash
5d231bea9b7df6bc1e9e74e3c0a231e1
2ef607f0c766fff1b4b1e90a2d98e7094c81721e
c43fd428fe6e9d25ddf385a1cf03891194126ebf9e83d086af655272e815445b

HTTP Headers

GET /_nuxt/desktop/default/css/e5eb737e.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:44 GMT
content-type: text/css
content-length: 1050
last-modified: Thu, 02 May 2024 12:52:18 GMT
etag: "66338c82-41a"
content-encoding: gzip
expires: Sat, 04 May 2024 08:09:06 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-c7ff2d6b305314c151f145ae1a0d6b2e-9212c718142c645f-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-03T08:09:06+00:00, 2024-05-06T12:41:57+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

widget.suphelper.top/_next/static/chunks/webpack-fb94d2f19425a3e3.js

104.18.39.72

200 OK

11 kB

URL GET HTTP/2
widget.suphelper.top/_next/static/chunks/webpack-fb94d2f19425a3e3.js
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://widget.suphelper.top/
Certificate
IssuerGoogle Trust Services LLC
Subjectsuphelper.top
Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36
ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT

File type
JavaScript source, ASCII text, with very long lines (43717), with no line terminators
Size
11 kB (10639 bytes)
Hash
0b0e0769a5159d64612ddcebd90567df
efffcb1e88895556620e7ae83cbd5a2f58cea361
e072a8d2c2504e87be8a33f9f9cdcfaa6bdb200fce14eacd064a8c836647a807

HTTP Headers

GET /_next/static/chunks/webpack-fb94d2f19425a3e3.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 07 May 2024 07:56:40 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://file-hosting-api-stage.kube.prod.cons.lan https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Thu, 09 Nov 2023 06:03:45 GMT
etag: W/"ed0-18bb2adf0eb"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 566245
expires: Wed, 07 May 2025 07:56:40 GMT
server: cloudflare
cf-ray: 87ffa79e88ec568a-OSL
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/60c7aeb54494.js

185.244.209.62

715 B

URL
v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/60c7aeb54494.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
Java source, ASCII text, with very long lines (714)
Size
715 B (715 bytes)
Hash
0a4d6d7efa89ba140b62c6aee5e8fc6f
9e5b132d8df77dc2fe824cf30a362084400f23c5
60e4e95557382dcdc956e8e80595030789aedfcf6c9f2ff90e92c5f4a2631e0d

HTTP Headers

GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/60c7aeb54494.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:45 GMT
content-type: text/javascript; charset=utf-8
content-length: 715
last-modified: Wed, 01 May 2024 08:21:41 GMT
etag: "0a4d6d7efa89ba140b62c6aee5e8fc6f"
x-amz-meta-mtime: 1714551564.671873539
expires: Thu, 02 May 2024 15:21:02 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-a66d6f250c8e1c120aca0499bc23b477-02a7e0850793bf33-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-01T15:21:02+00:00, 2024-05-06T19:19:56+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

1xlite-461430.top/bff-api/config/all.json?lang=en

178.253.29.51

40 kB

URL
1xlite-461430.top/bff-api/config/all.json?lang=en
IP
178.253.29.51:0
ASN
#202492 Silverhill Group Holding Ltd

File type
JSON text data
Size
40 kB (39820 bytes)
Hash
e5721063d4948de2186ff16f646c0ec6
c0edcfd0a6768897f0a1e403528efd1894058f16
1b27041470537ab2c5f631fb60627f0ddfe01a829c7ef88309a5db3c72643ae0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /bff-api/config/all.json?lang=en HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
x-geoip2-country-code: ru
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder; platform_type=desktop; auid=sv0dM2Y53rKJcwD9AxxYAg==; SESSION=a2f5c34fdc98d4dc79ec14adc732be85; window_width=1280; _glhf=1715086374; che_g=277ff3df-2e51-ec4f-06d0-569e93b07f06; application_locale=en; sh.session.id=2f059054-1edc-45d1-9f6c-be2b21cfc178; ggru=181
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:45 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: br
server-timing: bff;dur=188.41, dt_total;dur=191.030, wf-uht;dur=0.208
traceparent: 00-105c25c785f93077f539273c53a15864-7b60a23ca8160cac-01
vary: Accept-Encoding
x-dt: 285
x-time-ng: 0.191
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/e8b8c79f9b52.js

185.244.209.62

504 B

URL
v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/e8b8c79f9b52.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
Java source, ASCII text, with very long lines (503)
Size
504 B (504 bytes)
Hash
5387051085dcc459e7077d5d8000b85d
d22afab6c65228f0056f66e4f150783f6014e36b
34377c13fd72112cac96fba3642f084661361aea701a70ba3702c82c9bb42790

HTTP Headers

GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/e8b8c79f9b52.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:45 GMT
content-type: text/javascript; charset=utf-8
content-length: 504
last-modified: Wed, 01 May 2024 08:21:42 GMT
etag: "5387051085dcc459e7077d5d8000b85d"
x-amz-meta-mtime: 1714551564.675873475
expires: Thu, 02 May 2024 15:20:53 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-4f9a3bf8c39999c7bcc1ba56f05abbd5-ddd464380b5650fc-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-01T15:20:53+00:00, 2024-05-06T19:19:56+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/cb22691ee4d9.js

185.244.209.62

731 B

URL
v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/cb22691ee4d9.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
Java source, ASCII text, with very long lines (730)
Size
731 B (731 bytes)
Hash
bd6d9e7b07e097eb950f4b8bd6ada2b4
d332a4f5771e4f6d2cd47cd94ff85c5eb5847418
ea2bfc78a76204b704ee4ff215cfd6be3c7edb98b6c6e77501c5dbb88f261ea5

HTTP Headers

GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/cb22691ee4d9.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:45 GMT
content-type: text/javascript; charset=utf-8
content-length: 731
last-modified: Wed, 01 May 2024 08:21:42 GMT
etag: "bd6d9e7b07e097eb950f4b8bd6ada2b4"
x-amz-meta-mtime: 1714551564.675873475
expires: Thu, 02 May 2024 15:20:53 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-c266fcdedbfc6cd40bbbe02c7c9928e2-60354fb92d4370fb-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-01T15:20:53+00:00, 2024-05-06T16:17:06+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/sys-icons/1.0.328/285/country.svg

185.244.209.62

62 kB

URL
v3.traincdn.com/sys-icons/1.0.328/285/country.svg
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
gzip compressed data, max speed, from Unix
Size
62 kB (61855 bytes)
Hash
4f4c4f102b41c84a6227671e3ac4026c
5463a1687cd4532a30d30da12b4f8507f2f7996a
6841314a828bb729e978b087de21ebd6e68df5dcac2920f6d4ee882d23439c2f

HTTP Headers

GET /sys-icons/1.0.328/285/country.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:44 GMT
content-type: image/svg+xml
last-modified: Mon, 15 Apr 2024 07:13:32 GMT
etag: W/"60caf0d666af828706b3d83c428a31e4"
x-amz-meta-mtime: 1713165210.217888091
content-encoding: gzip
expires: Tue, 23 Apr 2024 10:38:03 GMT
cache-control: max-age=86400
x-time-ng: 0.003
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-19c2d447a1f0b310ce9f56e30083b5e0-3276029b982dfa81-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-22T10:38:03+00:00, 2024-05-06T12:41:57+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

1xlite-461430.top/web-api/session

178.253.29.51

0 B

URL
1xlite-461430.top/web-api/session
IP
178.253.29.51:0
ASN
#202492 Silverhill Group Holding Ltd

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /web-api/session HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder; platform_type=desktop; auid=sv0dM2Y53rKJcwD9AxxYAg==; SESSION=a2f5c34fdc98d4dc79ec14adc732be85; window_width=1280; _glhf=1715086374; che_g=277ff3df-2e51-ec4f-06d0-569e93b07f06; application_locale=en; sh.session.id=2f059054-1edc-45d1-9f6c-be2b21cfc178; ggru=181
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Tue, 07 May 2024 07:56:45 GMT
cache-control: no-cache, private
server-timing: p;dur=15, dt_total;dur=32.433, wf-uht;dur=0.040
traceparent: 00-b2c085ad7bac9268d60bbec4f5de4a10-2ea415c5e7478f49-01
x-dt: 285
x-time-ng: 0.023
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/03e03ebafcdc.js

185.244.209.62

372 B

URL
v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/03e03ebafcdc.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
Java source, ASCII text, with very long lines (371)
Size
372 B (372 bytes)
Hash
441a6448f5a4242779baf6fc1399b13e
b646aa02b2ed08c1590c6f4536341cb2e51a4f1c
0eede7ea7bad647cc90b8044489561c58d2d5865e88ecc59a572589c6ccea6b7

HTTP Headers

GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/03e03ebafcdc.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:45 GMT
content-type: text/javascript; charset=utf-8
content-length: 372
last-modified: Wed, 01 May 2024 08:21:41 GMT
etag: "441a6448f5a4242779baf6fc1399b13e"
x-amz-meta-mtime: 1714551564.667873602
expires: Thu, 02 May 2024 15:20:56 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-7bc729d6da2d30d5576f5e2ea2c5d45f-48bd34b944b29643-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-01T15:20:56+00:00, 2024-05-06T16:17:06+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/3083a20a3f73c30fce38710d7ada9cbb.svg

185.244.209.62

28 kB

URL
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/3083a20a3f73c30fce38710d7ada9cbb.svg
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
gzip compressed data, max speed, from Unix
Size
28 kB (28483 bytes)
Hash
7b12603d83a508e07e0c99f048eef539
948c91d6903a39d18729bf2ac14599a7bd09d22b
f94e72e68848990035c58c3c794f199576a1e23a5c70d056e9c6cf0d98c6b275

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/3083a20a3f73c30fce38710d7ada9cbb.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:40 GMT
content-type: image/svg+xml
last-modified: Wed, 19 Apr 2023 11:51:30 GMT
etag: W/"3ae81b002dca46d3b732ce3e03ae35c6"
content-encoding: gzip
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
x-cached-since: 2023-12-18T08:36:11+00:00
traceparent: 00-08e85b27e4b24c321819f46b23359e0c-701be2b889aac3b1-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/7bd3bc288fd4.js

185.244.209.62

450 B

URL
v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/7bd3bc288fd4.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
ASCII text, with very long lines (449)
Size
450 B (450 bytes)
Hash
056ce527a12544a37f984ac598be2344
6946b65cf1c68960e5f9ac0900a0df66a13e7e85
cd7cdf53c803ca43a37171180d14c2374e45ab347d309f9b83a107b9ad9b4ed1

