| refpaucqkl.top/L?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder&site=73595&ad=32273 | 45.135.120.2 | | 11 kB |
URL refpaucqkl.top/L?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder&site=73595&ad=32273 IP45.135.120.2:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 Hashfef2b2d947ad491b371bd0b7c26b28a9 73c0ff1a17d772556d30c73ab091972a40707200 e9ad1ba6c79b7d78a38b44b4977939edd1378aaf4d0853c062e41f55b98423f2
GET /L?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder&site=73595&ad=32273 HTTP/1.1
Host: refpaucqkl.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 303 See Other
server: nginx
date: Tue, 07 May 2024 07:56:32 GMT
cache-control: private
location: https://1xlite-461430.top:443/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder
x-aspnetmvc-version: 5.0
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.003
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/polyfills.js | 178.253.29.51 | | 0 B |
URL 1xlite-461430.top/polyfills.js IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /polyfills.js HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder; postback_watcher=; platform_type=desktop; auid=sv0dM2Y53rKJcwD9AxxYAg==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:34 GMT
content-type: text/javascript; charset=utf-8
content-length: 0
vary: user-agent
cache-control: public, max-age=2678400, s-maxage=2678400
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-time-ng: 0.004
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.012
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/runtime-baf5b66c.js | 185.244.209.62 | | 15 kB |
URL v3.traincdn.com/_nuxt/desktop/default/runtime-baf5b66c.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, ASCII text, with very long lines (47215), with no line terminators Hashef9def5f3c8a190bfffb14ce24c6eb58 c5fa568c8f9bee2aa988c80a7246e07edd8d84ba d5d3ad6908352036bda426fe1fdc6f1dc03ac13a7029bbf25fa50580abd9064f
GET /_nuxt/desktop/default/runtime-baf5b66c.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 14752
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-39a0"
content-encoding: gzip
expires: Tue, 07 May 2024 10:54:45 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-ffa2d5c43b6e9cd21937a38099ef73f3-fe943832ff5d7938-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T10:54:45+00:00, 2024-05-06T10:56:33+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/a4f501bb.css | 185.244.209.62 | | 7.4 kB |
URL v3.traincdn.com/_nuxt/desktop/default/css/a4f501bb.css IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeASCII text, with very long lines (54112), with no line terminators Hash32a89d535782c71f2aee2541afe97325 9ad12cc6ccd6b059073f779e9d91c6c6674e1289 ea1bc845a76d5e0e7738e217f8f0c47ac62ace9bddebba5059499b3451aa6ef8
GET /_nuxt/desktop/default/css/a4f501bb.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:35 GMT
content-type: text/css
content-length: 7418
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-1cfa"
content-encoding: gzip
expires: Tue, 07 May 2024 10:53:28 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-bf27653a53bc7a7f37daa5edcb28fadc-0a2560abd314c124-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T10:53:28+00:00, 2024-05-06T11:16:00+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main-499ac9a4.js | 185.244.209.62 | | 58 kB |
URL v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main-499ac9a4.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (64940), with no line terminators Hash8b5b82fea92540c112a534ae258307e2 380afabff0faa228d8c4f10cc9947b310d1bab68 ab31af22488ac9b76c9790f4d3cf1096a9402e7ab4a5b8e09d373cb5b62bc651
GET /_nuxt/desktop/default/Page.Betting.Main-499ac9a4.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 58244
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-e384"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:00 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-88a8d04a0d750557ce761be95a9ca9aa-18b330b85c2a946b-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:00+00:00, 2024-05-06T14:47:23+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/a7906856.css | 185.244.209.62 | | 336 B |
URL v3.traincdn.com/_nuxt/desktop/default/css/a7906856.css IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeASCII text, with very long lines (1099), with no line terminators Hash6921418ff9395c44037498a4cf17ee66 31879049279e2cb5bc06b249d80d1735ef112b19 e6de221b29f3b4e47505c877067f28565ab5e1b419dc5003aca29c49596e73ab
GET /_nuxt/desktop/default/css/a7906856.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:35 GMT
content-type: text/css
content-length: 336
last-modified: Mon, 06 May 2024 10:23:04 GMT
etag: "6638af88-150"
content-encoding: gzip
expires: Tue, 07 May 2024 12:27:19 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-fa0fa184c899fadd71950ac1c19025fc-8aec3395ef6bf1da-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T12:27:19+00:00, 2024-05-06T13:53:34+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Main/Page.Betting.TeamGames-ffc54199.js | 185.244.209.62 | | 10 kB |
URL v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Main/Page.Betting.TeamGames-ffc54199.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, ASCII text, with very long lines (40656), with no line terminators Hash3645d2d457e7c89dbddbc70d1bb71d2e d91ac83ee98ca90c4a45448683041facd9b325cd a615e922b7060fe133277857d8a581923a62ce0da64aff95340bd9b884856a5a
GET /_nuxt/desktop/default/vendors/Page.Betting.Main/Page.Betting.TeamGames-ffc54199.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 9977
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-26f9"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:00 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-dd582f3403f7865fd918e0c23451cb86-45a1df90aef48aef-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:00+00:00, 2024-05-06T14:47:23+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Main/Page.Betting.Main.Asian/registration.Main/user.userRegistration-b32053db.js | 185.244.209.62 | | 9.2 kB |
URL v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Main/Page.Betting.Main.Asian/registration.Main/user.userRegistration-b32053db.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (31683), with no line terminators Hash3f5e6415a870624bda2cd9741726af93 a5f7d27d2ca9f7e89a230ad43754f4e0390f293a 68449536372a92443232c2c9299ebc24a5f62543e6b12cd0a137b078f50d6e9b
GET /_nuxt/desktop/default/vendors/Page.Betting.Main/Page.Betting.Main.Asian/registration.Main/user.userRegistration-b32053db.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 9205
last-modified: Mon, 06 May 2024 10:23:04 GMT
etag: "6638af88-23f5"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:00 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-c014498a896816d80f1c3ce748d83fc8-b3bbc7225010aade-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:00+00:00, 2024-05-06T14:47:23+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.Homepage/Page.Betting.Main/Page.Betting.Main.Asian/Page.Betting.TeamGames/Page.New/a4ad9f6b-09b98935.js | 185.244.209.62 | | 4.2 kB |
URL v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.Homepage/Page.Betting.Main/Page.Betting.Main.Asian/Page.Betting.TeamGames/Page.New/a4ad9f6b-09b98935.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, ASCII text, with very long lines (14590), with no line terminators Hash81deb8b2ab30cd1729e21622a32d9814 41b982e7a7e4eec22ce01ff1a3b854e51e385789 41159eb3d25b42d4e655a6a3f4e6b0777c2d8a572277d77f9104e171b8aa5589
GET /_nuxt/desktop/default/Page.Betting.Asia.Homepage/Page.Betting.Main/Page.Betting.Main.Asian/Page.Betting.TeamGames/Page.New/a4ad9f6b-09b98935.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 4207
last-modified: Thu, 02 May 2024 12:52:18 GMT
etag: "66338c82-106f"
content-encoding: gzip
expires: Sat, 04 May 2024 08:41:36 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-5e5d5844438e66d956fe27d023e3a3ee-4a3e757408c54d57-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-03T08:41:36+00:00, 2024-05-06T09:49:54+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main/Page.Betting.Main.BettingLeftAside/Page.Betting.TeamGames/betting.GamesSliderApp/b/e7e00398-3883d633.js | 185.244.209.62 | | 2.2 kB |
URL v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main/Page.Betting.Main.BettingLeftAside/Page.Betting.TeamGames/betting.GamesSliderApp/b/e7e00398-3883d633.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, ASCII text, with very long lines (7613), with no line terminators Hash68b874a85269b1e64bfd1065d0254a1a 46d5559120d28058a530b18616085b6826bb03c3 7a51983ef71867325dd5d9bf7b7eadc66b567a882f50c1d09158bf4f7de8b587
GET /_nuxt/desktop/default/Page.Betting.Main/Page.Betting.Main.BettingLeftAside/Page.Betting.TeamGames/betting.GamesSliderApp/b/e7e00398-3883d633.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 2209
last-modified: Thu, 02 May 2024 12:52:18 GMT
etag: "66338c82-8a1"
content-encoding: gzip
expires: Sat, 04 May 2024 08:41:31 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-d85aad2c2e8a236756df39267c62cc00-61cfa476ec51e7df-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-03T08:41:31+00:00, 2024-05-06T09:49:54+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/98ce2926.css | 185.244.209.62 | | 1.5 kB |
URL v3.traincdn.com/_nuxt/desktop/default/css/98ce2926.css IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeASCII text, with very long lines (8509), with no line terminators Hashb0cd3891fe08ec67c50bbdfd9f7e9181 205511f8e55a0498e8129c290759a26ba4a4db31 75c619e9cabd7b2c1939e6837909e12c51fb3e68888ba20d650cb1939f983f6e
GET /_nuxt/desktop/default/css/98ce2926.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:35 GMT
content-type: text/css
content-length: 1491
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-5d3"
content-encoding: gzip
expires: Tue, 07 May 2024 12:27:19 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-5e33dba53a511310fbdd3e6ec71fabdb-2a6f35ed4eee3049-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T12:27:19+00:00, 2024-05-06T13:53:34+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/6cc025d5.css | 185.244.209.62 | | 1.3 kB |
URL v3.traincdn.com/_nuxt/desktop/default/css/6cc025d5.css IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeASCII text, with very long lines (6716), with no line terminators Hashbe35c859b4087d52ff863e02472b7438 acce1097a331dc2ec0669d17db06c679e7c81be6 af7c9af6bda4b329f14b870f4df09e1b11e87d8dba17c30eed496dc5d27dfc1f
GET /_nuxt/desktop/default/css/6cc025d5.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:35 GMT
content-type: text/css
content-length: 1324
last-modified: Mon, 06 May 2024 10:23:04 GMT
etag: "6638af88-52c"
content-encoding: gzip
expires: Tue, 07 May 2024 12:27:19 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-6e3950ddaf169590bef13ccf74800263-044847e49a16d633-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T12:27:19+00:00, 2024-05-06T13:53:34+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside-9ec0f9e5.js | 185.244.209.62 | 200 OK | 17 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside-9ec0f9e5.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65113), with no line terminators Hash5c486444497d7afeea7cabf3a651d76a a5c40dee88530a85a4c061ad4379b13e3b8df745 9c3b64738e185dacb94ddfa13c1807be093f49e0a3b5810f92db524ea9f60020
GET /_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside-9ec0f9e5.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 17011
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-4273"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:00 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-cc52fdd53cf1b2a7f6779ed74f150c42-ee7011001ddc2060-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:00+00:00, 2024-05-06T14:47:23+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Main.BettingLeftAside-14b63672.js | 185.244.209.62 | | 5.9 kB |
URL v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Main.BettingLeftAside-14b63672.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, ASCII text, with very long lines (21262), with no line terminators Hashfb60e20d94667a730b2505f72a36269f 9553f3349aae185bd43d95b7ea735790b5ac35d4 24b7cc1abd1d6224f08db147e7c866945d1f205b36b55ac5a5f1c47ed96d69ab
GET /_nuxt/desktop/default/vendors/Page.Betting.Main.BettingLeftAside-14b63672.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 5874
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-16f2"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:00 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-d1130398c78ec3db486d5df028094bf7-c44f2315fa8a7e02-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:00+00:00, 2024-05-06T14:47:23+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside/Page.NewCyber.CyberChamps/Page.NewCyber.CyberDashboard/Page.NewCy/adc1b632-4d951a46.js | 185.244.209.62 | | 3.5 kB |
URL v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside/Page.NewCyber.CyberChamps/Page.NewCyber.CyberDashboard/Page.NewCy/adc1b632-4d951a46.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, ASCII text, with very long lines (13913), with no line terminators Hash395deb0abfd0ea102c0c9aa4cf08b2f9 b53c99a2bce733f0a45a075000949d34e2fd0b17 f11d7b6985d7e97030628cf137377b14e9316f8919f80dff4cdd488366aa6652
GET /_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside/Page.NewCyber.CyberChamps/Page.NewCyber.CyberDashboard/Page.NewCy/adc1b632-4d951a46.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 3531
last-modified: Thu, 02 May 2024 12:52:18 GMT
etag: "66338c82-dcb"
content-encoding: gzip
expires: Sat, 04 May 2024 08:41:30 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-ecaa034c07fae0e94aadbbd4b51da816-e33bdda43174a5c0-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-03T08:41:30+00:00, 2024-05-06T09:49:54+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/9eb4939a.css | 185.244.209.62 | | 2.8 kB |
URL v3.traincdn.com/_nuxt/desktop/default/css/9eb4939a.css IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeASCII text, with very long lines (20960), with no line terminators Hash6cae6098e169876c305ca92f82fe3cde d27c18f05738795d575c8ce370ed83cf07da0a5a 7095d096e88dd0a09d84d063de1e0eedd406b032150a5af99e796c2ac63bcfe5
GET /_nuxt/desktop/default/css/9eb4939a.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:35 GMT
content-type: text/css
content-length: 2763
last-modified: Mon, 06 May 2024 10:23:04 GMT
etag: "6638af88-acb"
content-encoding: gzip
expires: Tue, 07 May 2024 12:27:19 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-36340b54182d2a8ea2ef86e1751dcea2-1a79f91eb2c9b5ff-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T12:27:19+00:00, 2024-05-06T13:53:34+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside/betting.SportMenuApp-87a02531.js | 185.244.209.62 | 200 OK | 10 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside/betting.SportMenuApp-87a02531.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (41615), with no line terminators Hash21a80fe42c418607606b5ee8ebc9ebe2 b93c8e0a2f18dd371501e1a8739e9445b2c1d9d1 880f72443c469f2d2e9421789eaeb1f2042a8c4ccfc8ce9057a685d588a97ff3
GET /_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside/betting.SportMenuApp-87a02531.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 10290
last-modified: Mon, 06 May 2024 10:23:04 GMT
etag: "6638af88-2832"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:00 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-5f1cddacf875d5570535b5c27abe6483-a3f4b268fe1c5b67-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:00+00:00, 2024-05-06T14:47:23+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/c3d37cc4.css | 185.244.209.62 | | 194 B |
URL v3.traincdn.com/_nuxt/desktop/default/css/c3d37cc4.css IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeASCII text, with very long lines (395), with no line terminators Hash7f1ee7f9ec47159043591789124ec7cc bb021131214d4b70b327355a5a947b974f2eccbd 4041bafac614e354c03b647dc8d226e140460381c4816a65528e4ba428b0a0ad
GET /_nuxt/desktop/default/css/c3d37cc4.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:35 GMT
content-type: text/css
content-length: 194
last-modified: Mon, 06 May 2024 07:48:14 GMT
etag: "66388b3e-c2"
content-encoding: gzip
expires: Tue, 07 May 2024 09:23:37 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-30dd891efa550422d22f04139b702037-c6cdce0042edcea8-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T09:23:37+00:00, 2024-05-06T14:27:34+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/885d64fc.css | 185.244.209.62 | | 332 B |
URL v3.traincdn.com/_nuxt/desktop/default/css/885d64fc.css IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeASCII text, with very long lines (975), with no line terminators Hash31aa50dcbc858f61bf3ed903493b8431 abf67e7f02256d2d5c5e2054b2930aa9b5ece999 18337e3b3c6f57695afaca43e471c075fd711e0485b4e7f1fdc1b6fe4e8703d7
GET /_nuxt/desktop/default/css/885d64fc.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:35 GMT
content-type: text/css
content-length: 332
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-14c"
content-encoding: gzip
expires: Tue, 07 May 2024 12:17:32 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-ab44fa9d82999c0cd09b4d14fc43e7a1-3af66aa4f63fb8b2-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T12:17:32+00:00, 2024-05-06T20:06:17+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/version.json | 185.244.209.62 | | 44 B |
URL v3.traincdn.com/version.json IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
Hash265e4e9c948f929631d7e9bcf0d19d5b c70f40cde4e09003b980fdae5130f3695de16add 62ec6fa5c15470b882bd7e05f5651b0a265a0cb2857cffa5cbfa34b3d2cf42ba
GET /version.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:35 GMT
content-type: application/json
content-length: 44
last-modified: Mon, 06 May 2024 10:24:15 GMT
etag: "6638afcf-2c"
content-encoding: gzip
expires: Mon, 06 May 2024 10:50:26 GMT
cache-control: max-age=60, max-age=60, s-maxage=60
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-5481383ee2197faf7e023e5dc2f60efe-f4c75537be61608e-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T10:49:26+00:00, 2024-05-07T07:56:20+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingContent-636888aa.js | 185.244.209.62 | 200 OK | 644 B |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingContent-636888aa.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (1333), with no line terminators Hash59e405a5c84540fd5cd4a47c01954bb9 877928ec86d9742b605ab481e28e4ca40163154b a50357ec75eb7f36a26bfe20b003e614f8bfd8298d502b26c9dc36cbdc1d362a
GET /_nuxt/desktop/default/Page.Betting.Main.BettingContent-636888aa.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 644
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-284"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:00 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-bdd6006526fc277dd23d267dc5f66d6a-65d74d0f1f995684-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:00+00:00, 2024-05-06T14:47:23+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Layout.Betting.ExpressDay-c5a846fb.js | 185.244.209.62 | | 3.4 kB |
URL v3.traincdn.com/_nuxt/desktop/default/Layout.Betting.ExpressDay-c5a846fb.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, ASCII text, with very long lines (10178), with no line terminators Hashbe042bab68dd466121fb1460a17b1795 3dfa3c583644e2aa71ff199a262a54e17cd378d6 2a7bf413f8f8d67f545da852425cdec3b3960fa2c62960ca49c5a2dc43108ac0
GET /_nuxt/desktop/default/Layout.Betting.ExpressDay-c5a846fb.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 3365
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-d25"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:00 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-24d31fa02bb36757bdbcd44f5cb749a8-52b8688d580a3623-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:00+00:00, 2024-05-06T14:47:23+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/ca542d7f.css | 185.244.209.62 | | 3.2 kB |
URL v3.traincdn.com/_nuxt/desktop/default/css/ca542d7f.css IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeASCII text, with very long lines (31339), with no line terminators Hash9e9b190c1ab8126c2576203d5d43ec63 a80ccb6739023605edbd86be13f38a58ff7f4906 c4a28e2bbc67a853613460727d4abba3687be55593a7513a4079ea34579fbb02
GET /_nuxt/desktop/default/css/ca542d7f.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:35 GMT
content-type: text/css
content-length: 3226
last-modified: Mon, 06 May 2024 07:48:14 GMT
etag: "66388b3e-c9a"
content-encoding: gzip
expires: Tue, 07 May 2024 09:58:00 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-1f26d64b0e93dde02fbefebe6f072c6f-790e4443a85d9a95-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T09:58:00+00:00, 2024-05-06T10:39:54+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Layout.SeoModule.Lazy-db205bbd.js | 185.244.209.62 | | 2.5 kB |
URL v3.traincdn.com/_nuxt/desktop/default/Layout.SeoModule.Lazy-db205bbd.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, ASCII text, with very long lines (8663), with no line terminators Hasha5db05d47f7f37c06acc29a0f4eeb447 b9ddddb586721548eaa4a62d7ae420bfcfc5bddb 4053d0ffbd3af6bc022131a3f123bd4e88825f1b5f06a74dd2072a2b0fe3f243
GET /_nuxt/desktop/default/Layout.SeoModule.Lazy-db205bbd.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 2475
last-modified: Mon, 06 May 2024 10:23:04 GMT
etag: "6638af88-9ab"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:00 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-279f2b88a7d93e35c6b4d0657300ba50-ddf9a50eb9f7b98e-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:00+00:00, 2024-05-06T14:47:23+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/85148a0b.css | 185.244.209.62 | | 4.0 kB |
URL v3.traincdn.com/_nuxt/desktop/default/css/85148a0b.css IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeASCII text, with very long lines (32277), with no line terminators Hasheeaf257a8645b90669a2ea93b8fb534e d81289258b7a5c126dd860232760852cc8ad865e 3a170c88ab694ad7552f7a84baa04ddb248c32b7f8ffe16d55dd73685de87aa6
GET /_nuxt/desktop/default/css/85148a0b.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:35 GMT
content-type: text/css
content-length: 3964
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-f7c"
content-encoding: gzip
expires: Tue, 07 May 2024 12:54:58 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-54d08619ace378fd41e0ffd1c99b8a4a-509052865a0a1121-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T12:54:58+00:00, 2024-05-06T13:53:34+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Layout.FooterComponent.Lazy-0434410a.js | 185.244.209.62 | | 7.8 kB |
URL v3.traincdn.com/_nuxt/desktop/default/Layout.FooterComponent.Lazy-0434410a.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (28142), with no line terminators Hash9167c6082d419d35f57a606871184d06 d4c4fac03b353c5881c352d6ac0c05947dc2e633 bed35ed9386f6d0d6f3096d00c7d14e042c5cb404f07ef0bb9abb4cc381e89c3
GET /_nuxt/desktop/default/Layout.FooterComponent.Lazy-0434410a.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 7775
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-1e5f"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:00 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-1725645870672113fb79686328c8c2d9-9da178fb886705aa-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:00+00:00, 2024-05-06T14:47:23+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/Layout.FooterComponent.Lazy-8e891b7b.js | 185.244.209.62 | | 8.3 kB |
URL v3.traincdn.com/_nuxt/desktop/default/vendors/Layout.FooterComponent.Lazy-8e891b7b.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, ASCII text, with very long lines (29805), with no line terminators Hash93a3cdd4ea0ae5eb295e71988355c5d4 0c9e334aebd99fb9c44575c99abda82d0b53acb1 104a5a19f0a8b4d443e55c32daf49eea2343ee96da27b48c21f09e1425081d62
GET /_nuxt/desktop/default/vendors/Layout.FooterComponent.Lazy-8e891b7b.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 8283
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-205b"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:00 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-8617ae8319d5f53ecbb7371300041a4d-3512dbae9d433e62-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:00+00:00, 2024-05-06T14:47:23+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/5cfdf959.css | 185.244.209.62 | | 1.1 kB |
URL v3.traincdn.com/_nuxt/desktop/default/css/5cfdf959.css IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeASCII text, with very long lines (4632), with no line terminators Hashf74d8b7e31b6ab236a9577348874385d 87091e6542649037a05fc137fa449b713c85225d b33d72295f1edbfc13da30236c4b811cffe4ba8ef758a515914cd69cf02edbf8
GET /_nuxt/desktop/default/css/5cfdf959.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:35 GMT
content-type: text/css
content-length: 1113
last-modified: Thu, 02 May 2024 12:52:18 GMT
etag: "66338c82-459"
content-encoding: gzip
expires: Sat, 04 May 2024 06:45:29 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-b56bdd4804e8a9f783f65bbb3a61bedd-1dc2105135bb197c-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-03T06:45:29+00:00, 2024-05-06T08:35:07+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Layout.FooterComponent.Lazy/Page.Game.Project-807a62cf.js | 185.244.209.62 | | 6.3 kB |
URL v3.traincdn.com/_nuxt/desktop/default/Layout.FooterComponent.Lazy/Page.Game.Project-807a62cf.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, ASCII text, with very long lines (20014), with no line terminators Hashadc7f8e289bd475a5a922c91b93591b2 540252cd02880714746d3656e61c67e7acab7fda 3b542ce26d333f558f94adb8cac49e58be95a5470eb3079d1dc0b2b7a7c97b6b
GET /_nuxt/desktop/default/Layout.FooterComponent.Lazy/Page.Game.Project-807a62cf.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 6258
last-modified: Mon, 06 May 2024 10:23:04 GMT
etag: "6638af88-1872"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:00 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-f71e4ea65a65e3090bcb0fb3ea1ac091-5f363c72cdc3c5e2-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:00+00:00, 2024-05-06T14:47:23+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/app-1483c42a.js | 185.244.209.62 | | 225 kB |
URL v3.traincdn.com/_nuxt/desktop/default/app-1483c42a.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (64966), with no line terminators Size225 kB (224914 bytes) Hashc4d75347728629ec3f0b90dc82f0a3d2 ff949fe02da04d39be746f8d091a1a7b30126f7a 8ca2bd3ad104c33fb6189e87cab8992734ca6bf99a631ed413f63444b834d33b
GET /_nuxt/desktop/default/app-1483c42a.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 224914
last-modified: Mon, 06 May 2024 07:48:14 GMT
etag: "66388b3e-36e92"
content-encoding: gzip
expires: Tue, 07 May 2024 09:00:58 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-3babad19a491e881f0fc386b5d98f09a-43d59bb8a196ad06-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T09:00:58+00:00, 2024-05-06T09:01:09+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/75bcd414.css | 185.244.209.62 | | 2.3 kB |
URL v3.traincdn.com/_nuxt/desktop/default/css/75bcd414.css IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeASCII text, with very long lines (9958), with no line terminators Hash76a1e3dd8e25bf9a48bdd896de779d20 38c3643e25808d1f3ab167273201eac8c113c088 aa36f7a0cd4e7059cfef75dda25cd20e0bd1fbbe3d10a4ed0697cb937f009273
GET /_nuxt/desktop/default/css/75bcd414.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:35 GMT
content-type: text/css
content-length: 2277
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-8e5"
content-encoding: gzip
expires: Tue, 07 May 2024 11:27:59 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-1a1f44d8798b7bdc3fedf1eb91d8bf97-cb7a04f181f01f5a-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T11:27:59+00:00, 2024-05-06T12:06:59+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/app-d26cc899.js | 185.244.209.62 | | 267 kB |
URL v3.traincdn.com/_nuxt/desktop/default/vendors/app-d26cc899.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (61101) Size267 kB (267237 bytes) Hash1992415420cd9d59941e07133aa0c521 308a748fa982a440a112cb9e449f25a23bd6d83e 94a8f060251c7e705ee8c823783cb067e2844edb0f3900b6b0e91948d92ce907
GET /_nuxt/desktop/default/vendors/app-d26cc899.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 267237
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-413e5"
content-encoding: gzip
expires: Tue, 07 May 2024 14:31:58 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-3b35307624683d54d7081853c7dd2773-f520870dfdeb87a6-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:31:58+00:00, 2024-05-06T14:47:23+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/commons/app-2e30fd7d.js | 185.244.209.62 | | 47 kB |
URL v3.traincdn.com/_nuxt/desktop/default/commons/app-2e30fd7d.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, ASCII text, with very long lines (65476) Hash03b89bdb4f6013159d40de88c98403b6 cf41351caa86d91b56cf839d54ab28bf8f4f54f8 42d02ce0b520e2d8ce7341a0b07d92cd3833d762337b1f8aabc6f7f23e6fad4a
GET /_nuxt/desktop/default/commons/app-2e30fd7d.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 46801
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-b6d1"
content-encoding: gzip
expires: Tue, 07 May 2024 14:31:58 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-2057935305884e4d1535a53f290919a3-29cc4d4ad5c80028-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:31:58+00:00, 2024-05-06T14:47:23+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/035c0001.css | 185.244.209.62 | 200 OK | 14 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/035c0001.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hashac3b78bdd1c881f78913b967fd22a91f 15295665baa2ccaf71e8a093f333d087621a17ee ee4c84a2fe257a888fcec5809b67b563aba3a4c52f102154ffa19a685434d835
GET /_nuxt/desktop/default/css/035c0001.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:35 GMT
content-type: text/css
content-length: 13859
last-modified: Mon, 06 May 2024 07:48:14 GMT
etag: "66388b3e-3623"
content-encoding: gzip
expires: Tue, 07 May 2024 09:00:57 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-6420a075bd660b88600a5a49467e1dfc-5e6a3d62a3958773-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T09:00:57+00:00, 2024-05-06T09:01:09+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-ui/2.2.11/Desktop/Default/client.css | 185.244.209.62 | | 242 kB |
URL v3.traincdn.com/sys-ui/2.2.11/Desktop/Default/client.css IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typegzip compressed data, max speed, from Unix Size242 kB (241796 bytes) Hash16de1f1b4057d8b564a0e9bbdd65be8d ac92cc1e7457af0e2da459267d8cdceed1db4879 d00d8e713ed1548fadd6068150d9b9f3efec2dadaf52ad18b4d20a4ef0bd259b
GET /sys-ui/2.2.11/Desktop/Default/client.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:35 GMT
content-type: text/css; charset=utf-8
last-modified: Tue, 23 Apr 2024 11:41:52 GMT
etag: W/"5be31e73f9aaf3c05331c4f0cd80e4d9"
x-amz-meta-mtime: 1713872392.088051093
content-encoding: gzip
expires: Wed, 24 Apr 2024 14:28:29 GMT
cache-control: max-age=86400
x-time-ng: 0.008
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-6f3d1bd6f5f0de70352a563cac4ac635-26fe040159f1a37a-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T14:28:29+00:00, 2024-05-06T14:47:23+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Medium.woff2 | 185.244.209.62 | 200 OK | 65 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Medium.woff2 IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 64732, version 1.0 Hash3ac5d40d1b3966fc5eb09ecca74d9cbf a69f32357765dd321519889aeacba5e9ca893bb0 3310766b8f58538d07abded74a2babe1acbe1a3ee820d5b8c8265da666f4fb0c
GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Medium.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:36 GMT
content-type: font/woff2
content-length: 64732
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "3ac5d40d1b3966fc5eb09ecca74d9cbf"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-11f07109bbde6ceac771f97f29b4d6f3-cf91ecf95bcd4446-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T07:56:30+00:00, 2024-05-07T07:41:00+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2 | 185.244.209.62 | | 64 kB |
URL v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2 IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeWeb Open Font Format (Version 2), TrueType, length 63920, version 1.0 Hasha65527fcb58f66a7cfbc0e6b160538b4 45d260e7fa343401b5bb0df982a014f53e2d253b fb13c3a1cbac60649b76f7d7f85c1645d35ac69b85ce5f4eb0692505ecc2cd45
GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:36 GMT
content-type: font/woff2
content-length: 63920
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "a65527fcb58f66a7cfbc0e6b160538b4"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-96e4a60ac52a5986f94c70833b8307e3-7f934424c24e4426-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T07:54:39+00:00, 2024-05-07T07:30:48+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/check-ob.js | 185.244.209.62 | | 187 B |
URL v3.traincdn.com/_nuxt/check-ob.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, ASCII text Hashced67278c38d1ce1297c121af69fff8a df6e1531fd84d956263b04254e6f94f5356623f4 2958134c3c00f7c6320858dd66e454c2856e4842821d3523c4cc5e44e1ec8616
GET /_nuxt/check-ob.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:36 GMT
content-type: application/javascript; charset=utf-8
content-length: 187
last-modified: Thu, 02 May 2024 12:51:43 GMT
etag: "66338c5f-bb"
content-encoding: gzip
expires: Sat, 04 May 2024 12:55:05 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-583bfbede638100f4e8ae197389ee469-943d968f76009616-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-03T12:55:05+00:00, 2024-05-06T11:36:38+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/1da51baa342984a84ca1ac8dd900998b.png | 185.244.209.62 | | 653 B |
URL v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/1da51baa342984a84ca1ac8dd900998b.png IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typePNG image data, 32 x 32, 8-bit colormap, non-interlaced Hashe6f0766cbd95db33da44e7a9140648f2 5f196b1bfe8c3f92bd2ebcd67124e72e81ae6aaf c0399d478788d5d483f104a2e8cb7c32f41cb40e9df0c22e831b2bfa2db63ec0
GET /genfiles/cms/1-285/desktop/media_asset/1da51baa342984a84ca1ac8dd900998b.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:36 GMT
content-type: image/png
content-length: 653
last-modified: Tue, 25 Apr 2023 13:43:56 GMT
etag: "e6f0766cbd95db33da44e7a9140648f2"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-829a78242bd5ad82442c0a12db313685-1bc996a50a7e9449-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T07:12:59+00:00, 2024-05-07T07:28:39+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/site-admin/colors/13f2420925687a194e4c38472ae71214.css | 185.244.209.62 | | 7.1 kB |
URL v3.traincdn.com/genfiles/site-admin/colors/13f2420925687a194e4c38472ae71214.css IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeASCII text, with very long lines (36694), with no line terminators Hash14606d3db1f60fc226960ebde296d677 239876099e9076ccbec9a7436ce92ae1adea34d1 0cd971adce922a5f6369156dd9dd906b499c2fb08b0dcd80ad2b323a2d96d419
GET /genfiles/site-admin/colors/13f2420925687a194e4c38472ae71214.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:35 GMT
content-type: text/css
last-modified: Fri, 05 Apr 2024 07:40:06 GMT
etag: W/"4610c92e7697e57d1149e233ef5edab2"
content-encoding: gzip
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-9d892f79550230084dee54b1795e8db5-18d5c295694e3d97-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-05T09:04:13+00:00, 2024-05-07T07:20:44+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.BettingContent-3ca7fb18.js | 185.244.209.62 | | 633 B |
URL v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.BettingContent-3ca7fb18.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, ASCII text, with very long lines (1235), with no line terminators Hash52ab057c90af6d742e95f43ff97e95ff dfdce102add5fc4fa06ac366a663e7a732bd9352 feedd981d953d2933cbb35a49608ebf408f13f457399c2b11aa1ef5eb76db547
GET /_nuxt/desktop/default/Page.Betting.Asia.BettingContent-3ca7fb18.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:36 GMT
content-type: application/javascript; charset=utf-8
content-length: 633
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-279"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:12 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-6ddc84fe59d71d421c60c661b2b5a147-08febf823286ddb4-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:12+00:00, 2024-05-06T14:59:22+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.BettingLeftAside/Page.Betting.Main.Asian/betting.CentralMenuApp/betting.SportsMenuCompact-cca22477.js | 185.244.209.62 | | 4.2 kB |
URL v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.BettingLeftAside/Page.Betting.Main.Asian/betting.CentralMenuApp/betting.SportsMenuCompact-cca22477.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, ASCII text, with very long lines (14574), with no line terminators Hash2f5a8b05ac32c583fcde180d9d46fce9 86cc94f0c76922b731336bb6c13ff2839f37d689 6f2a20b4cda56cb4d92bd6d3817945c5e659723eaf3e5c85f0a00274c909a9cd
GET /_nuxt/desktop/default/Page.Betting.Asia.BettingLeftAside/Page.Betting.Main.Asian/betting.CentralMenuApp/betting.SportsMenuCompact-cca22477.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:36 GMT
content-type: application/javascript; charset=utf-8
content-length: 4187
last-modified: Mon, 06 May 2024 10:23:04 GMT
etag: "6638af88-105b"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:12 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-379dbdc5cbb5dfda30e4cc259526a48d-b3f7ee9741cfe86a-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:12+00:00, 2024-05-06T14:59:22+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/2a37879e.css | 185.244.209.62 | | 1.3 kB |
URL v3.traincdn.com/_nuxt/desktop/default/css/2a37879e.css IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeASCII text, with very long lines (6872), with no line terminators Hash7727cc93d85a2459297f9b1237fc6a92 f37f7a3ec3d30df2513a38dd2c67fefaf038edec e4559060670fd8cf92ad4e830ae9237d2bbc735470f4597ad5d943388d9248d2
GET /_nuxt/desktop/default/css/2a37879e.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:36 GMT
content-type: text/css
content-length: 1331
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-533"
content-encoding: gzip
expires: Tue, 07 May 2024 12:28:13 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-ba2ae04a678b7f05d6ecc4619c6e0f83-272e1f75c7f3a00c-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T12:28:13+00:00, 2024-05-06T15:18:31+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.BettingLeftAside-9f71ae9a.js | 185.244.209.62 | | 10 kB |
URL v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.BettingLeftAside-9f71ae9a.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (37196), with no line terminators Hash149f1f916b0c47494c7bdc15122390d4 f6be7ef6c3649f4b83fd19f7459dbce46ff15925 f8ecbd7355d64beb3e23daea185a634fa436012d707160381bb3b65548a9c92b
GET /_nuxt/desktop/default/Page.Betting.Asia.BettingLeftAside-9f71ae9a.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:36 GMT
content-type: application/javascript; charset=utf-8
content-length: 10214
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-27e6"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:12 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-d36cc1f8ffd2e17c72b4b25deea7af4e-a4415723eb085dd6-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:12+00:00, 2024-05-06T14:59:22+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/GameProvider/Page.Betting.Asia.Homepage/Page.Betting.MultiLive/Page.CricketWorldCupPage/Page/17c2374e-b595fcd5.js | 185.244.209.62 | 200 OK | 37 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/vendors/GameProvider/Page.Betting.Asia.Homepage/Page.Betting.MultiLive/Page.CricketWorldCupPage/Page/17c2374e-b595fcd5.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65461) Hashaedaa99fcce183a213f358a727e9eb87 7fe33331acbced57be412f96baff3a4595e207fb 2ccadc0a2eea97aeeb5f1825ad9bdac3873481a54bcd3b42cf6724271cd0f6ac
GET /_nuxt/desktop/default/vendors/GameProvider/Page.Betting.Asia.Homepage/Page.Betting.MultiLive/Page.CricketWorldCupPage/Page/17c2374e-b595fcd5.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:36 GMT
content-type: application/javascript; charset=utf-8
content-length: 37176
last-modified: Mon, 06 May 2024 10:23:04 GMT
etag: "6638af88-9138"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:13 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-7f4e9a4bb9e1faa8ab6c20e0de7157d3-012fe491d0ebac1b-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:13+00:00, 2024-05-06T14:59:22+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Asia.Homepage-b9493cb9.js | 185.244.209.62 | | 10 kB |
URL v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Asia.Homepage-b9493cb9.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, ASCII text, with very long lines (36638), with no line terminators Hash63e1a6027725eca572736670eb935432 e3578492cf68e66a44f556a98545294a5b1bed5a e96e0e4abe03d7fb0d2449e0f2bf27bb0ee85cdd4d7b4098276c712842b45d8c
GET /_nuxt/desktop/default/vendors/Page.Betting.Asia.Homepage-b9493cb9.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:36 GMT
content-type: application/javascript; charset=utf-8
content-length: 10115
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-2783"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:13 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-5811d4b02eb05e68045ed3d38d8aa15d-bbe73afe74d196c3-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:13+00:00, 2024-05-06T14:59:22+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.Homepage/Page.NewCyber.Cyber/Page.NewCyber.CyberApp/Page.NewCyber.CyberChamp/Page./8c362243-68160950.js | 185.244.209.62 | | 5.6 kB |
URL v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.Homepage/Page.NewCyber.Cyber/Page.NewCyber.CyberApp/Page.NewCyber.CyberChamp/Page./8c362243-68160950.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, ASCII text, with very long lines (19536), with no line terminators Hash860ea683ac1ca8494adc10cb2ea4fcdf a1004cb9bb3a036d215dfbf6b9bade88ad81a7a3 e8fcc72111c9040f545dd314899e61e406ceaa76601c816dc3c1a7b407f88850
GET /_nuxt/desktop/default/Page.Betting.Asia.Homepage/Page.NewCyber.Cyber/Page.NewCyber.CyberApp/Page.NewCyber.CyberChamp/Page./8c362243-68160950.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:36 GMT
content-type: application/javascript; charset=utf-8
content-length: 5565
last-modified: Mon, 06 May 2024 10:23:04 GMT
etag: "6638af88-15bd"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:13 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-8e17ba4f853267c60f6b3eef4262e990-f6328593d5abd59f-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:13+00:00, 2024-05-06T14:59:22+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/7c43e6fa10d0665cf556d13ff2a1906d.svg | 185.244.209.62 | | 7.4 kB |
URL v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/7c43e6fa10d0665cf556d13ff2a1906d.svg IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeSVG Scalable Vector Graphics image Hashc33fde6bd6996199bf54b80cdd5a02df 7e86dd2a9553c91da569a4bb97758662d09af13d ada39806bbff4e281103b1d860f36abbf15820361ffcdf22b2b5e7d17c5956c1
GET /genfiles/cms/1-285/desktop/media_asset/7c43e6fa10d0665cf556d13ff2a1906d.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:35 GMT
content-type: image/svg+xml
last-modified: Tue, 02 May 2023 10:06:49 GMT
etag: W/"7cca3986f7a5c4c164144ff11df71073"
content-encoding: gzip
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-f7f09efe7adb36a3245f74a2d960d887-da501c9b350de4fc-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-01-11T08:32:05+00:00, 2024-05-07T07:17:15+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.Homepage-633ca92a.js | 185.244.209.62 | | 32 kB |
URL v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.Homepage-633ca92a.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (64912), with no line terminators Hash474bfa89621896100251055f7c19712b 0e19c615fc77f9ed2d69d74b7f8a42d41c6f5138 ea0fef6e0a33df0b36bdce2df6b8bf50eef0dd3b71c7c6fc567a7d7c5d39fdd3
GET /_nuxt/desktop/default/Page.Betting.Asia.Homepage-633ca92a.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:36 GMT
content-type: application/javascript; charset=utf-8
content-length: 32522
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-7f0a"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:13 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-d54566d73ce6708b2d6ca8efa6df847c-a417223ecf72dbba-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:13+00:00, 2024-05-06T14:59:22+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/f72f2b10.css | 185.244.209.62 | 200 OK | 4.8 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/f72f2b10.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (38649), with no line terminators Hash8ab5f1e804e2a4565dea164054ff0907 7ee2bea2c9dcb6424f707c35588a316a249270fa ce3424802faaac382a0efe23fbc285123fae95d0461ecf26e4881e1907acd9ec
GET /_nuxt/desktop/default/css/f72f2b10.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:36 GMT
content-type: text/css
content-length: 4780
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-12ac"
content-encoding: gzip
expires: Tue, 07 May 2024 12:28:13 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-4274f669a086fbfe6c4872a4f19ea2cb-b08f1b7084bbc6b7-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T12:28:13+00:00, 2024-05-06T15:18:31+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.Asian-2f003ed9.js | 185.244.209.62 | 200 OK | 29 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.Asian-2f003ed9.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (64788), with no line terminators Hash6bb873114649db4b87839383a7d31921 91b56ad064a4b8fd0d7edb89a040c6b9d06866aa 6dc41e4f75d65dd3dc2f311198e1a9b2b65e0687c2d905b7d64cf9265f7bda2d
GET /_nuxt/desktop/default/Page.Betting.Main.Asian-2f003ed9.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:36 GMT
content-type: application/javascript; charset=utf-8
content-length: 28917
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-70f5"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:13 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-84f051b41518de021453bc2e46c15200-63023089e2985068-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:13+00:00, 2024-05-06T14:59:22+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.v-tooltip-ff4800a4.js | 185.244.209.62 | | 22 kB |
URL v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.v-tooltip-ff4800a4.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, ASCII text, with very long lines (65476) Hash45f90516ee8a557d78c08e1e925c1490 adc0363ed75f47f9513a36a94173c6e4940a2adc f5b8b3c4e62dbb4ebc5fd634f5bb17b3145a14c21bdc3e9c0a4dcb45b9e573fe
GET /_nuxt/desktop/default/vendors/plugins.v-tooltip-ff4800a4.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:36 GMT
content-type: application/javascript; charset=utf-8
content-length: 21889
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-5581"
content-encoding: gzip
expires: Tue, 07 May 2024 14:31:59 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-0faf174e49d46dc17bc8d3d45f8c5ae0-d699b6b7025828fb-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:31:59+00:00, 2024-05-06T14:47:25+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.vue-notification-4e9ad522.js | 185.244.209.62 | | 4.6 kB |
URL v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.vue-notification-4e9ad522.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, ASCII text, with very long lines (12527), with no line terminators Hash805e7c2cd861f2191db66c39ab28e86b a6353246547e9a9fd01093fcb784d708d187e3ef 82686dab55962ead6916346bd901b3fc03357bb2a0e74dfe966ff784d75b2368
GET /_nuxt/desktop/default/vendors/plugins.vue-notification-4e9ad522.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:36 GMT
content-type: application/javascript; charset=utf-8
content-length: 4556
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-11cc"
content-encoding: gzip
expires: Tue, 07 May 2024 14:31:59 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-719f7ce084c427d85cf89b940d719f9f-7f9555ec540723a6-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:31:59+00:00, 2024-05-06T14:47:25+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/e5c0e314.css | 185.244.209.62 | | 953 B |
URL v3.traincdn.com/_nuxt/desktop/default/css/e5c0e314.css IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeASCII text, with very long lines (3352), with no line terminators Hash748da80084597d87b4ff5e98b017b07b db6ad2ec24bfcbe751a23061d935403e1163f471 4eaf4071f43aaa0243a4c6948131b7a3e03fe6ab1f4228da38e8588c15e01f24
GET /_nuxt/desktop/default/css/e5c0e314.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:36 GMT
content-type: text/css
content-length: 953
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-3b9"
content-encoding: gzip
expires: Tue, 07 May 2024 11:05:11 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-ce7ccead5b94ec21f7e1afc238b55185-a209fa9f94ba05b1-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T11:05:10+00:00, 2024-05-06T15:18:32+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.vue-js-modal-11d3184a.js | 185.244.209.62 | | 8.1 kB |
URL v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.vue-js-modal-11d3184a.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, ASCII text, with very long lines (26717), with no line terminators Hashead4a901af60e4b8138e732f0aea9637 7c1d57d444a07553738ddcb8b6a2bee305a0c215 e6bc116e4cb54d011d2a1fa1f87ab12d1f320aa8dc54c89b1f286f2b02ee14c0
GET /_nuxt/desktop/default/vendors/plugins.vue-js-modal-11d3184a.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:36 GMT
content-type: application/javascript; charset=utf-8
content-length: 8055
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-1f77"
content-encoding: gzip
expires: Tue, 07 May 2024 14:31:59 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-43f64df53c26ef203e213167ae0e4f87-8a3f7e5aa5db84ff-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:31:59+00:00, 2024-05-06T14:47:25+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/date-fns-locale-21-290f49eb.js | 185.244.209.62 | | 2.1 kB |
URL v3.traincdn.com/_nuxt/desktop/default/date-fns-locale-21-290f49eb.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, ASCII text, with very long lines (6960), with no line terminators Hash91d17dbf833b48149a8b5d2f21895879 bd71a45fa4419ab4ddbc676f0a9cca2be05e1703 f085ff2e310ab82817411e3ed64d0902de49e149d0958cadb91d518ed5854335
GET /_nuxt/desktop/default/date-fns-locale-21-290f49eb.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:36 GMT
content-type: application/javascript; charset=utf-8
content-length: 2120
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-848"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:15 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-4d2b420788472487aaea5860324a2045-33b042efb214c3f1-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:15+00:00, 2024-05-06T16:05:35+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/DC-7e6a4aad.js | 185.244.209.62 | | 999 B |
URL v3.traincdn.com/_nuxt/desktop/default/DC-7e6a4aad.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, ASCII text, with very long lines (2336), with no line terminators Hashb44bc16cd2630bfada5ec9cbdbfcafab 43918946155d48f6cc8ecba42e2cf2cab28debd7 189ec6fd8e44cc47498706a2d2c815da1dc255040ef5ef57f5faa7c10c05ae42
GET /_nuxt/desktop/default/DC-7e6a4aad.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:37 GMT
content-type: application/javascript; charset=utf-8
content-length: 999
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-3e7"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:01 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-a88b4c8320eacb784b3bfe7d086fa19c-f5d7fc6c75c74180-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:01+00:00, 2024-05-06T14:47:26+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/seo-module-api/api/public/v1/analytics-counters?url=https:%2F%2F1xlite-461430.top&projectId=285 | 178.253.29.51 | | 141 B |
URL 1xlite-461430.top/seo-module-api/api/public/v1/analytics-counters?url=https:%2F%2F1xlite-461430.top&projectId=285 IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
Hashbd9be2fa89d26e9e6f1b2e08ffcd0ed6 90eae25ee792254c7ca97e98c5782078f9bdc37f c11510c5556799ec6bf918684e80903d08cf6237d3c4f94d32a8ebf35d067a1d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /seo-module-api/api/public/v1/analytics-counters?url=https:%2F%2F1xlite-461430.top&projectId=285 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder; platform_type=desktop; auid=sv0dM2Y53rKJcwD9AxxYAg==; SESSION=a2f5c34fdc98d4dc79ec14adc732be85; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:37 GMT
content-type: application/json
content-length: 141
cache-control: max-age=1200, must-revalidate, public, s-maxage=1800, stale-if-error=86400, stale-while-revalidate=300
x-content-digest: enebf83560af95b198ca2d2caf127b1151
age: 193
x-request-id: 501bfa6cf255c8853e47c787dcdc9eb0
x-request-guid: 501bfa6cf255c8853e47c787dcdc9eb0
x-time-ng: 0.012
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: p;dur=2.2389888763428, wf-uht;dur=
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/version.json?timestamp=1715068597025 | 178.253.29.51 | | 44 B |
URL 1xlite-461430.top/version.json?timestamp=1715068597025 IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
Hash265e4e9c948f929631d7e9bcf0d19d5b c70f40cde4e09003b980fdae5130f3695de16add 62ec6fa5c15470b882bd7e05f5651b0a265a0cb2857cffa5cbfa34b3d2cf42ba
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /version.json?timestamp=1715068597025 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder; platform_type=desktop; auid=sv0dM2Y53rKJcwD9AxxYAg==; SESSION=a2f5c34fdc98d4dc79ec14adc732be85; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:37 GMT
content-type: application/json
content-length: 44
last-modified: Mon, 06 May 2024 10:24:15 GMT
vary: Accept-Encoding
etag: "6638afcf-2c"
content-encoding: gzip
expires: Tue, 07 May 2024 07:57:37 GMT
access-control-allow-origin: *
cache-control: max-age=60, max-age=60, s-maxage=60
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.007