HTTP Headers

GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/7bd3bc288fd4.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:45 GMT
content-type: text/javascript; charset=utf-8
content-length: 450
last-modified: Wed, 01 May 2024 08:21:41 GMT
etag: "056ce527a12544a37f984ac598be2344"
x-amz-meta-mtime: 1714551564.671873539
expires: Fri, 03 May 2024 08:43:57 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-c72cc20fe46c3a6c5074f64ff60816b2-835771ae39e9a860-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-02T08:43:57+00:00, 2024-05-06T17:55:56+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/betstemplates/bets_model_short_en_0.json

185.244.209.62

200 OK

26 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/betstemplates/bets_model_short_en_0.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
26 kB (25519 bytes)
Hash
52a262579c150a0c4a815c8367eff7a6
698ce7d92bc6f0920118ac597428cdffb235057d
64c323dd88854d7d638fd0be8dcefdef3041a3955f46f9295eb164709b9871d0

HTTP Headers

GET /genfiles/cms/betstemplates/bets_model_short_en_0.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:43 GMT
content-type: application/json
last-modified: Thu, 02 May 2024 09:18:51 GMT
etag: W/"d3e39abc76f19e176765d21ac9e70c5c"
content-encoding: gzip
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-5141d2b8b358a4fb8193bd8f96e24c7b-ea3433909856c141-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-02T10:49:13+00:00, 2024-05-07T07:00:43+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

1xlite-461430.top/web-api/default/img/icons/pixels2.svg?v=1715068604

178.253.29.51

2.8 kB

URL
1xlite-461430.top/web-api/default/img/icons/pixels2.svg?v=1715068604
IP
178.253.29.51:0
ASN
#202492 Silverhill Group Holding Ltd

File type
PNG image data, 1 x 1, 8-bit/color RGB, non-interlaced
Size
2.8 kB (2802 bytes)
Hash
77157c81ac148c8ebdeec3122b334561
a6c93f427a283553ca5a395f2724b2799ce163d4
f0589b2d6643f26e038a82a1a67d0881a717144f6ca921b3dffa1222f0c48e9c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /web-api/default/img/icons/pixels2.svg?v=1715068604 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/en?tag=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder; platform_type=desktop; auid=sv0dM2Y53rKJcwD9AxxYAg==; SESSION=a2f5c34fdc98d4dc79ec14adc732be85; window_width=1280; _glhf=1715086374; che_g=277ff3df-2e51-ec4f-06d0-569e93b07f06; application_locale=en; sh.session.id=2f059054-1edc-45d1-9f6c-be2b21cfc178; ggru=181
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:44 GMT
content-type: image/png
cache-control: no-cache, private
server-timing: p;dur=13, dt_total;dur=14.512, wf-uht;dur=0.026
traceparent: 00-6029ce36ae9a68329e8277b2ea25bb96-7852185678283f9b-01
x-dt: 285
x-time-ng: 0.014
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/vendors/conversion-f0624fc4.js

185.244.209.62

66 kB

URL
v3.traincdn.com/_nuxt/desktop/default/vendors/conversion-f0624fc4.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
66 kB (66479 bytes)
Hash
191ff223860f458112e0be2a63bd9857
850dd681d5b31321f00b8df955a455aa9478e44e
40e1fe6d194776c5fa845dda1dbebda9c2bc3154d8c45793ae74a2e1bf147016

HTTP Headers

GET /_nuxt/desktop/default/vendors/conversion-f0624fc4.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:46 GMT
content-type: application/javascript; charset=utf-8
content-length: 66479
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-103af"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:50 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-743b461b63817ea6e3282a339d15210e-590bdce002a3d9fe-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:50+00:00, 2024-05-06T14:47:34+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

widget.suphelper.top/_next/static/chunks/main-fa1d3b21fd97b583.js

104.18.39.72

36 kB

URL
widget.suphelper.top/_next/static/chunks/main-fa1d3b21fd97b583.js
IP
104.18.39.72:0
ASN
#13335 CLOUDFLARENET

File type
gzip compressed data, from Unix
Size
36 kB (35657 bytes)
Hash
76abb67bededdccee1f8676ce3554eec
37b5d330bc622e6d02057478d5edc61cff007ebb
cc57147f3b96da5d2f4523969e52d8fe00e56c581b85e80359e21fe67c270858

HTTP Headers

GET /_next/static/chunks/main-fa1d3b21fd97b583.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 07 May 2024 07:56:40 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://file-hosting-api-stage.kube.prod.cons.lan https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Thu, 09 Nov 2023 06:03:45 GMT
etag: W/"1a544-18bb2adf0eb"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 560685
expires: Wed, 07 May 2025 07:56:40 GMT
server: cloudflare
cf-ray: 87ffa79e8917568a-OSL
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2

185.244.209.62

64 kB

URL
v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
Web Open Font Format (Version 2), TrueType, length 63748, version 1.0
Size
64 kB (63748 bytes)
Hash
6887b6f24414dbc612dbf42ccdc76b70
8068d3abfbc6cbf35b55919da45b1f4d2d136238
fc5c015fc32518f1ed810fa84ca28941eb9d5a3c81acc8df69a4dbbeedef7b0c

HTTP Headers

GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:48 GMT
content-type: font/woff2
content-length: 63748
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "6887b6f24414dbc612dbf42ccdc76b70"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-35b09dad7f838c71e40580f9ef9170c9-c59c7a8f27ae1de8-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T07:13:59+00:00, 2024-05-07T07:03:17+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/3a9e96a04d11.js

185.244.209.62

66 kB

URL
v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/3a9e96a04d11.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
gzip compressed data, max speed, from Unix
Size
66 kB (66442 bytes)
Hash
8a5fef7bf668efadc66117ad1ed0c6b4
0be0bf867e879eb1efd1062e59e154cb5b431062
014d6e837fff9cb3e7ed2c06a1688d1899a89f929541cc08627b6978a69ad47e

HTTP Headers

GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/3a9e96a04d11.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:45 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 01 May 2024 08:21:41 GMT
etag: W/"da4fcf0e06e63dbfcf3058f435e0a172"
x-amz-meta-mtime: 1714551564.671873539
content-encoding: gzip
expires: Thu, 02 May 2024 15:20:56 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-6f253a8cf48c7aa28db0e927ac80c21c-7d38d10bda8c72f8-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-01T15:20:56+00:00, 2024-05-06T16:17:06+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/entry-414928da.js

185.244.209.62

200 OK

755 kB

URL GET HTTP/2
v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/entry-414928da.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
755 kB (755259 bytes)
Hash
0ed05def1a7b76fc7d320917670764b3
658f7b1e458545fd69e3e3bad2bd037b865a0b17
2abfdd747d0359043198f95c148dadea9963dd6c4d35a54d3f60e9928e58cdce

HTTP Headers

GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/entry-414928da.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:41 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 01 May 2024 08:21:42 GMT
etag: W/"2ff74ba461966e9ef07ec952168d3783"
x-amz-meta-mtime: 1714551564.679873411
content-encoding: gzip
expires: Thu, 02 May 2024 15:20:40 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-929d9a2c583908685108f51fd6dbb396-567b82c78bc7c178-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-01T15:20:40+00:00, 2024-05-06T16:17:03+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2

185.244.209.62

64 kB

URL
v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
Web Open Font Format (Version 2), TrueType, length 63748, version 1.0
Size
64 kB (63748 bytes)
Hash
6887b6f24414dbc612dbf42ccdc76b70
8068d3abfbc6cbf35b55919da45b1f4d2d136238
fc5c015fc32518f1ed810fa84ca28941eb9d5a3c81acc8df69a4dbbeedef7b0c

HTTP Headers

GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:49 GMT
content-type: font/woff2
content-length: 63748
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "6887b6f24414dbc612dbf42ccdc76b70"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-d214e4edd6891bf44e0e9a082faebaed-3858e4fe4750529a-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T07:13:59+00:00, 2024-05-07T07:03:17+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

widget.suphelper.top/_next/static/chunks/81.9c6562bba5669b47.js

104.18.39.72

75 kB

URL
widget.suphelper.top/_next/static/chunks/81.9c6562bba5669b47.js
IP
104.18.39.72:0
ASN
#13335 CLOUDFLARENET

File type
gzip compressed data, from Unix
Size
75 kB (75020 bytes)
Hash
88893fa28081c5f87aa079b696fdb560
3c312786be4bbaa961079bbd733efc779041a98b
e41f8dafe9b628bf81cf1c06352b86b27c6ce74f5b6db58bab1b2dcdf5cd0eec

HTTP Headers

GET /_next/static/chunks/81.9c6562bba5669b47.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 07 May 2024 07:56:41 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Mon, 22 Jan 2024 07:49:06 GMT
etag: W/"8f42-18d3024f9c4"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 574589
expires: Wed, 07 May 2025 07:56:41 GMT
server: cloudflare
cf-ray: 87ffa7a82c4d568a-OSL
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2

185.244.209.62

64 kB

URL
v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
Web Open Font Format (Version 2), TrueType, length 63920, version 1.0
Size
64 kB (63920 bytes)
Hash
a65527fcb58f66a7cfbc0e6b160538b4
45d260e7fa343401b5bb0df982a014f53e2d253b
fb13c3a1cbac60649b76f7d7f85c1645d35ac69b85ce5f4eb0692505ecc2cd45

HTTP Headers

GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:49 GMT
content-type: font/woff2
content-length: 63920
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "a65527fcb58f66a7cfbc0e6b160538b4"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-2c323aace48e276271ebff24314be5eb-564484ad49bf0630-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T07:54:39+00:00, 2024-05-07T07:30:48+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/shared-assets/__shared_accept_language_parser_QKZ6ULEV.js

185.244.209.62

10 kB

URL
v3.traincdn.com/sys-static/shared-assets/__shared_accept_language_parser_QKZ6ULEV.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
gzip compressed data, max speed, from Unix
Size
10 kB (10393 bytes)
Hash
615f57694305edd3867bb87911d1ce2a
b7f4e929b53e5d92b53d370952fac568d1151ea2
400fa409a36ec43275a06dbaef5f1f427247af95ad03f00ec00d9e151be4f940