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Betting.Core-d4a24bae.js | 185.244.209.62 | 200 OK | 1.6 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/Betting.Core-d4a24bae.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (2425), with no line terminators Hash3a0e4a54185bcc66d2e032dd30a385eb 627755ca54def0761f25f827d5b4cb483e1ca83d e0bc5ffed1e6fd6285fea94e991fa8ec48a5f17677519c766d7ee7e757a02239
GET /_nuxt/desktop/default/Betting.Core-d4a24bae.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:37 GMT
content-type: application/javascript; charset=utf-8
content-length: 1577
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-629"
content-encoding: gzip
expires: Tue, 07 May 2024 10:54:52 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-96e8550954b56be5b58a03b24ee3e01a-86fe48a860dfbe79-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T10:54:52+00:00, 2024-05-06T10:58:28+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/consultant.supHelperV2-ef321a16.js | 185.244.209.62 | | 1.5 kB |
URL v3.traincdn.com/_nuxt/desktop/default/consultant.supHelperV2-ef321a16.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, ASCII text, with very long lines (3229), with no line terminators Hash0cc9277dab4117c9b162cc01e1f0b97f 5b7d9007e2d99d3715c5f226aadf44aa4da4332b 6d7637a83c7812813039573e9c67efbb30e4021a971c546621a397eb72ea4bd0
GET /_nuxt/desktop/default/consultant.supHelperV2-ef321a16.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:37 GMT
content-type: application/javascript; charset=utf-8
content-length: 1451
last-modified: Thu, 02 May 2024 12:52:18 GMT
etag: "66338c82-5ab"
content-encoding: gzip
expires: Sat, 04 May 2024 08:41:49 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-70b9d82485c2df14e5b9d2959dbe02d7-d8a43058c5b4fdf1-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-03T08:41:49+00:00, 2024-05-06T09:22:05+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json | 178.253.29.51 | 200 OK | 23 B |
URL POST HTTP/21xlite-461430.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hash8b3e4db4a4e4ee2a17cfe37beb1e3d85 8e445730cf1b89070abc25e397195a883b3b91e4 d6b5db589a9ce0a16c5998df5ce66ddeafd6115824ad1f9121f73f941a4308fe
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder
Content-Type: application/json
X-Lang: en
X-Uuid: 1d8a2cad-be86-425c-8e6b-3d57d24bb8f2
Content-Length: 81
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder; platform_type=desktop; auid=sv0dM2Y53rKJcwD9AxxYAg==; SESSION=a2f5c34fdc98d4dc79ec14adc732be85; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:37 GMT
content-type: application/json
content-length: 23
x-time-ng: 0.000
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.007
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/ioc.dependencies.18-dc087bc0.js | 185.244.209.62 | | 1.3 kB |
URL v3.traincdn.com/_nuxt/desktop/default/ioc.dependencies.18-dc087bc0.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (3073), with no line terminators Hash66c4eb11ec60384b198e73db080c0f32 6fb7618e384b9e01454c7b984728236f178192da b45c772a5a204e430a575b896edc43205412a5f28539c2e48c152df7669ad7cb
GET /_nuxt/desktop/default/ioc.dependencies.18-dc087bc0.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:37 GMT
content-type: application/javascript; charset=utf-8
content-length: 1321
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-529"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:15 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-ae2ab8245739267b9adbb9d2ada22abd-e81d9d64296e058f-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:15+00:00, 2024-05-06T15:01:40+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Cyber.Game/Page.NewCyber.CyberApp/Page.NewCyber.CyberChamps/Page.NewCyber.CyberDashboar/ff3e75d4-74b93b4d.js | 185.244.209.62 | | 7.4 kB |
URL v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Cyber.Game/Page.NewCyber.CyberApp/Page.NewCyber.CyberChamps/Page.NewCyber.CyberDashboar/ff3e75d4-74b93b4d.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (32231), with no line terminators Hash56a0eecb3ec4576e9abf6f8f3e2707f9 6ddfcb4b1669c1323d87906b720fe8e4c258c143 81a5331c3ce30f9e8f21bf5e69591e24dd0c77d9b69157bf0a5e2242fc299ed4
GET /_nuxt/desktop/default/vendors/Page.Cyber.Game/Page.NewCyber.CyberApp/Page.NewCyber.CyberChamps/Page.NewCyber.CyberDashboar/ff3e75d4-74b93b4d.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:37 GMT
content-type: application/javascript; charset=utf-8
content-length: 7381
last-modified: Thu, 02 May 2024 12:52:18 GMT
etag: "66338c82-1cd5"
content-encoding: gzip
expires: Sat, 04 May 2024 08:41:45 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-42139632498a389ae4a107672a20beda-890460bb6d376b3f-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-03T08:41:45+00:00, 2024-05-06T10:10:24+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/betting.SportMenuApp-bfe18bfa.js | 185.244.209.62 | | 7.7 kB |
URL v3.traincdn.com/_nuxt/desktop/default/vendors/betting.SportMenuApp-bfe18bfa.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, ASCII text, with very long lines (31337), with no line terminators Hashf9da465f4f7355523306ce6bbf89c0d5 c39974e7867bcdd6bbe385ba52c9be335afdfe6b a5ff3777031e8ee4babfe1d6a7a6fff1fb2fc0db58de71ea8202bc37a7aab0f2
GET /_nuxt/desktop/default/vendors/betting.SportMenuApp-bfe18bfa.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:37 GMT
content-type: application/javascript; charset=utf-8
content-length: 7722
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-1e2a"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:16 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-7f457847352b1dad370008ee0ce45d14-b4ed53ecd61e1692-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:16+00:00, 2024-05-06T15:01:40+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/betting.HomeSliderComponent-f347b217.js | 185.244.209.62 | 200 OK | 7.4 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/vendors/betting.HomeSliderComponent-f347b217.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (27479), with no line terminators Hash18963957c8f45d24c0819a973d362e7b 5a1846a89c5cc9e8028044ff5948bd94f428c412 d1c98b4199c034c2a115ba70268a3e536640ca8b992887df0b085d476ab1275f
GET /_nuxt/desktop/default/vendors/betting.HomeSliderComponent-f347b217.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:37 GMT
content-type: application/javascript; charset=utf-8
content-length: 7388
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-1cdc"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:16 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-4b61af6e29d93389a1fb3e668e9488d3-09f388a5073244e3-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:16+00:00, 2024-05-06T16:09:49+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/betting.SportMenuApp-1f0079e1.js | 185.244.209.62 | | 25 kB |
URL v3.traincdn.com/_nuxt/desktop/default/betting.SportMenuApp-1f0079e1.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65483), with no line terminators Hash756179b1f968d35107908086a552c869 5c1f6c8a0c1eed4246c04dac52c4b7056fc991e8 37093cd5b15bf40421db8a64625a01317d043479685d2e1f84accb8fbf992ea6
GET /_nuxt/desktop/default/betting.SportMenuApp-1f0079e1.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:37 GMT
content-type: application/javascript; charset=utf-8
content-length: 24938
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-616a"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:16 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-528c81b60f45fed9f863f56b22651c6a-44ceb6790d1c4e7c-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:16+00:00, 2024-05-06T15:01:40+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/85022173.css | 185.244.209.62 | | 1.7 kB |
URL v3.traincdn.com/_nuxt/desktop/default/css/85022173.css IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeASCII text, with very long lines (9757), with no line terminators Hashd9ff2bf37891da2be05d7fd5442113f5 419f63a7b47f983139a1cdc040707ab4b90bc255 05d90d1e2368c45cf52f0796d76035b98b8ab02ff57d218005ddffbfc20963c5
GET /_nuxt/desktop/default/css/85022173.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:37 GMT
content-type: text/css
content-length: 1731
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-6c3"
content-encoding: gzip
expires: Tue, 07 May 2024 12:55:22 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-305399637dcaa6348c3b154e792fa5e6-d8a9c39436543057-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T12:55:22+00:00, 2024-05-06T16:09:49+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/ad481252.css | 185.244.209.62 | | 3.0 kB |
URL v3.traincdn.com/_nuxt/desktop/default/css/ad481252.css IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeASCII text, with very long lines (22886), with no line terminators Hashf1e1bb557e1155bf9c70751dec445176 013c5224a1bbbf0d6603f25e31863aa90f279b40 7aa1af5184d161c5f279c0da3199cef2dfc0aac5e90cce3e880f1f89401a0a15
GET /_nuxt/desktop/default/css/ad481252.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:37 GMT
content-type: text/css
content-length: 3006
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-bbe"
content-encoding: gzip
expires: Tue, 07 May 2024 12:29:01 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-d741269192c923cd0588c27ff3dd3fe4-a79d873840ef9f6f-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T12:29:01+00:00, 2024-05-06T16:09:49+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/betting.HomeSliderComponent-b079a12e.js | 185.244.209.62 | 200 OK | 7.6 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/betting.HomeSliderComponent-b079a12e.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (24523), with no line terminators Hashdff08fc651e74f6ad7d80f2cb43e29e5 e1b0c10b245faa60623785bdefd27c9999483231 fb6ee46c49eb61f09a2dbfe856f0b41f4206323fd9dcc2dc8921ce951b9780bf
GET /_nuxt/desktop/default/betting.HomeSliderComponent-b079a12e.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:37 GMT
content-type: application/javascript; charset=utf-8
content-length: 7605
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-1db5"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:16 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-074a4cc7634c14638ebdb66224abb8e7-b362d7f378ef9e54-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:16+00:00, 2024-05-06T16:09:49+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/9f2746da.css | 185.244.209.62 | | 1.3 kB |
URL v3.traincdn.com/_nuxt/desktop/default/css/9f2746da.css IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeASCII text, with very long lines (6439), with no line terminators Hashcdd7464b2b178b37ed8a1368b6383203 0a13fc4908d91476649bb51e33d690b460a5a89c aeacff8e3f578ea2842f067e3f42d53e72a4f668cf526c60dc659bd89f5a3c6b
GET /_nuxt/desktop/default/css/9f2746da.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:37 GMT
content-type: text/css
content-length: 1305
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-519"
content-encoding: gzip
expires: Tue, 07 May 2024 12:29:01 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-b5246135da0d787ca5f377f73c85d9d4-18022650f16a5db6-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T12:29:01+00:00, 2024-05-06T16:09:49+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/526e44d9.css | 185.244.209.62 | | 459 B |
URL v3.traincdn.com/_nuxt/desktop/default/css/526e44d9.css IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeASCII text, with very long lines (1526), with no line terminators Hash97fdf5b6e7dfddf6ab251e984133b2c3 bb552fe685c52c34e0ed91e4dfaa9df2675ad086 92fcdb73c544b1f2befe78685340fd3371e920187a2232f8e4bffd73985d40e3
GET /_nuxt/desktop/default/css/526e44d9.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:37 GMT
content-type: text/css
content-length: 459
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-1cb"
content-encoding: gzip
expires: Tue, 07 May 2024 11:05:30 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-0a0680f14d916297c2ce8697804e5694-af47f4a5ad66ff02-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T11:05:30+00:00, 2024-05-06T15:37:12+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/betting.media-233f5bf5.js | 185.244.209.62 | | 17 kB |
URL v3.traincdn.com/_nuxt/desktop/default/vendors/betting.media-233f5bf5.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (41022), with NEL line terminators Hash45302df89a240c65824afccc0240c030 84573118a402aa9a4ee0321ccf3f914c438a8369 25b695450684f580508f24855ea2d181ecd499e26573010621dd4a2ddc5af16a
GET /_nuxt/desktop/default/vendors/betting.media-233f5bf5.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:37 GMT
content-type: application/javascript; charset=utf-8
content-length: 16831
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-41bf"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:16 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-0a8ea444879b24df97c54f7d6c748994-3ed5bef6957927d4-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:16+00:00, 2024-05-06T15:01:40+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/ff267c5c.css | 185.244.209.62 | | 1.5 kB |
URL v3.traincdn.com/_nuxt/desktop/default/css/ff267c5c.css IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeASCII text, with very long lines (7000), with no line terminators Hashf379bc6f4b94f34d96f6fe51159bee63 f4c0d4dbef1e1e734e84e05d75e4ff950d06eb60 b2a5bd6495250a19500dd5a6ca62f045c8b70226a668dc63ef40c78883bdae11
GET /_nuxt/desktop/default/css/ff267c5c.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:37 GMT
content-type: text/css
content-length: 1486
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-5ce"
content-encoding: gzip
expires: Tue, 07 May 2024 14:34:32 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-e7b46192c3629ff132ecd33eea70737d-fba83009fd4767a0-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:34:32+00:00, 2024-05-06T17:08:00+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/betting.media-64ed71be.js | 185.244.209.62 | | 4.7 kB |
URL v3.traincdn.com/_nuxt/desktop/default/betting.media-64ed71be.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, ASCII text, with very long lines (16761), with no line terminators Hashfda91a0dd5e8251a0c4c540d7e54ed52 3c4a6e38286708cd62ff071ccf97e73f37200728 b3c3c2ee09cf4af0164878165cd9971fbfe83a461c18ad0ef7cfc33b36b782ef
GET /_nuxt/desktop/default/betting.media-64ed71be.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:37 GMT
content-type: application/javascript; charset=utf-8
content-length: 4726
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-1276"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:16 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-0a01a2a4cc5597e5c02670a385e81676-17c4a11f23e7b4d9-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:16+00:00, 2024-05-06T15:01:40+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/betting.CentralMenuApp-a5b5de2e.js | 185.244.209.62 | | 19 kB |
URL v3.traincdn.com/_nuxt/desktop/default/betting.CentralMenuApp-a5b5de2e.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65283), with no line terminators Hash4fb1e7d0f5418f3df96622b000ebe6fb eef890c8cf6d2c72eae34e39ba2e8e6ff79c8754 fd9fede696dd12b00cc9af15ca68f1209b5fd351f5bc32052221adbbb12d8e8b
GET /_nuxt/desktop/default/betting.CentralMenuApp-a5b5de2e.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:37 GMT
content-type: application/javascript; charset=utf-8
content-length: 18960
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-4a10"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:16 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-7823cc7ad768361e28a3a7d5386f5a13-58333bd1cf8937c6-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:16+00:00, 2024-05-06T15:18:33+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/service-api/gamespreview/getbanner?whence=55&ref=1&gr=285&lng=en&fCountry=137 | 178.253.29.51 | | 176 B |
URL 1xlite-461430.top/service-api/gamespreview/getbanner?whence=55&ref=1&gr=285&lng=en&fCountry=137 IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
Hashac86deb03def477abf768a8455c8aa90 87bbc45a47946c01a6f494da652c5b1940e4a62c 6a19047f1e73a26daaac3ec171356c005d39984c931de6c0c0b4184ade05c55b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/gamespreview/getbanner?whence=55&ref=1&gr=285&lng=en&fCountry=137 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder; platform_type=desktop; auid=sv0dM2Y53rKJcwD9AxxYAg==; SESSION=a2f5c34fdc98d4dc79ec14adc732be85; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:37 GMT
content-type: application/json; charset=utf-8
content-length: 176
x-time-ng: 0.006
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.014
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/session-api/sessions/user | 178.253.29.51 | | 16 B |
URL 1xlite-461430.top/session-api/sessions/user IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
Hash646b2e82b65602d35f7aa6283c387e3a b163a70c5df8e4b0861a23a04f8a6f78393747f4 b68bf12405ee2cb5b76764df21dbc2df0953ddff4072ddc5281d1aab05e8c4ab
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /session-api/sessions/user HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder; platform_type=desktop; auid=sv0dM2Y53rKJcwD9AxxYAg==; SESSION=a2f5c34fdc98d4dc79ec14adc732be85; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:37 GMT
content-type: application/json
content-length: 16
cache-control: no-cache, private
x-time-ng: 0.002
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: p;dur=1.3659000396729, wf-uht;dur=0.014
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/88cfac66.css | 185.244.209.62 | 200 OK | 97 B |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/88cfac66.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash9deb70dd3fbdc7061ed21c5632fbc55b 22ae1cadf75b3fdd5e3e3762842b1b7a6f6e7ed8 be8196057ac43ab3882caf30239c364e1ef4ceda087e92ca87187ce239f022f9
GET /_nuxt/desktop/default/css/88cfac66.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:37 GMT
content-type: text/css
content-length: 97
last-modified: Thu, 02 May 2024 12:52:18 GMT
etag: "66338c82-61"
content-encoding: gzip
expires: Fri, 03 May 2024 15:57:32 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-6564a7e90441ecc8cd6cf6ba1af5701d-e36ed90527a63aab-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-02T15:57:32+00:00, 2024-05-06T13:27:20+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-icons/1.0.328/285/common.svg | 185.244.209.62 | | 68 kB |
URL v3.traincdn.com/sys-icons/1.0.328/285/common.svg IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeSVG Scalable Vector Graphics image Hash41f87cfcf0fc20ef56078430710379e9 2a6b1bba9c41043a24e6052230faca7d3e9aa0c4 05f204bde079f8db5438e4d466fb40543c312a4522582ba0c7787d9c12c4891b
GET /sys-icons/1.0.328/285/common.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:37 GMT
content-type: image/svg+xml
last-modified: Mon, 15 Apr 2024 07:13:32 GMT
etag: W/"7bf3e9e7d79beac942f5e7748a3af2e6"
x-amz-meta-mtime: 1713165210.217888091
content-encoding: gzip
expires: Tue, 23 Apr 2024 10:38:01 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-e4c4af7c40b673c3d0fc8d2469c9d5e4-68a6a94363157bb7-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-22T10:38:01+00:00, 2024-05-06T12:11:32+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/25e24e18.css | 185.244.209.62 | | 1.5 kB |
URL v3.traincdn.com/_nuxt/desktop/default/css/25e24e18.css IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeASCII text, with very long lines (6262), with no line terminators Hash09f1bd90913ad83743065cc13ee3e0c6 0f1d49d4ddfccf474d882839c1ac901a8c1d91e6 b0222e16baaccc20a1143166da7715bbab586f1d8d8bebf26f91e98738a55a92
GET /_nuxt/desktop/default/css/25e24e18.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:37 GMT
content-type: text/css
content-length: 1505
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-5e1"
content-encoding: gzip
expires: Tue, 07 May 2024 12:28:59 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-ea1ce2edfc78491db613e9e1dbbc46e1-f029dbb26922e4fc-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T12:28:59+00:00, 2024-05-06T16:17:02+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/bff-api/event-logo/v2/suitable.json?lang=en | 178.253.29.51 | | 2 B |
URL 1xlite-461430.top/bff-api/event-logo/v2/suitable.json?lang=en IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
Hashd751713988987e9331980363e24189ce 97d170e1550eee4afc0af065b78cda302a97674c 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /bff-api/event-logo/v2/suitable.json?lang=en HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder; platform_type=desktop; auid=sv0dM2Y53rKJcwD9AxxYAg==; SESSION=a2f5c34fdc98d4dc79ec14adc732be85; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:37 GMT
content-type: application/json
content-length: 2
cache-control: no-cache, private
server-timing: bff;dur=14.57, dt_total;dur=23.815, wf-uht;dur=0.046
traceparent: 00-3c4f36b2fcf4f8a850549a31c0dabfa6-137d5c42fc6bf07b-01
x-dt: 285
x-time-ng: 0.024
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/RegistrationWidgetApp-4b1f6e54.js | 185.244.209.62 | | 21 kB |
URL v3.traincdn.com/_nuxt/desktop/default/vendors/RegistrationWidgetApp-4b1f6e54.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash05e740893c07a5cc45b5f0f2d787dbf5 28c364157e02ce207609bca53064a4b513e8bda7 a2af38a1cec7178448ce8d1aee99190b643f50894d3d05cac2e5234caeac8e5e
GET /_nuxt/desktop/default/vendors/RegistrationWidgetApp-4b1f6e54.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:37 GMT
content-type: application/javascript; charset=utf-8
content-length: 20768
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-5120"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:16 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-5a77af82496aff08aadc8fc2f971bd35-19ff0e29bf635544-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:16+00:00, 2024-05-06T16:17:02+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/betting.coupon2-183c618c.js | 185.244.209.62 | 200 OK | 579 B |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/betting.coupon2-183c618c.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (1003), with no line terminators Hash54f54116f151f6469527d5f5c584887c 8078098cda5d50eeb285da4fc78655562f8324ed 8112adb0bbfa619109d5a6c3263e5e1761599c14b3c474b58b2f5ca512b46efb
GET /_nuxt/desktop/default/betting.coupon2-183c618c.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:37 GMT
content-type: application/javascript; charset=utf-8
content-length: 579
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-243"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:16 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-f5c215faf5d646bbb6e8acea396c5588-3c97f4f9daeb79ed-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:16+00:00, 2024-05-06T15:01:41+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/service-api/LiveFeed/GetTopGamesStatZip?lng=en&antisports=66 | 178.253.29.51 | 200 OK | 2.2 kB |
URL GET HTTP/21xlite-461430.top/service-api/LiveFeed/GetTopGamesStatZip?lng=en&antisports=66 IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hash9c47ad1d21a8bd686e00e8e4cd126430 9770ae1bdb09739672bf5d422d595c26fb1b961c 8485b83ac874d0f36d6dcee52bddba11f27c88749540b67c30260e3efb1d3fce
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/GetTopGamesStatZip?lng=en&antisports=66 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder; platform_type=desktop; auid=sv0dM2Y53rKJcwD9AxxYAg==; SESSION=a2f5c34fdc98d4dc79ec14adc732be85; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:37 GMT
content-type: application/json; charset=utf-8
content-length: 2205
cache-control: public, max-age=5
content-encoding: br
last-modified: Tue, 07 May 2024 07:56:37 GMT
vary: Accept-Encoding
x-time-ng: 0.003
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.010
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/service-api/LiveFeed/WebGetTopChampsZip?lng=en&gr=285&country=137 | 178.253.29.51 | | 65 B |
URL 1xlite-461430.top/service-api/LiveFeed/WebGetTopChampsZip?lng=en&gr=285&country=137 IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
Hasha62a3d291c25728a06f15b4ee47d5e43 7613e665c8dd639f4f8b821f8337cc4629e3d942 1e2d5a52c362e3ab706e11a3ee2454024423019bd4976d4874df7681c7468b3c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/WebGetTopChampsZip?lng=en&gr=285&country=137 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder; platform_type=desktop; auid=sv0dM2Y53rKJcwD9AxxYAg==; SESSION=a2f5c34fdc98d4dc79ec14adc732be85; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:37 GMT
content-type: application/json; charset=utf-8
content-length: 65
cache-control: no-cache
content-encoding: br
last-modified: Tue, 07 May 2024 07:56:37 GMT
vary: Accept-Encoding
x-time-ng: 0.015
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.022
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/genfiles/cms/desktop/contact/86f18367ce2829388dcdabccb99b1740.svg | 178.253.29.51 | | 263 B |
URL 1xlite-461430.top/genfiles/cms/desktop/contact/86f18367ce2829388dcdabccb99b1740.svg IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
File typeSVG Scalable Vector Graphics image Hash28e2c161800b61b985a163f5c492ae51 8845ea940210b4ccb195cca855a598e6aaa58ed0 77c93c24e4eb0f8815a7526d405818c9a38ba6e4317f1fee588fffbc00cb17de
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /genfiles/cms/desktop/contact/86f18367ce2829388dcdabccb99b1740.svg HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/en?tag=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder; platform_type=desktop; auid=sv0dM2Y53rKJcwD9AxxYAg==; SESSION=a2f5c34fdc98d4dc79ec14adc732be85; window_width=1280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:38 GMT
content-type: image/svg+xml
content-length: 263
last-modified: Fri, 23 Feb 2024 10:01:24 GMT
etag: "28e2c161800b61b985a163f5c492ae51"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/genfiles/cms/desktop/contact/dbc1950bbcc8e27b5dbec1f42635e8d0.svg | 178.253.29.51 | | 296 B |
URL 1xlite-461430.top/genfiles/cms/desktop/contact/dbc1950bbcc8e27b5dbec1f42635e8d0.svg IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
File typeSVG Scalable Vector Graphics image Hashb1bf63d00887bb0354e9d89c7d790a01 2d64ab25c9afff682abd6732f62ba62a197e972b a6a4fbbd99a0a82de03f05da827ccd9d019574bf3450727530403c2b5ce92df0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /genfiles/cms/desktop/contact/dbc1950bbcc8e27b5dbec1f42635e8d0.svg HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/en?tag=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder; platform_type=desktop; auid=sv0dM2Y53rKJcwD9AxxYAg==; SESSION=a2f5c34fdc98d4dc79ec14adc732be85; window_width=1280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:38 GMT
content-type: image/svg+xml
content-length: 296
last-modified: Fri, 23 Feb 2024 10:03:47 GMT
etag: "b1bf63d00887bb0354e9d89c7d790a01"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/genfiles/cms/desktop/contact/6726b16cfb4e516989153ce398d4a0e4.svg | 178.253.29.51 | | 506 B |
URL 1xlite-461430.top/genfiles/cms/desktop/contact/6726b16cfb4e516989153ce398d4a0e4.svg IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
File typeSVG Scalable Vector Graphics image Hash9c340eae608db0c25657b4a73d769afe 988fbf333a2e9290211cd9e6b7c98c59719012b0 b92e969acd8a1e0f9cfd1f84080ca5ccb8cb49b105299434c275a8813faf841e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /genfiles/cms/desktop/contact/6726b16cfb4e516989153ce398d4a0e4.svg HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/en?tag=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder; platform_type=desktop; auid=sv0dM2Y53rKJcwD9AxxYAg==; SESSION=a2f5c34fdc98d4dc79ec14adc732be85; window_width=1280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:38 GMT