HTTP Headers

GET /sys-static/shared-assets/__shared_accept_language_parser_QKZ6ULEV.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:43 GMT
content-type: text/javascript; charset=utf-8
last-modified: Mon, 06 May 2024 14:40:26 GMT
etag: W/"518e0ae196483ada8b528a1f2b7df0a1"
x-amz-meta-mtime: 1715006282.054749806
content-encoding: gzip
expires: Tue, 07 May 2024 15:18:11 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-ea239db5b52d4d8eab9ccb38a27268ab-403ccd2137d9558a-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T15:18:11+00:00, 2024-05-06T15:53:14+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/shared-assets/__shared_chunk_M4D4AAJL.js

185.244.209.62

46 kB

URL
v3.traincdn.com/sys-static/shared-assets/__shared_chunk_M4D4AAJL.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
gzip compressed data, max speed, from Unix
Size
46 kB (46000 bytes)
Hash
deb9795d3d881caece397ba8cb2fabe6
63570efbd67e9774339817b4fa57d92d5145c900
cc50131082e7fffd1f85d4d16c4659fd63f0764e179aa77c02dd635d6a79715d

HTTP Headers

GET /sys-static/shared-assets/__shared_chunk_M4D4AAJL.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:44 GMT
content-type: text/javascript; charset=utf-8
last-modified: Mon, 06 May 2024 10:22:32 GMT
etag: W/"51ddc52774f4e5bd6a6f1c22e9d19674"
x-amz-meta-mtime: 1714990874.153504753
content-encoding: gzip
expires: Tue, 07 May 2024 12:42:06 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-8fe0549ec18663284c77db5c048d8e29-2470dedb42559d7f-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T12:42:06+00:00, 2024-05-06T12:50:29+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

1xlite-461430.top/service-api/LiveFeed/WebGetTopChampsZip?lng=en&gr=285&country=137

178.253.29.51

65 B

URL
1xlite-461430.top/service-api/LiveFeed/WebGetTopChampsZip?lng=en&gr=285&country=137
IP
178.253.29.51:0
ASN
#202492 Silverhill Group Holding Ltd

File type
JSON text data
Size
65 B (65 bytes)
Hash
a62a3d291c25728a06f15b4ee47d5e43
7613e665c8dd639f4f8b821f8337cc4629e3d942
1e2d5a52c362e3ab706e11a3ee2454024423019bd4976d4874df7681c7468b3c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /service-api/LiveFeed/WebGetTopChampsZip?lng=en&gr=285&country=137 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder; platform_type=desktop; auid=sv0dM2Y53rKJcwD9AxxYAg==; SESSION=a2f5c34fdc98d4dc79ec14adc732be85; window_width=1280; _glhf=1715086374; che_g=277ff3df-2e51-ec4f-06d0-569e93b07f06; application_locale=en; sh.session.id=2f059054-1edc-45d1-9f6c-be2b21cfc178; ggru=181
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:50 GMT
content-type: application/json; charset=utf-8
content-length: 65
cache-control: no-cache
content-encoding: br
last-modified: Tue, 07 May 2024 07:56:50 GMT
vary: Accept-Encoding
x-time-ng: 0.006
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.029
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/analytics-a8ae3276.js

185.244.209.62

2.4 kB

URL
v3.traincdn.com/_nuxt/desktop/default/analytics-a8ae3276.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
JavaScript source, ASCII text, with very long lines (6444), with no line terminators
Size
2.4 kB (2434 bytes)
Hash
60f915b0daad3af04303726381897e81
133c20a7f58c18758483c23f595d5a4f22ba9371
320b5a7d25c926dc55eb7a53f4348bf7c34bd7f5bc6ad3bcd1d16029239dc3a1

HTTP Headers

GET /_nuxt/desktop/default/analytics-a8ae3276.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:50 GMT
content-type: application/javascript; charset=utf-8
content-length: 2434
last-modified: Thu, 02 May 2024 12:52:18 GMT
etag: "66338c82-982"
content-encoding: gzip
expires: Sat, 04 May 2024 08:41:45 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-d9310a44c34d9ef79fa0f54d7f4fa13c-8e8e7c0c96fb4440-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-03T08:41:45+00:00, 2024-05-06T09:22:16+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-7JGWL9SV66

142.250.74.40

106 kB

URL
www.googletagmanager.com/gtag/js?id=G-7JGWL9SV66
IP
142.250.74.40:0
ASN
#15169 GOOGLE

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (10899)
Size
106 kB (105848 bytes)
Hash
31daf8be57e0235a4b0a4fd27fa1d8e0
ca728ad16304fa5ff21e6cca47244885e441953d
d28a3267d7fd77a199362702e83352578652bd14431283f513ec1b94f0d2a242

HTTP Headers

GET /gtag/js?id=G-7JGWL9SV66 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 07 May 2024 07:56:50 GMT
expires: Tue, 07 May 2024 07:56:50 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 105848
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-KFGPRJ2V

142.250.74.40

64 kB

URL
www.googletagmanager.com/gtm.js?id=GTM-KFGPRJ2V
IP
142.250.74.40:0
ASN
#15169 GOOGLE

File type
JavaScript source, ASCII text, with very long lines (1822)
Size
64 kB (64399 bytes)
Hash
273eca3ce6428d022541aedaef733c21
54a7f799a9a1ecd20eb5b75bfaaeed71cae6c116
a73b1a4d89640d842dc8390be397b03bcae2da8f5c966d096a6000e20f4b2713

HTTP Headers

GET /gtm.js?id=GTM-KFGPRJ2V HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 07 May 2024 07:56:50 GMT
expires: Tue, 07 May 2024 07:56:50 GMT
cache-control: private, max-age=900
last-modified: Tue, 07 May 2024 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 64399
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

radar.cedexis.com/1/23802/radar.js

45.54.49.5

154 B

URL
radar.cedexis.com/1/23802/radar.js
IP
45.54.49.5:0
ASN
#63911 NetActuate, Inc

File type
HTML document, ASCII text, with CRLF line terminators
Size
154 B (154 bytes)
Hash
cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319

HTTP Headers

GET /1/23802/radar.js HTTP/1.1
Host: radar.cedexis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 07 May 2024 07:56:50 GMT
Content-Type: text/html
Content-Length: 154
Connection: keep-alive
Location: /1707728419/stub.js
Expires: Tue, 07 May 2024 08:06:50 GMT
Cache-Control: max-age=600
Vary: User-Agent,DNT

1xlite-461430.top/hd-api/external/api/web/v1/j/8b426540616j0i4e9dedae027043e798807fa77296ef7a829667

178.253.29.51

512 B

URL
1xlite-461430.top/hd-api/external/api/web/v1/j/8b426540616j0i4e9dedae027043e798807fa77296ef7a829667
IP
178.253.29.51:0
ASN
#202492 Silverhill Group Holding Ltd

File type
JSON text data
Size
512 B (512 bytes)
Hash
0706619f8e5b772c9352b136bd473c5c
53617002409d889d4d311b65ca2e0fe132c9d2c9
b6ffdb2a9c63b527a4646ee42339a19bebe91973628918ea10b19ddd57c92dd7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /hd-api/external/api/web/v1/j/8b426540616j0i4e9dedae027043e798807fa77296ef7a829667 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder
X-Requested-With: XMLHttpRequest
Content-Type: application/json
Content-Length: 105936
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder; platform_type=desktop; auid=sv0dM2Y53rKJcwD9AxxYAg==; SESSION=a2f5c34fdc98d4dc79ec14adc732be85; window_width=1280; _glhf=1715086374; che_g=277ff3df-2e51-ec4f-06d0-569e93b07f06; application_locale=en; sh.session.id=2f059054-1edc-45d1-9f6c-be2b21cfc178; ggru=181
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:51 GMT
content-type: application/json
content-length: 512
content-encoding: gzip
traceparent: 00-beede5f9133e903e4d8b9d941d2ddba0-db11579734874814-01
vary: Accept-Encoding
x-dt: 285
x-request-guid: 8d0a4064a939b4bf59c4ab75508e345d
x-time-ng: 0.086
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=138.364, wf-uht;dur=0.163
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7JGWL9SV66&cid=780917435.1715068611&gtm=45je4510v897130004za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=559428949

142.250.74.163

200 OK

42 B

URL GET HTTP/2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7JGWL9SV66&cid=780917435.1715068611&gtm=45je4510v897130004za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=559428949
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.no
Fingerprint7D:68:6D:B1:32:34:52:51:20:C9:53:FF:B9:B7:8F:7E:05:F9:F5:97
ValidityTue, 16 Apr 2024 04:31:00 GMT - Tue, 09 Jul 2024 04:30:59 GMT

File type
GIF image data, version 89a, 1 x 1
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7JGWL9SV66&cid=780917435.1715068611&gtm=45je4510v897130004za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=559428949 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 07 May 2024 07:56:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

radar.cedexis.com/1707728419/stub.js

45.54.49.5

271 B

URL
radar.cedexis.com/1707728419/stub.js
IP
45.54.49.5:0
ASN
#63911 NetActuate, Inc

File type
JavaScript source, ASCII text
Size
271 B (271 bytes)
Hash
82dec77fd0353c7c71ce053b8601387e
fbbca95419e1d0c042e0a5fdf10f380aca66188c
39f2b7b0fa78d37d0c84d2d6618bd635d86fd683d9bcdd5729850cb2a62522f7

HTTP Headers

GET /1707728419/stub.js HTTP/1.1
Host: radar.cedexis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 May 2024 07:56:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 12 Feb 2024 09:51:01 GMT
Vary: Accept-Encoding
ETag: W/"65c9ea05-186"
Expires: Tue, 21 May 2024 07:56:51 GMT
Cache-Control: max-age=1209600, public
Content-Encoding: gzip

region1.analytics.google.com/g/collect?v=2&tid=G-7JGWL9SV66&gtm=45je4510v897130004za200&_p=1715068610491&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=780917435.1715068611&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1715068611&sct=1&seg=0&dl=https%3A%2F%2F1xlite-461430.top%2Fen%3Ftag%3Dd_73595m_32273c_%255B%255DMS%255B%255Dnull%255B%255Dnull%255B%255DSmartCPM%255B%255D6895621_d28985_l35449_clickunder&dt=1xBet%20%E1%90%89%20Online%20sports%20betting%20%E1%90%89%201xBet%20online%20bookmaker%20log%20in%20%E1%90%89%201xlite-461430.top&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.optimize_id=GTM-5R4MT54&tfd=18482