content-type: image/svg+xml
content-length: 506
last-modified: Fri, 23 Feb 2024 10:03:36 GMT
etag: "9c340eae608db0c25657b4a73d769afe"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-icons/1.0.328/285/logos.svg | 185.244.209.62 | | 19 kB |
URL v3.traincdn.com/sys-icons/1.0.328/285/logos.svg IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeSVG Scalable Vector Graphics image Hash7e8bd1abf2a3b3b6349664b597c0c0f7 826590a1e0f339ebe3e8ef135a618794b3258d8e 9c23cd7f8ff3b26730f961590aba6e305f48f4975dc47be286bc74388cfbbc59
GET /sys-icons/1.0.328/285/logos.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:38 GMT
content-type: image/svg+xml
last-modified: Mon, 15 Apr 2024 07:13:32 GMT
etag: W/"c45fb3adb3e47bdbd03c88fc4c4309aa"
x-amz-meta-mtime: 1713165210.217888091
content-encoding: gzip
expires: Tue, 23 Apr 2024 10:38:05 GMT
cache-control: max-age=86400
x-time-ng: 0.003
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-77fbcc523075530716b9d0622b9845f3-ccc8915e5f8e364f-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-22T10:38:05+00:00, 2024-05-06T12:11:32+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| widget.suphelper.top/injector.js | 104.18.39.72 | | 77 kB |
URL widget.suphelper.top/injector.js IP104.18.39.72:0
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash83aac4ad5ef534324323094c239bf166 29a8ab509f2166a49720357c2329bffe145d7557 e9ea40220ea5792be2e5225127a90cf23c3cb18b28caac7683638a25ffe3a3ca
GET /injector.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 07:56:38 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=14400
last-modified: Thu, 02 May 2024 07:01:48 GMT
etag: W/"32e7a-18f381bf77a"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 19
expires: Tue, 07 May 2024 11:56:38 GMT
server: cloudflare
cf-ray: 87ffa792b99c568a-OSL
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/checker/redirect/stat/run/ | 178.253.29.51 | | 4.0 kB |
URL 1xlite-461430.top/checker/redirect/stat/run/ IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
Hash741934b89418d344f6b45d01fe7ddae7 2875d1bff3ba4850c36d335664cb596c17eb6fcf 488059f86ea7968767b02087d83b3e500aa5b3686e6b2522d967ff80eb6c6af9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /checker/redirect/stat/run/ HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder; platform_type=desktop; auid=sv0dM2Y53rKJcwD9AxxYAg==; SESSION=a2f5c34fdc98d4dc79ec14adc732be85; window_width=1280; _glhf=1715086374; che_g=277ff3df-2e51-ec4f-06d0-569e93b07f06
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:38 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-time-ng: 0.000
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.008
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/DownloadAppWidget-b6662b37.js | 185.244.209.62 | 200 OK | 4.1 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/DownloadAppWidget-b6662b37.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (12039), with no line terminators Hashd5bb5783c476219b31ce5582083fd74b 326b40532b72988c1d23fb931daabead75d18482 2724a816ddb0fd1234ca8cebf9db4fd60290f282fcfcb5619ffe70be9c0160b7
GET /_nuxt/desktop/default/DownloadAppWidget-b6662b37.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:38 GMT
content-type: application/javascript; charset=utf-8
content-length: 4124
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-101c"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:35 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-e8eeea38b337a4a761daaccd3edade3d-f03ba4f932194414-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:35+00:00, 2024-05-06T15:01:52+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/c160e2c3c4fe9efae0422eb3eae273e4.webp | 185.244.209.62 | | 820 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/c160e2c3c4fe9efae0422eb3eae273e4.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hashc3564e4a78f7c0d00622ad30cebbba9b 3d20e1322cf42b6113cb261708bc20b81856d0a3 076ef88422fa6575d9724cbfc25f6af092011f68a8992cd60fbe69d035fd4698
GET /resized/size16/sfiles/logo_teams/c160e2c3c4fe9efae0422eb3eae273e4.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:38 GMT
content-type: image/webp
content-length: 820
cache-control: max-age=94608000
content-disposition: inline; filename="c160e2c3c4fe9efae0422eb3eae273e4.webp"
content-security-policy: script-src 'none'
expires: Fri, 07 May 2027 07:03:24 GMT
x-request-id: 7de1c591ed4505d9ed3fd15a32cd1f41
x-time-ng: 0.028
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-d168e9819d131612be9f61036cc2b7c3-63382f4acc20269c-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T07:03:24+00:00, 2024-05-07T07:04:32+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sfiles/logo-champ/0dfc89d2253d58ea0dd40d1f17fb2af8.webp | 185.244.209.62 | | 3.7 kB |
URL v3.traincdn.com/sfiles/logo-champ/0dfc89d2253d58ea0dd40d1f17fb2af8.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hash9a95e3840ab8ac77449d48901f23a27c 0bfd3f6376b613b4d18e0aa61b5913c7ab7df027 483fb0bc1076f87f81f8febc9c2e4b29570faf4065e4ecb07b7d35810db50033
GET /sfiles/logo-champ/0dfc89d2253d58ea0dd40d1f17fb2af8.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:38 GMT
content-type: image/webp
content-length: 3682
last-modified: Sat, 28 Jan 2023 07:31:59 GMT
etag: "9a95e3840ab8ac77449d48901f23a27c"
cache-control: public, max-age=86400, public
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-248b042356fbee262441c0dd7166d0ef-c853806faa640234-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T10:37:57+00:00, 2024-05-07T05:23:35+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/976e8b74169c43d562cc4566cb368bae.webp | 185.244.209.62 | | 706 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/976e8b74169c43d562cc4566cb368bae.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hash711ea8621c0177bb5d3162fd94dc5cc2 e7122126374fd5c11a57de818025fda07e76c64d 0b72c5cac0035edf01014efd42630275220c328bf25d5c6a12add0b3ccd33424
GET /resized/size16/sfiles/logo_teams/976e8b74169c43d562cc4566cb368bae.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:38 GMT
content-type: image/webp
content-length: 706
cache-control: max-age=94608000
content-disposition: inline; filename="976e8b74169c43d562cc4566cb368bae.webp"
content-security-policy: script-src 'none'
expires: Fri, 07 May 2027 07:44:18 GMT
x-request-id: afb061d80bfa7fa2dda996361e547801
x-time-ng: 0.027
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-84dd55ac821d6a8394c668d14d40e7e3-9a7b00e7aba0a0f6-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T07:44:18+00:00, 2024-05-07T07:44:19+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/13000c25f379c5c3f970bca5130f7b21.webp | 185.244.209.62 | | 742 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/13000c25f379c5c3f970bca5130f7b21.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hash9cf1fff076429833c78ebd3ab3654874 67f100878848c6ad7cce6fdb5ddda208f7a7638f 22c9e6feac8428d89e94d346cb64a8ee8f4bc70d830312c831b21d994e417715
GET /resized/size16/sfiles/logo_teams/13000c25f379c5c3f970bca5130f7b21.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:38 GMT
content-type: image/webp
content-length: 742
cache-control: max-age=94608000
content-disposition: inline; filename="13000c25f379c5c3f970bca5130f7b21.webp"
content-security-policy: script-src 'none'
expires: Fri, 07 May 2027 07:44:18 GMT
x-request-id: 1ef983305ad911d91b3afbb9dd50660f
x-time-ng: 0.031
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-95f6b1c32c8f9a6ccc58ca2ee6046026-a3c1eb7fd03fb3e5-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T07:44:18+00:00, 2024-05-07T07:44:19+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/98df3cda9814021aa5e4b1cc477c1470.webp | 185.244.209.62 | | 864 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/98df3cda9814021aa5e4b1cc477c1470.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hashbc385140f589752a771eb8b71fe6acfc 1f365d4a159bdffd5b90bf30e2cbcef90c72e683 fdecad3590dce753716afde7314488de9cf1e2141102fc503e1b1fa7683fd625
GET /resized/size16/sfiles/logo_teams/98df3cda9814021aa5e4b1cc477c1470.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:38 GMT
content-type: image/webp
content-length: 864
cache-control: max-age=94608000
content-disposition: inline; filename="98df3cda9814021aa5e4b1cc477c1470.webp"
content-security-policy: script-src 'none'
expires: Fri, 07 May 2027 06:23:18 GMT
x-request-id: ac1ffc684a3672bed6bdb1b2617212e0
x-time-ng: 0.078
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-e8e9e082d48c43636ef6f4c7204bf2d8-44b43a465eaaec22-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T06:23:18+00:00, 2024-05-07T06:23:19+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/bbc4212bfd173cd4f0b097832c744832.webp | 185.244.209.62 | | 678 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/bbc4212bfd173cd4f0b097832c744832.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hash570529bd10bcb908c65e61abad1cad24 66a661cebc2a1213d021597fac4d6f277227a8aa d2659b526e1736bc936458e22e686820c47ad258b641514773f91feb7bb31c5b
GET /resized/size16/sfiles/logo_teams/bbc4212bfd173cd4f0b097832c744832.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:38 GMT
content-type: image/webp
content-length: 678
cache-control: max-age=94608000
content-disposition: inline; filename="bbc4212bfd173cd4f0b097832c744832.webp"
content-security-policy: script-src 'none'
expires: Fri, 07 May 2027 06:23:19 GMT
x-request-id: e26095af6c2928d22b652ac40acacf69
x-time-ng: 0.040
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-f35aa9c30283d02872bb3782d77a6233-7e2dd3050ae6a90d-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T06:23:19+00:00, 2024-05-07T06:23:19+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/430705.webp | 185.244.209.62 | | 622 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/430705.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hasha77bb757329de3126171cd6a8615b7dd a4024534b6be04355a67c410e7753549c3189f1c 4cbb73f5b4f8c2ff2df030dfd4123d60a0d841c795e0fed943a2924cdf9f4db4
GET /resized/size16/sfiles/logo_teams/430705.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:38 GMT
content-type: image/webp
content-length: 622
cache-control: max-age=94608000
content-disposition: inline; filename="430705.webp"
content-security-policy: script-src 'none'
expires: Wed, 05 May 2027 20:43:01 GMT
x-request-id: 227ac2e2a282b1ced8cc2c7a84e9f5a7
x-time-ng: 0.027
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-4404c4edf864ea7a97601fc3bbf39e34-3a2139e150950bf9-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-05T20:43:01+00:00, 2024-05-05T21:03:21+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/784a997603da4be13c9a37255f0630ed.webp | 185.244.209.62 | | 722 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/784a997603da4be13c9a37255f0630ed.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hasha7c8b4530253f01717fa3931eafda5f1 27d260d85e2fe9bdb0a05d3def2c1d5b3c07f70c eb1facddc06852c5c56c460733af5c799dedd3cb0bb0e5f27dfe5f2c786b825f
GET /resized/size16/sfiles/logo_teams/784a997603da4be13c9a37255f0630ed.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:38 GMT
content-type: image/webp
content-length: 722
cache-control: max-age=94608000
content-disposition: inline; filename="784a997603da4be13c9a37255f0630ed.webp"
content-security-policy: script-src 'none'
expires: Mon, 03 May 2027 07:09:44 GMT
x-request-id: 01c26655fc27fb91d48dec421ed8f2c0
x-time-ng: 0.041
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-ceb5557bfa21376f976c47d5512a89c3-3954e9fe1ffe9302-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-03T07:09:44+00:00, 2024-05-05T21:03:21+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/777041.webp | 185.244.209.62 | | 612 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/777041.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hashaa7c290828039a855a059b5e53442f17 079ed4d5ba69a0be8181fe07770df749d8a2138c c1e5d54c34101affd40eb43cac8113a9b088a0bfbaf5934a9acf1e4fe7800933
GET /resized/size16/sfiles/logo_teams/777041.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:38 GMT
content-type: image/webp
content-length: 612
cache-control: max-age=94608000
content-disposition: inline; filename="777041.webp"
content-security-policy: script-src 'none'
expires: Wed, 05 May 2027 20:36:34 GMT
x-request-id: d7e55020d7e2023b18c6039a0bbc0da7
x-time-ng: 0.038
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-29e282fdaff2ebe7330e34f797309c29-f92b8ed6914918ea-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-05T20:36:34+00:00, 2024-05-05T21:03:20+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/86bd8341acf17b60b9c0bfe058d5de3e.webp | 185.244.209.62 | | 708 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/86bd8341acf17b60b9c0bfe058d5de3e.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hash61de4008d9e7756856988221cdac6edb ab3b22a8165ea79c307445c8df2e747d6c03562a bfb8bc3ee6436040000ea39dd89e7c0c1439efa9c15e1752314d17c09dc0708f
GET /resized/size16/sfiles/logo_teams/86bd8341acf17b60b9c0bfe058d5de3e.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:38 GMT
content-type: image/webp
content-length: 708
cache-control: max-age=94608000
content-disposition: inline; filename="86bd8341acf17b60b9c0bfe058d5de3e.webp"
content-security-policy: script-src 'none'
expires: Tue, 04 May 2027 20:27:03 GMT
x-request-id: d2a41664821325242d060b487c071853
x-time-ng: 0.096
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-27a54f4f5741b066c268936a38c0ceb8-8f86bcde5fa339e9-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-04T20:27:03+00:00, 2024-05-05T21:03:21+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/b245376e893ffb2b23ed809b5e7511e8.webp | 185.244.209.62 | | 550 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/b245376e893ffb2b23ed809b5e7511e8.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hashbe6b6df78f95309623fd7698c7c35726 664172988d1d10cf662a9534f4f98fea42466dd7 9f59b55cd8cb17c9293331a6ff74b1bc4d23fdf03079a6dc9531f2428d8a23b2
GET /resized/size16/sfiles/logo_teams/b245376e893ffb2b23ed809b5e7511e8.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:38 GMT
content-type: image/webp
content-length: 550
cache-control: max-age=94608000
content-disposition: inline; filename="b245376e893ffb2b23ed809b5e7511e8.webp"
content-security-policy: script-src 'none'
expires: Tue, 04 May 2027 20:27:03 GMT
x-request-id: 456a23db0eb46e198eb078ed86458d81
x-time-ng: 0.070
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-5a36079977fa34ce164af77c2f368ce4-6ca41308ffa0fe87-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-04T20:27:03+00:00, 2024-05-05T21:03:21+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/8f4cef351b6802098c83b0fa5179c415.webp | 185.244.209.62 | | 692 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/8f4cef351b6802098c83b0fa5179c415.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hash0dfe172b3c7250698c2b9f828d24cde4 943bc6b254d18218c6c140e1c9396b7da775aef5 bdd91cf723adc621fccf3f7e6d0f3928076acbf4deac7874d9e98a2d17223e55
GET /resized/size16/sfiles/logo_teams/8f4cef351b6802098c83b0fa5179c415.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:38 GMT
content-type: image/webp
content-length: 692
cache-control: max-age=94608000
content-disposition: inline; filename="8f4cef351b6802098c83b0fa5179c415.webp"
content-security-policy: script-src 'none'
expires: Wed, 05 May 2027 20:36:34 GMT
x-request-id: 21399d5b0b02f89f9a3263a94d4a0721
x-time-ng: 0.024
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-46d46f12eca60a5650616245e724d602-959ca51c70b2848b-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-05T20:36:34+00:00, 2024-05-05T21:03:21+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/21e96e94a20be89476d6bc4cd3e17487.webp | 185.244.209.62 | | 704 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/21e96e94a20be89476d6bc4cd3e17487.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hashedb5c4151092632e108c301a7f9ad186 4f659112a673f9d00995b7bddb45af3bb7f4a91b 0eb36ee4160449d745e8d660274bdee45821cbecde0bafa3231d72ebe75d1e1d
GET /resized/size16/sfiles/logo_teams/21e96e94a20be89476d6bc4cd3e17487.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:38 GMT
content-type: image/webp
content-length: 704
cache-control: max-age=94608000
content-disposition: inline; filename="21e96e94a20be89476d6bc4cd3e17487.webp"
content-security-policy: script-src 'none'
expires: Tue, 04 May 2027 20:27:03 GMT
x-request-id: 3daedf5680e03a9759599a54ba73dd91
x-time-ng: 0.083
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-d16e448df8449cec66a4845728784074-31721c5fd9c3443f-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-04T20:27:03+00:00, 2024-05-05T21:03:21+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/4788878dca0f5c261addd232f2543917.webp | 185.244.209.62 | | 744 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/4788878dca0f5c261addd232f2543917.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hash9bb427532c019c0f22c174d94726ff19 962d4b3657b0a62158cd3db705b19067152b78c4 8774ae990f5d2b521c08192976368a352914c40aea8e2e40bac8fa1c3c9f4b68
GET /resized/size16/sfiles/logo_teams/4788878dca0f5c261addd232f2543917.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:38 GMT
content-type: image/webp
content-length: 744
cache-control: max-age=94608000
content-disposition: inline; filename="4788878dca0f5c261addd232f2543917.webp"
content-security-policy: script-src 'none'
expires: Tue, 04 May 2027 17:25:32 GMT
x-request-id: eabdb790ea2a68580d15ed657ee94add
x-time-ng: 0.048
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-d1c75139ceed43fb138e25f726ab9c24-64b638c37121fec2-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-04T17:25:32+00:00, 2024-05-05T21:03:21+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/871935.webp | 185.244.209.62 | | 624 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/871935.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hash53f4d3e69bfdd8f7b233103559d8e70f 30af144145e331651b0d27accb2c796c07af6aaf 6d26b125826253512eed7e696ce956ff9e388b8c098a57334b121032cc01a8ec
GET /resized/size16/sfiles/logo_teams/871935.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:38 GMT
content-type: image/webp
content-length: 624
cache-control: max-age=94608000
content-disposition: inline; filename="871935.webp"
content-security-policy: script-src 'none'
expires: Tue, 04 May 2027 23:24:27 GMT
x-request-id: 7dedbb8e3423d05f972bc7b465f54da0
x-time-ng: 0.041
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-4a041d121126f2b2ccc23e1ac9171570-8fba96efb76d7060-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-04T23:24:27+00:00, 2024-05-05T17:56:39+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/0e6469e93da435d062073f66c1513d5d.webp | 185.244.209.62 | | 678 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/0e6469e93da435d062073f66c1513d5d.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hash4684d698e854254e3eb0532ab0f20252 3c0a9053e9ac0243bb7dffb9c7ff84d03af84be5 329c25be67d6daebaee6618321d4a43ced39d0c9251bbe48c7b71c94c420ccd9
GET /resized/size16/sfiles/logo_teams/0e6469e93da435d062073f66c1513d5d.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:38 GMT
content-type: image/webp
content-length: 678
cache-control: max-age=94608000
content-disposition: inline; filename="0e6469e93da435d062073f66c1513d5d.webp"
content-security-policy: script-src 'none'
expires: Wed, 05 May 2027 08:55:12 GMT
x-request-id: 87665d9f6f50430655b855fee2f622df
x-time-ng: 0.035
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-56948fbc448db6e483e2314b9fd1950c-74835425f1a60800-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-05T08:55:12+00:00, 2024-05-05T17:56:39+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/1811085.webp | 185.244.209.62 | | 572 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/1811085.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hash14c39a1cd7f364b0c63dd33701f3120d 74e87ae363a8a651caa06bea31d5c8380282ea92 e84e73f110ade47ae68c7dbdc72faf328b4a4d6130e2aaa918414f11452578f6
GET /resized/size16/sfiles/logo_teams/1811085.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:38 GMT
content-type: image/webp
content-length: 572
cache-control: max-age=94608000
content-disposition: inline; filename="1811085.webp"
content-security-policy: script-src 'none'
expires: Thu, 06 May 2027 17:43:23 GMT
x-request-id: 66eabaaf983287b9743cb66d99abcd48
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-fe0d36aabc8a0c7b203bfbc336a3dfa3-a7ec67f9c225f7b7-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T17:43:23+00:00, 2024-05-07T00:39:30+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/9c229b4017ea1bca9f7780117ebaeb9e.webp | 185.244.209.62 | | 560 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/9c229b4017ea1bca9f7780117ebaeb9e.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hash9c61bb9071bbe3049ec4072055ae9aa7 6bf1e270f92c1f6045aef30f8e4c0791e4551a0e 0bb4cd7596244b5813bcb0b808eb5f209d18813981d43801cfbdb0d56c25c54e
GET /resized/size16/sfiles/logo_teams/9c229b4017ea1bca9f7780117ebaeb9e.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:38 GMT
content-type: image/webp
content-length: 560
cache-control: max-age=94608000
content-disposition: inline; filename="9c229b4017ea1bca9f7780117ebaeb9e.webp"
content-security-policy: script-src 'none'
expires: Tue, 04 May 2027 19:53:43 GMT
x-request-id: 5ab4f3ea7914ec1c9bf06c1c3fe892d0
x-time-ng: 0.089
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-63354f58dd20968f49af7a4d8f4dbf27-6d441b9009a68d97-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-04T19:53:43+00:00, 2024-05-05T05:07:18+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/19449.webp | 185.244.209.62 | | 622 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/19449.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hashd36fa0689743ea4f2908c297199cfc63 25c750976cd6c8923e0249a1b2a632360fff2380 d1562e9ed17683b279d9c9227147ea915cd367c3cf70cb2fadfc9a3fe971681e
GET /resized/size16/sfiles/logo_teams/19449.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:38 GMT
content-type: image/webp
content-length: 622
cache-control: max-age=94608000
content-disposition: inline; filename="19449.webp"
content-security-policy: script-src 'none'
expires: Wed, 05 May 2027 08:55:12 GMT
x-request-id: 9657c998026a05f8fe01e003b4599c8e
x-time-ng: 0.051
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-6bf86163ae2f4593fef7fc63e576eafa-6b6a701c9eb8081d-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-05T08:55:12+00:00, 2024-05-05T17:56:39+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/0d00f86f7dc2c6425816fe7dbd3ad440.webp | 185.244.209.62 | 200 OK | 598 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/0d00f86f7dc2c6425816fe7dbd3ad440.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash348839b8fd97d54cc1f5b8415010c5a4 70b41b100482d436a90f7b964376ae565700f2ad 64b9bf0f4fd8298ae87ed60000a7fe133067f07881a54cf3ba08bf2901df496a
GET /resized/size16/sfiles/logo_teams/0d00f86f7dc2c6425816fe7dbd3ad440.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:38 GMT
content-type: image/webp
content-length: 598
cache-control: max-age=94608000
content-disposition: inline; filename="0d00f86f7dc2c6425816fe7dbd3ad440.webp"
content-security-policy: script-src 'none'
expires: Wed, 05 May 2027 08:55:12 GMT
x-request-id: e0c8150a77a68bc0bf1a94ff59f12a21
x-time-ng: 0.050
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-5f1c903ec91b64d0103ba126954ad135-999dd23693a2b88c-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-05T08:55:12+00:00, 2024-05-05T17:56:39+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/0956315a02a2848c72bdf1e906936fea.webp | 185.244.209.62 | | 734 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/0956315a02a2848c72bdf1e906936fea.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hashe91d3c82625b0db8f71ce7a834807fd1 cba872f84a9dfad6177c0297417290dcb05b9a65 a4181429b5e096f716c21e7ae72d62cc501e67348723f98aba305e4125e7deaa
GET /resized/size16/sfiles/logo_teams/0956315a02a2848c72bdf1e906936fea.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:39 GMT
content-type: image/webp
content-length: 734
cache-control: max-age=94608000
content-disposition: inline; filename="0956315a02a2848c72bdf1e906936fea.webp"
content-security-policy: script-src 'none'
expires: Fri, 07 May 2027 07:01:37 GMT
x-request-id: 2615053247992eea344be7f772af8a53
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-3c1042ce247970596dbf5df50e316aaa-d2d537d284ac26a6-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T07:01:37+00:00, 2024-05-07T07:02:14+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true | 178.253.29.51 | | 8.3 kB |
URL 1xlite-461430.top/service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
Hash006b6c55886b4dd22425c6407c5f5430 bc73466861d1ffb60b60dfbd93e171bddcf98856 f1cdef354ae5df7e15f96525168ab053e54630026d3d2505cc33cac7a2cf4a88
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder; platform_type=desktop; auid=sv0dM2Y53rKJcwD9AxxYAg==; SESSION=a2f5c34fdc98d4dc79ec14adc732be85; window_width=1280; _glhf=1715086374; che_g=277ff3df-2e51-ec4f-06d0-569e93b07f06; application_locale=en
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:39 GMT
content-type: application/json; charset=utf-8
content-length: 8262
cache-control: public, max-age=5
content-encoding: br
last-modified: Tue, 07 May 2024 07:56:39 GMT
vary: Accept-Encoding
x-time-ng: 0.013
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.022
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/ff09be90.css | 185.244.209.62 | | 705 B |
URL v3.traincdn.com/_nuxt/desktop/default/css/ff09be90.css IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeASCII text, with very long lines (4705), with no line terminators Hash2b6cccff5325f6e14ccd6ec354319cd6 f4ec05fc468d3daddec1a3d825c29a55ce4b2050 a153e31a0350b58aad71597632348e14c954738845b58f05ca04b8212dbaca38
GET /_nuxt/desktop/default/css/ff09be90.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:39 GMT
content-type: text/css
content-length: 705
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-2c1"
content-encoding: gzip
expires: Tue, 07 May 2024 14:41:31 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-11cff44b1d320781087905bb2483adb0-2d17d490f57d8291-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:41:31+00:00, 2024-05-07T06:06:35+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/betting.SportsMenuCompact-e547fa93.js | 185.244.209.62 | | 2.3 kB |
URL v3.traincdn.com/_nuxt/desktop/default/betting.SportsMenuCompact-e547fa93.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, ASCII text, with very long lines (7751), with no line terminators Hash3078429361b9801527b7f4deb1ff2633 c0bf69639f54697d7fcf5ee8ed06072a629b3fff 3042f5f56a8fae2d232bd88071179a50133e8d90fd11ec2f52259b23d8e0cb5a
GET /_nuxt/desktop/default/betting.SportsMenuCompact-e547fa93.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:39 GMT
content-type: application/javascript; charset=utf-8
content-length: 2295