216.239.32.36

0 B

URL
region1.analytics.google.com/g/collect?v=2&tid=G-7JGWL9SV66&gtm=45je4510v897130004za200&_p=1715068610491&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=780917435.1715068611&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1715068611&sct=1&seg=0&dl=https%3A%2F%2F1xlite-461430.top%2Fen%3Ftag%3Dd_73595m_32273c_%255B%255DMS%255B%255Dnull%255B%255Dnull%255B%255DSmartCPM%255B%255D6895621_d28985_l35449_clickunder&dt=1xBet%20%E1%90%89%20Online%20sports%20betting%20%E1%90%89%201xBet%20online%20bookmaker%20log%20in%20%E1%90%89%201xlite-461430.top&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.optimize_id=GTM-5R4MT54&tfd=18482
IP
216.239.32.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-7JGWL9SV66&gtm=45je4510v897130004za200&_p=1715068610491&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=780917435.1715068611&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1715068611&sct=1&seg=0&dl=https%3A%2F%2F1xlite-461430.top%2Fen%3Ftag%3Dd_73595m_32273c_%255B%255DMS%255B%255Dnull%255B%255Dnull%255B%255DSmartCPM%255B%255D6895621_d28985_l35449_clickunder&dt=1xBet%20%E1%90%89%20Online%20sports%20betting%20%E1%90%89%201xBet%20online%20bookmaker%20log%20in%20%E1%90%89%201xlite-461430.top&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.optimize_id=GTM-5R4MT54&tfd=18482 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://1xlite-461430.top
date: Tue, 07 May 2024 07:56:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

1xlite-461430.top/service-api/LineFeed/GetSportsShortZip?lng=en&country=137&virtualSports=true&gr=285&groupChamps=true

178.253.29.51

200 OK

2.1 kB

URL GET HTTP/2
1xlite-461430.top/service-api/LineFeed/GetSportsShortZip?lng=en&country=137&virtualSports=true&gr=285&groupChamps=true
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
2.1 kB (2062 bytes)
Hash
62c93797739be3159535fc0af898c367
a73556d1a0935e1ee811d52fed5108cabe44601d
5c9166fd3bde80e2c8fed1f87740273b29178c4deeca9c7fb4f7665f451fc6d1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /service-api/LineFeed/GetSportsShortZip?lng=en&country=137&virtualSports=true&gr=285&groupChamps=true HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiNmY2bHlxUEpRazIxUVpEOWxrT2RrekpDbU1KZmhJa0J2aDM3RTJ1Z1kvRStsYTViQlhBcHJNVWpaNW5mWlBCbVB3Y1JHQ1B1UGRHTFBXT0lxTDJJTHVKWTFiczU3bzVON0xJTlBCMWJzd056NVowUzJnQmVFdEl0NmJSQ0F4VlhReVBBYmEzS1J3MG5wbjRsZHJFTnVUK2MyQlMyem1tSFhYcU9mbGZYN3d5Y0lOSTVHY0l3N29JdFBkaU51Qzl1TTNuNXdoYkY0RTR0RXNDdU9wYmxIUGhEVytBVTVRclJkQ0RJT2pFRk1UaDNyR3pDRUxuMnZiMmVoS05CM1BnRXR4aTk0Z2FETUk2aHlObTEyUnplTTc0KzhKQ2VxWUtIbXVISDBzTms2VWljIiwiZXhwIjoxNzE1MDgzMDExLCJpYXQiOjE3MTUwNjg2MTF9.EgpxNMi4oE-gGkW7_d5TkojYtCD9_1nkVZV3iYISvTmTRHU9cba5B-typB_Ys_QhgjtQHHDERhERe81bVeB9NA
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder; platform_type=desktop; auid=sv0dM2Y53rKJcwD9AxxYAg==; SESSION=a2f5c34fdc98d4dc79ec14adc732be85; window_width=1280; _glhf=1715086374; che_g=277ff3df-2e51-ec4f-06d0-569e93b07f06; application_locale=en; sh.session.id=2f059054-1edc-45d1-9f6c-be2b21cfc178; ggru=181; _ga_7JGWL9SV66=GS1.1.1715068611.1.0.1715068611.60.0.0; _ga=GA1.1.780917435.1715068611
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:51 GMT
content-type: application/json; charset=utf-8
content-length: 2062
cache-control: public, max-age=5
content-encoding: br
last-modified: Tue, 07 May 2024 07:56:51 GMT
vary: Accept-Encoding
x-time-ng: 0.077
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.084
X-Firefox-Spdy: h2

1xlite-461430.top/service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true

178.253.29.51

2.7 kB

URL
1xlite-461430.top/service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true
IP
178.253.29.51:0
ASN
#202492 Silverhill Group Holding Ltd

File type
JSON text data
Size
2.7 kB (2712 bytes)
Hash
f40cd49ead918c19f5ab8d3fec7b3a5f
f2578fcb0a9c6dc6103a610e7d86ca7d10ce6dff
ca5f9c67b3f9f145eb1e7be19244c46cefde7833971d7b7d7d74afd042d248cf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiNmY2bHlxUEpRazIxUVpEOWxrT2RrekpDbU1KZmhJa0J2aDM3RTJ1Z1kvRStsYTViQlhBcHJNVWpaNW5mWlBCbVB3Y1JHQ1B1UGRHTFBXT0lxTDJJTHVKWTFiczU3bzVON0xJTlBCMWJzd056NVowUzJnQmVFdEl0NmJSQ0F4VlhReVBBYmEzS1J3MG5wbjRsZHJFTnVUK2MyQlMyem1tSFhYcU9mbGZYN3d5Y0lOSTVHY0l3N29JdFBkaU51Qzl1TTNuNXdoYkY0RTR0RXNDdU9wYmxIUGhEVytBVTVRclJkQ0RJT2pFRk1UaDNyR3pDRUxuMnZiMmVoS05CM1BnRXR4aTk0Z2FETUk2aHlObTEyUnplTTc0KzhKQ2VxWUtIbXVISDBzTms2VWljIiwiZXhwIjoxNzE1MDgzMDExLCJpYXQiOjE3MTUwNjg2MTF9.EgpxNMi4oE-gGkW7_d5TkojYtCD9_1nkVZV3iYISvTmTRHU9cba5B-typB_Ys_QhgjtQHHDERhERe81bVeB9NA
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder; platform_type=desktop; auid=sv0dM2Y53rKJcwD9AxxYAg==; SESSION=a2f5c34fdc98d4dc79ec14adc732be85; window_width=1280; _glhf=1715086374; che_g=277ff3df-2e51-ec4f-06d0-569e93b07f06; application_locale=en; sh.session.id=2f059054-1edc-45d1-9f6c-be2b21cfc178; ggru=181; _ga_7JGWL9SV66=GS1.1.1715068611.1.0.1715068611.60.0.0; _ga=GA1.1.780917435.1715068611
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:51 GMT
content-type: application/json; charset=utf-8
content-length: 2712
cache-control: public, max-age=5
content-encoding: br
last-modified: Tue, 07 May 2024 07:56:46 GMT
vary: Accept-Encoding
x-time-ng: 0.011
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
X-Firefox-Spdy: h2

1xlite-461430.top/service-api/LiveFeed/GetTopGamesStatZip?lng=en&antisports=66

178.253.29.51

200 OK

2.2 kB

URL GET HTTP/2
1xlite-461430.top/service-api/LiveFeed/GetTopGamesStatZip?lng=en&antisports=66
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
2.2 kB (2224 bytes)
Hash
27ea8f2f5b50df11b1a00f9f4a7c0de7
db5479c3b6e0e8f2edf796011fcafb05ec7a2be6
d7ea1974e677773a5ed1b0fcfcb27e172a9f9e9db8c312b280bd2e9989ccc7af

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /service-api/LiveFeed/GetTopGamesStatZip?lng=en&antisports=66 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiNmY2bHlxUEpRazIxUVpEOWxrT2RrekpDbU1KZmhJa0J2aDM3RTJ1Z1kvRStsYTViQlhBcHJNVWpaNW5mWlBCbVB3Y1JHQ1B1UGRHTFBXT0lxTDJJTHVKWTFiczU3bzVON0xJTlBCMWJzd056NVowUzJnQmVFdEl0NmJSQ0F4VlhReVBBYmEzS1J3MG5wbjRsZHJFTnVUK2MyQlMyem1tSFhYcU9mbGZYN3d5Y0lOSTVHY0l3N29JdFBkaU51Qzl1TTNuNXdoYkY0RTR0RXNDdU9wYmxIUGhEVytBVTVRclJkQ0RJT2pFRk1UaDNyR3pDRUxuMnZiMmVoS05CM1BnRXR4aTk0Z2FETUk2aHlObTEyUnplTTc0KzhKQ2VxWUtIbXVISDBzTms2VWljIiwiZXhwIjoxNzE1MDgzMDExLCJpYXQiOjE3MTUwNjg2MTF9.EgpxNMi4oE-gGkW7_d5TkojYtCD9_1nkVZV3iYISvTmTRHU9cba5B-typB_Ys_QhgjtQHHDERhERe81bVeB9NA
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder; platform_type=desktop; auid=sv0dM2Y53rKJcwD9AxxYAg==; SESSION=a2f5c34fdc98d4dc79ec14adc732be85; window_width=1280; _glhf=1715086374; che_g=277ff3df-2e51-ec4f-06d0-569e93b07f06; application_locale=en; sh.session.id=2f059054-1edc-45d1-9f6c-be2b21cfc178; ggru=181; _ga_7JGWL9SV66=GS1.1.1715068611.1.0.1715068611.60.0.0; _ga=GA1.1.780917435.1715068611
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:53 GMT
content-type: application/json; charset=utf-8
content-length: 2224
cache-control: public, max-age=5
content-encoding: br
last-modified: Tue, 07 May 2024 07:56:53 GMT
vary: Accept-Encoding
x-time-ng: 0.003
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.011
X-Firefox-Spdy: h2

1xlite-461430.top/service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true

178.253.29.51

8.1 kB

URL
1xlite-461430.top/service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true
IP
178.253.29.51:0
ASN
#202492 Silverhill Group Holding Ltd

File type
JSON text data
Size
8.1 kB (8063 bytes)
Hash
e0ce540eb34564c2032a77139df9d75b
c9134c3f5d8680d59ff9d9b7ae66b0f9cdf23702
c4b696bbfccaaafc30d22a171367f7e11e110ac37b6f35a01ea554b5e5cdab23

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiNmY2bHlxUEpRazIxUVpEOWxrT2RrekpDbU1KZmhJa0J2aDM3RTJ1Z1kvRStsYTViQlhBcHJNVWpaNW5mWlBCbVB3Y1JHQ1B1UGRHTFBXT0lxTDJJTHVKWTFiczU3bzVON0xJTlBCMWJzd056NVowUzJnQmVFdEl0NmJSQ0F4VlhReVBBYmEzS1J3MG5wbjRsZHJFTnVUK2MyQlMyem1tSFhYcU9mbGZYN3d5Y0lOSTVHY0l3N29JdFBkaU51Qzl1TTNuNXdoYkY0RTR0RXNDdU9wYmxIUGhEVytBVTVRclJkQ0RJT2pFRk1UaDNyR3pDRUxuMnZiMmVoS05CM1BnRXR4aTk0Z2FETUk2aHlObTEyUnplTTc0KzhKQ2VxWUtIbXVISDBzTms2VWljIiwiZXhwIjoxNzE1MDgzMDExLCJpYXQiOjE3MTUwNjg2MTF9.EgpxNMi4oE-gGkW7_d5TkojYtCD9_1nkVZV3iYISvTmTRHU9cba5B-typB_Ys_QhgjtQHHDERhERe81bVeB9NA
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder; platform_type=desktop; auid=sv0dM2Y53rKJcwD9AxxYAg==; SESSION=a2f5c34fdc98d4dc79ec14adc732be85; window_width=1280; _glhf=1715086374; che_g=277ff3df-2e51-ec4f-06d0-569e93b07f06; application_locale=en; sh.session.id=2f059054-1edc-45d1-9f6c-be2b21cfc178; ggru=181; _ga_7JGWL9SV66=GS1.1.1715068611.1.0.1715068611.60.0.0; _ga=GA1.1.780917435.1715068611
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:55 GMT
content-type: application/json; charset=utf-8
content-length: 8063
cache-control: public, max-age=5
content-encoding: br
last-modified: Tue, 07 May 2024 07:56:55 GMT
vary: Accept-Encoding
x-time-ng: 0.014
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.068
X-Firefox-Spdy: h2

1xlite-461430.top/service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true

178.253.29.51

2.7 kB

URL
1xlite-461430.top/service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true
IP
178.253.29.51:0
ASN
#202492 Silverhill Group Holding Ltd

File type
JSON text data
Size
2.7 kB (2709 bytes)
Hash
34c30ae69ef4f99b67a8f0b60b6478db
5cb47b964968fa0c9fac522f3f4d4546525a98ac
c9f8704f1a404542e2b58bc92947914b4096b6a5c750574b1b5e76ca580bbe2e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiNmY2bHlxUEpRazIxUVpEOWxrT2RrekpDbU1KZmhJa0J2aDM3RTJ1Z1kvRStsYTViQlhBcHJNVWpaNW5mWlBCbVB3Y1JHQ1B1UGRHTFBXT0lxTDJJTHVKWTFiczU3bzVON0xJTlBCMWJzd056NVowUzJnQmVFdEl0NmJSQ0F4VlhReVBBYmEzS1J3MG5wbjRsZHJFTnVUK2MyQlMyem1tSFhYcU9mbGZYN3d5Y0lOSTVHY0l3N29JdFBkaU51Qzl1TTNuNXdoYkY0RTR0RXNDdU9wYmxIUGhEVytBVTVRclJkQ0RJT2pFRk1UaDNyR3pDRUxuMnZiMmVoS05CM1BnRXR4aTk0Z2FETUk2aHlObTEyUnplTTc0KzhKQ2VxWUtIbXVISDBzTms2VWljIiwiZXhwIjoxNzE1MDgzMDExLCJpYXQiOjE3MTUwNjg2MTF9.EgpxNMi4oE-gGkW7_d5TkojYtCD9_1nkVZV3iYISvTmTRHU9cba5B-typB_Ys_QhgjtQHHDERhERe81bVeB9NA
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder; platform_type=desktop; auid=sv0dM2Y53rKJcwD9AxxYAg==; SESSION=a2f5c34fdc98d4dc79ec14adc732be85; window_width=1280; _glhf=1715086374; che_g=277ff3df-2e51-ec4f-06d0-569e93b07f06; application_locale=en; sh.session.id=2f059054-1edc-45d1-9f6c-be2b21cfc178; ggru=181; _ga_7JGWL9SV66=GS1.1.1715068611.1.0.1715068611.60.0.0; _ga=GA1.1.780917435.1715068611
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:56 GMT
content-type: application/json; charset=utf-8
content-length: 2709
cache-control: public, max-age=5
content-encoding: br
last-modified: Tue, 07 May 2024 07:56:56 GMT
vary: Accept-Encoding
x-time-ng: 0.008
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.016
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1/desktop/banner/efb6a12f775a7454c682a5f3cdcfe84c.webp

185.244.209.62

23 kB

URL
v3.traincdn.com/genfiles/cms/1/desktop/banner/efb6a12f775a7454c682a5f3cdcfe84c.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1380x248, Scaling: [none]x[none], YUV color, decoders should clamp
Size
23 kB (23162 bytes)
Hash
02c73c0e2eaa0c7ad721ac2bafa0bca7
c289c333ee79cc2a3e01d6302e941a22da5e43c4
bcf43c5ae29cad6787c98d92c0e91d7af3c1f912a4abdbca1d397a839e7f61cb

HTTP Headers

GET /genfiles/cms/1/desktop/banner/efb6a12f775a7454c682a5f3cdcfe84c.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:59 GMT
content-type: image/webp
content-length: 23162
last-modified: Fri, 26 Apr 2024 05:29:21 GMT
etag: "02c73c0e2eaa0c7ad721ac2bafa0bca7"
x-time-ng: 0.045
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-42e203e8676c7dc64f16fd1d3594a12d-b5631572375e53d0-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-26T05:30:05+00:00, 2024-05-07T07:09:50+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

1xlite-461430.top/service-api/LiveFeed/WebGetTopChampsZip?lng=en&gr=285&country=137

178.253.29.51

65 B

URL
1xlite-461430.top/service-api/LiveFeed/WebGetTopChampsZip?lng=en&gr=285&country=137
IP
178.253.29.51:0
ASN
#202492 Silverhill Group Holding Ltd

File type
JSON text data
Size
65 B (65 bytes)
Hash
a62a3d291c25728a06f15b4ee47d5e43
7613e665c8dd639f4f8b821f8337cc4629e3d942
1e2d5a52c362e3ab706e11a3ee2454024423019bd4976d4874df7681c7468b3c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /service-api/LiveFeed/WebGetTopChampsZip?lng=en&gr=285&country=137 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiNmY2bHlxUEpRazIxUVpEOWxrT2RrekpDbU1KZmhJa0J2aDM3RTJ1Z1kvRStsYTViQlhBcHJNVWpaNW5mWlBCbVB3Y1JHQ1B1UGRHTFBXT0lxTDJJTHVKWTFiczU3bzVON0xJTlBCMWJzd056NVowUzJnQmVFdEl0NmJSQ0F4VlhReVBBYmEzS1J3MG5wbjRsZHJFTnVUK2MyQlMyem1tSFhYcU9mbGZYN3d5Y0lOSTVHY0l3N29JdFBkaU51Qzl1TTNuNXdoYkY0RTR0RXNDdU9wYmxIUGhEVytBVTVRclJkQ0RJT2pFRk1UaDNyR3pDRUxuMnZiMmVoS05CM1BnRXR4aTk0Z2FETUk2aHlObTEyUnplTTc0KzhKQ2VxWUtIbXVISDBzTms2VWljIiwiZXhwIjoxNzE1MDgzMDExLCJpYXQiOjE3MTUwNjg2MTF9.EgpxNMi4oE-gGkW7_d5TkojYtCD9_1nkVZV3iYISvTmTRHU9cba5B-typB_Ys_QhgjtQHHDERhERe81bVeB9NA
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder; platform_type=desktop; auid=sv0dM2Y53rKJcwD9AxxYAg==; SESSION=a2f5c34fdc98d4dc79ec14adc732be85; window_width=1280; _glhf=1715086374; che_g=277ff3df-2e51-ec4f-06d0-569e93b07f06; application_locale=en; sh.session.id=2f059054-1edc-45d1-9f6c-be2b21cfc178; ggru=181; _ga_7JGWL9SV66=GS1.1.1715068611.1.0.1715068611.60.0.0; _ga=GA1.1.780917435.1715068611
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:57:00 GMT
content-type: application/json; charset=utf-8
content-length: 65
cache-control: no-cache
content-encoding: br
last-modified: Tue, 07 May 2024 07:57:00 GMT
vary: Accept-Encoding
x-time-ng: 0.015
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.022
X-Firefox-Spdy: h2

1xlite-461430.top/service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true

178.253.29.51

8.1 kB

URL
1xlite-461430.top/service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true
IP
178.253.29.51:0
ASN
#202492 Silverhill Group Holding Ltd

File type
JSON text data
Size
8.1 kB (8063 bytes)
Hash
e0ce540eb34564c2032a77139df9d75b
c9134c3f5d8680d59ff9d9b7ae66b0f9cdf23702
c4b696bbfccaaafc30d22a171367f7e11e110ac37b6f35a01ea554b5e5cdab23

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiNmY2bHlxUEpRazIxUVpEOWxrT2RrekpDbU1KZmhJa0J2aDM3RTJ1Z1kvRStsYTViQlhBcHJNVWpaNW5mWlBCbVB3Y1JHQ1B1UGRHTFBXT0lxTDJJTHVKWTFiczU3bzVON0xJTlBCMWJzd056NVowUzJnQmVFdEl0NmJSQ0F4VlhReVBBYmEzS1J3MG5wbjRsZHJFTnVUK2MyQlMyem1tSFhYcU9mbGZYN3d5Y0lOSTVHY0l3N29JdFBkaU51Qzl1TTNuNXdoYkY0RTR0RXNDdU9wYmxIUGhEVytBVTVRclJkQ0RJT2pFRk1UaDNyR3pDRUxuMnZiMmVoS05CM1BnRXR4aTk0Z2FETUk2aHlObTEyUnplTTc0KzhKQ2VxWUtIbXVISDBzTms2VWljIiwiZXhwIjoxNzE1MDgzMDExLCJpYXQiOjE3MTUwNjg2MTF9.EgpxNMi4oE-gGkW7_d5TkojYtCD9_1nkVZV3iYISvTmTRHU9cba5B-typB_Ys_QhgjtQHHDERhERe81bVeB9NA
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder; platform_type=desktop; auid=sv0dM2Y53rKJcwD9AxxYAg==; SESSION=a2f5c34fdc98d4dc79ec14adc732be85; window_width=1280; _glhf=1715086374; che_g=277ff3df-2e51-ec4f-06d0-569e93b07f06; application_locale=en; sh.session.id=2f059054-1edc-45d1-9f6c-be2b21cfc178; ggru=181; _ga_7JGWL9SV66=GS1.1.1715068611.1.0.1715068611.60.0.0; _ga=GA1.1.780917435.1715068611
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:57:00 GMT
content-type: application/json; charset=utf-8
content-length: 8063
cache-control: public, max-age=5
content-encoding: br
last-modified: Tue, 07 May 2024 07:56:55 GMT
vary: Accept-Encoding
x-time-ng: 0.014
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
X-Firefox-Spdy: h2

services.addons.mozilla.org/api/v4/addons/search/?guid=default-theme%40mozilla.org%2Caddons-search-detection%40mozilla.com%2Cgoogle%40search.mozilla.org%2Cwikipedia%40search.mozilla.org%2Cbing%40search.mozilla.org%2Cddg%40search.mozilla.org%2Cfirefox-compact-light%40mozilla.org%2Cfirefox-compact-dark%40mozilla.org%2Cfirefox-alpenglow%40mozilla.org%2Camazon%40search.mozilla.org&lang=en-US