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-8f7"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:43 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-9629775fc9ff60643b68f83e3413d442-47942ec7e0eb20d7-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:43+00:00, 2024-05-06T16:25:54+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sfiles/games-images/game-previews/190x102/games-no-faceless.webp | 185.244.209.62 | 200 OK | 6.9 kB |
URL GET HTTP/2v3.traincdn.com/sfiles/games-images/game-previews/190x102/games-no-faceless.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 380x204, Scaling: [none]x[none], YUV color, decoders should clamp Hashb7304b532dca88cc708b1c81edf7e051 d9ca9db864badb40bcab6d846ba7110413a339d3 324b9021e7fa1a227b418f5b0707e174d86aa20decea945eab3cea41aac8d2ca
GET /sfiles/games-images/game-previews/190x102/games-no-faceless.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:39 GMT
content-type: application/octet-stream
content-length: 6884
last-modified: Thu, 31 Aug 2023 08:11:01 GMT
etag: "b7304b532dca88cc708b1c81edf7e051"
x-amz-meta-origin-date-iso8601: 2023-08-31T08:04:10.000Z
expires: Tue, 14 Nov 2023 18:21:42 GMT
cache-control: max-age=86400, public
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-5cce0478ca1f6b0a15f5977a5723b62f-bc0efa01dfad3f75-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-17T18:59:15+00:00, 2024-05-07T07:17:16+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sfiles/games-images/game-previews/190x102/game-58.webp | 185.244.209.62 | | 8.9 kB |
URL v3.traincdn.com/sfiles/games-images/game-previews/190x102/game-58.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 380x204, Scaling: [none]x[none], YUV color, decoders should clamp Hash7a49dad906575c61dd636edbe1201479 d4bf0fbfadca8c6d3a7ec8f3d34d08fced98a21d 0e0cd085244f6272acfa6794d90e32685fa203973e85c62fa96f02cddf7172c6
GET /sfiles/games-images/game-previews/190x102/game-58.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:39 GMT
content-type: application/octet-stream
content-length: 8880
last-modified: Thu, 31 Aug 2023 08:11:00 GMT
etag: "7a49dad906575c61dd636edbe1201479"
x-amz-meta-origin-date-iso8601: 2023-08-31T08:03:42.000Z
expires: Tue, 14 Nov 2023 18:21:44 GMT
cache-control: max-age=86400, public
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-426000907be5c9c21555b3eaa96cff06-4671acbdbf537459-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-17T19:17:28+00:00, 2024-05-07T07:17:16+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sfiles/games-images/game-previews/190x102/game-371.webp | 185.244.209.62 | | 6.2 kB |
URL v3.traincdn.com/sfiles/games-images/game-previews/190x102/game-371.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 380x204, Scaling: [none]x[none], YUV color, decoders should clamp Hash64ff358fd3a82358542d29d53649dd85 0a15b0731a9468fe49e3b512febe91d951ef6156 a9ae35f930c0bf59e407a0c082347049ae11738d330df4e32f4b2b1129d1470c
GET /sfiles/games-images/game-previews/190x102/game-371.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:39 GMT
content-type: application/octet-stream
content-length: 6158
last-modified: Thu, 31 Aug 2023 08:10:58 GMT
etag: "64ff358fd3a82358542d29d53649dd85"
x-amz-meta-origin-date-iso8601: 2023-08-31T08:04:04.000Z
expires: Tue, 14 Nov 2023 18:22:10 GMT
cache-control: max-age=86400, public
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-d353c40ebe5b2eb70f9200a356f0849e-87b2ca2b708fc595-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-17T19:17:28+00:00, 2024-05-07T07:17:16+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sfiles/games-images/game-previews/190x102/game-249.webp | 185.244.209.62 | | 20 kB |
URL v3.traincdn.com/sfiles/games-images/game-previews/190x102/game-249.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 380x204, Scaling: [none]x[none], YUV color, decoders should clamp Hash2c02d34e261b48da9db2682ad433c5e8 e6b9618ac0040910f755a6f24dcb2f5500bb9aca d8db064ea1623849ccee86b27bdb7825aa0dc452293576de352f9269af60ecfe
GET /sfiles/games-images/game-previews/190x102/game-249.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:39 GMT
content-type: application/octet-stream
content-length: 19770
last-modified: Thu, 31 Aug 2023 08:10:56 GMT
etag: "2c02d34e261b48da9db2682ad433c5e8"
x-amz-meta-origin-date-iso8601: 2023-08-31T08:04:00.000Z
expires: Tue, 14 Nov 2023 18:22:10 GMT
cache-control: max-age=86400, public
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-a3b90ace16119b74d963f80c29fb772d-cd03475aec2af308-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-17T19:17:28+00:00, 2024-05-07T07:17:16+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sfiles/games-images/game-previews/190x102/game-69.webp | 185.244.209.62 | | 4.3 kB |
URL v3.traincdn.com/sfiles/games-images/game-previews/190x102/game-69.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 380x204, Scaling: [none]x[none], YUV color, decoders should clamp Hash8c2b80027d3818f6bc91227418589ee6 c6d3c4595860bd3d685e4ddea5d4610a6f642a9b cec387d33e94b8222d71031dbda50143a7ea2e1470d2c96c9e147aa4c4a43960
GET /sfiles/games-images/game-previews/190x102/game-69.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:39 GMT
content-type: application/octet-stream
content-length: 4256
last-modified: Thu, 31 Aug 2023 08:11:01 GMT
etag: "8c2b80027d3818f6bc91227418589ee6"
x-amz-meta-origin-date-iso8601: 2023-08-31T08:03:42.000Z
expires: Tue, 14 Nov 2023 18:22:10 GMT
cache-control: max-age=86400, public
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-491f3b8da3ce31ae8aa4cd681ca9c6a2-a52e603b9a659f7e-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-17T19:23:21+00:00, 2024-05-06T11:38:39+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/service-api/LineFeed/GetSportsShortZip?lng=en&country=137&virtualSports=true&gr=285&groupChamps=true | 178.253.29.51 | 200 OK | 2.1 kB |
URL GET HTTP/21xlite-461430.top/service-api/LineFeed/GetSportsShortZip?lng=en&country=137&virtualSports=true&gr=285&groupChamps=true IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hash62c93797739be3159535fc0af898c367 a73556d1a0935e1ee811d52fed5108cabe44601d 5c9166fd3bde80e2c8fed1f87740273b29178c4deeca9c7fb4f7665f451fc6d1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LineFeed/GetSportsShortZip?lng=en&country=137&virtualSports=true&gr=285&groupChamps=true HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder; platform_type=desktop; auid=sv0dM2Y53rKJcwD9AxxYAg==; SESSION=a2f5c34fdc98d4dc79ec14adc732be85; window_width=1280; _glhf=1715086374; che_g=277ff3df-2e51-ec4f-06d0-569e93b07f06; application_locale=en
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:39 GMT
content-type: application/json; charset=utf-8
content-length: 2062
cache-control: public, max-age=5
content-encoding: br
last-modified: Tue, 07 May 2024 07:56:39 GMT
vary: Accept-Encoding
x-time-ng: 0.070
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.077
X-Firefox-Spdy: h2
|
|
| widget.suphelper.top/_next/static/chunks/pages/index-ed7cd77912c6e3a9.js | 104.18.39.72 | | 50 kB |
URL widget.suphelper.top/_next/static/chunks/pages/index-ed7cd77912c6e3a9.js IP104.18.39.72:0
File typegzip compressed data, from Unix Hashb4d129500981a3161aba03d100e4123f 905b4f7facc8447ca3938e3fe92780363b171722 988e248a89c01ed28ddc4a20d6f20865022ea2d8d3a0f91a687e9ddcf9a1ff9d
GET /_next/static/chunks/pages/index-ed7cd77912c6e3a9.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 07:56:40 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Wed, 24 Apr 2024 22:20:24 GMT
etag: W/"1a2b2-18f12321a97"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 570526
expires: Wed, 07 May 2025 07:56:40 GMT
server: cloudflare
cf-ray: 87ffa79ed9c6568a-OSL
X-Firefox-Spdy: h2
|
|
| widget.suphelper.top/sounds/new-message.mp3 | 104.18.39.72 | 200 OK | 30 kB |
URL GET HTTP/2widget.suphelper.top/sounds/new-message.mp3 IP104.18.39.72:443
Requested byhttps://widget.suphelper.top/ CertificateIssuerGoogle Trust Services LLC Subjectsuphelper.top Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36 ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT
File typeMPEG ADTS, layer III, v1, 192 kbps, 48 kHz, JntStereo Hashef9af24dc7dbd24ffd99c832e1300351 f78744a5013038446c468de14f205f2d52373fd6 5049d7fe87a7327a291441181d1a328a15f46a21081b970502c540406011c9b9
GET /sounds/new-message.mp3 HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 07:56:41 GMT
content-type: audio/mpeg
content-length: 29952
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=14400
last-modified: Thu, 02 May 2024 07:01:48 GMT
etag: W/"7500-18f381bf786"
cf-cache-status: HIT
age: 382
expires: Tue, 07 May 2024 11:56:41 GMT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ffa7a8ad1c568a-OSL
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/betstemplates/bets_model_full_en_0.json | 185.244.209.62 | | 12 kB |
URL v3.traincdn.com/genfiles/cms/betstemplates/bets_model_full_en_0.json IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typegzip compressed data, max speed, from Unix Hash3e5f65d23c3c24e05c9f59e91917de9c 5547cfb9315fcc99837f45eebd3e959e49a28c51 31dea28de69d58ba82e30f927f69afca78e7d4e4b73c53e52c273a3c3351a45d
GET /genfiles/cms/betstemplates/bets_model_full_en_0.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:40 GMT
content-type: application/json
last-modified: Thu, 02 May 2024 09:18:58 GMT
etag: W/"65c4f8441dea9f78c50a9fc7029f9193"
content-encoding: gzip
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-3cafbc509f7e307a6bb5df2cfce0873e-63bf5a12af742c86-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-02T10:43:17+00:00, 2024-05-07T07:37:30+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-icons/1.0.328/285/sports.svg | 185.244.209.62 | 200 OK | 309 kB |
URL GET HTTP/2v3.traincdn.com/sys-icons/1.0.328/285/sports.svg IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Size309 kB (309203 bytes) Hashc64f385c6c0bfd2bf8cfdd32db3aeb51 eeea23047458abc800073dfb10211fafa2891d74 924424255571381f1e50bac4759538fe8e561656808c715d51513dcada200684
GET /sys-icons/1.0.328/285/sports.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:39 GMT
content-type: image/svg+xml
last-modified: Mon, 15 Apr 2024 07:13:32 GMT
etag: W/"0c52e0c32f8f2667a72e0d57b63e02a3"
x-amz-meta-mtime: 1713165210.217888091
content-encoding: gzip
expires: Tue, 23 Apr 2024 10:38:02 GMT
cache-control: max-age=86400
x-time-ng: 0.004
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-eaabf0de6f7d4d530d27a832d99dd05a-d90273a41c7c93e2-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-22T10:38:02+00:00, 2024-05-06T13:30:36+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/banner/1ef232ab28e984c65ad109ade8b650ed.webp | 185.244.209.62 | | 16 kB |
URL v3.traincdn.com/genfiles/cms/1/desktop/banner/1ef232ab28e984c65ad109ade8b650ed.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1380x248, Scaling: [none]x[none], YUV color, decoders should clamp Hash99937fec94322155d99465451e84e5f4 0549b153f8e34c242f71817a038f7ebad37d27be d35bc328538e182310574b3ff1d58134efedc49c9f3dbb43ec6df65fed624f33
GET /genfiles/cms/1/desktop/banner/1ef232ab28e984c65ad109ade8b650ed.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:42 GMT
content-type: image/webp
content-length: 15874
last-modified: Fri, 26 Apr 2024 11:44:53 GMT
etag: "99937fec94322155d99465451e84e5f4"
x-time-ng: 0.002
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-7ca0f758ae5ab762d1b0f2a209b59157-1758e6c3f874f8be-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-26T11:45:30+00:00, 2024-05-07T07:17:17+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/banner/bf26d696b76130d9781b16f89f1de4cc.webp | 185.244.209.62 | | 20 kB |
URL v3.traincdn.com/genfiles/cms/1/desktop/banner/bf26d696b76130d9781b16f89f1de4cc.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1380x248, Scaling: [none]x[none], YUV color, decoders should clamp Hash95767496ab1dce71f394c97620666756 127389c7327fec508549222dd477edbd524e33dd fca493b566204dfff5ef8b8cd6c74c40659c812ac6665696dd5c66c664a31c7e
GET /genfiles/cms/1/desktop/banner/bf26d696b76130d9781b16f89f1de4cc.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:42 GMT
content-type: image/webp
content-length: 20522
last-modified: Thu, 08 Jun 2023 18:05:27 GMT
etag: "95767496ab1dce71f394c97620666756"
x-time-ng: 0.006
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-60fcf412e6b73823119bc78651106bf5-916c2bdf67851ded-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-02-27T14:22:50+00:00, 2024-05-07T07:17:17+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/banner/37725dd3160e2621f084de11d4417228.webp | 185.244.209.62 | | 18 kB |
URL v3.traincdn.com/genfiles/cms/1/desktop/banner/37725dd3160e2621f084de11d4417228.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1380x248, Scaling: [none]x[none], YUV color, decoders should clamp Hashb7e3857cdc8cbde71f63af81a61f5cfb deeb62ea6e9b702bb9e3f395483c3c00445adcf8 786e67817e82780aaeb0d2bca1e57e06fff5ae9fa89b2747b1af57913886e25f
GET /genfiles/cms/1/desktop/banner/37725dd3160e2621f084de11d4417228.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:42 GMT
content-type: image/webp
content-length: 17490
last-modified: Wed, 21 Jun 2023 09:54:55 GMT
etag: "b7e3857cdc8cbde71f63af81a61f5cfb"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-1f063496a77992c638272589aa371b43-c71f0afce517a538-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-02-27T15:26:35+00:00, 2024-05-07T07:17:17+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/banner/8c83a62ae8afe0aa371618f02b8e4a01.webp | 185.244.209.62 | | 28 kB |
URL v3.traincdn.com/genfiles/cms/1/desktop/banner/8c83a62ae8afe0aa371618f02b8e4a01.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1380x248, Scaling: [none]x[none], YUV color, decoders should clamp Hash77673f5b9062ff0a3565cba49941a954 f1c6d769ad6f256677c8558f06c4ee98d8e403d3 e78791dcbada0412db798159d9e781f2a50c12f04be4d0a4ecf96a617ec8b33b
GET /genfiles/cms/1/desktop/banner/8c83a62ae8afe0aa371618f02b8e4a01.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:42 GMT
content-type: image/webp
content-length: 27922
last-modified: Thu, 05 Oct 2023 10:29:56 GMT
etag: "77673f5b9062ff0a3565cba49941a954"
x-time-ng: 0.002
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-2a0eb961f8d8f54c3a52d6f02f57c07c-b86bc338d32add8d-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-02-27T14:22:50+00:00, 2024-05-07T07:09:35+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size14/sfiles/logo_teams/2e936269094c0ba90ea9404123f94cb9.webp | 185.244.209.62 | | 786 B |
URL v3.traincdn.com/resized/size14/sfiles/logo_teams/2e936269094c0ba90ea9404123f94cb9.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hash88ad825ad1b2ca3f4057f32503545ca5 677f73e6638a1a15e2c9c7c69e53fa11c2aae4fe c9bc7805ff86c69b6e04087ec75769f3b7e88adf27c8129d7f466af61af87709
GET /resized/size14/sfiles/logo_teams/2e936269094c0ba90ea9404123f94cb9.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:43 GMT
content-type: image/webp
content-length: 786
cache-control: max-age=94608000
content-disposition: inline; filename="2e936269094c0ba90ea9404123f94cb9.webp"
content-security-policy: script-src 'none'
expires: Fri, 07 May 2027 06:13:37 GMT
x-request-id: 6dafcffa3fb2c59fce7783e5a9bc185b
x-time-ng: 0.026
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-79ea6485d7cf6f127e6034b496796238-a996a464cfd0a376-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T06:13:37+00:00, 2024-05-07T07:34:36+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| widget.suphelper.top/_next/static/chunks/0c294a17-329dda05de2a378d.js | 104.18.39.72 | | 2.5 kB |
URL widget.suphelper.top/_next/static/chunks/0c294a17-329dda05de2a378d.js IP104.18.39.72:0
File typegzip compressed data, from Unix Hash3cc8515bda69aac6c0987f3ad9a8e31c 90ce80ecfae2b9f11366c5843c4a3839fa99396a 2383851f2c0e3296d1dd230209c0330adcd54fb49929998f3345ed75c700920d
GET /_next/static/chunks/0c294a17-329dda05de2a378d.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 07:56:40 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Wed, 17 Jan 2024 06:19:55 GMT
etag: W/"2925-18d161388b8"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 570526
expires: Wed, 07 May 2025 07:56:40 GMT
server: cloudflare
cf-ray: 87ffa79eb96e568a-OSL
X-Firefox-Spdy: h2
|
|
| widget.suphelper.top/_next/static/chunks/pages/_app-9c47c295eecaa68a.js | 104.18.39.72 | | 291 kB |
URL widget.suphelper.top/_next/static/chunks/pages/_app-9c47c295eecaa68a.js IP104.18.39.72:0
File typegzip compressed data, from Unix Size291 kB (291175 bytes) Hash084ffbe405e11df9a92aad2740f878a6 49e1a904d88254515b7066fd66510e9661103ca1 ba6022b39136c45c9ff253f08f73ec33f5bd4be8d360ec1702c405958a876707
GET /_next/static/chunks/pages/_app-9c47c295eecaa68a.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 07:56:40 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Thu, 02 May 2024 07:01:48 GMT
etag: W/"f8027-18f381bf92a"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 434950
expires: Wed, 07 May 2025 07:56:40 GMT
server: cloudflare
cf-ray: 87ffa79e9926568a-OSL
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true | 178.253.29.51 | | 120 kB |
URL 1xlite-461430.top/service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
Size120 kB (120019 bytes) Hash9c1741ba399ad4e499e3c6014ed85563 167fad4c0e78b731a38c9ad399be49d55b4b8520 b85baa0062a068f2fe2b2e99ba07be372026fa887011d632a711cf5bf734318f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder; platform_type=desktop; auid=sv0dM2Y53rKJcwD9AxxYAg==; SESSION=a2f5c34fdc98d4dc79ec14adc732be85; window_width=1280; _glhf=1715086374; che_g=277ff3df-2e51-ec4f-06d0-569e93b07f06; application_locale=en
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:39 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=5
last-modified: Tue, 07 May 2024 07:56:39 GMT
x-time-ng: 0.018
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.026
X-Firefox-Spdy: h2
|
|
| widget.suphelper.top/_next/static/chunks/663-81a4add2f1c95639.js | 104.18.39.72 | | 108 kB |
URL widget.suphelper.top/_next/static/chunks/663-81a4add2f1c95639.js IP104.18.39.72:0
File typegzip compressed data, from Unix Size108 kB (108407 bytes) Hashc3e8709269df9d959a46677cc4087073 7304af115fa0b103aaf48aeea6bf2f8b7627f55d 3651f2afa60655e13c76a85d6ec47ee34c373dfed48e4b6b50d2053873af37f6
GET /_next/static/chunks/663-81a4add2f1c95639.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 07:56:40 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Thu, 28 Mar 2024 06:56:31 GMT
etag: W/"5b0da-18e83d890e3"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 570526
expires: Wed, 07 May 2025 07:56:40 GMT
server: cloudflare
cf-ray: 87ffa79ed9b8568a-OSL
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/e2d0be2a4ce9cfbc3e90b497c1abd0ef.webp | 185.244.209.62 | | 608 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/e2d0be2a4ce9cfbc3e90b497c1abd0ef.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hash2a8b3bf80806a677749f66e254c672e4 c21e9fced54ddf3fbf06131e097ae9119543592d 5f4c8042226c75dd6579f453022349e1e685955a84ac7dc30d39948f4ba8baf0
GET /resized/size16/sfiles/logo_teams/e2d0be2a4ce9cfbc3e90b497c1abd0ef.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:44 GMT
content-type: image/webp
content-length: 608
cache-control: max-age=94608000
content-disposition: inline; filename="e2d0be2a4ce9cfbc3e90b497c1abd0ef.webp"
content-security-policy: script-src 'none'
expires: Tue, 20 Apr 2027 15:11:55 GMT
x-request-id: 1dd81a9a7a19ce305cda81b166d08f09
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-5e0da01f2f8cab7c20eae54ba2aa3ab1-51cb99d1cfee131a-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-20T15:11:55+00:00, 2024-04-21T18:24:14+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/shared-assets/__shared_localforage_PLMWICWN.js | 185.244.209.62 | | 12 kB |
URL v3.traincdn.com/sys-static/shared-assets/__shared_localforage_PLMWICWN.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typegzip compressed data, max speed, from Unix Hashc6f74910fa3625870fb157d6f70e0afb a6666effb412d1d587aa89a0ac09c3f1dbaa59d9 4b95f4755d913f37087044f87ee6da7abbad18c86534ee270d4eb334360b38b3
GET /sys-static/shared-assets/__shared_localforage_PLMWICWN.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:43 GMT
content-type: text/javascript; charset=utf-8
last-modified: Mon, 06 May 2024 14:40:26 GMT
etag: W/"dfa127e93d125d4f6c566203eaf225f2"
x-amz-meta-mtime: 1715006282.054749806
content-encoding: gzip
expires: Tue, 07 May 2024 15:18:11 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-216f26bfa31912774bd7ec65949567c5-509e9640dacba944-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T15:18:11+00:00, 2024-05-06T16:00:49+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/5c99116269cdf61a42b7479bc77baefb.webp | 185.244.209.62 | 200 OK | 584 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/5c99116269cdf61a42b7479bc77baefb.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash577f47679f53067aea288fffc4354ab7 490443414e2b94d417e147abf0bb48349d150edb 5bc25b1ab00d734cd425ee41c2234f02cd1739f9934ac91dfbc93e7d45235b53
GET /resized/size16/sfiles/logo_teams/5c99116269cdf61a42b7479bc77baefb.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:44 GMT
content-type: image/webp
content-length: 584
cache-control: max-age=94608000
content-disposition: inline; filename="5c99116269cdf61a42b7479bc77baefb.webp"
content-security-policy: script-src 'none'
expires: Wed, 28 Apr 2027 10:47:14 GMT
x-request-id: e904583afa47e5c253d7f2bc7b729803
x-time-ng: 0.073
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-407509a7fdb6b2a045f2932222b7e665-c0d2b16c1a65ac0b-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-28T10:47:14+00:00, 2024-04-30T14:56:45+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/df7e8ffba7584c7d6e8d30032ca12527.webp | 185.244.209.62 | | 594 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/df7e8ffba7584c7d6e8d30032ca12527.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hash718fbb9eb4e0b2b85f62e307c1508bd2 89094b776577c714656de1d78723316a674ba429 8495eb1cd1bb56645b4a7ea0e6a7a3648a0a64d0cc5daf0681954a5bcd7e7172
GET /resized/size16/sfiles/logo_teams/df7e8ffba7584c7d6e8d30032ca12527.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:44 GMT
content-type: image/webp
content-length: 594
cache-control: max-age=94608000
content-disposition: inline; filename="df7e8ffba7584c7d6e8d30032ca12527.webp"
content-security-policy: script-src 'none'
expires: Tue, 04 May 2027 17:25:55 GMT
x-request-id: 349accac3d13aace199ef8fbe4af3595
x-time-ng: 0.076
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-d5b904e05da5ef3c27c1254709c71eaa-c6b7e63d28079a07-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-04T17:25:55+00:00, 2024-05-05T21:06:40+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| widget.suphelper.top/_next/static/f385e6db/_buildManifest.js | 104.18.39.72 | | 867 B |
URL widget.suphelper.top/_next/static/f385e6db/_buildManifest.js IP104.18.39.72:0
File typegzip compressed data, from Unix Hasha522e2a9aec80cc4ae0a9af550b75148 d6217c166619999008ee0805941b0d3640e506b8 d4e15bfa54305704337cb9f5809d273c6d1320a23cae015cb5ea7633a5042df2
GET /_next/static/f385e6db/_buildManifest.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 07:56:40 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Thu, 02 May 2024 07:01:48 GMT
etag: W/"207-18f381bf92a"
vary: Accept-Encoding
cf-cache-status: HIT
age: 434944
expires: Wed, 07 May 2025 07:56:40 GMT
server: cloudflare
cf-ray: 87ffa79ed9c9568a-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/c1e8a0176d15c3422de80009ed771b55.webp | 185.244.209.62 | | 660 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/c1e8a0176d15c3422de80009ed771b55.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hash06572c5aebaaab4af3f01ba3079e09eb 944708c7ee817900eecc6569e7dea5613a2a7309 072e6b50e863f40e4d3f854419204911f3b735c0e4147277722ab7a6d3b5e0d1
GET /resized/size16/sfiles/logo_teams/c1e8a0176d15c3422de80009ed771b55.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:44 GMT
content-type: image/webp
content-length: 660
cache-control: max-age=94608000
content-disposition: inline; filename="c1e8a0176d15c3422de80009ed771b55.webp"
content-security-policy: script-src 'none'
expires: Sun, 02 May 2027 14:20:45 GMT
x-request-id: 42f5a78dfe5e299c04c3730715df6b60
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-b97b7faba92ba5059ed35795071a6362-dd2a490ff5d0e525-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-02T14:20:45+00:00, 2024-05-05T21:06:40+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/7d8648bcb1883abeec83f1292e52819a.webp | 185.244.209.62 | | 784 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/7d8648bcb1883abeec83f1292e52819a.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hasha30f5eeaa542f15042b79418b5cea3af f5a7359f28149b66804de9d31306a5f3368963e9 6ce13a766ae93a94e3d125f839fe38db43dcb2029d01c9c5f3682ded2faf6526
GET /resized/size16/sfiles/logo_teams/7d8648bcb1883abeec83f1292e52819a.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:44 GMT
content-type: image/webp
content-length: 784
cache-control: max-age=94608000
content-disposition: inline; filename="7d8648bcb1883abeec83f1292e52819a.webp"
content-security-policy: script-src 'none'
expires: Wed, 28 Apr 2027 08:51:59 GMT
x-request-id: 5816e3c5d0480c68c9d9d6ca89192599
x-time-ng: 0.072
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-85668f5976fe485effd9b3ead55373cb-a4d4c351b5cf665b-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-28T08:51:59+00:00, 2024-05-07T06:19:05+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/d1414bc726b387a615941a672f2b2f74.webp | 185.244.209.62 | | 784 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/d1414bc726b387a615941a672f2b2f74.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hasha30f5eeaa542f15042b79418b5cea3af f5a7359f28149b66804de9d31306a5f3368963e9 6ce13a766ae93a94e3d125f839fe38db43dcb2029d01c9c5f3682ded2faf6526
GET /resized/size16/sfiles/logo_teams/d1414bc726b387a615941a672f2b2f74.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:44 GMT
content-type: image/webp
content-length: 784
cache-control: max-age=94608000
content-disposition: inline; filename="d1414bc726b387a615941a672f2b2f74.webp"
content-security-policy: script-src 'none'
expires: Wed, 05 May 2027 18:52:35 GMT
x-request-id: a7535d516bb92d0abd7ad278fb4e6f5a
x-time-ng: 0.041
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-d082effce62327a563e6c45ec3c4ea90-b70712600efe61c2-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-05T18:52:35+00:00, 2024-05-07T07:01:28+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/7c6f6a8d652b220d6d094d2bca1832e7.webp | 185.244.209.62 | 200 OK | 658 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/7c6f6a8d652b220d6d094d2bca1832e7.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashbed3a00d19fe9c0894ab144da2503744 51c31a5b02bd61660252a01be1341424c12ae984 303076fd79de72d7eec8d66224831f535b6b10473b651d18d5f2de0e9f812a5f
GET /resized/size16/sfiles/logo_teams/7c6f6a8d652b220d6d094d2bca1832e7.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:44 GMT
content-type: image/webp
content-length: 658
cache-control: max-age=94608000
content-disposition: inline; filename="7c6f6a8d652b220d6d094d2bca1832e7.webp"
content-security-policy: script-src 'none'
expires: Fri, 07 May 2027 06:53:30 GMT
x-request-id: 15397713e79c1ae4ac9c2c141f19f338
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-17706af4351d6dcedf9799ef74968677-f974f7afde858348-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T06:53:30+00:00, 2024-05-07T06:53:34+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/7d80b427b1ad1c6fcf0d392ce6297b36.webp | 185.244.209.62 | | 702 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/7d80b427b1ad1c6fcf0d392ce6297b36.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hash3707396fdf24d41aa23ab10db5e877fe 7f918907e8109f2e69adf8009d019408d71664cc fc996e01a56c88b6d799cbb7f23f9993b26b96669fe0beebc0e6dba92f5bdd6c
GET /resized/size16/sfiles/logo_teams/7d80b427b1ad1c6fcf0d392ce6297b36.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:44 GMT
content-type: image/webp
content-length: 702
cache-control: max-age=94608000
content-disposition: inline; filename="7d80b427b1ad1c6fcf0d392ce6297b36.webp"
content-security-policy: script-src 'none'
expires: Fri, 07 May 2027 06:53:30 GMT
x-request-id: 1476678b8e3911c54d2060785e67c4a6
x-time-ng: 0.025
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-2ee46a6b330064ee8698b23408727910-7a473ba32eb521c2-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T06:53:30+00:00, 2024-05-07T07:01:28+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/fe5680e857894808a5e58dfec2b93bc3.webp | 185.244.209.62 | | 754 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/fe5680e857894808a5e58dfec2b93bc3.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hash387d6080b2bfe2fa34589a25b2ff7b7f 9cc0f04bc33befeea1bd120f75837fe89d80939c 2491ea631065dfbf9c0f640346a0844f3f0edb96279ba1fa23e9b052c5553025
GET /resized/size16/sfiles/logo_teams/fe5680e857894808a5e58dfec2b93bc3.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:44 GMT
content-type: image/webp
content-length: 754
cache-control: max-age=94608000
content-disposition: inline; filename="fe5680e857894808a5e58dfec2b93bc3.webp"
content-security-policy: script-src 'none'
expires: Fri, 07 May 2027 06:08:13 GMT
x-request-id: 96aad0edb659926b7a26c1e27f494933
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-a6907f1273c848c3e2de2808ba17ef81-bc11ddae1bc7c3cc-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T06:08:13+00:00, 2024-05-07T06:08:16+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/329c6f41ba7160ae66b88945a6ec0ae7.webp | 185.244.209.62 | 200 OK | 726 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/329c6f41ba7160ae66b88945a6ec0ae7.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash90daeb58fc2fe2a68c98eeca07e6735f 0b308ca372b50dce6ed80398185844bb43021bf7 fb94eb8582464d06ffb9035234b6dbcf2b81d5b2f7ae5b2a8a7e110360b58343
GET /resized/size16/sfiles/logo_teams/329c6f41ba7160ae66b88945a6ec0ae7.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:44 GMT
content-type: image/webp
content-length: 726
cache-control: max-age=94608000
content-disposition: inline; filename="329c6f41ba7160ae66b88945a6ec0ae7.webp"
content-security-policy: script-src 'none'
expires: Fri, 07 May 2027 06:08:13 GMT
x-request-id: d79523689f9aee75c5550698ce52fbf5
x-time-ng: 0.050
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-bf5f9975a9cbea0f3092fa5fec117c1b-14be5cf3da3b035e-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T06:08:13+00:00, 2024-05-07T06:08:16+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/2e936269094c0ba90ea9404123f94cb9.webp | 185.244.209.62 | | 838 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/2e936269094c0ba90ea9404123f94cb9.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hash5569a70d1845300f20539b2891c664be 77418222f5dd6d35d90b61cc437263f6beeb2be7 75418394dd63ea1bc0aa048ab5734c6853e2582b0b9aa2c15c5b9b247f1cf84a
GET /resized/size16/sfiles/logo_teams/2e936269094c0ba90ea9404123f94cb9.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:44 GMT
content-type: image/webp
content-length: 838
cache-control: max-age=94608000
content-disposition: inline; filename="2e936269094c0ba90ea9404123f94cb9.webp"
content-security-policy: script-src 'none'
expires: Fri, 07 May 2027 06:13:35 GMT
x-request-id: cc2913b557cf35e9c217cbaa00a31a73
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-196d044ea4ff0dcc9558235c6c15a565-4e94cac5266565c8-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T06:13:35+00:00, 2024-05-07T06:13:38+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/899888592bee454f8870b4d4d306f999.webp | 185.244.209.62 | 200 OK | 806 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/899888592bee454f8870b4d4d306f999.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashcb238aa5890755e6780bd9b840a80ecf 219dc403310ced921d788673dd2c1853cb4e668e c0861bead4af58fa4ee662e14abfb6caca7d83e11e5e7a55df4a5fa2becd7979
GET /resized/size16/sfiles/logo_teams/899888592bee454f8870b4d4d306f999.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:44 GMT
content-type: image/webp
content-length: 806
cache-control: max-age=94608000
content-disposition: inline; filename="899888592bee454f8870b4d4d306f999.webp"
content-security-policy: script-src 'none'
expires: Fri, 07 May 2027 06:13:35 GMT
x-request-id: e822c4e1e25bb06784f0066413a27e9b
x-time-ng: 0.050
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-ebb30e3a061baebaf6b61030667c72ce-992b69c131bdf042-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T06:13:35+00:00, 2024-05-07T06:13:37+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/1268.webp | 185.244.209.62 | | 568 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/1268.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hash0bf9a85dfb54a5ee9d0ca9f69058d0c1 6ced9e9659effb94f48da5ee077cdcc02d34c0ae 98174b227aeec9b6171ba4fd5eebf83aecb3c93874c7d2c14e72f72924ae1d40
GET /resized/size16/sfiles/logo_teams/1268.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:44 GMT
content-type: image/webp
content-length: 568
cache-control: max-age=94608000
content-disposition: inline; filename="1268.webp"
content-security-policy: script-src 'none'
expires: Wed, 05 May 2027 16:48:28 GMT
x-request-id: 151eb054c467efd429637e9325c24bdb
x-time-ng: 0.055
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-5e7d3c0a394eaf2118698b5d0ac51ee2-e85e110015174737-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-05T16:48:28+00:00, 2024-05-06T09:42:03+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/9c061aa5583430b3ea2b25d5a9af7a16.webp | 185.244.209.62 | | 638 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/9c061aa5583430b3ea2b25d5a9af7a16.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hash446c5bc07a7bc37fe6c2c80a1c61a7bb 8fc14a2304382bf3e6a9f1aaebfe4ac826187be5 468ed6027619ea5d4b1817917d30c9de8671180ac070f21a3001331e58b54a63
GET /resized/size16/sfiles/logo_teams/9c061aa5583430b3ea2b25d5a9af7a16.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:44 GMT
content-type: image/webp
content-length: 638
cache-control: max-age=94608000
content-disposition: inline; filename="9c061aa5583430b3ea2b25d5a9af7a16.webp"
content-security-policy: script-src 'none'
expires: Wed, 05 May 2027 16:48:28 GMT
x-request-id: 3437b02581ba763c81bf80797011366d
x-time-ng: 0.028
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-f2552b401b41dcc42dd7d30be0faacc5-6ab7a86c2205c589-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-05T16:48:28+00:00, 2024-05-06T09:42:04+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/28ef6e79333e238487f5c45f458c4dea.webp | 185.244.209.62 | | 638 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/28ef6e79333e238487f5c45f458c4dea.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hashe71aeea88308e5ec903ddbd73956ab25 da59c64d542f051b71b7f4bb628f89c15ef0c9ef b6f4ec66a671972f216948ae6cbb4ae020c05ccb44d10d36cad81b29fe30ce50
GET /resized/size16/sfiles/logo_teams/28ef6e79333e238487f5c45f458c4dea.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:44 GMT
content-type: image/webp
content-length: 638
cache-control: max-age=94608000
content-disposition: inline; filename="28ef6e79333e238487f5c45f458c4dea.webp"
content-security-policy: script-src 'none'
expires: Tue, 04 May 2027 22:19:38 GMT
x-request-id: c7fa6d80c800af750a6f8e5eb8e0032d
x-time-ng: 0.074
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-91348c554a68b13d0a87a3ca50773c6a-7c3e6238605659ff-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-04T22:19:38+00:00, 2024-05-06T12:04:16+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/2a83f6aa304e42353f670a9e7503ab7e.webp | 185.244.209.62 | 200 OK | 666 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/2a83f6aa304e42353f670a9e7503ab7e.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashf0ddd87f319b6ce520d74a2498ee269f 12ba7b26f80a2fc8a7b28667609fa62bb6ab7bb1 5daf7ab93307ad3eed7d91adae2a9a7f58c1033a5ed37ec1744794fd7fb6f6e2
GET /resized/size16/sfiles/logo_teams/2a83f6aa304e42353f670a9e7503ab7e.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:44 GMT
content-type: image/webp
content-length: 666
cache-control: max-age=94608000
content-disposition: inline; filename="2a83f6aa304e42353f670a9e7503ab7e.webp"
content-security-policy: script-src 'none'
expires: Tue, 04 May 2027 21:51:57 GMT
x-request-id: 18d9b463a4e8144082d70176b284b25a
x-time-ng: 0.047
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-61100b9e981583a931cb704418661235-d90126778679d37a-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-04T21:51:57+00:00, 2024-05-06T07:55:16+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/a5a66ba3da5dd791ef02bc95e1b011bd.webp | 185.244.209.62 | | 568 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/a5a66ba3da5dd791ef02bc95e1b011bd.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hash76d6e4ed959b08f7e95273254adaf5ed d7b796d60e8184703946b436f115f2bd8f988aa9 5e6b25f17bd56cc8a9c872d0331249d1a9ee3de12b6648e5b43f112ce6b567c7
GET /resized/size16/sfiles/logo_teams/a5a66ba3da5dd791ef02bc95e1b011bd.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:44 GMT
content-type: image/webp
content-length: 568
cache-control: max-age=94608000
content-disposition: inline; filename="a5a66ba3da5dd791ef02bc95e1b011bd.webp"
content-security-policy: script-src 'none'
expires: Wed, 05 May 2027 02:11:26 GMT
x-request-id: 97826346afcdc4a034df460d1556b29a
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-458b5c68a28215f53eaf0617dbbc6575-308b81df952b3112-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-05T02:11:26+00:00, 2024-05-06T09:30:12+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/d2b928260edd80e03a82b2a1d024da02.webp | 185.244.209.62 | | 576 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/d2b928260edd80e03a82b2a1d024da02.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hash604f1a208d377b01d47034c62cd087f6 38b0ecd98197a14124a4a8cc5505d5adebcb9e36 c65b618c626bd6667fb15624f6467a9f296edf793fb15a10826fa37fbc613315
GET /resized/size16/sfiles/logo_teams/d2b928260edd80e03a82b2a1d024da02.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:44 GMT
content-type: image/webp
content-length: 576
cache-control: max-age=94608000
content-disposition: inline; filename="d2b928260edd80e03a82b2a1d024da02.webp"
content-security-policy: script-src 'none'
expires: Thu, 06 May 2027 19:44:15 GMT
x-request-id: 03a261f0129ae6385adb156ed27373aa
x-time-ng: 0.058
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-f91035b6762c0e34877caab6887e79d5-1827911fd2e8737a-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T19:44:15+00:00, 2024-05-07T07:39:34+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/shared-assets/__shared_vue_deps_OVKZGHR6.js | 185.244.209.62 | 200 OK | 49 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/shared-assets/__shared_vue_deps_OVKZGHR6.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Hashb6dff49b0c76e74e21c1080bcb70bfe5 7b90c0f24a48d00d6cb4533f300245e9bf0b94f4 702887066b2cd5d5b4b91283bfe46957ab1a06ba4c55758dc866e5fd738f6287
GET /sys-static/shared-assets/__shared_vue_deps_OVKZGHR6.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:43 GMT
content-type: text/javascript; charset=utf-8
last-modified: Mon, 06 May 2024 10:22:32 GMT
etag: W/"39ee2eb3f7c493e991990cc0353dba17"
x-amz-meta-mtime: 1714990874.149504817
content-encoding: gzip
expires: Tue, 07 May 2024 12:42:06 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-81d85e06b0a80ee649c1ab84e6fa8ec8-c59f54998aa049e8-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T12:42:06+00:00, 2024-05-06T12:50:28+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/e5eb737e.css | 185.244.209.62 | | 1.1 kB |
URL v3.traincdn.com/_nuxt/desktop/default/css/e5eb737e.css IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeASCII text, with very long lines (5171), with no line terminators Hash5d231bea9b7df6bc1e9e74e3c0a231e1 2ef607f0c766fff1b4b1e90a2d98e7094c81721e c43fd428fe6e9d25ddf385a1cf03891194126ebf9e83d086af655272e815445b
GET /_nuxt/desktop/default/css/e5eb737e.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:44 GMT
content-type: text/css
content-length: 1050
last-modified: Thu, 02 May 2024 12:52:18 GMT
etag: "66338c82-41a"
content-encoding: gzip
expires: Sat, 04 May 2024 08:09:06 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-c7ff2d6b305314c151f145ae1a0d6b2e-9212c718142c645f-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-03T08:09:06+00:00, 2024-05-06T12:41:57+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| widget.suphelper.top/_next/static/chunks/webpack-fb94d2f19425a3e3.js | 104.18.39.72 | 200 OK | 11 kB |
URL GET HTTP/2widget.suphelper.top/_next/static/chunks/webpack-fb94d2f19425a3e3.js IP104.18.39.72:443
Requested byhttps://widget.suphelper.top/ CertificateIssuerGoogle Trust Services LLC Subjectsuphelper.top Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36 ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT
File typeJavaScript source, ASCII text, with very long lines (43717), with no line terminators Hash0b0e0769a5159d64612ddcebd90567df efffcb1e88895556620e7ae83cbd5a2f58cea361 e072a8d2c2504e87be8a33f9f9cdcfaa6bdb200fce14eacd064a8c836647a807
GET /_next/static/chunks/webpack-fb94d2f19425a3e3.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 07:56:40 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://file-hosting-api-stage.kube.prod.cons.lan https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Thu, 09 Nov 2023 06:03:45 GMT
etag: W/"ed0-18bb2adf0eb"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 566245
expires: Wed, 07 May 2025 07:56:40 GMT
server: cloudflare
cf-ray: 87ffa79e88ec568a-OSL
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/60c7aeb54494.js | 185.244.209.62 | | 715 B |
URL v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/60c7aeb54494.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJava source, ASCII text, with very long lines (714) Hash0a4d6d7efa89ba140b62c6aee5e8fc6f 9e5b132d8df77dc2fe824cf30a362084400f23c5 60e4e95557382dcdc956e8e80595030789aedfcf6c9f2ff90e92c5f4a2631e0d
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/60c7aeb54494.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:45 GMT
content-type: text/javascript; charset=utf-8
content-length: 715
last-modified: Wed, 01 May 2024 08:21:41 GMT
etag: "0a4d6d7efa89ba140b62c6aee5e8fc6f"
x-amz-meta-mtime: 1714551564.671873539
expires: Thu, 02 May 2024 15:21:02 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-a66d6f250c8e1c120aca0499bc23b477-02a7e0850793bf33-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-01T15:21:02+00:00, 2024-05-06T19:19:56+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/bff-api/config/all.json?lang=en | 178.253.29.51 | | 40 kB |
URL 1xlite-461430.top/bff-api/config/all.json?lang=en IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
Hashe5721063d4948de2186ff16f646c0ec6 c0edcfd0a6768897f0a1e403528efd1894058f16 1b27041470537ab2c5f631fb60627f0ddfe01a829c7ef88309a5db3c72643ae0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /bff-api/config/all.json?lang=en HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
x-geoip2-country-code: ru
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder; platform_type=desktop; auid=sv0dM2Y53rKJcwD9AxxYAg==; SESSION=a2f5c34fdc98d4dc79ec14adc732be85; window_width=1280; _glhf=1715086374; che_g=277ff3df-2e51-ec4f-06d0-569e93b07f06; application_locale=en; sh.session.id=2f059054-1edc-45d1-9f6c-be2b21cfc178; ggru=181
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:45 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: br
server-timing: bff;dur=188.41, dt_total;dur=191.030, wf-uht;dur=0.208
traceparent: 00-105c25c785f93077f539273c53a15864-7b60a23ca8160cac-01
vary: Accept-Encoding
x-dt: 285
x-time-ng: 0.191
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/e8b8c79f9b52.js | 185.244.209.62 | | 504 B |
URL v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/e8b8c79f9b52.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJava source, ASCII text, with very long lines (503) Hash5387051085dcc459e7077d5d8000b85d d22afab6c65228f0056f66e4f150783f6014e36b 34377c13fd72112cac96fba3642f084661361aea701a70ba3702c82c9bb42790
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/e8b8c79f9b52.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:45 GMT
content-type: text/javascript; charset=utf-8
content-length: 504
last-modified: Wed, 01 May 2024 08:21:42 GMT
etag: "5387051085dcc459e7077d5d8000b85d"
x-amz-meta-mtime: 1714551564.675873475
expires: Thu, 02 May 2024 15:20:53 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-4f9a3bf8c39999c7bcc1ba56f05abbd5-ddd464380b5650fc-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-01T15:20:53+00:00, 2024-05-06T19:19:56+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/cb22691ee4d9.js | 185.244.209.62 | | 731 B |
URL v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/cb22691ee4d9.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJava source, ASCII text, with very long lines (730) Hashbd6d9e7b07e097eb950f4b8bd6ada2b4 d332a4f5771e4f6d2cd47cd94ff85c5eb5847418 ea2bfc78a76204b704ee4ff215cfd6be3c7edb98b6c6e77501c5dbb88f261ea5
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/cb22691ee4d9.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:45 GMT
content-type: text/javascript; charset=utf-8
content-length: 731
last-modified: Wed, 01 May 2024 08:21:42 GMT
etag: "bd6d9e7b07e097eb950f4b8bd6ada2b4"
x-amz-meta-mtime: 1714551564.675873475
expires: Thu, 02 May 2024 15:20:53 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-c266fcdedbfc6cd40bbbe02c7c9928e2-60354fb92d4370fb-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-01T15:20:53+00:00, 2024-05-06T16:17:06+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-icons/1.0.328/285/country.svg | 185.244.209.62 | | 62 kB |
URL v3.traincdn.com/sys-icons/1.0.328/285/country.svg IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typegzip compressed data, max speed, from Unix Hash4f4c4f102b41c84a6227671e3ac4026c 5463a1687cd4532a30d30da12b4f8507f2f7996a 6841314a828bb729e978b087de21ebd6e68df5dcac2920f6d4ee882d23439c2f
GET /sys-icons/1.0.328/285/country.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:44 GMT
content-type: image/svg+xml
last-modified: Mon, 15 Apr 2024 07:13:32 GMT
etag: W/"60caf0d666af828706b3d83c428a31e4"
x-amz-meta-mtime: 1713165210.217888091
content-encoding: gzip
expires: Tue, 23 Apr 2024 10:38:03 GMT
cache-control: max-age=86400
x-time-ng: 0.003
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-19c2d447a1f0b310ce9f56e30083b5e0-3276029b982dfa81-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-22T10:38:03+00:00, 2024-05-06T12:41:57+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/web-api/session | 178.253.29.51 | | 0 B |
URL 1xlite-461430.top/web-api/session IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /web-api/session HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder; platform_type=desktop; auid=sv0dM2Y53rKJcwD9AxxYAg==; SESSION=a2f5c34fdc98d4dc79ec14adc732be85; window_width=1280; _glhf=1715086374; che_g=277ff3df-2e51-ec4f-06d0-569e93b07f06; application_locale=en; sh.session.id=2f059054-1edc-45d1-9f6c-be2b21cfc178; ggru=181
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Tue, 07 May 2024 07:56:45 GMT
cache-control: no-cache, private
server-timing: p;dur=15, dt_total;dur=32.433, wf-uht;dur=0.040
traceparent: 00-b2c085ad7bac9268d60bbec4f5de4a10-2ea415c5e7478f49-01
x-dt: 285
x-time-ng: 0.023
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/03e03ebafcdc.js | 185.244.209.62 | | 372 B |
URL v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/03e03ebafcdc.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJava source, ASCII text, with very long lines (371) Hash441a6448f5a4242779baf6fc1399b13e b646aa02b2ed08c1590c6f4536341cb2e51a4f1c 0eede7ea7bad647cc90b8044489561c58d2d5865e88ecc59a572589c6ccea6b7
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/03e03ebafcdc.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:45 GMT
content-type: text/javascript; charset=utf-8
content-length: 372
last-modified: Wed, 01 May 2024 08:21:41 GMT
etag: "441a6448f5a4242779baf6fc1399b13e"
x-amz-meta-mtime: 1714551564.667873602
expires: Thu, 02 May 2024 15:20:56 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-7bc729d6da2d30d5576f5e2ea2c5d45f-48bd34b944b29643-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-01T15:20:56+00:00, 2024-05-06T16:17:06+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/3083a20a3f73c30fce38710d7ada9cbb.svg | 185.244.209.62 | | 28 kB |
URL v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/3083a20a3f73c30fce38710d7ada9cbb.svg IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typegzip compressed data, max speed, from Unix Hash7b12603d83a508e07e0c99f048eef539 948c91d6903a39d18729bf2ac14599a7bd09d22b f94e72e68848990035c58c3c794f199576a1e23a5c70d056e9c6cf0d98c6b275
GET /genfiles/cms/1-285/desktop/media_asset/3083a20a3f73c30fce38710d7ada9cbb.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:40 GMT
content-type: image/svg+xml
last-modified: Wed, 19 Apr 2023 11:51:30 GMT
etag: W/"3ae81b002dca46d3b732ce3e03ae35c6"
content-encoding: gzip
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
x-cached-since: 2023-12-18T08:36:11+00:00
traceparent: 00-08e85b27e4b24c321819f46b23359e0c-701be2b889aac3b1-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/7bd3bc288fd4.js | 185.244.209.62 | | 450 B |
URL v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/7bd3bc288fd4.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeASCII text, with very long lines (449) Hash056ce527a12544a37f984ac598be2344 6946b65cf1c68960e5f9ac0900a0df66a13e7e85 cd7cdf53c803ca43a37171180d14c2374e45ab347d309f9b83a107b9ad9b4ed1
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/7bd3bc288fd4.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:45 GMT
content-type: text/javascript; charset=utf-8
content-length: 450
last-modified: Wed, 01 May 2024 08:21:41 GMT
etag: "056ce527a12544a37f984ac598be2344"
x-amz-meta-mtime: 1714551564.671873539
expires: Fri, 03 May 2024 08:43:57 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-c72cc20fe46c3a6c5074f64ff60816b2-835771ae39e9a860-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-02T08:43:57+00:00, 2024-05-06T17:55:56+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/betstemplates/bets_model_short_en_0.json | 185.244.209.62 | 200 OK | 26 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/betstemplates/bets_model_short_en_0.json IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Hash52a262579c150a0c4a815c8367eff7a6 698ce7d92bc6f0920118ac597428cdffb235057d 64c323dd88854d7d638fd0be8dcefdef3041a3955f46f9295eb164709b9871d0
GET /genfiles/cms/betstemplates/bets_model_short_en_0.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:43 GMT
content-type: application/json
last-modified: Thu, 02 May 2024 09:18:51 GMT
etag: W/"d3e39abc76f19e176765d21ac9e70c5c"
content-encoding: gzip
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-5141d2b8b358a4fb8193bd8f96e24c7b-ea3433909856c141-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-02T10:49:13+00:00, 2024-05-07T07:00:43+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/web-api/default/img/icons/pixels2.svg?v=1715068604 | 178.253.29.51 | | 2.8 kB |
URL 1xlite-461430.top/web-api/default/img/icons/pixels2.svg?v=1715068604 IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
File typePNG image data, 1 x 1, 8-bit/color RGB, non-interlaced Hash77157c81ac148c8ebdeec3122b334561 a6c93f427a283553ca5a395f2724b2799ce163d4 f0589b2d6643f26e038a82a1a67d0881a717144f6ca921b3dffa1222f0c48e9c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /web-api/default/img/icons/pixels2.svg?v=1715068604 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/en?tag=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder; platform_type=desktop; auid=sv0dM2Y53rKJcwD9AxxYAg==; SESSION=a2f5c34fdc98d4dc79ec14adc732be85; window_width=1280; _glhf=1715086374; che_g=277ff3df-2e51-ec4f-06d0-569e93b07f06; application_locale=en; sh.session.id=2f059054-1edc-45d1-9f6c-be2b21cfc178; ggru=181
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:44 GMT
content-type: image/png
cache-control: no-cache, private
server-timing: p;dur=13, dt_total;dur=14.512, wf-uht;dur=0.026
traceparent: 00-6029ce36ae9a68329e8277b2ea25bb96-7852185678283f9b-01
x-dt: 285
x-time-ng: 0.014
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/conversion-f0624fc4.js | 185.244.209.62 | | 66 kB |
URL v3.traincdn.com/_nuxt/desktop/default/vendors/conversion-f0624fc4.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators Hash191ff223860f458112e0be2a63bd9857 850dd681d5b31321f00b8df955a455aa9478e44e 40e1fe6d194776c5fa845dda1dbebda9c2bc3154d8c45793ae74a2e1bf147016
GET /_nuxt/desktop/default/vendors/conversion-f0624fc4.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:46 GMT
content-type: application/javascript; charset=utf-8
content-length: 66479
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-103af"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:50 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-743b461b63817ea6e3282a339d15210e-590bdce002a3d9fe-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:50+00:00, 2024-05-06T14:47:34+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| widget.suphelper.top/_next/static/chunks/main-fa1d3b21fd97b583.js | 104.18.39.72 | | 36 kB |
URL widget.suphelper.top/_next/static/chunks/main-fa1d3b21fd97b583.js IP104.18.39.72:0
File typegzip compressed data, from Unix Hash76abb67bededdccee1f8676ce3554eec 37b5d330bc622e6d02057478d5edc61cff007ebb cc57147f3b96da5d2f4523969e52d8fe00e56c581b85e80359e21fe67c270858
GET /_next/static/chunks/main-fa1d3b21fd97b583.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 07:56:40 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://file-hosting-api-stage.kube.prod.cons.lan https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Thu, 09 Nov 2023 06:03:45 GMT
etag: W/"1a544-18bb2adf0eb"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 560685
expires: Wed, 07 May 2025 07:56:40 GMT
server: cloudflare
cf-ray: 87ffa79e8917568a-OSL
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2 | 185.244.209.62 | | 64 kB |
URL v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2 IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeWeb Open Font Format (Version 2), TrueType, length 63748, version 1.0 Hash6887b6f24414dbc612dbf42ccdc76b70 8068d3abfbc6cbf35b55919da45b1f4d2d136238 fc5c015fc32518f1ed810fa84ca28941eb9d5a3c81acc8df69a4dbbeedef7b0c
GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:48 GMT
content-type: font/woff2
content-length: 63748
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "6887b6f24414dbc612dbf42ccdc76b70"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-35b09dad7f838c71e40580f9ef9170c9-c59c7a8f27ae1de8-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T07:13:59+00:00, 2024-05-07T07:03:17+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/3a9e96a04d11.js | 185.244.209.62 | | 66 kB |
URL v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/3a9e96a04d11.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typegzip compressed data, max speed, from Unix Hash8a5fef7bf668efadc66117ad1ed0c6b4 0be0bf867e879eb1efd1062e59e154cb5b431062 014d6e837fff9cb3e7ed2c06a1688d1899a89f929541cc08627b6978a69ad47e
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/3a9e96a04d11.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:45 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 01 May 2024 08:21:41 GMT
etag: W/"da4fcf0e06e63dbfcf3058f435e0a172"
x-amz-meta-mtime: 1714551564.671873539
content-encoding: gzip
expires: Thu, 02 May 2024 15:20:56 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-6f253a8cf48c7aa28db0e927ac80c21c-7d38d10bda8c72f8-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-01T15:20:56+00:00, 2024-05-06T16:17:06+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/entry-414928da.js | 185.244.209.62 | 200 OK | 755 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/entry-414928da.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Size755 kB (755259 bytes) Hash0ed05def1a7b76fc7d320917670764b3 658f7b1e458545fd69e3e3bad2bd037b865a0b17 2abfdd747d0359043198f95c148dadea9963dd6c4d35a54d3f60e9928e58cdce
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/entry-414928da.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:41 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 01 May 2024 08:21:42 GMT
etag: W/"2ff74ba461966e9ef07ec952168d3783"
x-amz-meta-mtime: 1714551564.679873411
content-encoding: gzip
expires: Thu, 02 May 2024 15:20:40 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-929d9a2c583908685108f51fd6dbb396-567b82c78bc7c178-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-01T15:20:40+00:00, 2024-05-06T16:17:03+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2 | 185.244.209.62 | | 64 kB |
URL v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2 IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeWeb Open Font Format (Version 2), TrueType, length 63748, version 1.0 Hash6887b6f24414dbc612dbf42ccdc76b70 8068d3abfbc6cbf35b55919da45b1f4d2d136238 fc5c015fc32518f1ed810fa84ca28941eb9d5a3c81acc8df69a4dbbeedef7b0c
GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:49 GMT
content-type: font/woff2
content-length: 63748
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "6887b6f24414dbc612dbf42ccdc76b70"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-d214e4edd6891bf44e0e9a082faebaed-3858e4fe4750529a-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T07:13:59+00:00, 2024-05-07T07:03:17+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| widget.suphelper.top/_next/static/chunks/81.9c6562bba5669b47.js | 104.18.39.72 | | 75 kB |
URL widget.suphelper.top/_next/static/chunks/81.9c6562bba5669b47.js IP104.18.39.72:0
File typegzip compressed data, from Unix Hash88893fa28081c5f87aa079b696fdb560 3c312786be4bbaa961079bbd733efc779041a98b e41f8dafe9b628bf81cf1c06352b86b27c6ce74f5b6db58bab1b2dcdf5cd0eec
GET /_next/static/chunks/81.9c6562bba5669b47.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 07:56:41 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Mon, 22 Jan 2024 07:49:06 GMT
etag: W/"8f42-18d3024f9c4"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 574589
expires: Wed, 07 May 2025 07:56:41 GMT
server: cloudflare
cf-ray: 87ffa7a82c4d568a-OSL
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2 | 185.244.209.62 | | 64 kB |
URL v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2 IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeWeb Open Font Format (Version 2), TrueType, length 63920, version 1.0 Hasha65527fcb58f66a7cfbc0e6b160538b4 45d260e7fa343401b5bb0df982a014f53e2d253b fb13c3a1cbac60649b76f7d7f85c1645d35ac69b85ce5f4eb0692505ecc2cd45
GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:49 GMT
content-type: font/woff2
content-length: 63920
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "a65527fcb58f66a7cfbc0e6b160538b4"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-2c323aace48e276271ebff24314be5eb-564484ad49bf0630-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T07:54:39+00:00, 2024-05-07T07:30:48+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/shared-assets/__shared_accept_language_parser_QKZ6ULEV.js | 185.244.209.62 | | 10 kB |
URL v3.traincdn.com/sys-static/shared-assets/__shared_accept_language_parser_QKZ6ULEV.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typegzip compressed data, max speed, from Unix Hash615f57694305edd3867bb87911d1ce2a b7f4e929b53e5d92b53d370952fac568d1151ea2 400fa409a36ec43275a06dbaef5f1f427247af95ad03f00ec00d9e151be4f940
GET /sys-static/shared-assets/__shared_accept_language_parser_QKZ6ULEV.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:43 GMT
content-type: text/javascript; charset=utf-8
last-modified: Mon, 06 May 2024 14:40:26 GMT
etag: W/"518e0ae196483ada8b528a1f2b7df0a1"
x-amz-meta-mtime: 1715006282.054749806
content-encoding: gzip
expires: Tue, 07 May 2024 15:18:11 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-ea239db5b52d4d8eab9ccb38a27268ab-403ccd2137d9558a-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T15:18:11+00:00, 2024-05-06T15:53:14+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/shared-assets/__shared_chunk_M4D4AAJL.js | 185.244.209.62 | | 46 kB |
URL v3.traincdn.com/sys-static/shared-assets/__shared_chunk_M4D4AAJL.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typegzip compressed data, max speed, from Unix Hashdeb9795d3d881caece397ba8cb2fabe6 63570efbd67e9774339817b4fa57d92d5145c900 cc50131082e7fffd1f85d4d16c4659fd63f0764e179aa77c02dd635d6a79715d
GET /sys-static/shared-assets/__shared_chunk_M4D4AAJL.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:44 GMT
content-type: text/javascript; charset=utf-8
last-modified: Mon, 06 May 2024 10:22:32 GMT
etag: W/"51ddc52774f4e5bd6a6f1c22e9d19674"
x-amz-meta-mtime: 1714990874.153504753
content-encoding: gzip
expires: Tue, 07 May 2024 12:42:06 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-8fe0549ec18663284c77db5c048d8e29-2470dedb42559d7f-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T12:42:06+00:00, 2024-05-06T12:50:29+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/service-api/LiveFeed/WebGetTopChampsZip?lng=en&gr=285&country=137 | 178.253.29.51 | | 65 B |
URL 1xlite-461430.top/service-api/LiveFeed/WebGetTopChampsZip?lng=en&gr=285&country=137 IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
Hasha62a3d291c25728a06f15b4ee47d5e43 7613e665c8dd639f4f8b821f8337cc4629e3d942 1e2d5a52c362e3ab706e11a3ee2454024423019bd4976d4874df7681c7468b3c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/WebGetTopChampsZip?lng=en&gr=285&country=137 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder; platform_type=desktop; auid=sv0dM2Y53rKJcwD9AxxYAg==; SESSION=a2f5c34fdc98d4dc79ec14adc732be85; window_width=1280; _glhf=1715086374; che_g=277ff3df-2e51-ec4f-06d0-569e93b07f06; application_locale=en; sh.session.id=2f059054-1edc-45d1-9f6c-be2b21cfc178; ggru=181
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:50 GMT
content-type: application/json; charset=utf-8
content-length: 65
cache-control: no-cache
content-encoding: br
last-modified: Tue, 07 May 2024 07:56:50 GMT
vary: Accept-Encoding
x-time-ng: 0.006
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.029
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/analytics-a8ae3276.js | 185.244.209.62 | | 2.4 kB |
URL v3.traincdn.com/_nuxt/desktop/default/analytics-a8ae3276.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, ASCII text, with very long lines (6444), with no line terminators Hash60f915b0daad3af04303726381897e81 133c20a7f58c18758483c23f595d5a4f22ba9371 320b5a7d25c926dc55eb7a53f4348bf7c34bd7f5bc6ad3bcd1d16029239dc3a1
GET /_nuxt/desktop/default/analytics-a8ae3276.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:50 GMT
content-type: application/javascript; charset=utf-8
content-length: 2434
last-modified: Thu, 02 May 2024 12:52:18 GMT
etag: "66338c82-982"
content-encoding: gzip
expires: Sat, 04 May 2024 08:41:45 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-d9310a44c34d9ef79fa0f54d7f4fa13c-8e8e7c0c96fb4440-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-03T08:41:45+00:00, 2024-05-06T09:22:16+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-7JGWL9SV66 | 142.250.74.40 | | 106 kB |
URL www.googletagmanager.com/gtag/js?id=G-7JGWL9SV66 IP142.250.74.40:0
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (10899) Size106 kB (105848 bytes) Hash31daf8be57e0235a4b0a4fd27fa1d8e0 ca728ad16304fa5ff21e6cca47244885e441953d d28a3267d7fd77a199362702e83352578652bd14431283f513ec1b94f0d2a242
GET /gtag/js?id=G-7JGWL9SV66 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 07 May 2024 07:56:50 GMT
expires: Tue, 07 May 2024 07:56:50 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 105848
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtm.js?id=GTM-KFGPRJ2V | 142.250.74.40 | | 64 kB |
URL www.googletagmanager.com/gtm.js?id=GTM-KFGPRJ2V IP142.250.74.40:0
File typeJavaScript source, ASCII text, with very long lines (1822) Hash273eca3ce6428d022541aedaef733c21 54a7f799a9a1ecd20eb5b75bfaaeed71cae6c116 a73b1a4d89640d842dc8390be397b03bcae2da8f5c966d096a6000e20f4b2713
GET /gtm.js?id=GTM-KFGPRJ2V HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 07 May 2024 07:56:50 GMT
expires: Tue, 07 May 2024 07:56:50 GMT
cache-control: private, max-age=900
last-modified: Tue, 07 May 2024 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 64399
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| radar.cedexis.com/1/23802/radar.js | 45.54.49.5 | | 154 B |
URL radar.cedexis.com/1/23802/radar.js IP45.54.49.5:0 ASN#63911 NetActuate, Inc
File typeHTML document, ASCII text, with CRLF line terminators Hashcfbeaf604823f038b8b46f0ac862b98c 7b9eb1dac48e74fa5f418bc456cb410f88b81d98 20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /1/23802/radar.js HTTP/1.1
Host: radar.cedexis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 07 May 2024 07:56:50 GMT
Content-Type: text/html
Content-Length: 154
Connection: keep-alive
Location: /1707728419/stub.js
Expires: Tue, 07 May 2024 08:06:50 GMT
Cache-Control: max-age=600
Vary: User-Agent,DNT
|
|
| 1xlite-461430.top/hd-api/external/api/web/v1/j/8b426540616j0i4e9dedae027043e798807fa77296ef7a829667 | 178.253.29.51 | | 512 B |
URL 1xlite-461430.top/hd-api/external/api/web/v1/j/8b426540616j0i4e9dedae027043e798807fa77296ef7a829667 IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
Hash0706619f8e5b772c9352b136bd473c5c 53617002409d889d4d311b65ca2e0fe132c9d2c9 b6ffdb2a9c63b527a4646ee42339a19bebe91973628918ea10b19ddd57c92dd7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /hd-api/external/api/web/v1/j/8b426540616j0i4e9dedae027043e798807fa77296ef7a829667 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder
X-Requested-With: XMLHttpRequest
Content-Type: application/json
Content-Length: 105936
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder; platform_type=desktop; auid=sv0dM2Y53rKJcwD9AxxYAg==; SESSION=a2f5c34fdc98d4dc79ec14adc732be85; window_width=1280; _glhf=1715086374; che_g=277ff3df-2e51-ec4f-06d0-569e93b07f06; application_locale=en; sh.session.id=2f059054-1edc-45d1-9f6c-be2b21cfc178; ggru=181
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:51 GMT
content-type: application/json
content-length: 512
content-encoding: gzip
traceparent: 00-beede5f9133e903e4d8b9d941d2ddba0-db11579734874814-01
vary: Accept-Encoding
x-dt: 285
x-request-guid: 8d0a4064a939b4bf59c4ab75508e345d
x-time-ng: 0.086
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=138.364, wf-uht;dur=0.163
X-Firefox-Spdy: h2
|
|
| www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7JGWL9SV66&cid=780917435.1715068611>m=45je4510v897130004za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=559428949 | 142.250.74.163 | 200 OK | 42 B |
URL GET HTTP/2www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7JGWL9SV66&cid=780917435.1715068611>m=45je4510v897130004za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=559428949 IP142.250.74.163:443
Requested byhttps://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder CertificateIssuerGoogle Trust Services LLC Subject*.google.no Fingerprint7D:68:6D:B1:32:34:52:51:20:C9:53:FF:B9:B7:8F:7E:05:F9:F5:97 ValidityTue, 16 Apr 2024 04:31:00 GMT - Tue, 09 Jul 2024 04:30:59 GMT
File typeGIF image data, version 89a, 1 x 1 Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7JGWL9SV66&cid=780917435.1715068611>m=45je4510v897130004za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=559428949 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 07 May 2024 07:56:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| radar.cedexis.com/1707728419/stub.js | 45.54.49.5 | | 271 B |
URL radar.cedexis.com/1707728419/stub.js IP45.54.49.5:0 ASN#63911 NetActuate, Inc
File typeJavaScript source, ASCII text Hash82dec77fd0353c7c71ce053b8601387e fbbca95419e1d0c042e0a5fdf10f380aca66188c 39f2b7b0fa78d37d0c84d2d6618bd635d86fd683d9bcdd5729850cb2a62522f7
GET /1707728419/stub.js HTTP/1.1
Host: radar.cedexis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 May 2024 07:56:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 12 Feb 2024 09:51:01 GMT
Vary: Accept-Encoding
ETag: W/"65c9ea05-186"
Expires: Tue, 21 May 2024 07:56:51 GMT
Cache-Control: max-age=1209600, public
Content-Encoding: gzip
|
|
| region1.analytics.google.com/g/collect?v=2&tid=G-7JGWL9SV66>m=45je4510v897130004za200&_p=1715068610491&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=780917435.1715068611&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1715068611&sct=1&seg=0&dl=https%3A%2F%2F1xlite-461430.top%2Fen%3Ftag%3Dd_73595m_32273c_%255B%255DMS%255B%255Dnull%255B%255Dnull%255B%255DSmartCPM%255B%255D6895621_d28985_l35449_clickunder&dt=1xBet%20%E1%90%89%20Online%20sports%20betting%20%E1%90%89%201xBet%20online%20bookmaker%20log%20in%20%E1%90%89%201xlite-461430.top&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.optimize_id=GTM-5R4MT54&tfd=18482 | 216.239.32.36 | | 0 B |
URL region1.analytics.google.com/g/collect?v=2&tid=G-7JGWL9SV66>m=45je4510v897130004za200&_p=1715068610491&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=780917435.1715068611&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1715068611&sct=1&seg=0&dl=https%3A%2F%2F1xlite-461430.top%2Fen%3Ftag%3Dd_73595m_32273c_%255B%255DMS%255B%255Dnull%255B%255Dnull%255B%255DSmartCPM%255B%255D6895621_d28985_l35449_clickunder&dt=1xBet%20%E1%90%89%20Online%20sports%20betting%20%E1%90%89%201xBet%20online%20bookmaker%20log%20in%20%E1%90%89%201xlite-461430.top&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.optimize_id=GTM-5R4MT54&tfd=18482 IP216.239.32.36:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-7JGWL9SV66>m=45je4510v897130004za200&_p=1715068610491&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=780917435.1715068611&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1715068611&sct=1&seg=0&dl=https%3A%2F%2F1xlite-461430.top%2Fen%3Ftag%3Dd_73595m_32273c_%255B%255DMS%255B%255Dnull%255B%255Dnull%255B%255DSmartCPM%255B%255D6895621_d28985_l35449_clickunder&dt=1xBet%20%E1%90%89%20Online%20sports%20betting%20%E1%90%89%201xBet%20online%20bookmaker%20log%20in%20%E1%90%89%201xlite-461430.top&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.optimize_id=GTM-5R4MT54&tfd=18482 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://1xlite-461430.top
date: Tue, 07 May 2024 07:56:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/service-api/LineFeed/GetSportsShortZip?lng=en&country=137&virtualSports=true&gr=285&groupChamps=true | 178.253.29.51 | 200 OK | 2.1 kB |
URL GET HTTP/21xlite-461430.top/service-api/LineFeed/GetSportsShortZip?lng=en&country=137&virtualSports=true&gr=285&groupChamps=true IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hash62c93797739be3159535fc0af898c367 a73556d1a0935e1ee811d52fed5108cabe44601d 5c9166fd3bde80e2c8fed1f87740273b29178c4deeca9c7fb4f7665f451fc6d1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LineFeed/GetSportsShortZip?lng=en&country=137&virtualSports=true&gr=285&groupChamps=true HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiNmY2bHlxUEpRazIxUVpEOWxrT2RrekpDbU1KZmhJa0J2aDM3RTJ1Z1kvRStsYTViQlhBcHJNVWpaNW5mWlBCbVB3Y1JHQ1B1UGRHTFBXT0lxTDJJTHVKWTFiczU3bzVON0xJTlBCMWJzd056NVowUzJnQmVFdEl0NmJSQ0F4VlhReVBBYmEzS1J3MG5wbjRsZHJFTnVUK2MyQlMyem1tSFhYcU9mbGZYN3d5Y0lOSTVHY0l3N29JdFBkaU51Qzl1TTNuNXdoYkY0RTR0RXNDdU9wYmxIUGhEVytBVTVRclJkQ0RJT2pFRk1UaDNyR3pDRUxuMnZiMmVoS05CM1BnRXR4aTk0Z2FETUk2aHlObTEyUnplTTc0KzhKQ2VxWUtIbXVISDBzTms2VWljIiwiZXhwIjoxNzE1MDgzMDExLCJpYXQiOjE3MTUwNjg2MTF9.EgpxNMi4oE-gGkW7_d5TkojYtCD9_1nkVZV3iYISvTmTRHU9cba5B-typB_Ys_QhgjtQHHDERhERe81bVeB9NA
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder; platform_type=desktop; auid=sv0dM2Y53rKJcwD9AxxYAg==; SESSION=a2f5c34fdc98d4dc79ec14adc732be85; window_width=1280; _glhf=1715086374; che_g=277ff3df-2e51-ec4f-06d0-569e93b07f06; application_locale=en; sh.session.id=2f059054-1edc-45d1-9f6c-be2b21cfc178; ggru=181; _ga_7JGWL9SV66=GS1.1.1715068611.1.0.1715068611.60.0.0; _ga=GA1.1.780917435.1715068611
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:51 GMT
content-type: application/json; charset=utf-8
content-length: 2062
cache-control: public, max-age=5
content-encoding: br
last-modified: Tue, 07 May 2024 07:56:51 GMT
vary: Accept-Encoding
x-time-ng: 0.077
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.084
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true | 178.253.29.51 | | 2.7 kB |
URL 1xlite-461430.top/service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
Hashf40cd49ead918c19f5ab8d3fec7b3a5f f2578fcb0a9c6dc6103a610e7d86ca7d10ce6dff ca5f9c67b3f9f145eb1e7be19244c46cefde7833971d7b7d7d74afd042d248cf
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiNmY2bHlxUEpRazIxUVpEOWxrT2RrekpDbU1KZmhJa0J2aDM3RTJ1Z1kvRStsYTViQlhBcHJNVWpaNW5mWlBCbVB3Y1JHQ1B1UGRHTFBXT0lxTDJJTHVKWTFiczU3bzVON0xJTlBCMWJzd056NVowUzJnQmVFdEl0NmJSQ0F4VlhReVBBYmEzS1J3MG5wbjRsZHJFTnVUK2MyQlMyem1tSFhYcU9mbGZYN3d5Y0lOSTVHY0l3N29JdFBkaU51Qzl1TTNuNXdoYkY0RTR0RXNDdU9wYmxIUGhEVytBVTVRclJkQ0RJT2pFRk1UaDNyR3pDRUxuMnZiMmVoS05CM1BnRXR4aTk0Z2FETUk2aHlObTEyUnplTTc0KzhKQ2VxWUtIbXVISDBzTms2VWljIiwiZXhwIjoxNzE1MDgzMDExLCJpYXQiOjE3MTUwNjg2MTF9.EgpxNMi4oE-gGkW7_d5TkojYtCD9_1nkVZV3iYISvTmTRHU9cba5B-typB_Ys_QhgjtQHHDERhERe81bVeB9NA
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder; platform_type=desktop; auid=sv0dM2Y53rKJcwD9AxxYAg==; SESSION=a2f5c34fdc98d4dc79ec14adc732be85; window_width=1280; _glhf=1715086374; che_g=277ff3df-2e51-ec4f-06d0-569e93b07f06; application_locale=en; sh.session.id=2f059054-1edc-45d1-9f6c-be2b21cfc178; ggru=181; _ga_7JGWL9SV66=GS1.1.1715068611.1.0.1715068611.60.0.0; _ga=GA1.1.780917435.1715068611
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:51 GMT
content-type: application/json; charset=utf-8
content-length: 2712
cache-control: public, max-age=5
content-encoding: br
last-modified: Tue, 07 May 2024 07:56:46 GMT
vary: Accept-Encoding
x-time-ng: 0.011
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/service-api/LiveFeed/GetTopGamesStatZip?lng=en&antisports=66 | 178.253.29.51 | 200 OK | 2.2 kB |
URL GET HTTP/21xlite-461430.top/service-api/LiveFeed/GetTopGamesStatZip?lng=en&antisports=66 IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hash27ea8f2f5b50df11b1a00f9f4a7c0de7 db5479c3b6e0e8f2edf796011fcafb05ec7a2be6 d7ea1974e677773a5ed1b0fcfcb27e172a9f9e9db8c312b280bd2e9989ccc7af
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/GetTopGamesStatZip?lng=en&antisports=66 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiNmY2bHlxUEpRazIxUVpEOWxrT2RrekpDbU1KZmhJa0J2aDM3RTJ1Z1kvRStsYTViQlhBcHJNVWpaNW5mWlBCbVB3Y1JHQ1B1UGRHTFBXT0lxTDJJTHVKWTFiczU3bzVON0xJTlBCMWJzd056NVowUzJnQmVFdEl0NmJSQ0F4VlhReVBBYmEzS1J3MG5wbjRsZHJFTnVUK2MyQlMyem1tSFhYcU9mbGZYN3d5Y0lOSTVHY0l3N29JdFBkaU51Qzl1TTNuNXdoYkY0RTR0RXNDdU9wYmxIUGhEVytBVTVRclJkQ0RJT2pFRk1UaDNyR3pDRUxuMnZiMmVoS05CM1BnRXR4aTk0Z2FETUk2aHlObTEyUnplTTc0KzhKQ2VxWUtIbXVISDBzTms2VWljIiwiZXhwIjoxNzE1MDgzMDExLCJpYXQiOjE3MTUwNjg2MTF9.EgpxNMi4oE-gGkW7_d5TkojYtCD9_1nkVZV3iYISvTmTRHU9cba5B-typB_Ys_QhgjtQHHDERhERe81bVeB9NA
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder; platform_type=desktop; auid=sv0dM2Y53rKJcwD9AxxYAg==; SESSION=a2f5c34fdc98d4dc79ec14adc732be85; window_width=1280; _glhf=1715086374; che_g=277ff3df-2e51-ec4f-06d0-569e93b07f06; application_locale=en; sh.session.id=2f059054-1edc-45d1-9f6c-be2b21cfc178; ggru=181; _ga_7JGWL9SV66=GS1.1.1715068611.1.0.1715068611.60.0.0; _ga=GA1.1.780917435.1715068611
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:53 GMT
content-type: application/json; charset=utf-8
content-length: 2224
cache-control: public, max-age=5
content-encoding: br
last-modified: Tue, 07 May 2024 07:56:53 GMT
vary: Accept-Encoding
x-time-ng: 0.003
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.011
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true | 178.253.29.51 | | 8.1 kB |
URL 1xlite-461430.top/service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
Hashe0ce540eb34564c2032a77139df9d75b c9134c3f5d8680d59ff9d9b7ae66b0f9cdf23702 c4b696bbfccaaafc30d22a171367f7e11e110ac37b6f35a01ea554b5e5cdab23
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiNmY2bHlxUEpRazIxUVpEOWxrT2RrekpDbU1KZmhJa0J2aDM3RTJ1Z1kvRStsYTViQlhBcHJNVWpaNW5mWlBCbVB3Y1JHQ1B1UGRHTFBXT0lxTDJJTHVKWTFiczU3bzVON0xJTlBCMWJzd056NVowUzJnQmVFdEl0NmJSQ0F4VlhReVBBYmEzS1J3MG5wbjRsZHJFTnVUK2MyQlMyem1tSFhYcU9mbGZYN3d5Y0lOSTVHY0l3N29JdFBkaU51Qzl1TTNuNXdoYkY0RTR0RXNDdU9wYmxIUGhEVytBVTVRclJkQ0RJT2pFRk1UaDNyR3pDRUxuMnZiMmVoS05CM1BnRXR4aTk0Z2FETUk2aHlObTEyUnplTTc0KzhKQ2VxWUtIbXVISDBzTms2VWljIiwiZXhwIjoxNzE1MDgzMDExLCJpYXQiOjE3MTUwNjg2MTF9.EgpxNMi4oE-gGkW7_d5TkojYtCD9_1nkVZV3iYISvTmTRHU9cba5B-typB_Ys_QhgjtQHHDERhERe81bVeB9NA
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder; platform_type=desktop; auid=sv0dM2Y53rKJcwD9AxxYAg==; SESSION=a2f5c34fdc98d4dc79ec14adc732be85; window_width=1280; _glhf=1715086374; che_g=277ff3df-2e51-ec4f-06d0-569e93b07f06; application_locale=en; sh.session.id=2f059054-1edc-45d1-9f6c-be2b21cfc178; ggru=181; _ga_7JGWL9SV66=GS1.1.1715068611.1.0.1715068611.60.0.0; _ga=GA1.1.780917435.1715068611
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:55 GMT
content-type: application/json; charset=utf-8
content-length: 8063
cache-control: public, max-age=5
content-encoding: br
last-modified: Tue, 07 May 2024 07:56:55 GMT
vary: Accept-Encoding
x-time-ng: 0.014
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.068
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true | 178.253.29.51 | | 2.7 kB |
URL 1xlite-461430.top/service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
Hash34c30ae69ef4f99b67a8f0b60b6478db 5cb47b964968fa0c9fac522f3f4d4546525a98ac c9f8704f1a404542e2b58bc92947914b4096b6a5c750574b1b5e76ca580bbe2e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiNmY2bHlxUEpRazIxUVpEOWxrT2RrekpDbU1KZmhJa0J2aDM3RTJ1Z1kvRStsYTViQlhBcHJNVWpaNW5mWlBCbVB3Y1JHQ1B1UGRHTFBXT0lxTDJJTHVKWTFiczU3bzVON0xJTlBCMWJzd056NVowUzJnQmVFdEl0NmJSQ0F4VlhReVBBYmEzS1J3MG5wbjRsZHJFTnVUK2MyQlMyem1tSFhYcU9mbGZYN3d5Y0lOSTVHY0l3N29JdFBkaU51Qzl1TTNuNXdoYkY0RTR0RXNDdU9wYmxIUGhEVytBVTVRclJkQ0RJT2pFRk1UaDNyR3pDRUxuMnZiMmVoS05CM1BnRXR4aTk0Z2FETUk2aHlObTEyUnplTTc0KzhKQ2VxWUtIbXVISDBzTms2VWljIiwiZXhwIjoxNzE1MDgzMDExLCJpYXQiOjE3MTUwNjg2MTF9.EgpxNMi4oE-gGkW7_d5TkojYtCD9_1nkVZV3iYISvTmTRHU9cba5B-typB_Ys_QhgjtQHHDERhERe81bVeB9NA
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder; platform_type=desktop; auid=sv0dM2Y53rKJcwD9AxxYAg==; SESSION=a2f5c34fdc98d4dc79ec14adc732be85; window_width=1280; _glhf=1715086374; che_g=277ff3df-2e51-ec4f-06d0-569e93b07f06; application_locale=en; sh.session.id=2f059054-1edc-45d1-9f6c-be2b21cfc178; ggru=181; _ga_7JGWL9SV66=GS1.1.1715068611.1.0.1715068611.60.0.0; _ga=GA1.1.780917435.1715068611
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:56 GMT
content-type: application/json; charset=utf-8
content-length: 2709
cache-control: public, max-age=5
content-encoding: br
last-modified: Tue, 07 May 2024 07:56:56 GMT
vary: Accept-Encoding
x-time-ng: 0.008
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.016
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/banner/efb6a12f775a7454c682a5f3cdcfe84c.webp | 185.244.209.62 | | 23 kB |
URL v3.traincdn.com/genfiles/cms/1/desktop/banner/efb6a12f775a7454c682a5f3cdcfe84c.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1380x248, Scaling: [none]x[none], YUV color, decoders should clamp Hash02c73c0e2eaa0c7ad721ac2bafa0bca7 c289c333ee79cc2a3e01d6302e941a22da5e43c4 bcf43c5ae29cad6787c98d92c0e91d7af3c1f912a4abdbca1d397a839e7f61cb
GET /genfiles/cms/1/desktop/banner/efb6a12f775a7454c682a5f3cdcfe84c.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:59 GMT
content-type: image/webp
content-length: 23162
last-modified: Fri, 26 Apr 2024 05:29:21 GMT
etag: "02c73c0e2eaa0c7ad721ac2bafa0bca7"
x-time-ng: 0.045
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-42e203e8676c7dc64f16fd1d3594a12d-b5631572375e53d0-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-26T05:30:05+00:00, 2024-05-07T07:09:50+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/service-api/LiveFeed/WebGetTopChampsZip?lng=en&gr=285&country=137 | 178.253.29.51 | | 65 B |
URL 1xlite-461430.top/service-api/LiveFeed/WebGetTopChampsZip?lng=en&gr=285&country=137 IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
Hasha62a3d291c25728a06f15b4ee47d5e43 7613e665c8dd639f4f8b821f8337cc4629e3d942 1e2d5a52c362e3ab706e11a3ee2454024423019bd4976d4874df7681c7468b3c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/WebGetTopChampsZip?lng=en&gr=285&country=137 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiNmY2bHlxUEpRazIxUVpEOWxrT2RrekpDbU1KZmhJa0J2aDM3RTJ1Z1kvRStsYTViQlhBcHJNVWpaNW5mWlBCbVB3Y1JHQ1B1UGRHTFBXT0lxTDJJTHVKWTFiczU3bzVON0xJTlBCMWJzd056NVowUzJnQmVFdEl0NmJSQ0F4VlhReVBBYmEzS1J3MG5wbjRsZHJFTnVUK2MyQlMyem1tSFhYcU9mbGZYN3d5Y0lOSTVHY0l3N29JdFBkaU51Qzl1TTNuNXdoYkY0RTR0RXNDdU9wYmxIUGhEVytBVTVRclJkQ0RJT2pFRk1UaDNyR3pDRUxuMnZiMmVoS05CM1BnRXR4aTk0Z2FETUk2aHlObTEyUnplTTc0KzhKQ2VxWUtIbXVISDBzTms2VWljIiwiZXhwIjoxNzE1MDgzMDExLCJpYXQiOjE3MTUwNjg2MTF9.EgpxNMi4oE-gGkW7_d5TkojYtCD9_1nkVZV3iYISvTmTRHU9cba5B-typB_Ys_QhgjtQHHDERhERe81bVeB9NA
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder; platform_type=desktop; auid=sv0dM2Y53rKJcwD9AxxYAg==; SESSION=a2f5c34fdc98d4dc79ec14adc732be85; window_width=1280; _glhf=1715086374; che_g=277ff3df-2e51-ec4f-06d0-569e93b07f06; application_locale=en; sh.session.id=2f059054-1edc-45d1-9f6c-be2b21cfc178; ggru=181; _ga_7JGWL9SV66=GS1.1.1715068611.1.0.1715068611.60.0.0; _ga=GA1.1.780917435.1715068611
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:57:00 GMT
content-type: application/json; charset=utf-8
content-length: 65
cache-control: no-cache
content-encoding: br
last-modified: Tue, 07 May 2024 07:57:00 GMT
vary: Accept-Encoding
x-time-ng: 0.015
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.022
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true | 178.253.29.51 | | 8.1 kB |
URL 1xlite-461430.top/service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
Hashe0ce540eb34564c2032a77139df9d75b c9134c3f5d8680d59ff9d9b7ae66b0f9cdf23702 c4b696bbfccaaafc30d22a171367f7e11e110ac37b6f35a01ea554b5e5cdab23
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiNmY2bHlxUEpRazIxUVpEOWxrT2RrekpDbU1KZmhJa0J2aDM3RTJ1Z1kvRStsYTViQlhBcHJNVWpaNW5mWlBCbVB3Y1JHQ1B1UGRHTFBXT0lxTDJJTHVKWTFiczU3bzVON0xJTlBCMWJzd056NVowUzJnQmVFdEl0NmJSQ0F4VlhReVBBYmEzS1J3MG5wbjRsZHJFTnVUK2MyQlMyem1tSFhYcU9mbGZYN3d5Y0lOSTVHY0l3N29JdFBkaU51Qzl1TTNuNXdoYkY0RTR0RXNDdU9wYmxIUGhEVytBVTVRclJkQ0RJT2pFRk1UaDNyR3pDRUxuMnZiMmVoS05CM1BnRXR4aTk0Z2FETUk2aHlObTEyUnplTTc0KzhKQ2VxWUtIbXVISDBzTms2VWljIiwiZXhwIjoxNzE1MDgzMDExLCJpYXQiOjE3MTUwNjg2MTF9.EgpxNMi4oE-gGkW7_d5TkojYtCD9_1nkVZV3iYISvTmTRHU9cba5B-typB_Ys_QhgjtQHHDERhERe81bVeB9NA
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder; platform_type=desktop; auid=sv0dM2Y53rKJcwD9AxxYAg==; SESSION=a2f5c34fdc98d4dc79ec14adc732be85; window_width=1280; _glhf=1715086374; che_g=277ff3df-2e51-ec4f-06d0-569e93b07f06; application_locale=en; sh.session.id=2f059054-1edc-45d1-9f6c-be2b21cfc178; ggru=181; _ga_7JGWL9SV66=GS1.1.1715068611.1.0.1715068611.60.0.0; _ga=GA1.1.780917435.1715068611
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:57:00 GMT
content-type: application/json; charset=utf-8
content-length: 8063
cache-control: public, max-age=5
content-encoding: br
last-modified: Tue, 07 May 2024 07:56:55 GMT
vary: Accept-Encoding
x-time-ng: 0.014
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
X-Firefox-Spdy: h2
|
|
| services.addons.mozilla.org/api/v4/addons/search/?guid=default-theme%40mozilla.org%2Caddons-search-detection%40mozilla.com%2Cgoogle%40search.mozilla.org%2Cwikipedia%40search.mozilla.org%2Cbing%40search.mozilla.org%2Cddg%40search.mozilla.org%2Cfirefox-compact-light%40mozilla.org%2Cfirefox-compact-dark%40mozilla.org%2Cfirefox-alpenglow%40mozilla.org%2Camazon%40search.mozilla.org&lang=en-US | 54.230.111.129 | | 82 B |
URL services.addons.mozilla.org/api/v4/addons/search/?guid=default-theme%40mozilla.org%2Caddons-search-detection%40mozilla.com%2Cgoogle%40search.mozilla.org%2Cwikipedia%40search.mozilla.org%2Cbing%40search.mozilla.org%2Cddg%40search.mozilla.org%2Cfirefox-compact-light%40mozilla.org%2Cfirefox-compact-dark%40mozilla.org%2Cfirefox-alpenglow%40mozilla.org%2Camazon%40search.mozilla.org&lang=en-US IP54.230.111.129:0
Hash4f822d39c269d2c47e3174b6c6bad3b7 d56bd07959c766e9c18faa9cf1070548f9236b65 cda00e555c758b1c13b6cbd17049ca8471057d16c60f08f551dbc331308eecf3
GET /api/v4/addons/search/?guid=default-theme%40mozilla.org%2Caddons-search-detection%40mozilla.com%2Cgoogle%40search.mozilla.org%2Cwikipedia%40search.mozilla.org%2Cbing%40search.mozilla.org%2Cddg%40search.mozilla.org%2Cfirefox-compact-light%40mozilla.org%2Cfirefox-compact-dark%40mozilla.org%2Cfirefox-alpenglow%40mozilla.org%2Camazon%40search.mozilla.org&lang=en-US HTTP/1.1
Host: services.addons.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
content-length: 82
server: openresty
date: Tue, 07 May 2024 07:01:28 GMT
allow: GET, HEAD, OPTIONS
x-amo-request-id: 0a7d7e4d3f38444f8169efb4a33b8dbd
content-security-policy: default-src 'none'; child-src https://www.recaptcha.net/recaptcha/; connect-src 'self' https://*.google-analytics.com; script-src https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/js https://www.recaptcha.net/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://addons.mozilla.org/static-server/; font-src 'self' https://addons.mozilla.org/static-server/; style-src 'unsafe-inline' https://addons.mozilla.org/static-server/; object-src 'none'; media-src https://videos.cdn.mozilla.net; frame-src https://www.recaptcha.net/recaptcha/; form-action 'self'; img-src 'self' blob: data: https://addons.mozilla.org/static-server/ https://addons.mozilla.org/user-media/; report-uri /__cspreport__
x-frame-options: DENY
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: same-origin
cross-origin-opener-policy: same-origin
cache-control: max-age=3600
public-key-pins: max-age=5184000; includeSubDomains; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="
via: 1.1 google, 1.1 3bff78035f818b6a3185b0f5f4586410.cloudfront.net (CloudFront)
etag: "4f822d39c269d2c47e3174b6c6bad3b7"
vary: origin,X-Country-Code,Accept-Language
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: cpMAtkGa4H5Qc3BMbecASCpa5A73D545Ul1grWs_fiJirjtNJ6Q1wQ==
age: 3333
X-Firefox-Spdy: h2
|
|
| aus5.mozilla.org/update/3/SystemAddons/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml | 35.244.181.201 | | 42 B |
URL aus5.mozilla.org/update/3/SystemAddons/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml IP35.244.181.201:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
File typeXML 1.0 document, ASCII text Hashf8f24fa0c857d8f2ee493e131b85ab62 cb6049f830a54d14a19d4104fc0bb5ab5fdedbe6 e0dadbc9cd1f1bd8ce3118cc3383e0d0f6d147f055265d498d99deea956ba00f
GET /update/3/SystemAddons/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:57:01 GMT
content-type: text/xml; charset=utf-8
content-length: 42
rule-id: unknown
rule-data-version: unknown
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: EXPIRED
via: 1.1 google
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/service-api/LineFeed/GetSportsShortZip?lng=en&country=137&virtualSports=true&gr=285&groupChamps=true | 178.253.29.51 | 200 OK | 2.1 kB |
URL GET HTTP/21xlite-461430.top/service-api/LineFeed/GetSportsShortZip?lng=en&country=137&virtualSports=true&gr=285&groupChamps=true IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hashf8a0e522bd3678770b394afc00b6e7de 016bf293f50e05308e496fd1beced10fe571daab ba1b7e8e946ece7437e063c57fd1aada55d970fc40d2293d3e9d698f98d37500
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LineFeed/GetSportsShortZip?lng=en&country=137&virtualSports=true&gr=285&groupChamps=true HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiNmY2bHlxUEpRazIxUVpEOWxrT2RrekpDbU1KZmhJa0J2aDM3RTJ1Z1kvRStsYTViQlhBcHJNVWpaNW5mWlBCbVB3Y1JHQ1B1UGRHTFBXT0lxTDJJTHVKWTFiczU3bzVON0xJTlBCMWJzd056NVowUzJnQmVFdEl0NmJSQ0F4VlhReVBBYmEzS1J3MG5wbjRsZHJFTnVUK2MyQlMyem1tSFhYcU9mbGZYN3d5Y0lOSTVHY0l3N29JdFBkaU51Qzl1TTNuNXdoYkY0RTR0RXNDdU9wYmxIUGhEVytBVTVRclJkQ0RJT2pFRk1UaDNyR3pDRUxuMnZiMmVoS05CM1BnRXR4aTk0Z2FETUk2aHlObTEyUnplTTc0KzhKQ2VxWUtIbXVISDBzTms2VWljIiwiZXhwIjoxNzE1MDgzMDExLCJpYXQiOjE3MTUwNjg2MTF9.EgpxNMi4oE-gGkW7_d5TkojYtCD9_1nkVZV3iYISvTmTRHU9cba5B-typB_Ys_QhgjtQHHDERhERe81bVeB9NA
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder; platform_type=desktop; auid=sv0dM2Y53rKJcwD9AxxYAg==; SESSION=a2f5c34fdc98d4dc79ec14adc732be85; window_width=1280; _glhf=1715086374; che_g=277ff3df-2e51-ec4f-06d0-569e93b07f06; application_locale=en; sh.session.id=2f059054-1edc-45d1-9f6c-be2b21cfc178; ggru=181; _ga_7JGWL9SV66=GS1.1.1715068611.1.0.1715068611.60.0.0; _ga=GA1.1.780917435.1715068611
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:57:01 GMT
content-type: application/json; charset=utf-8
content-length: 2063
cache-control: public, max-age=5
content-encoding: br
last-modified: Tue, 07 May 2024 07:57:01 GMT
vary: Accept-Encoding
x-time-ng: 0.058
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.066
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true | 178.253.29.51 | | 2.7 kB |
URL 1xlite-461430.top/service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
Hash7cc6d8a99c09a9e44fc3ce06a868f454 b1feaaef47c248086ae0e071b59cbba64b00e1f7 60a1811cdffb2a2f900325db24dc0a2e90ce6287de9ab2d601ec91b3193f7ce7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiNmY2bHlxUEpRazIxUVpEOWxrT2RrekpDbU1KZmhJa0J2aDM3RTJ1Z1kvRStsYTViQlhBcHJNVWpaNW5mWlBCbVB3Y1JHQ1B1UGRHTFBXT0lxTDJJTHVKWTFiczU3bzVON0xJTlBCMWJzd056NVowUzJnQmVFdEl0NmJSQ0F4VlhReVBBYmEzS1J3MG5wbjRsZHJFTnVUK2MyQlMyem1tSFhYcU9mbGZYN3d5Y0lOSTVHY0l3N29JdFBkaU51Qzl1TTNuNXdoYkY0RTR0RXNDdU9wYmxIUGhEVytBVTVRclJkQ0RJT2pFRk1UaDNyR3pDRUxuMnZiMmVoS05CM1BnRXR4aTk0Z2FETUk2aHlObTEyUnplTTc0KzhKQ2VxWUtIbXVISDBzTms2VWljIiwiZXhwIjoxNzE1MDgzMDExLCJpYXQiOjE3MTUwNjg2MTF9.EgpxNMi4oE-gGkW7_d5TkojYtCD9_1nkVZV3iYISvTmTRHU9cba5B-typB_Ys_QhgjtQHHDERhERe81bVeB9NA
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder; platform_type=desktop; auid=sv0dM2Y53rKJcwD9AxxYAg==; SESSION=a2f5c34fdc98d4dc79ec14adc732be85; window_width=1280; _glhf=1715086374; che_g=277ff3df-2e51-ec4f-06d0-569e93b07f06; application_locale=en; sh.session.id=2f059054-1edc-45d1-9f6c-be2b21cfc178; ggru=181; _ga_7JGWL9SV66=GS1.1.1715068611.1.0.1715068611.60.0.0; _ga=GA1.1.780917435.1715068611
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:57:02 GMT
content-type: application/json; charset=utf-8
content-length: 2728
cache-control: public, max-age=5
content-encoding: br
last-modified: Tue, 07 May 2024 07:57:02 GMT
vary: Accept-Encoding
x-time-ng: 0.010
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.018
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/2c4bdd620ac9.js | 185.244.209.62 | 200 OK | 5.3 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/2c4bdd620ac9.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Hashb58bdcd611365c0a4588a46e37d01f58 c6a98435ab7da49311886aa287192ee871f32f6f e1f406a1618b81efd5a0d27542d10b7348dfd467ff0d8c94a8e99fda3679d559
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/2c4bdd620ac9.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:45 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 01 May 2024 08:21:41 GMT
etag: W/"db345f9ab9f4b60494ed02dd78f38d79"
x-amz-meta-mtime: 1714551564.667873602
content-encoding: gzip
expires: Thu, 02 May 2024 15:20:56 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-139455be3aebdf0a64a07949bb581cac-6d3cb2fcd102e695-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-01T15:20:56+00:00, 2024-05-06T16:17:06+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/banner/0cd280af89b0819825587a2cf75e33d0.webp | 185.244.209.62 | | 21 kB |
URL v3.traincdn.com/genfiles/cms/1/desktop/banner/0cd280af89b0819825587a2cf75e33d0.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1380x248, Scaling: [none]x[none], YUV color, decoders should clamp Hash1e9191583a9bca6627e85945c6c5d3f1 f2d4d5e76e448d1dd986c9616a660ae6c7806dde 733d49aa25dab77ba7fe51a0a831f51e988d3201c5cfc6fbc808c3b2c59b48c1
GET /genfiles/cms/1/desktop/banner/0cd280af89b0819825587a2cf75e33d0.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:57:04 GMT
content-type: image/webp
content-length: 21412
last-modified: Fri, 12 Apr 2024 09:23:52 GMT
etag: "1e9191583a9bca6627e85945c6c5d3f1"
x-time-ng: 0.002
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
x-cached-since: 2024-04-12T09:33:12+00:00
traceparent: 00-be7ae8819c91fb1746cb6164cbc1d648-2a8c724c6a27dd02-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true | 178.253.29.51 | | 8.1 kB |
URL 1xlite-461430.top/service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
Hash0a7ee9e3b58123c19d25b8acfa639eaf 13f1cd6aa2d84f50037aa27c0b7c228a116833af 6ed8e5d290f05b032df0464e97287f401db349355c4a8ce9a06350b037c93272
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiNmY2bHlxUEpRazIxUVpEOWxrT2RrekpDbU1KZmhJa0J2aDM3RTJ1Z1kvRStsYTViQlhBcHJNVWpaNW5mWlBCbVB3Y1JHQ1B1UGRHTFBXT0lxTDJJTHVKWTFiczU3bzVON0xJTlBCMWJzd056NVowUzJnQmVFdEl0NmJSQ0F4VlhReVBBYmEzS1J3MG5wbjRsZHJFTnVUK2MyQlMyem1tSFhYcU9mbGZYN3d5Y0lOSTVHY0l3N29JdFBkaU51Qzl1TTNuNXdoYkY0RTR0RXNDdU9wYmxIUGhEVytBVTVRclJkQ0RJT2pFRk1UaDNyR3pDRUxuMnZiMmVoS05CM1BnRXR4aTk0Z2FETUk2aHlObTEyUnplTTc0KzhKQ2VxWUtIbXVISDBzTms2VWljIiwiZXhwIjoxNzE1MDgzMDExLCJpYXQiOjE3MTUwNjg2MTF9.EgpxNMi4oE-gGkW7_d5TkojYtCD9_1nkVZV3iYISvTmTRHU9cba5B-typB_Ys_QhgjtQHHDERhERe81bVeB9NA
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder; platform_type=desktop; auid=sv0dM2Y53rKJcwD9AxxYAg==; SESSION=a2f5c34fdc98d4dc79ec14adc732be85; window_width=1280; _glhf=1715086374; che_g=277ff3df-2e51-ec4f-06d0-569e93b07f06; application_locale=en; sh.session.id=2f059054-1edc-45d1-9f6c-be2b21cfc178; ggru=181; _ga_7JGWL9SV66=GS1.1.1715068611.1.0.1715068611.60.0.0; _ga=GA1.1.780917435.1715068611
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:57:06 GMT
content-type: application/json; charset=utf-8
content-length: 8092
cache-control: public, max-age=5
content-encoding: br
last-modified: Tue, 07 May 2024 07:57:06 GMT
vary: Accept-Encoding
x-time-ng: 0.015
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.025
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/bff-api/config/contacts.json?type=2&lang=en | 178.253.29.51 | 200 OK | 1.5 kB |
URL GET HTTP/21xlite-461430.top/bff-api/config/contacts.json?type=2&lang=en IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hash5e57488ece417dfb2d0d023a6c9d0423 cc3add288721c1e6c3d3e9413fd0de50a9d38467 8da57ebaa0d0d6ecfbac547e80404973484e6cd38820bb8adfcde943511e4c28
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /bff-api/config/contacts.json?type=2&lang=en HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder; platform_type=desktop; auid=sv0dM2Y53rKJcwD9AxxYAg==; SESSION=a2f5c34fdc98d4dc79ec14adc732be85; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:38 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: br
server-timing: bff;dur=8.14, dt_total;dur=32.370, wf-uht;dur=0.040
traceparent: 00-3fa8b0500e9388c6e68edca2f5fe1534-97f78ea158dd5406-01
vary: Accept-Encoding
x-dt: 285
x-time-ng: 0.013
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| pp23vi1.com/static/pixel.gif?1715068626486 | 178.253.14.123 | | 43 B |
URL pp23vi1.com/static/pixel.gif?1715068626486 IP178.253.14.123:0 ASN#202492 Silverhill Group Holding Ltd
File typeGIF image data, version 89a, 1 x 1 Hashad4b0f606e0f8465bc4c4c170b37e1a3 50b30fd5f87c85fe5cba2635cb83316ca71250d7 cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /static/pixel.gif?1715068626486 HTTP/1.1
Host: pp23vi1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:57:06 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true | 178.253.29.51 | | 2.7 kB |
URL 1xlite-461430.top/service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
Hash7cc6d8a99c09a9e44fc3ce06a868f454 b1feaaef47c248086ae0e071b59cbba64b00e1f7 60a1811cdffb2a2f900325db24dc0a2e90ce6287de9ab2d601ec91b3193f7ce7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiNmY2bHlxUEpRazIxUVpEOWxrT2RrekpDbU1KZmhJa0J2aDM3RTJ1Z1kvRStsYTViQlhBcHJNVWpaNW5mWlBCbVB3Y1JHQ1B1UGRHTFBXT0lxTDJJTHVKWTFiczU3bzVON0xJTlBCMWJzd056NVowUzJnQmVFdEl0NmJSQ0F4VlhReVBBYmEzS1J3MG5wbjRsZHJFTnVUK2MyQlMyem1tSFhYcU9mbGZYN3d5Y0lOSTVHY0l3N29JdFBkaU51Qzl1TTNuNXdoYkY0RTR0RXNDdU9wYmxIUGhEVytBVTVRclJkQ0RJT2pFRk1UaDNyR3pDRUxuMnZiMmVoS05CM1BnRXR4aTk0Z2FETUk2aHlObTEyUnplTTc0KzhKQ2VxWUtIbXVISDBzTms2VWljIiwiZXhwIjoxNzE1MDgzMDExLCJpYXQiOjE3MTUwNjg2MTF9.EgpxNMi4oE-gGkW7_d5TkojYtCD9_1nkVZV3iYISvTmTRHU9cba5B-typB_Ys_QhgjtQHHDERhERe81bVeB9NA
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder; platform_type=desktop; auid=sv0dM2Y53rKJcwD9AxxYAg==; SESSION=a2f5c34fdc98d4dc79ec14adc732be85; window_width=1280; _glhf=1715086374; che_g=277ff3df-2e51-ec4f-06d0-569e93b07f06; application_locale=en; sh.session.id=2f059054-1edc-45d1-9f6c-be2b21cfc178; ggru=181; _ga_7JGWL9SV66=GS1.1.1715068611.1.0.1715068611.60.0.0; _ga=GA1.1.780917435.1715068611; che_i=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:57:07 GMT
content-type: application/json; charset=utf-8
content-length: 2728
cache-control: public, max-age=5
content-encoding: br
last-modified: Tue, 07 May 2024 07:57:02 GMT
vary: Accept-Encoding
x-time-ng: 0.010
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/banner/48c55a46abd5ab116e797f7903d61d9a.webp | 185.244.209.62 | | 22 kB |
URL v3.traincdn.com/genfiles/cms/1/desktop/banner/48c55a46abd5ab116e797f7903d61d9a.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1380x248, Scaling: [none]x[none], YUV color, decoders should clamp Hash223959ab229c22ef60216e9c780ef376 03fef16fe4253987b207ebd4f5ab77da8262cad7 07dc1d52de65dc11175476efd14081c77cec2379f6b78879bca4c079c2675a3e
GET /genfiles/cms/1/desktop/banner/48c55a46abd5ab116e797f7903d61d9a.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:57:09 GMT
content-type: image/webp
content-length: 22384
last-modified: Wed, 06 Sep 2023 13:14:07 GMT
etag: "223959ab229c22ef60216e9c780ef376"
x-time-ng: 0.001
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
x-cached-since: 2024-02-27T14:23:29+00:00
traceparent: 00-fe486d371070f7e6497e9c69c7e308cf-686625e82a35678c-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| widget.suphelper.top/_next/static/f385e6db/_middlewareManifest.js | 104.18.39.72 | 200 OK | 92 B |
URL GET HTTP/2widget.suphelper.top/_next/static/f385e6db/_middlewareManifest.js IP104.18.39.72:443
Requested byhttps://widget.suphelper.top/ CertificateIssuerGoogle Trust Services LLC Subjectsuphelper.top Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36 ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT
File typeASCII text, with no line terminators Hash7c3f7e060745668041278118c0bb3d6d e639f56695b3cc30d78dce7a0084aa8299a1311a de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a
GET /_next/static/f385e6db/_middlewareManifest.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 07:56:40 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Thu, 02 May 2024 07:01:48 GMT
etag: W/"5c-18f381bf92a"
vary: Accept-Encoding
cf-cache-status: HIT
age: 434950
expires: Wed, 07 May 2025 07:56:40 GMT
server: cloudflare
cf-ray: 87ffa79ed9cf568a-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sfiles/games-images/game-animations/game-316-animation.svg | 185.244.209.62 | 200 OK | 13 kB |
URL GET HTTP/2v3.traincdn.com/sfiles/games-images/game-animations/game-316-animation.svg IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash0db44d13e7a50cd2da8dd47ff024f1cd 719bb6c0f3bd8ebabc6c3f53606affb21fd9a4b7 92690d6a77132101517ef7ee09173a4629fd85ba10a6a25033ba80f7967e8fe7
GET /sfiles/games-images/game-animations/game-316-animation.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:40 GMT
content-type: image/svg+xml
last-modified: Tue, 16 Jan 2024 08:41:20 GMT
etag: W/"0db44d13e7a50cd2da8dd47ff024f1cd"
x-amz-meta-origin-date-iso8601: 2024-01-12T15:48:06.000Z
expires: Tue, 07 May 2024 00:00:59 GMT
cache-control: max-age=86400, public
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-c9772e123d4df3891dc592965d24f9fc-3457183be77c2091-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T00:00:59+00:00, 2024-05-07T00:43:06+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/49e90f3b8dc2.js | 185.244.209.62 | 200 OK | 2.1 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/49e90f3b8dc2.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (2253), with no line terminators Hash38eddc87d9802424d0855b8317ddabfc 6f1bd327bb5c7e4ca9d34c74aac2c5fcd700560d de43ff408b1e4c8c8430e572f23a54bb6b81b1fb6016c44a9f982551fa4bed20
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/49e90f3b8dc2.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:45 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 01 May 2024 08:21:41 GMT
etag: W/"e4a5e0e3cafb59fadf6c400cfd363b1a"
x-amz-meta-mtime: 1714551564.671873539
content-encoding: gzip
expires: Thu, 02 May 2024 15:20:56 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-5035be7559f682a14f6da60a605a6c0c-566c05c33b707d3d-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-01T15:20:56+00:00, 2024-05-06T16:17:06+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/635ff2d38c89.js | 185.244.209.62 | 200 OK | 435 B |
URL GET HTTP/2v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/635ff2d38c89.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (442), with no line terminators Hash0a0303b2b4571c9780a09fbda34532f9 2d56aac777818d2f291c6a384bd76cd7aed23443 1178b48d568d9023eee8521972ed62783037fd873659b9fe21e7d289cbe5f54e
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/635ff2d38c89.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:45 GMT
content-type: text/javascript; charset=utf-8
content-length: 435
last-modified: Wed, 01 May 2024 08:21:41 GMT
etag: "213bb33769eecf49a9d71c164b83a3d6"
x-amz-meta-mtime: 1714551564.671873539
expires: Thu, 02 May 2024 15:20:56 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-305241a7ab002bd751a653d1c7dde697-bea41164be4841df-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-01T15:20:56+00:00, 2024-05-06T16:17:06+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-ui/3.2.2/Desktop/Default/client.css | 185.244.209.62 | 200 OK | 1.0 MB |
URL GET HTTP/2v3.traincdn.com/sys-ui/3.2.2/Desktop/Default/client.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
Size1.0 MB (1048646 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sys-ui/3.2.2/Desktop/Default/client.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:40 GMT
content-type: text/css; charset=utf-8
last-modified: Fri, 19 Apr 2024 10:16:19 GMT
etag: W/"e4b8405071f7ea0e1aa13cd501543a44"
x-amz-meta-mtime: 1713521458.745453226
content-encoding: gzip
expires: Sat, 20 Apr 2024 11:51:17 GMT
cache-control: max-age=86400
x-time-ng: 0.010
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-2f7492a9ca3c6fd7e0225c6c53cb99e6-5afe1baa40f717d5-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-19T11:51:17+00:00, 2024-05-06T14:20:58+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/7f79b3bfb64b.css | 185.244.209.62 | 200 OK | 289 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/7f79b3bfb64b.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (65536), with no line terminators Size289 kB (289240 bytes) Hash304cc943df23445a393ae3d5b02dc1c7 8bc0dae92bd7fccaab5d6dc33e6e5718191ea73b 7f79b3bfb64b8561951fdbd366b6d0cf8febf173f50b4f038e039abfcae5c913
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/7f79b3bfb64b.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:40 GMT
content-type: text/css; charset=utf-8
last-modified: Wed, 01 May 2024 08:21:41 GMT
etag: W/"304cc943df23445a393ae3d5b02dc1c7"
x-amz-meta-mtime: 1714551564.671873539
content-encoding: gzip
expires: Thu, 02 May 2024 15:20:45 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-8344c9ccc4c6054ceb1b3f86380f5a2f-297c10750d8a4c50-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-01T15:20:45+00:00, 2024-05-06T16:17:03+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/d492f4568b81.js | 185.244.209.62 | 200 OK | 1.4 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/d492f4568b81.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (1424), with no line terminators Hash7d1f3b129b89a981300b50d0cef52e44 d7e0c099325d4b1dd8e1bd56a05807c312c52633 77040a8b5997e69f1b5794f46817b3354099cb3e0d19548a53e1e25e2773cb2e
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/d492f4568b81.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:45 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 01 May 2024 08:21:42 GMT
etag: W/"1ca49088b69c49762c2b4dab10ebe060"
x-amz-meta-mtime: 1714551564.675873475
content-encoding: gzip
expires: Thu, 02 May 2024 15:20:56 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-a8f70d7766048561663bdf9b5b856041-af6bf256c4fb7265-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-01T15:20:56+00:00, 2024-05-06T16:17:06+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-icons/1.0.330/285/common.svg | 185.244.209.62 | 200 OK | 147 kB |
URL GET HTTP/2v3.traincdn.com/sys-icons/1.0.330/285/common.svg IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Size147 kB (146981 bytes) Hash7bf3e9e7d79beac942f5e7748a3af2e6 7c6896ef647506806f2cdbe998d8c9eb845a1754 663e2fc5004af9c6c1969fc5827d7ffdbfeec8d4753efd831208cb179f0a488f
GET /sys-icons/1.0.330/285/common.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:46 GMT
content-type: image/svg+xml
last-modified: Tue, 16 Apr 2024 09:41:01 GMT
etag: W/"7bf3e9e7d79beac942f5e7748a3af2e6"
x-amz-meta-mtime: 1713260458.134664491
content-encoding: gzip
expires: Fri, 19 Apr 2024 12:42:12 GMT
cache-control: max-age=86400
x-time-ng: 0.001
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-a24a7707fe5ba611630837729dab5d7f-d4eac87970cbf544-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-18T12:42:12+00:00, 2024-05-06T15:18:42+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/web-api/external-api/v3/banners?project_id=285&country_code=NO&language=en&platform=2§ion=6&is_auth=false&limit=100 | 178.253.29.51 | 200 OK | 31 kB |
URL GET HTTP/21xlite-461430.top/web-api/external-api/v3/banners?project_id=285&country_code=NO&language=en&platform=2§ion=6&is_auth=false&limit=100 IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /web-api/external-api/v3/banners?project_id=285&country_code=NO&language=en&platform=2§ion=6&is_auth=false&limit=100 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_73595m_32273c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5DSmartCPM%5B%5D6895621_d28985_l35449_clickunder; platform_type=desktop; auid=sv0dM2Y53rKJcwD9AxxYAg==; SESSION=a2f5c34fdc98d4dc79ec14adc732be85; window_width=1280; _glhf=1715086374; che_g=277ff3df-2e51-ec4f-06d0-569e93b07f06; application_locale=en; sh.session.id=2f059054-1edc-45d1-9f6c-be2b21cfc178
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:40 GMT
content-type: application/vnd.api+json
vary: Accept-Encoding
cache-control: no-cache, private
server-timing: p;dur=222, dt_total;dur=223.871, wf-uht;dur=0.236
traceparent: 00-590e65e8995583f1baf5849d7263b46d-9463067f270a25cb-01
x-dt: 285
x-time-ng: 0.223
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/c7de6303dfb7.js | 185.244.209.62 | 200 OK | 424 B |
URL GET HTTP/2v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/c7de6303dfb7.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (441), with no line terminators Hashf911ee0234277e327d2c022f302a7c00 8bb8735151af34da1b8b5535d8edba40ef651880 8d6afd5d1b2268065bd9d67a99b954636dc4fb05939280c2a32738040f8fb0e5
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/c7de6303dfb7.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:45 GMT
content-type: text/javascript; charset=utf-8
content-length: 424
last-modified: Wed, 01 May 2024 08:21:42 GMT
etag: "33e7498a57ccd45d4321735d481a7313"
x-amz-meta-mtime: 1714551564.675873475
expires: Thu, 02 May 2024 15:20:56 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-86d0eecaf2576928787ab50aa15a7fc9-0d4433e8e983d562-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-01T15:20:56+00:00, 2024-05-06T16:17:06+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/0f8a3bdbdd12.js | 185.244.209.62 | 200 OK | 1.0 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/0f8a3bdbdd12.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_73595m_32273c_[]MS[]null[]null[]SmartCPM[]6895621_d28985_l35449_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (1063), with no line terminators Hash41ad46b89bddf6099bbfe8a7f7e8e5db 96945b61c321c2736dc5bbbfb643bfea43fc8f57 263d8c8e23eeac579f80376ba8ac0850dfc36b7cfb420b90aa183dc716931a4a
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/0f8a3bdbdd12.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:56:45 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 01 May 2024 08:21:41 GMT
etag: W/"b49b08255ad6dd3864f907913b849ebe"
x-amz-meta-mtime: 1714551564.667873602
content-encoding: gzip
expires: Thu, 02 May 2024 15:20:56 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-fbf40caca92e018d77bf904ed1b5db1c-4f096ef0e1705269-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-01T15:20:56+00:00, 2024-05-06T16:17:06+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|