54.230.111.129

82 B

URL
services.addons.mozilla.org/api/v4/addons/search/?guid=default-theme%40mozilla.org%2Caddons-search-detection%40mozilla.com%2Cgoogle%40search.mozilla.org%2Cwikipedia%40search.mozilla.org%2Cbing%40search.mozilla.org%2Cddg%40search.mozilla.org%2Cfirefox-compact-light%40mozilla.org%2Cfirefox-compact-dark%40mozilla.org%2Cfirefox-alpenglow%40mozilla.org%2Camazon%40search.mozilla.org&lang=en-US
IP
54.230.111.129:0
ASN
#16509 AMAZON-02

File type
JSON text data
Size
82 B (82 bytes)
Hash
4f822d39c269d2c47e3174b6c6bad3b7
d56bd07959c766e9c18faa9cf1070548f9236b65
cda00e555c758b1c13b6cbd17049ca8471057d16c60f08f551dbc331308eecf3

HTTP Headers

GET /api/v4/addons/search/?guid=default-theme%40mozilla.org%2Caddons-search-detection%40mozilla.com%2Cgoogle%40search.mozilla.org%2Cwikipedia%40search.mozilla.org%2Cbing%40search.mozilla.org%2Cddg%40search.mozilla.org%2Cfirefox-compact-light%40mozilla.org%2Cfirefox-compact-dark%40mozilla.org%2Cfirefox-alpenglow%40mozilla.org%2Camazon%40search.mozilla.org&lang=en-US HTTP/1.1
Host: services.addons.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/json
content-length: 82
server: openresty
date: Tue, 07 May 2024 07:01:28 GMT
allow: GET, HEAD, OPTIONS
x-amo-request-id: 0a7d7e4d3f38444f8169efb4a33b8dbd
content-security-policy: default-src 'none'; child-src https://www.recaptcha.net/recaptcha/; connect-src 'self' https://*.google-analytics.com; script-src https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/js https://www.recaptcha.net/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://addons.mozilla.org/static-server/; font-src 'self' https://addons.mozilla.org/static-server/; style-src 'unsafe-inline' https://addons.mozilla.org/static-server/; object-src 'none'; media-src https://videos.cdn.mozilla.net; frame-src https://www.recaptcha.net/recaptcha/; form-action 'self'; img-src 'self' blob: data: https://addons.mozilla.org/static-server/ https://addons.mozilla.org/user-media/; report-uri /__cspreport__
x-frame-options: DENY
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: same-origin
cross-origin-opener-policy: same-origin
cache-control: max-age=3600
public-key-pins: max-age=5184000; includeSubDomains; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="
via: 1.1 google, 1.1 3bff78035f818b6a3185b0f5f4586410.cloudfront.net (CloudFront)
etag: "4f822d39c269d2c47e3174b6c6bad3b7"
vary: origin,X-Country-Code,Accept-Language
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: cpMAtkGa4H5Qc3BMbecASCpa5A73D545Ul1grWs_fiJirjtNJ6Q1wQ==
age: 3333
X-Firefox-Spdy: h2

aus5.mozilla.org/update/3/SystemAddons/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml

35.244.181.201

42 B

URL
aus5.mozilla.org/update/3/SystemAddons/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml
IP
35.244.181.201:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
XML 1.0 document, ASCII text
Size
42 B (42 bytes)
Hash
f8f24fa0c857d8f2ee493e131b85ab62
cb6049f830a54d14a19d4104fc0bb5ab5fdedbe6
e0dadbc9cd1f1bd8ce3118cc3383e0d0f6d147f055265d498d99deea956ba00f

HTTP Headers

GET /update/3/SystemAddons/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:57:01 GMT
content-type: text/xml; charset=utf-8
content-length: 42
rule-id: unknown
rule-data-version: unknown
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: EXPIRED
via: 1.1 google
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2

1xlite-461430.top/service-api/LineFeed/GetSportsShortZip?lng=en&country=137&virtualSports=true&gr=285&groupChamps=true

178.253.29.51

200 OK

2.1 kB

URL GET HTTP/2
1xlite-461430.top/service-api/LineFeed/GetSportsShortZip?lng=en&country=137&virtualSports=true&gr=285&groupChamps=true
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
2.1 kB (2063 bytes)
Hash
f8a0e522bd3678770b394afc00b6e7de
016bf293f50e05308e496fd1beced10fe571daab
ba1b7e8e946ece7437e063c57fd1aada55d970fc40d2293d3e9d698f98d37500

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /service-api/LineFeed/GetSportsShortZip?lng=en&country=137&virtualSports=true&gr=285&groupChamps=true HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiNmY2bHlxUEpRazIxUVpEOWxrT2RrekpDbU1KZmhJa0J2aDM3RTJ1Z1kvRStsYTViQlhBcHJNVWpaNW5mWlBCbVB3Y1JHQ1B1UGRHTFBXT0lxTDJJTHVKWTFiczU3bzVON0xJTlBCMWJzd056NVowUzJnQmVFdEl0NmJSQ0F4VlhReVBBYmEzS1J3MG5wbjRsZHJFTnVUK2MyQlMyem1tSFhYcU9mbGZYN3d5Y0lOSTVHY0l3N29JdFBkaU51Qzl1TTNuNXdoYkY0RTR0RXNDdU9wYmxIUGhEVytBVTVRclJkQ0RJT2pFRk1UaDNyR3pDRUxuMnZiMmVoS05CM1BnRXR4aTk0Z2FETUk2aHlObTEyUnplTTc0KzhKQ2VxWUtIbXVISDBzTms2VWljIiwiZXhwIjoxNzE1MDgzMDExLCJpYXQiOjE3MTUwNjg2MTF9.EgpxNMi4oE-gGkW7_d5TkojYtCD9_1nkVZV3iYISvTmTRHU9cba5B-typB_Ys_QhgjtQHHDERhERe81bVeB9NA
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder; platform_type=desktop; auid=sv0dM2Y53rKJcwD9AxxYAg==; SESSION=a2f5c34fdc98d4dc79ec14adc732be85; window_width=1280; _glhf=1715086374; che_g=277ff3df-2e51-ec4f-06d0-569e93b07f06; application_locale=en; sh.session.id=2f059054-1edc-45d1-9f6c-be2b21cfc178; ggru=181; _ga_7JGWL9SV66=GS1.1.1715068611.1.0.1715068611.60.0.0; _ga=GA1.1.780917435.1715068611
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:57:01 GMT
content-type: application/json; charset=utf-8
content-length: 2063
cache-control: public, max-age=5
content-encoding: br
last-modified: Tue, 07 May 2024 07:57:01 GMT
vary: Accept-Encoding
x-time-ng: 0.058
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.066
X-Firefox-Spdy: h2

1xlite-461430.top/service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true

178.253.29.51

2.7 kB

URL
1xlite-461430.top/service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true
IP
178.253.29.51:0
ASN
#202492 Silverhill Group Holding Ltd

File type
JSON text data
Size
2.7 kB (2728 bytes)
Hash
7cc6d8a99c09a9e44fc3ce06a868f454
b1feaaef47c248086ae0e071b59cbba64b00e1f7
60a1811cdffb2a2f900325db24dc0a2e90ce6287de9ab2d601ec91b3193f7ce7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiNmY2bHlxUEpRazIxUVpEOWxrT2RrekpDbU1KZmhJa0J2aDM3RTJ1Z1kvRStsYTViQlhBcHJNVWpaNW5mWlBCbVB3Y1JHQ1B1UGRHTFBXT0lxTDJJTHVKWTFiczU3bzVON0xJTlBCMWJzd056NVowUzJnQmVFdEl0NmJSQ0F4VlhReVBBYmEzS1J3MG5wbjRsZHJFTnVUK2MyQlMyem1tSFhYcU9mbGZYN3d5Y0lOSTVHY0l3N29JdFBkaU51Qzl1TTNuNXdoYkY0RTR0RXNDdU9wYmxIUGhEVytBVTVRclJkQ0RJT2pFRk1UaDNyR3pDRUxuMnZiMmVoS05CM1BnRXR4aTk0Z2FETUk2aHlObTEyUnplTTc0KzhKQ2VxWUtIbXVISDBzTms2VWljIiwiZXhwIjoxNzE1MDgzMDExLCJpYXQiOjE3MTUwNjg2MTF9.EgpxNMi4oE-gGkW7_d5TkojYtCD9_1nkVZV3iYISvTmTRHU9cba5B-typB_Ys_QhgjtQHHDERhERe81bVeB9NA
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder; platform_type=desktop; auid=sv0dM2Y53rKJcwD9AxxYAg==; SESSION=a2f5c34fdc98d4dc79ec14adc732be85; window_width=1280; _glhf=1715086374; che_g=277ff3df-2e51-ec4f-06d0-569e93b07f06; application_locale=en; sh.session.id=2f059054-1edc-45d1-9f6c-be2b21cfc178; ggru=181; _ga_7JGWL9SV66=GS1.1.1715068611.1.0.1715068611.60.0.0; _ga=GA1.1.780917435.1715068611
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:57:02 GMT
content-type: application/json; charset=utf-8
content-length: 2728
cache-control: public, max-age=5
content-encoding: br
last-modified: Tue, 07 May 2024 07:57:02 GMT
vary: Accept-Encoding
x-time-ng: 0.010
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.018
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/2c4bdd620ac9.js

185.244.209.62

200 OK

5.3 kB

URL GET HTTP/2
v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/2c4bdd620ac9.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
5.3 kB (5254 bytes)
Hash
b58bdcd611365c0a4588a46e37d01f58
c6a98435ab7da49311886aa287192ee871f32f6f
e1f406a1618b81efd5a0d27542d10b7348dfd467ff0d8c94a8e99fda3679d559

HTTP Headers

GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/2c4bdd620ac9.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:45 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 01 May 2024 08:21:41 GMT
etag: W/"db345f9ab9f4b60494ed02dd78f38d79"
x-amz-meta-mtime: 1714551564.667873602
content-encoding: gzip
expires: Thu, 02 May 2024 15:20:56 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-139455be3aebdf0a64a07949bb581cac-6d3cb2fcd102e695-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-01T15:20:56+00:00, 2024-05-06T16:17:06+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1/desktop/banner/0cd280af89b0819825587a2cf75e33d0.webp

185.244.209.62

21 kB

URL
v3.traincdn.com/genfiles/cms/1/desktop/banner/0cd280af89b0819825587a2cf75e33d0.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1380x248, Scaling: [none]x[none], YUV color, decoders should clamp
Size
21 kB (21412 bytes)
Hash
1e9191583a9bca6627e85945c6c5d3f1
f2d4d5e76e448d1dd986c9616a660ae6c7806dde
733d49aa25dab77ba7fe51a0a831f51e988d3201c5cfc6fbc808c3b2c59b48c1

HTTP Headers

GET /genfiles/cms/1/desktop/banner/0cd280af89b0819825587a2cf75e33d0.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:57:04 GMT
content-type: image/webp
content-length: 21412
last-modified: Fri, 12 Apr 2024 09:23:52 GMT
etag: "1e9191583a9bca6627e85945c6c5d3f1"
x-time-ng: 0.002
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
x-cached-since: 2024-04-12T09:33:12+00:00
traceparent: 00-be7ae8819c91fb1746cb6164cbc1d648-2a8c724c6a27dd02-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

1xlite-461430.top/service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true

178.253.29.51

8.1 kB

URL
1xlite-461430.top/service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true
IP
178.253.29.51:0
ASN
#202492 Silverhill Group Holding Ltd

File type
JSON text data
Size
8.1 kB (8092 bytes)
Hash
0a7ee9e3b58123c19d25b8acfa639eaf
13f1cd6aa2d84f50037aa27c0b7c228a116833af
6ed8e5d290f05b032df0464e97287f401db349355c4a8ce9a06350b037c93272

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiNmY2bHlxUEpRazIxUVpEOWxrT2RrekpDbU1KZmhJa0J2aDM3RTJ1Z1kvRStsYTViQlhBcHJNVWpaNW5mWlBCbVB3Y1JHQ1B1UGRHTFBXT0lxTDJJTHVKWTFiczU3bzVON0xJTlBCMWJzd056NVowUzJnQmVFdEl0NmJSQ0F4VlhReVBBYmEzS1J3MG5wbjRsZHJFTnVUK2MyQlMyem1tSFhYcU9mbGZYN3d5Y0lOSTVHY0l3N29JdFBkaU51Qzl1TTNuNXdoYkY0RTR0RXNDdU9wYmxIUGhEVytBVTVRclJkQ0RJT2pFRk1UaDNyR3pDRUxuMnZiMmVoS05CM1BnRXR4aTk0Z2FETUk2aHlObTEyUnplTTc0KzhKQ2VxWUtIbXVISDBzTms2VWljIiwiZXhwIjoxNzE1MDgzMDExLCJpYXQiOjE3MTUwNjg2MTF9.EgpxNMi4oE-gGkW7_d5TkojYtCD9_1nkVZV3iYISvTmTRHU9cba5B-typB_Ys_QhgjtQHHDERhERe81bVeB9NA
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder; platform_type=desktop; auid=sv0dM2Y53rKJcwD9AxxYAg==; SESSION=a2f5c34fdc98d4dc79ec14adc732be85; window_width=1280; _glhf=1715086374; che_g=277ff3df-2e51-ec4f-06d0-569e93b07f06; application_locale=en; sh.session.id=2f059054-1edc-45d1-9f6c-be2b21cfc178; ggru=181; _ga_7JGWL9SV66=GS1.1.1715068611.1.0.1715068611.60.0.0; _ga=GA1.1.780917435.1715068611
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:57:06 GMT
content-type: application/json; charset=utf-8
content-length: 8092
cache-control: public, max-age=5
content-encoding: br
last-modified: Tue, 07 May 2024 07:57:06 GMT
vary: Accept-Encoding
x-time-ng: 0.015
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.025
X-Firefox-Spdy: h2

1xlite-461430.top/bff-api/config/contacts.json?type=2&lang=en

178.253.29.51

200 OK

1.5 kB

URL GET HTTP/2
1xlite-461430.top/bff-api/config/contacts.json?type=2&lang=en
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
1.5 kB (1473 bytes)
Hash
5e57488ece417dfb2d0d023a6c9d0423
cc3add288721c1e6c3d3e9413fd0de50a9d38467
8da57ebaa0d0d6ecfbac547e80404973484e6cd38820bb8adfcde943511e4c28

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /bff-api/config/contacts.json?type=2&lang=en HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder; platform_type=desktop; auid=sv0dM2Y53rKJcwD9AxxYAg==; SESSION=a2f5c34fdc98d4dc79ec14adc732be85; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:38 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: br
server-timing: bff;dur=8.14, dt_total;dur=32.370, wf-uht;dur=0.040
traceparent: 00-3fa8b0500e9388c6e68edca2f5fe1534-97f78ea158dd5406-01
vary: Accept-Encoding
x-dt: 285
x-time-ng: 0.013
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

pp23vi1.com/static/pixel.gif?1715068626486

178.253.14.123

43 B

URL
pp23vi1.com/static/pixel.gif?1715068626486
IP
178.253.14.123:0
ASN
#202492 Silverhill Group Holding Ltd

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /static/pixel.gif?1715068626486 HTTP/1.1
Host: pp23vi1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:57:06 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
X-Firefox-Spdy: h2

1xlite-461430.top/service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true

178.253.29.51

2.7 kB

URL
1xlite-461430.top/service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true
IP
178.253.29.51:0
ASN
#202492 Silverhill Group Holding Ltd

File type
JSON text data
Size
2.7 kB (2728 bytes)
Hash
7cc6d8a99c09a9e44fc3ce06a868f454
b1feaaef47c248086ae0e071b59cbba64b00e1f7
60a1811cdffb2a2f900325db24dc0a2e90ce6287de9ab2d601ec91b3193f7ce7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiNmY2bHlxUEpRazIxUVpEOWxrT2RrekpDbU1KZmhJa0J2aDM3RTJ1Z1kvRStsYTViQlhBcHJNVWpaNW5mWlBCbVB3Y1JHQ1B1UGRHTFBXT0lxTDJJTHVKWTFiczU3bzVON0xJTlBCMWJzd056NVowUzJnQmVFdEl0NmJSQ0F4VlhReVBBYmEzS1J3MG5wbjRsZHJFTnVUK2MyQlMyem1tSFhYcU9mbGZYN3d5Y0lOSTVHY0l3N29JdFBkaU51Qzl1TTNuNXdoYkY0RTR0RXNDdU9wYmxIUGhEVytBVTVRclJkQ0RJT2pFRk1UaDNyR3pDRUxuMnZiMmVoS05CM1BnRXR4aTk0Z2FETUk2aHlObTEyUnplTTc0KzhKQ2VxWUtIbXVISDBzTms2VWljIiwiZXhwIjoxNzE1MDgzMDExLCJpYXQiOjE3MTUwNjg2MTF9.EgpxNMi4oE-gGkW7_d5TkojYtCD9_1nkVZV3iYISvTmTRHU9cba5B-typB_Ys_QhgjtQHHDERhERe81bVeB9NA
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder; platform_type=desktop; auid=sv0dM2Y53rKJcwD9AxxYAg==; SESSION=a2f5c34fdc98d4dc79ec14adc732be85; window_width=1280; _glhf=1715086374; che_g=277ff3df-2e51-ec4f-06d0-569e93b07f06; application_locale=en; sh.session.id=2f059054-1edc-45d1-9f6c-be2b21cfc178; ggru=181; _ga_7JGWL9SV66=GS1.1.1715068611.1.0.1715068611.60.0.0; _ga=GA1.1.780917435.1715068611; che_i=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:57:07 GMT
content-type: application/json; charset=utf-8
content-length: 2728
cache-control: public, max-age=5
content-encoding: br
last-modified: Tue, 07 May 2024 07:57:02 GMT
vary: Accept-Encoding
x-time-ng: 0.010
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1/desktop/banner/48c55a46abd5ab116e797f7903d61d9a.webp

185.244.209.62

22 kB

URL
v3.traincdn.com/genfiles/cms/1/desktop/banner/48c55a46abd5ab116e797f7903d61d9a.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1380x248, Scaling: [none]x[none], YUV color, decoders should clamp
Size
22 kB (22384 bytes)
Hash
223959ab229c22ef60216e9c780ef376
03fef16fe4253987b207ebd4f5ab77da8262cad7
07dc1d52de65dc11175476efd14081c77cec2379f6b78879bca4c079c2675a3e

HTTP Headers

GET /genfiles/cms/1/desktop/banner/48c55a46abd5ab116e797f7903d61d9a.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:57:09 GMT
content-type: image/webp
content-length: 22384
last-modified: Wed, 06 Sep 2023 13:14:07 GMT
etag: "223959ab229c22ef60216e9c780ef376"
x-time-ng: 0.001
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
x-cached-since: 2024-02-27T14:23:29+00:00
traceparent: 00-fe486d371070f7e6497e9c69c7e308cf-686625e82a35678c-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

widget.suphelper.top/_next/static/f385e6db/_middlewareManifest.js

104.18.39.72

200 OK

92 B

URL GET HTTP/2
widget.suphelper.top/_next/static/f385e6db/_middlewareManifest.js
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://widget.suphelper.top/
Certificate
IssuerGoogle Trust Services LLC
Subjectsuphelper.top
Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36
ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT

File type
ASCII text, with no line terminators
Size
92 B (92 bytes)
Hash
7c3f7e060745668041278118c0bb3d6d
e639f56695b3cc30d78dce7a0084aa8299a1311a
de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a

HTTP Headers

GET /_next/static/f385e6db/_middlewareManifest.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 07:56:40 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Thu, 02 May 2024 07:01:48 GMT
etag: W/"5c-18f381bf92a"
vary: Accept-Encoding
cf-cache-status: HIT
age: 434950
expires: Wed, 07 May 2025 07:56:40 GMT
server: cloudflare
cf-ray: 87ffa79ed9cf568a-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

v3.traincdn.com/sfiles/games-images/game-animations/game-316-animation.svg

185.244.209.62

200 OK

13 kB

URL GET HTTP/2
v3.traincdn.com/sfiles/games-images/game-animations/game-316-animation.svg
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
13 kB (12564 bytes)
Hash
0db44d13e7a50cd2da8dd47ff024f1cd
719bb6c0f3bd8ebabc6c3f53606affb21fd9a4b7
92690d6a77132101517ef7ee09173a4629fd85ba10a6a25033ba80f7967e8fe7

HTTP Headers

GET /sfiles/games-images/game-animations/game-316-animation.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:40 GMT
content-type: image/svg+xml
last-modified: Tue, 16 Jan 2024 08:41:20 GMT
etag: W/"0db44d13e7a50cd2da8dd47ff024f1cd"
x-amz-meta-origin-date-iso8601: 2024-01-12T15:48:06.000Z
expires: Tue, 07 May 2024 00:00:59 GMT
cache-control: max-age=86400, public
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-c9772e123d4df3891dc592965d24f9fc-3457183be77c2091-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T00:00:59+00:00, 2024-05-07T00:43:06+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/49e90f3b8dc2.js

185.244.209.62

200 OK

2.1 kB

URL GET HTTP/2
v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/49e90f3b8dc2.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (2253), with no line terminators
Size
2.1 kB (2136 bytes)
Hash
38eddc87d9802424d0855b8317ddabfc
6f1bd327bb5c7e4ca9d34c74aac2c5fcd700560d
de43ff408b1e4c8c8430e572f23a54bb6b81b1fb6016c44a9f982551fa4bed20

HTTP Headers

GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/49e90f3b8dc2.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:45 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 01 May 2024 08:21:41 GMT
etag: W/"e4a5e0e3cafb59fadf6c400cfd363b1a"
x-amz-meta-mtime: 1714551564.671873539
content-encoding: gzip
expires: Thu, 02 May 2024 15:20:56 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-5035be7559f682a14f6da60a605a6c0c-566c05c33b707d3d-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-01T15:20:56+00:00, 2024-05-06T16:17:06+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/635ff2d38c89.js

185.244.209.62

200 OK

435 B

URL GET HTTP/2
v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/635ff2d38c89.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (442), with no line terminators
Size
435 B (435 bytes)
Hash
0a0303b2b4571c9780a09fbda34532f9
2d56aac777818d2f291c6a384bd76cd7aed23443
1178b48d568d9023eee8521972ed62783037fd873659b9fe21e7d289cbe5f54e

HTTP Headers

GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/635ff2d38c89.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:45 GMT
content-type: text/javascript; charset=utf-8
content-length: 435
last-modified: Wed, 01 May 2024 08:21:41 GMT
etag: "213bb33769eecf49a9d71c164b83a3d6"
x-amz-meta-mtime: 1714551564.671873539
expires: Thu, 02 May 2024 15:20:56 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-305241a7ab002bd751a653d1c7dde697-bea41164be4841df-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-01T15:20:56+00:00, 2024-05-06T16:17:06+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/sys-ui/3.2.2/Desktop/Default/client.css

185.244.209.62

200 OK

1.0 MB

URL GET HTTP/2
v3.traincdn.com/sys-ui/3.2.2/Desktop/Default/client.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type

Size
1.0 MB (1048646 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sys-ui/3.2.2/Desktop/Default/client.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:40 GMT
content-type: text/css; charset=utf-8
last-modified: Fri, 19 Apr 2024 10:16:19 GMT
etag: W/"e4b8405071f7ea0e1aa13cd501543a44"
x-amz-meta-mtime: 1713521458.745453226
content-encoding: gzip
expires: Sat, 20 Apr 2024 11:51:17 GMT
cache-control: max-age=86400
x-time-ng: 0.010
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-2f7492a9ca3c6fd7e0225c6c53cb99e6-5afe1baa40f717d5-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-19T11:51:17+00:00, 2024-05-06T14:20:58+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/7f79b3bfb64b.css

185.244.209.62

200 OK

289 kB

URL GET HTTP/2
v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/7f79b3bfb64b.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
289 kB (289240 bytes)
Hash
304cc943df23445a393ae3d5b02dc1c7
8bc0dae92bd7fccaab5d6dc33e6e5718191ea73b
7f79b3bfb64b8561951fdbd366b6d0cf8febf173f50b4f038e039abfcae5c913

HTTP Headers

GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/7f79b3bfb64b.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:40 GMT
content-type: text/css; charset=utf-8
last-modified: Wed, 01 May 2024 08:21:41 GMT
etag: W/"304cc943df23445a393ae3d5b02dc1c7"
x-amz-meta-mtime: 1714551564.671873539
content-encoding: gzip
expires: Thu, 02 May 2024 15:20:45 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-8344c9ccc4c6054ceb1b3f86380f5a2f-297c10750d8a4c50-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-01T15:20:45+00:00, 2024-05-06T16:17:03+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/d492f4568b81.js

185.244.209.62

200 OK

1.4 kB

URL GET HTTP/2
v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/d492f4568b81.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (1424), with no line terminators
Size
1.4 kB (1413 bytes)
Hash
7d1f3b129b89a981300b50d0cef52e44
d7e0c099325d4b1dd8e1bd56a05807c312c52633
77040a8b5997e69f1b5794f46817b3354099cb3e0d19548a53e1e25e2773cb2e

HTTP Headers

GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/d492f4568b81.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:45 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 01 May 2024 08:21:42 GMT
etag: W/"1ca49088b69c49762c2b4dab10ebe060"
x-amz-meta-mtime: 1714551564.675873475
content-encoding: gzip
expires: Thu, 02 May 2024 15:20:56 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-a8f70d7766048561663bdf9b5b856041-af6bf256c4fb7265-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-01T15:20:56+00:00, 2024-05-06T16:17:06+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/sys-icons/1.0.330/285/common.svg

185.244.209.62

200 OK

147 kB

URL GET HTTP/2
v3.traincdn.com/sys-icons/1.0.330/285/common.svg
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
147 kB (146981 bytes)
Hash
7bf3e9e7d79beac942f5e7748a3af2e6
7c6896ef647506806f2cdbe998d8c9eb845a1754
663e2fc5004af9c6c1969fc5827d7ffdbfeec8d4753efd831208cb179f0a488f

HTTP Headers

GET /sys-icons/1.0.330/285/common.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:46 GMT
content-type: image/svg+xml
last-modified: Tue, 16 Apr 2024 09:41:01 GMT
etag: W/"7bf3e9e7d79beac942f5e7748a3af2e6"
x-amz-meta-mtime: 1713260458.134664491
content-encoding: gzip
expires: Fri, 19 Apr 2024 12:42:12 GMT
cache-control: max-age=86400
x-time-ng: 0.001
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-a24a7707fe5ba611630837729dab5d7f-d4eac87970cbf544-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-18T12:42:12+00:00, 2024-05-06T15:18:42+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

1xlite-461430.top/web-api/external-api/v3/banners?project_id=285&country_code=NO&language=en&platform=2&section=6&is_auth=false&limit=100

178.253.29.51

200 OK

31 kB

URL GET HTTP/2
1xlite-461430.top/web-api/external-api/v3/banners?project_id=285&country_code=NO&language=en&platform=2&section=6&is_auth=false&limit=100
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type

Size
31 kB (31312 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /web-api/external-api/v3/banners?project_id=285&country_code=NO&language=en&platform=2&section=6&is_auth=false&limit=100 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder; platform_type=desktop; auid=sv0dM2Y53rKJcwD9AxxYAg==; SESSION=a2f5c34fdc98d4dc79ec14adc732be85; window_width=1280; _glhf=1715086374; che_g=277ff3df-2e51-ec4f-06d0-569e93b07f06; application_locale=en; sh.session.id=2f059054-1edc-45d1-9f6c-be2b21cfc178
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:40 GMT
content-type: application/vnd.api+json
vary: Accept-Encoding
cache-control: no-cache, private
server-timing: p;dur=222, dt_total;dur=223.871, wf-uht;dur=0.236
traceparent: 00-590e65e8995583f1baf5849d7263b46d-9463067f270a25cb-01
x-dt: 285
x-time-ng: 0.223
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/c7de6303dfb7.js

185.244.209.62

200 OK

424 B

URL GET HTTP/2
v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/c7de6303dfb7.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (441), with no line terminators
Size
424 B (424 bytes)
Hash
f911ee0234277e327d2c022f302a7c00
8bb8735151af34da1b8b5535d8edba40ef651880
8d6afd5d1b2268065bd9d67a99b954636dc4fb05939280c2a32738040f8fb0e5

HTTP Headers

GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/c7de6303dfb7.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:45 GMT
content-type: text/javascript; charset=utf-8
content-length: 424
last-modified: Wed, 01 May 2024 08:21:42 GMT
etag: "33e7498a57ccd45d4321735d481a7313"
x-amz-meta-mtime: 1714551564.675873475
expires: Thu, 02 May 2024 15:20:56 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-86d0eecaf2576928787ab50aa15a7fc9-0d4433e8e983d562-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-01T15:20:56+00:00, 2024-05-06T16:17:06+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/0f8a3bdbdd12.js

185.244.209.62

200 OK

1.0 kB

URL GET HTTP/2
v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/0f8a3bdbdd12.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (1063), with no line terminators
Size
1.0 kB (1024 bytes)
Hash
41ad46b89bddf6099bbfe8a7f7e8e5db
96945b61c321c2736dc5bbbfb643bfea43fc8f57
263d8c8e23eeac579f80376ba8ac0850dfc36b7cfb420b90aa183dc716931a4a

HTTP Headers

GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/0f8a3bdbdd12.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:45 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 01 May 2024 08:21:41 GMT
etag: W/"b49b08255ad6dd3864f907913b849ebe"
x-amz-meta-mtime: 1714551564.667873602
content-encoding: gzip
expires: Thu, 02 May 2024 15:20:56 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-fbf40caca92e018d77bf904ed1b5db1c-4f096ef0e1705269-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-01T15:20:56+00:00, 2024-05-06T16:17:06+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (115)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash