Report - melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch

Report Overview

Submitted URL
melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
IP
178.253.15.193
ASN
#202492 Silverhill Group Holding Ltd
Submitted
2024-05-07 06:49:29
Access
public
Website Title
MelBet bonus ᐉ All MelBet bonuses ᐉ melbet-754120.top
Final URL
melbet-754120.top/en/bonus/rules
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
110

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
melbet-754120.top	unknown	unknown	No data	No data	76 kB	1.5 MB	178.253.15.193
widget.suphelper.top	unknown	2023-08-02	2023-10-04	2024-05-02	7.2 kB	2.8 MB	104.18.39.72
images.dmca.com	11903	2000-05-18	2012-06-19	2024-05-03	421 B	182 kB	194.242.11.186
radar.cedexis.com	3035	2009-01-07	2013-11-27	2024-05-06	822 B	1.1 kB	45.54.49.5
pp23vi1.com	unknown	2023-03-09	2023-04-06	2024-04-26	439 B	387 B	178.253.14.123
v3.traincdn.com	unknown	2022-11-10	2022-11-25	2024-05-04	62 kB	5.5 MB	185.244.209.62
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-05-06	2.2 kB	516 kB	142.250.74.168
www.google.no	25607	2001-02-26	2016-04-05	2024-05-06	1.2 kB	1.1 kB	142.250.74.35
region1.analytics.google.com	unknown	1997-09-15	2022-03-17	2024-05-05	5.4 kB	2.6 kB	216.239.34.36

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-07	medium	melbet-754120.top	Sinkholed
2024-05-07	medium	melbet-754120.top	Sinkholed
2024-05-07	medium	melbet-754120.top	Sinkholed
2024-05-07	medium	melbet-754120.top	Sinkholed
2024-05-07	medium	melbet-754120.top	Sinkholed
2024-05-07	medium	melbet-754120.top	Sinkholed
2024-05-07	medium	melbet-754120.top	Sinkholed
2024-05-07	medium	melbet-754120.top	Sinkholed
2024-05-07	medium	melbet-754120.top	Sinkholed
2024-05-07	medium	melbet-754120.top	Sinkholed
2024-05-07	medium	melbet-754120.top	Sinkholed
2024-05-07	medium	melbet-754120.top	Sinkholed
2024-05-07	medium	melbet-754120.top	Sinkholed
2024-05-07	medium	melbet-754120.top	Sinkholed
2024-05-07	medium	melbet-754120.top	Sinkholed
2024-05-07	medium	melbet-754120.top	Sinkholed
2024-05-07	medium	melbet-754120.top	Sinkholed
2024-05-07	medium	melbet-754120.top	Sinkholed
2024-05-07	medium	melbet-754120.top	Sinkholed
2024-05-07	medium	melbet-754120.top	Sinkholed
2024-05-07	medium	melbet-754120.top	Sinkholed
2024-05-07	medium	melbet-754120.top	Sinkholed
2024-05-07	medium	melbet-754120.top	Sinkholed
2024-05-07	medium	melbet-754120.top	Sinkholed
2024-05-07	medium	melbet-754120.top	Sinkholed
2024-05-07	medium	melbet-754120.top	Sinkholed
2024-05-07	medium	melbet-754120.top	Sinkholed
2024-05-07	medium	melbet-754120.top	Sinkholed
2024-05-07	medium	melbet-754120.top	Sinkholed
2024-05-07	medium	melbet-754120.top	Sinkholed
2024-05-07	medium	melbet-754120.top	Sinkholed
2024-05-07	medium	melbet-754120.top	Sinkholed
2024-05-07	medium	melbet-754120.top	Sinkholed
2024-05-07	medium	melbet-754120.top	Sinkholed
2024-05-07	medium	melbet-754120.top	Sinkholed
2024-05-07	medium	melbet-754120.top	Sinkholed
2024-05-07	medium	melbet-754120.top	Sinkholed
2024-05-07	medium	melbet-754120.top	Sinkholed
2024-05-07	medium	melbet-754120.top	Sinkholed
2024-05-07	medium	melbet-754120.top	Sinkholed
2024-05-07	medium	melbet-754120.top	Sinkholed
2024-05-07	medium	melbet-754120.top	Sinkholed
2024-05-07	medium	melbet-754120.top	Sinkholed
2024-05-07	medium	melbet-754120.top	Sinkholed
2024-05-07	medium	melbet-754120.top	Sinkholed
2024-05-07	medium	melbet-754120.top	Sinkholed
2024-05-07	medium	melbet-754120.top	Sinkholed
2024-05-07	medium	melbet-754120.top	Sinkholed
2024-05-07	medium	melbet-754120.top	Sinkholed
2024-05-07	medium	melbet-754120.top	Sinkholed
2024-05-07	medium	melbet-754120.top	Sinkholed
2024-05-07	medium	melbet-754120.top	Sinkholed
2024-05-07	medium	melbet-754120.top	Sinkholed
2024-05-07	medium	melbet-754120.top	Sinkholed
2024-05-07	medium	melbet-754120.top	Sinkholed

ThreatFox

No alerts detected

JavaScript (71)

	URL	Size	First Seen	Last Seen
	v3.traincdn.com/_nuxt/desktop/melbet/Layout.FooterComponent.Lazy/Page.Game.Project-2f1ab718.js	17 kB	2024-05-07	2024-05-07
Pretty URL v3.traincdn.com/_nuxt/desktop/melbet/Layout.FooterComponent.Lazy/Page.Game.Project-2f1ab718.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 08:49:41 Last Seen2024-05-07 08:49:43 Times Seen2 Hash 20970a1d220a4c62090fcc1dd185d219 d8c3f817ee94033f8d199c9efade3d327ad7df62 e4742bbd5e1d28eef5ccfad2a5826dad3410eae7aa1c3a4452a752ee548e1c50 Loading...

	v3.traincdn.com/_nuxt/desktop/melbet/app-e1c59a2e.js	810 kB	2024-05-07	2024-05-07
Pretty URL v3.traincdn.com/_nuxt/desktop/melbet/app-e1c59a2e.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 08:49:41 Last Seen2024-05-07 08:49:43 Times Seen2 Hash c3ced8a77599ed29df5a5dbc4cf0d7bc 34bac081031ab93e7f64c64920015830429b7b99 06d6c28236a613c57973fe69964123490141b9f64ad36862f844f69da3b11bd7 Loading...

	images.dmca.com/Badges/DMCABadgeHelper.min.js	465 B	2023-03-07	2024-05-19
Pretty URL images.dmca.com/Badges/DMCABadgeHelper.min.js IP 194.242.11.186 ASN #34989 ServeTheWorld AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:48 Last Seen2024-05-19 09:06:24 Times Seen4020 Hash bac6fb686027b93b6565e1b1e5e8e213 e585bdd95488444f0ce2888d8281dbdaf73ca2ea e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0 Loading...

	melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch	722 B	2024-05-07	2024-05-07
Pretty URL melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch IP 178.253.15.193 ASN #202492 Silverhill Group Holding Ltd Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-07 08:49:41 Last Seen2024-05-07 08:49:41 Times Seen1 Hash 399158fcb875a6bc93318d123c17e700 33c6a72ba1ca329484ef4289bf99cf6005c67f00 ae96e8114bf7f6d164b85791adb81e6bab43d47a57f01f54032bfa053bf096ba Loading...

	v3.traincdn.com/_nuxt/desktop/melbet/vendors/Layout.FooterComponent.Lazy-03d28f55.js	29 kB	2024-05-07	2024-05-07
Pretty URL v3.traincdn.com/_nuxt/desktop/melbet/vendors/Layout.FooterComponent.Lazy-03d28f55.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 08:49:41 Last Seen2024-05-07 08:49:43 Times Seen2 Hash 9105bbceac693dcda559560f27e7c101 b0ce638a924bf4fd963bda295f1c900b97c07cee 23687885ae2f44cfbffe33487d0327dae07ddd3eb14f8ae00a155efe27e63111 Loading...

	v3.traincdn.com/_nuxt/desktop/melbet/vendors/app-9869f357.js	953 kB	2024-05-04	2024-05-07
Pretty URL v3.traincdn.com/_nuxt/desktop/melbet/vendors/app-9869f357.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 05:38:15 Last Seen2024-05-07 08:49:43 Times Seen4 Hash 250e9c69079c9e70662dd71d4a493483 d88298d440cd7c9f5d93517cc37243755e5491ce 135288c06c10bc213fed0d91fb331e31be13526943d1569044e98292bda88b06 Loading...

	melbet-754120.top/en/promotions/sandbox%20eval%20code	147 B	2023-04-11	2024-05-19
Pretty URL melbet-754120.top/en/promotions/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-19 10:42:00 Times Seen350637 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	www.googletagmanager.com/gtag/js?id=G-8SZ536WC7F&l=dataLayer&cx=c	294 kB	2024-05-07	2024-05-07
Pretty URL www.googletagmanager.com/gtag/js?id=G-8SZ536WC7F&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 08:49:41 Last Seen2024-05-07 08:49:45 Times Seen2 Hash 7d4f5b66a909046f853e91135f74c9a1 ec11c3a65177e2fe33565e5201200657e4cb5cbb 250be2de992ed1ba771728471723583fac8cde7661e4c4d315b44c65739c97b3 Loading...

	widget.suphelper.top/	196 B	2023-07-20	2024-05-19
Pretty URL widget.suphelper.top/ IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-07-20 14:42:12 Last Seen2024-05-19 10:32:53 Times Seen2108 Hash aa729c2ec64b60ce3b2052cc8edaa329 0f673deff4bffdd337a6220feb0b7b5b5ff666c4 9693391d461678be59d683100b1442f4ee65d2cf5bda3904fbf6232a7eb921ca Loading...

	unknown	34 B	2023-04-14	2024-05-19
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-14 16:26:15 Last Seen2024-05-19 10:32:53 Times Seen948 Hash 7bcdb973ab8af8e24ab11cb554a1ba6e 24e8a10f240f2b06f81d7c173cd0a90606641fc1 916ec4eb9b485eb47f43a17fe212e84e4b72600b45eb6d4588599ad495a57fcd Loading...

	v3.traincdn.com/_nuxt/desktop/melbet/date-fns-locale-21-c057a2f3.js	7.0 kB	2024-05-04	2024-05-07
Pretty URL v3.traincdn.com/_nuxt/desktop/melbet/date-fns-locale-21-c057a2f3.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 05:38:14 Last Seen2024-05-07 08:49:43 Times Seen4 Hash b2429588cd90adffd4de0c5d1533ea5d 7aee62227c45c486254354697c151198be7a7f8a a215b95ed20c4f14bc5007c8eea61be0b6ea6cb84492e20f0c7f0d174008fc66 Loading...

	v3.traincdn.com/sys-static/shared-assets/__shared_vue_deps_OVKZGHR6.js	81 kB	2024-04-24	2024-05-07
Pretty URL v3.traincdn.com/sys-static/shared-assets/__shared_vue_deps_OVKZGHR6.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-24 06:33:05 Last Seen2024-05-07 09:57:21 Times Seen4 Hash 39ee2eb3f7c493e991990cc0353dba17 1d467b8bfc8cc173bc2e09b18604f6663a3e805d f5f0228411b266e2943823e6456a6a29bbcc427bbca1d85291c768d59cc8804a Loading...

	v3.traincdn.com/sys-static/shared-assets/__shared_chunk_M4D4AAJL.js	101 kB	2024-04-24	2024-05-15
Pretty URL v3.traincdn.com/sys-static/shared-assets/__shared_chunk_M4D4AAJL.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-24 06:33:08 Last Seen2024-05-15 18:55:38 Times Seen69 Hash 51ddc52774f4e5bd6a6f1c22e9d19674 374c2fbb2b68ad9c28898dfe60da3fd828ccf7c4 642e66ee14ca90b6ff8f91fbfdce400c6834a037dee18a60a72922ea727bb442 Loading...

	widget.suphelper.top/_next/static/chunks/framework-49f1e091cbf6b261.js	141 kB	2023-03-08	2024-05-19
Pretty URL widget.suphelper.top/_next/static/chunks/framework-49f1e091cbf6b261.js IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 08:26:33 Last Seen2024-05-19 10:32:55 Times Seen2510 Hash 896d1930437c1ab92b8a359c1d6fdaae 71e0e23d1af9722f356eb5d1c497d100ec8b0f7a 8c508636d885890bfb5c56bcd6dad1b8b64c498781d351b588a8de7f686774d4 Loading...

	widget.suphelper.top/_next/static/chunks/0c294a17-329dda05de2a378d.js	10 kB	2024-01-20	2024-05-19
Pretty URL widget.suphelper.top/_next/static/chunks/0c294a17-329dda05de2a378d.js IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-20 01:21:35 Last Seen2024-05-19 10:32:55 Times Seen585 Hash 54b2d4e92e16d2ea51898124107af46a ab4225b696e63c9040de1511fa229cf65b4d3750 e17ccea95df87c35add9994b01ef7bb6e8b5c2ebea282c461199a140a5675662 Loading...

	v3.traincdn.com/_nuxt/desktop/melbet/consultant.supHelperV2-222492f3.js	3.2 kB	2024-04-29	2024-05-07
Pretty URL v3.traincdn.com/_nuxt/desktop/melbet/consultant.supHelperV2-222492f3.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-29 05:40:15 Last Seen2024-05-07 08:49:43 Times Seen6 Hash d752ef6e0291e3d95edc79023283c34f 5d9797afc5320fcd57aa3c9e15cbbdb5e98c5828 cbbf02bbe74b31882f7f838d1e7a8c58d0048f393861947eee1adec85f1f553b Loading...

	v3.traincdn.com/sys-static/shared-assets/__shared_localforage_PLMWICWN.js	30 kB	2024-03-23	2024-05-19
Pretty URL v3.traincdn.com/sys-static/shared-assets/__shared_localforage_PLMWICWN.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2024-03-23 16:35:38 Last Seen2024-05-19 08:11:50 Times Seen99 Hash dfa127e93d125d4f6c566203eaf225f2 32c1fd89c4eeed7ac2a942582b3786659b15cd43 cf5077d1cff62ce76807408ebc2203563b7a221ddf1cf38339c6d54289bff390 Loading...

	widget.suphelper.top/_next/static/chunks/main-fa1d3b21fd97b583.js	108 kB	2023-11-02	2024-05-19
Pretty URL widget.suphelper.top/_next/static/chunks/main-fa1d3b21fd97b583.js IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-02 21:20:57 Last Seen2024-05-19 10:32:55 Times Seen2501 Hash 83680ce862de40c43fc92e04b1ad0a3d 67eb6762545f4e1fee446794f4738d0f0577b6b4 e70f39978f08895aef6849daf891af65bff03e476eb9b1384dfb36cd4ac9fe75 Loading...

	widget.suphelper.top/_next/static/chunks/663-81a4add2f1c95639.js	373 kB	2024-04-24	2024-05-19
Pretty URL widget.suphelper.top/_next/static/chunks/663-81a4add2f1c95639.js IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 06:33:05 Last Seen2024-05-19 10:32:55 Times Seen214 Hash 36e4e2c2a2498b008514f1f0250c8018 cfa53d1c8533fb5941d9ff4f1e45e8c831658693 42cd70d177e33b23f4982b671f4bb7f03a966053874a320af3f3ea7b7b7ca1f0 Loading...

	widget.suphelper.top/_next/static/chunks/pages/index-ed7cd77912c6e3a9.js	107 kB	2024-04-25	2024-05-19
Pretty URL widget.suphelper.top/_next/static/chunks/pages/index-ed7cd77912c6e3a9.js IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 18:56:15 Last Seen2024-05-19 10:32:55 Times Seen219 Hash d0a7ecc59065580118a9ea8880c58962 21573546ac5011592094ef6aea0696ccdeb2164d e1b09efa81ca44cda394e366b64fbf2b3f0725eab9ad24782839cbb8f66842b5 Loading...

	v3.traincdn.com/sys-static/sys-promotions-and-bonuses-static/Desktop/Melbet/44136fa355b3/694280a8ba14.js	504 B	2024-05-07	2024-05-07
Pretty URL v3.traincdn.com/sys-static/sys-promotions-and-bonuses-static/Desktop/Melbet/44136fa355b3/694280a8ba14.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2024-05-07 08:49:41 Last Seen2024-05-07 08:49:43 Times Seen2 Hash 7374c5495be990f25f384da6a5630f1b 668f9f3bc508d13766d9c0102c1b396c375586b1 a8d8dff522f5ff4c3067e67ab735a56eda1b97fac1efbae5952157edd267f554 Loading...

	widget.suphelper.top/_next/static/chunks/81.9c6562bba5669b47.js	37 kB	2023-10-13	2024-05-19
Pretty URL widget.suphelper.top/_next/static/chunks/81.9c6562bba5669b47.js IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-13 06:04:09 Last Seen2024-05-19 10:32:52 Times Seen3212 Hash 6782c8abf3d14391f6ed5c805a973cf5 a08b255c0084e14d74199f5af64522ffaba14486 88331f3bf38157ecb0e64f22c08a582384dc74c8bae09d9f78b9eab5fe82cfa3 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-5P5J869	348 kB	2024-05-07	2024-05-07
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-5P5J869 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 08:49:41 Last Seen2024-05-07 08:49:45 Times Seen2 Hash 1acf4950135b81b44f281d5864b58e6a 7dce4b1b4a6a5e419b5058d9e11e67a86937e7da fabd6afc23284602bf53af08cf8f6291681c7d89733221d6b3b5965781c16a06 Loading...

	melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch	924 B	2024-02-25	2024-05-19
Pretty URL melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch IP 178.253.15.193 ASN #202492 Silverhill Group Holding Ltd Introduced by scriptElement Embedded in HTML true Observations First Seen2024-02-25 06:56:59 Last Seen2024-05-19 08:11:50 Times Seen134 Hash 92bf20f2f922cc746bec8fe320b23ed3 768e5dbe711e1b62cad807b11ded99ef85001483 b81f4c4f575092cb52a07f89a96291f8e258b3f6bf61e51df0fec3bcc3132fea Loading...

	v3.traincdn.com/_nuxt/desktop/melbet/vendors/conversion-eda6875d.js	198 kB	2024-05-04	2024-05-07
Pretty URL v3.traincdn.com/_nuxt/desktop/melbet/vendors/conversion-eda6875d.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 05:38:14 Last Seen2024-05-07 08:49:45 Times Seen4 Hash 44f2f1534037692a3b4d905b50e72a77 3a354eb1c5d1dec11479856be06eec91f67c646f fb132dc14c689250123c08e9fd97c4bdccc161a11c52205062f262eae1b2e868 Loading...

	melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch	484 kB	2024-05-07	2024-05-07
Pretty URL melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch IP 178.253.15.193 ASN #202492 Silverhill Group Holding Ltd Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-07 08:49:41 Last Seen2024-05-07 08:49:41 Times Seen1 Hash c7a02ba99dd6e74bbbc77d3a94763405 7fe83f5ef64be3a2c8b1a63ae40334c825f9a1a2 19cb0e60f8b271251cb430f378787ac2e8ff529788c328269623807ee467c73a Loading...

	v3.traincdn.com/_nuxt/desktop/melbet/DC-44a93834.js	2.3 kB	2024-05-04	2024-05-07
Pretty URL v3.traincdn.com/_nuxt/desktop/melbet/DC-44a93834.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 05:38:13 Last Seen2024-05-07 08:49:43 Times Seen4 Hash 2af2212948a0bc8a4594a041f353823b 6d2e59a112fa476262f78a6bf66562010224116d 4882e8605295327e076c7f357e1598f4207937e835196875f48b84fd83211d8e Loading...

	v3.traincdn.com/_nuxt/desktop/melbet/betting.media-3a45448c.js	17 kB	2024-05-04	2024-05-07
Pretty URL v3.traincdn.com/_nuxt/desktop/melbet/betting.media-3a45448c.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 05:38:12 Last Seen2024-05-07 08:49:43 Times Seen4 Hash 742ebe626acd39aa9135566e0bbe61b0 ba53fb30a6a31aef2679a8e2cd3543a501b57277 33b2bf82ecbb162fcd6e9fc0653007b497211df2cfb9518ce1a00d1323c3dec4 Loading...

	widget.suphelper.top/injector.js	208 kB	2023-12-17	2024-05-19
Pretty URL widget.suphelper.top/injector.js IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-17 15:23:16 Last Seen2024-05-19 10:32:52 Times Seen1019 Hash faa1c0b5a845868ac1a8071b6b87d458 71034e9bb2726a20b2afa197ff4e1b52c2ab976b d7585c13a4abd3b295a15b2bce2b2d7121a697f42ea85f89f40624ac26b075d0 Loading...

	v3.traincdn.com/_nuxt/desktop/melbet/Layout.SeoModule.Lazy-ea785647.js	8.7 kB	2024-05-04	2024-05-07
Pretty URL v3.traincdn.com/_nuxt/desktop/melbet/Layout.SeoModule.Lazy-ea785647.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 05:38:13 Last Seen2024-05-07 08:49:43 Times Seen4 Hash de4ef4a6af931707935a1324840a0230 997c56b2547e5e0a340dfd160f603812a52ae9de b7ee6096691141b46e74d37c903584ab2ea962788c83757a5ef59fdc85b5e36f Loading...

	v3.traincdn.com/_nuxt/desktop/melbet/Layout.FooterComponent.Lazy-3ea13a7c.js	26 kB	2024-05-07	2024-05-07
Pretty URL v3.traincdn.com/_nuxt/desktop/melbet/Layout.FooterComponent.Lazy-3ea13a7c.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 08:49:41 Last Seen2024-05-07 08:49:43 Times Seen2 Hash 95b830dc3caf073987552dc7a6c0ba4f dac549b10322e74a66a1140a17bbafa91a7278fd def304dc414c4633f28412da46c629226aed0ce168dd77cc1c48c1d2549b2191 Loading...

	v3.traincdn.com/_nuxt/desktop/melbet/vendors/plugins.v-tooltip-e72480a5.js	77 kB	2024-05-04	2024-05-07
Pretty URL v3.traincdn.com/_nuxt/desktop/melbet/vendors/plugins.v-tooltip-e72480a5.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 05:38:14 Last Seen2024-05-07 08:49:43 Times Seen4 Hash 88f0418cf9d96bc928ab572574206b84 4155bd875ea6667982b4bc33affa541fe1da72fe 629fa73fb850e73a18739713b965eed430ae675a19f63697d16ac21bdee9f1bb Loading...

	v3.traincdn.com/_nuxt/desktop/melbet/Betting.Core-b4ef71cb.js	2.4 kB	2024-05-07	2024-05-07
Pretty URL v3.traincdn.com/_nuxt/desktop/melbet/Betting.Core-b4ef71cb.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 08:49:41 Last Seen2024-05-07 08:49:43 Times Seen2 Hash c76243c22babcb60c83c8d6e8119525f d58c40c4fb13fde21913dcc7193e44357340e594 4eb54daf730e736c9b4d7bdd67527331b8018234618201ae401df1a0cbfc2d07 Loading...

	v3.traincdn.com/_nuxt/desktop/melbet/vendors/betting.media-27dceda1.js	56 kB	2024-05-04	2024-05-07
Pretty URL v3.traincdn.com/_nuxt/desktop/melbet/vendors/betting.media-27dceda1.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 05:38:13 Last Seen2024-05-07 08:49:43 Times Seen4 Hash e9ae66b817d039460caedd480c69cfb7 7bcc628c4b3564c2ec08d7d7f0f4caeef7fbd92e b9c5e18eab91a8ecb26c1db3a545530a111029f561183b16dff6d1ac129df86a Loading...

	widget.suphelper.top/_next/static/chunks/webpack-fb94d2f19425a3e3.js	3.8 kB	2023-10-05	2024-05-19
Pretty URL widget.suphelper.top/_next/static/chunks/webpack-fb94d2f19425a3e3.js IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-05 09:17:37 Last Seen2024-05-19 10:32:52 Times Seen2058 Hash ba1681cca05ff7b4f8698587da76ab26 7113520b461dfcbdcbc1725a1acc6e05547bf20e bcfc83f65454f29634e61503e84d77f3fe8bc06451b90927bf842e9ad352ac64 Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11	2024-05-19
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-19 10:42:00 Times Seen350122 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	v3.traincdn.com/_nuxt/desktop/melbet/vendors/plugins.vue-js-modal-d79908d5.js	27 kB	2024-05-04	2024-05-07
Pretty URL v3.traincdn.com/_nuxt/desktop/melbet/vendors/plugins.vue-js-modal-d79908d5.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 05:38:13 Last Seen2024-05-07 08:49:43 Times Seen4 Hash 4a87e388a2af478d2236f5242ee6dc48 ab36864c48e379ef52d69e265e7f67e794002ab7 18ad039f5ab0629fbe6356e9395ebc171cc5b60e25c6ede49d5d26e73aa48fa9 Loading...

	v3.traincdn.com/sys-static/shared-assets/__shared_vue_final_modal_XPPMTKII.js	25 kB	2024-04-24	2024-05-15
Pretty URL v3.traincdn.com/sys-static/shared-assets/__shared_vue_final_modal_XPPMTKII.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-24 06:33:06 Last Seen2024-05-15 18:55:36 Times Seen55 Hash 701ad5a22b8ea7213a53e334d0898349 87749d947f6aa40eb671447b58261d710ec5479b 07669c2ea7c29dd69e47f5518ba73b76389f3479e19f7362b461ef0fff96c1f0 Loading...

	v3.traincdn.com/sys-static/shared-assets/__shared_accept_language_parser_QKZ6ULEV.js	1.3 kB	2024-03-23	2024-05-19
Pretty URL v3.traincdn.com/sys-static/shared-assets/__shared_accept_language_parser_QKZ6ULEV.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2024-03-23 16:35:35 Last Seen2024-05-19 08:11:50 Times Seen70 Hash 518e0ae196483ada8b528a1f2b7df0a1 50e66030d9aca44adb3bd7893ef3c42593e26be4 529ca09688eb85183a34a43651cad1e8fabae2a02924753d54786f3de5e85693 Loading...

	unknown	44 B	2023-04-14	2024-05-19
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-14 16:26:15 Last Seen2024-05-19 10:32:53 Times Seen937 Hash 00beb9884d0391b342eadd30744b539a 3124c0bd593822379d22f13d3e08e70a1bf5ea14 92394eec5690449a4f6cfc9a7f97497a69e926b2365cb9a9aad3507a844f835c Loading...

	www.googletagmanager.com/gtag/destination?id=G-8SZ536WC7F&l=dataLayer&cx=c	294 kB	2024-05-07	2024-05-07
Pretty URL www.googletagmanager.com/gtag/destination?id=G-8SZ536WC7F&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 08:49:42 Last Seen2024-05-07 08:49:45 Times Seen2 Hash 41f651a130ccc117a811eb5123d2d067 1d50628c2aaef12cfb8b488d0cd869ff1c6d1a1b 2e2c022046dbf7717f6e07c1865a2f8234e5090e9e202ebaf1a26a8ad9ecc794 Loading...

	v3.traincdn.com/_nuxt/desktop/melbet/runtime-f06def2c.js	47 kB	2024-05-07	2024-05-07
Pretty URL v3.traincdn.com/_nuxt/desktop/melbet/runtime-f06def2c.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 08:49:42 Last Seen2024-05-07 08:49:43 Times Seen2 Hash a9d988dd1d2e09fcb835624a5bca3d6c c9fe5253ae83c3f2973b27879b2a52da0e42c1ef ddf13bc67c0485e4b437e1d076a2d6c3734218287259236ae67e67cfaf36ff13 Loading...

	v3.traincdn.com/sys-static/shared-assets/__shared_chunk_Y7BFQXXC.js	1.0 kB	2024-03-23	2024-05-19
Pretty URL v3.traincdn.com/sys-static/shared-assets/__shared_chunk_Y7BFQXXC.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2024-03-23 16:35:38 Last Seen2024-05-19 08:11:50 Times Seen70 Hash 8fecd56fc5520134f3c39b17431fe0c2 e0cedac030a1fcf68779a592ed9e0775beb45123 3e01dfddf1e68faa32769d615eeb0e838a29241d18a57090040c595ee05f0ba8 Loading...

	v3.traincdn.com/sys-static/sys-promotions-and-bonuses-static/Desktop/Melbet/44136fa355b3/entry-70d2ec9b.js	888 kB	2024-05-07	2024-05-07
Pretty URL v3.traincdn.com/sys-static/sys-promotions-and-bonuses-static/Desktop/Melbet/44136fa355b3/entry-70d2ec9b.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 08:49:42 Last Seen2024-05-07 08:49:42 Times Seen1 Hash e08ce24d344be0010164a524e64fbced 8c1dd7e3429653d4b76f283e3cd4575b2c3cbd74 aee10fce00c23177667a28bf4e1da78ba0e7a94bc44fb4c26987a220feb5d94a Loading...

	melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch	162 kB	2024-05-07	2024-05-07
Pretty URL melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch IP 178.253.15.193 ASN #202492 Silverhill Group Holding Ltd Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-07 08:49:42 Last Seen2024-05-07 08:49:42 Times Seen1 Hash 7ddf218014c2d91b2c95ad4e5310ffa0 5a115a1f3244863786115d3c6cac043867736882 aab567b64cfb0dc280ded4a09324a119c8687796a91caa75ae006e8c9a833cd8 Loading...

	v3.traincdn.com/_nuxt/check-ob.js	211 B	2024-04-24	2024-05-19
Pretty URL v3.traincdn.com/_nuxt/check-ob.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 06:33:10 Last Seen2024-05-19 08:11:51 Times Seen245 Hash ced67278c38d1ce1297c121af69fff8a df6e1531fd84d956263b04254e6f94f5356623f4 2958134c3c00f7c6320858dd66e454c2856e4842821d3523c4cc5e44e1ec8616 Loading...

	unknown	39 B	2023-04-14	2024-05-19
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-14 16:26:15 Last Seen2024-05-19 10:32:52 Times Seen940 Hash bc51ed8c76553717f10d58b2df60fd76 e2d03a8fd8d280074b226c288880f9df299c7cb1 bee994eaf88453f6343ba57571a069054c12c9b4e42f8cbad4f2ad75c7fb264c Loading...

	www.googletagmanager.com/gtag/js?id=G-435XWQE678	311 kB	2024-05-07	2024-05-07
Pretty URL www.googletagmanager.com/gtag/js?id=G-435XWQE678 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 08:49:42 Last Seen2024-05-07 08:49:45 Times Seen2 Hash 591dd669ed6e9ae2d39b286129abf488 164c45f0625693eba9cbe794a8a3ce181f3055c7 070a4465de9d8c67b54a188d7a62fff357bd1f8bf9ae9dfbffffdce353f375ba Loading...

	radar.cedexis.com/1/23802/radar.js	390 B	2024-02-13	2024-05-19
Pretty URL radar.cedexis.com/1/23802/radar.js IP 45.54.49.5 ASN #63911 NetActuate, Inc Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-13 14:23:26 Last Seen2024-05-19 08:11:52 Times Seen273 Hash 82dec77fd0353c7c71ce053b8601387e fbbca95419e1d0c042e0a5fdf10f380aca66188c 39f2b7b0fa78d37d0c84d2d6618bd635d86fd683d9bcdd5729850cb2a62522f7 Loading...

	v3.traincdn.com/_nuxt/desktop/melbet/Footer.footerLicenseImage-09e53bbb.js	1.3 kB	2024-05-07	2024-05-07
Pretty URL v3.traincdn.com/_nuxt/desktop/melbet/Footer.footerLicenseImage-09e53bbb.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 08:49:42 Last Seen2024-05-07 08:49:43 Times Seen2 Hash e36e15b1a9fe7a343085d410dbff3512 d6ed61a8d737e54df4732e7835dc9106a433bb76 2af19c0ba522a100c2452273e3966b24abfd1b2c77a0dd4349d5a67da8f4ad49 Loading...

	widget.suphelper.top/_next/static/chunks/1743016e-d00d67a74426f155.js	481 kB	2024-01-20	2024-05-19
Pretty URL widget.suphelper.top/_next/static/chunks/1743016e-d00d67a74426f155.js IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-20 01:21:34 Last Seen2024-05-19 10:32:55 Times Seen580 Hash 46260bb46d51262abee818c0c3bcf1c6 fe3be222aec74704fad1fa2559788b1fa287094a 20700e65659e04d422580d9c792ba811b7b76de4ec1b3163c284af83bd5a7d6c Loading...

	unknown	422 B	2023-05-26	2024-05-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-26 17:18:50 Last Seen2024-05-19 08:11:50 Times Seen414 Hash f0367b6521012356c6e140b67fe6748e bf88133bfde89c866ea6b978daa79775e5987b04 b95016a37316ac2cd2af8539d6693daefa55c443e220613ec02e10f8cc902c71 Loading...

	unknown	96 B	2023-12-06	2024-05-19
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-12-06 14:32:27 Last Seen2024-05-19 08:11:50 Times Seen959 Hash 94361ed86ab9b2fbb8d805c2025df46a 3f428332f7a1c7196a85c93a373a966d75708c19 eee4d228a49a86625f29410cf9a23d145e821a09cbb1f7a4d7557d206872715a Loading...

	v3.traincdn.com/_nuxt/desktop/melbet/vendors/plugins.vue-notification-d49f5d6a.js	12 kB	2024-05-04	2024-05-07
Pretty URL v3.traincdn.com/_nuxt/desktop/melbet/vendors/plugins.vue-notification-d49f5d6a.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 05:38:14 Last Seen2024-05-07 08:49:43 Times Seen4 Hash b2a6611813c970622826409b27b93b96 73d514208b13f98fdbae3daefac1613ea29de329 db4aad6aebd6ed1c3cb177e40ca9d1f883bbf46e70acfca87360362fa40cbfa4 Loading...

	unknown	47 B	2023-04-14	2024-05-19
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-14 16:26:15 Last Seen2024-05-19 10:32:53 Times Seen937 Hash a01893d8e129ad16c1e0fc5c7537f411 0e46d1bf2718f848d9d596fa269eaedb31204772 cbe7b89533bcd75b69f3e54807308551d68242ec1761e63bee1a99fc6e560175 Loading...

	v3.traincdn.com/_nuxt/desktop/melbet/analytics-cef615e4.js	6.4 kB	2024-04-29	2024-05-07
Pretty URL v3.traincdn.com/_nuxt/desktop/melbet/analytics-cef615e4.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-29 05:40:17 Last Seen2024-05-07 08:49:45 Times Seen8 Hash 5eb8fda9ab49584fa24e09cea47cae17 f37704e2ffd37e536a3664448f4a51a53e18fae8 f6b530fe510a8d1df812687f34e1e2516a46d1e39ba815c8a821c5cdadf9e1cb Loading...

	v3.traincdn.com/_nuxt/desktop/melbet/commons/app-b051999f.js	138 kB	2024-05-04	2024-05-07
Pretty URL v3.traincdn.com/_nuxt/desktop/melbet/commons/app-b051999f.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 05:38:13 Last Seen2024-05-07 08:49:43 Times Seen4 Hash d0418bbec378e0ed9294ac30cef20f77 de12d9a04b2e8df90321903faf77758fe1e549fb 5b9afb698b27d3f03ddf0b25afc58d760b440d8931d3ab68f66aadb35d61fed0 Loading...

	v3.traincdn.com/sys-static/sys-promotions-and-bonuses-static/Desktop/Melbet/44136fa355b3/4f817b1c7fd8.js	715 B	2024-05-07	2024-05-07
Pretty URL v3.traincdn.com/sys-static/sys-promotions-and-bonuses-static/Desktop/Melbet/44136fa355b3/4f817b1c7fd8.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 08:49:42 Last Seen2024-05-07 08:49:43 Times Seen2 Hash f85953a4743a6680ebbd5a5ab4456d2a 904b5348cd03f598c1e06aa443cbe749ab14cbab 5719f0bf388e45f7dfe9432b290a4a81956ed5531f395c230481e0b01678cc4b Loading...

	widget.suphelper.top/_next/static/f385e6db/_buildManifest.js	519 B	2024-04-25	2024-05-19
Pretty URL widget.suphelper.top/_next/static/f385e6db/_buildManifest.js IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 18:56:14 Last Seen2024-05-19 10:32:53 Times Seen133 Hash 06c1d20d74764a4f7dea57ebb09df4d8 d6592eaad86ec7b7bc373774bf911385ea7cf07d 46185c722db3b74c04c371b445abb1da2fa2592059437ee508a23e96c1fdf169 Loading...

	widget.suphelper.top/_next/static/f385e6db/_middlewareManifest.js	92 B	2023-03-07	2024-05-19
Pretty URL widget.suphelper.top/_next/static/f385e6db/_middlewareManifest.js IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:01 Last Seen2024-05-19 10:32:55 Times Seen7985 Hash 7c3f7e060745668041278118c0bb3d6d e639f56695b3cc30d78dce7a0084aa8299a1311a de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a Loading...

	unknown	47 B	2023-04-14	2024-05-19
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-14 16:26:15 Last Seen2024-05-19 10:32:52 Times Seen935 Hash 580b3e56fc9ab6e8b4655f43ee057cc1 5dfce565e446f4a167195de9a1a5dd26163c711c 446f07b6e56de61d2c2d5b6ba408cc580b492a6d1ede8fc51cfde4ef75a2b382 Loading...

	melbet-754120.top/polyfills.js	0 B	2023-03-07	2024-05-19
Pretty URL melbet-754120.top/polyfills.js IP 178.253.15.193 ASN #202492 Silverhill Group Holding Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-19 10:44:46 Times Seen37823139 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	data:text/javascript,export const meta = import.meta;	32 B	2023-12-06	2024-05-19
Pretty URL data:text/javascript,export const meta = import.meta; IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-06 14:32:28 Last Seen2024-05-19 08:11:50 Times Seen959 Hash 6d772b7d405b447ecee54ab61cdd5108 dd65fb9cd5a7cb94a40fe161f4f72303a61eb3b7 b90ff694e492935b6036fb7e878d365dab51aafa46f0afb1e33414e7ecc3307b Loading...

	v3.traincdn.com/sys-static/shared-assets/__shared_sweetalert2_X3CQ7PJQ.js	69 kB	2024-03-23	2024-05-19
Pretty URL v3.traincdn.com/sys-static/shared-assets/__shared_sweetalert2_X3CQ7PJQ.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2024-03-23 16:35:38 Last Seen2024-05-19 08:11:52 Times Seen102 Hash 138de5d55ee831195dd90bbf5c557926 4413082980942643803d8d4567df2f8395c0e868 55a6d9d38b0c68a21367ae7ae43333bfa61e2eddd38b2376eb5b192f0a0383cd Loading...

	v3.traincdn.com/sys-static/shared-assets/__shared_popper_js_MO5RLEN3.js	21 kB	2024-03-23	2024-05-19
Pretty URL v3.traincdn.com/sys-static/shared-assets/__shared_popper_js_MO5RLEN3.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2024-03-23 16:35:33 Last Seen2024-05-19 08:11:52 Times Seen101 Hash 598d5481ac96b9bf8013b0eb1413b8e5 cc7e3384da379a215ac43b2385e901e22ceb6327 1488ecc35389c72a3aa26d468420069f6b719db456ea82605762311da663b65f Loading...

	widget.suphelper.top/_next/static/chunks/pages/_app-9c47c295eecaa68a.js	1.0 MB	2024-05-02	2024-05-15
Pretty URL widget.suphelper.top/_next/static/chunks/pages/_app-9c47c295eecaa68a.js IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 12:28:02 Last Seen2024-05-15 07:03:13 Times Seen91 Hash 5997e7f54cf2aebf463f16902ccbc7fc 659b9677d6196eabd63ce0feb5f4466accb72df7 08d0ab3696a84b16c7cc5306bf6d83dd27f99a2ce221ed337bf09dec8ebf95db Loading...

	widget.suphelper.top/_next/static/chunks/7413e8b9-8adee4b5b5407a55.js	78 kB	2024-01-20	2024-05-19
Pretty URL widget.suphelper.top/_next/static/chunks/7413e8b9-8adee4b5b5407a55.js IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-20 01:21:34 Last Seen2024-05-19 10:32:55 Times Seen588 Hash dc6852529f28802d37affa5953d07260 4edd220fe8df4b009a1775ebe57f19d40999659f 4aefb18221e4fb46818b0f52302b7c7717e45701e26990726cce645d8c80ed84 Loading...

	widget.suphelper.top/_next/static/f385e6db/_ssgManifest.js	77 B	2023-03-07	2024-05-19
Pretty URL widget.suphelper.top/_next/static/f385e6db/_ssgManifest.js IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:02 Last Seen2024-05-19 10:32:55 Times Seen87476 Hash b6652df95db52feb4daf4eca35380933 65451d110137761b318c82d9071c042db80c4036 6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e Loading...

		Size	First Seen	Last Seen
	#1 Eval - 958d2519a1f101526cdb4123fc8f3d12	36 kB	2024-05-07	2024-05-07
Pretty Observations First Seen2024-05-07 08:49:42 Last Seen2024-05-07 08:49:43 Times Seen1 Hash 958d2519a1f101526cdb4123fc8f3d12 63cc7119ca6ac4e3808ba414fee94b0f3628f361 3e8af3e2b0688df17a7992898883f144ab002b07e5c2ef02de86343dafa02235 Loading...

	#2 Eval - 1cb613c9fac8d4a042ac145bd2b0b908	74 B	2023-03-10	2024-05-19
Pretty Observations First Seen2023-03-10 02:25:26 Last Seen2024-05-19 08:11:50 Times Seen758 Hash 1cb613c9fac8d4a042ac145bd2b0b908 6b65ab0226881b7dfec53dc6a783200d4d8ec4eb e94cc16e157fd971a9c7f9e52504baedc499ffa1e2281887cd014f00b92d899f Loading...

	#3 Eval - 6ac3b7468570f5808af06e8ac1142781	141 kB	2024-05-07	2024-05-07
Pretty Observations First Seen2024-05-07 08:49:43 Last Seen2024-05-07 08:49:43 Times Seen1 Hash 6ac3b7468570f5808af06e8ac1142781 8066c4a06a05472f3547b50b5be8894a4ffc0026 f66d85aaaed64401bd01c921bdf795ac2a1f26bde803e65de59ba57215d74bb1 Loading...

HTTP Transactions (218)

URL IP Response Size

melbet-754120.top/polyfills.js

178.253.15.193

200 OK

0 B

URL GET HTTP/2
melbet-754120.top/polyfills.js
IP
178.253.15.193:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerLet's Encrypt
Subjectmelbet-754120.top
Fingerprint35:DF:F6:A2:0B:F0:7A:2F:23:95:26:67:4F:91:2C:C3:FF:94:45:E5
ValidityMon, 25 Mar 2024 05:17:30 GMT - Sun, 23 Jun 2024 05:17:29 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /polyfills.js HTTP/1.1
Host: melbet-754120.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_; postback_watcher=%7B%22tag%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22pb%22%3A%2263ebd0811ddf41578e6a6c23886a91b3%22%2C%22click_id%22%3A%22d232c7vd5mya03yed6%22%2C%22r%22%3A%22promotions%2Frocket-launch%22%7D; platform_type=desktop; auid=sv0PwWY5ztStHbceAxdHAg==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:52 GMT
content-type: text/javascript; charset=utf-8
content-length: 0
vary: user-agent
cache-control: public, max-age=2678400, s-maxage=2678400
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-time-ng: 0.004
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.011
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/melbet/commons/app-b051999f.js

185.244.209.62

200 OK

47 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/melbet/commons/app-b051999f.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65476)
Size
47 kB (46802 bytes)
Hash
d0418bbec378e0ed9294ac30cef20f77
de12d9a04b2e8df90321903faf77758fe1e549fb
5b9afb698b27d3f03ddf0b25afc58d760b440d8931d3ab68f66aadb35d61fed0

HTTP Headers

GET /_nuxt/desktop/melbet/commons/app-b051999f.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:52 GMT
content-type: application/javascript; charset=utf-8
content-length: 46802
last-modified: Mon, 06 May 2024 10:22:36 GMT
etag: "6638af6c-b6d2"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:03 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-5da0fd7182b1c5fa5c1c6334c5a8c1ce-a675b0fe73d2303d-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:03+00:00, 2024-05-06T15:44:53+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/melbet/css/ca542d7f.css

185.244.209.62

200 OK

3.2 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/melbet/css/ca542d7f.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (31339), with no line terminators
Size
3.2 kB (3226 bytes)
Hash
9e9b190c1ab8126c2576203d5d43ec63
a80ccb6739023605edbd86be13f38a58ff7f4906
c4a28e2bbc67a853613460727d4abba3687be55593a7513a4079ea34579fbb02

HTTP Headers

GET /_nuxt/desktop/melbet/css/ca542d7f.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:52 GMT
content-type: text/css
content-length: 3226
last-modified: Mon, 06 May 2024 07:47:54 GMT
etag: "66388b2a-c9a"
content-encoding: gzip
expires: Tue, 07 May 2024 09:58:15 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-a04707611c9538dff401d7658c37eab5-c39065c28b00812d-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T09:58:15+00:00, 2024-05-06T10:32:16+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/melbet/Layout.SeoModule.Lazy-ea785647.js

185.244.209.62

200 OK

2.5 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/melbet/Layout.SeoModule.Lazy-ea785647.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (8662), with no line terminators
Size
2.5 kB (2471 bytes)
Hash
de4ef4a6af931707935a1324840a0230
997c56b2547e5e0a340dfd160f603812a52ae9de
b7ee6096691141b46e74d37c903584ab2ea962788c83757a5ef59fdc85b5e36f

HTTP Headers

GET /_nuxt/desktop/melbet/Layout.SeoModule.Lazy-ea785647.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:52 GMT
content-type: application/javascript; charset=utf-8
content-length: 2471
last-modified: Mon, 06 May 2024 10:22:36 GMT
etag: "6638af6c-9a7"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:03 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-8142dbbbddd9be8a7679db0b82863107-b3fd33106e021e37-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:03+00:00, 2024-05-06T15:25:54+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/melbet/css/0a795344.css

185.244.209.62

200 OK

3.9 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/melbet/css/0a795344.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (31166), with no line terminators
Size
3.9 kB (3855 bytes)
Hash
effebc2c0fca7acd5afbeab92dd59538
f32a6f290835e0b2bdbe5ae49c885a3d289fec76
e7d27f182271cb05206a1db7c9dff9c3970f7f9bdb075cfd4a88bd8893ce6212

HTTP Headers

GET /_nuxt/desktop/melbet/css/0a795344.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:52 GMT
content-type: text/css
content-length: 3855
last-modified: Mon, 06 May 2024 10:22:36 GMT
etag: "6638af6c-f0f"
content-encoding: gzip
expires: Tue, 07 May 2024 12:54:35 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-99401ee9f029bcb3853aca262cd2fd82-2ea05c20cde002d4-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T12:54:35+00:00, 2024-05-06T14:21:41+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/melbet/Layout.FooterComponent.Lazy-3ea13a7c.js

185.244.209.62

200 OK

7.4 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/melbet/Layout.FooterComponent.Lazy-3ea13a7c.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (26130), with no line terminators
Size
7.4 kB (7402 bytes)
Hash
95b830dc3caf073987552dc7a6c0ba4f
dac549b10322e74a66a1140a17bbafa91a7278fd
def304dc414c4633f28412da46c629226aed0ce168dd77cc1c48c1d2549b2191

HTTP Headers

GET /_nuxt/desktop/melbet/Layout.FooterComponent.Lazy-3ea13a7c.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:52 GMT
content-type: application/javascript; charset=utf-8
content-length: 7402
last-modified: Mon, 06 May 2024 10:22:36 GMT
etag: "6638af6c-1cea"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:05 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-e5bc8b3692e89bd8727aea314f480f2d-fe574d53dfca327a-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:05+00:00, 2024-05-06T15:25:54+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/melbet/css/f9299a69.css

185.244.209.62

200 OK

499 B

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/melbet/css/f9299a69.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (1846), with no line terminators
Size
499 B (499 bytes)
Hash
bec4124417f9eefa38c3c0074b135e0c
39890be26b88391315acbaf101f0c2eb947bd5a7
9c468b92a3910064e1076008729d4684291cb3e9eb3e1624a9992d68a359733e

HTTP Headers

GET /_nuxt/desktop/melbet/css/f9299a69.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:52 GMT
content-type: text/css
content-length: 499
last-modified: Thu, 02 May 2024 12:51:45 GMT
etag: "66338c61-1f3"
content-encoding: gzip
expires: Sat, 04 May 2024 06:45:17 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-511014cf1f83de78f3b58f3dcfdcde97-62afdf1f27005408-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-03T06:45:17+00:00, 2024-05-06T12:15:26+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/melbet/vendors/Layout.FooterComponent.Lazy-03d28f55.js

185.244.209.62

200 OK

8.1 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/melbet/vendors/Layout.FooterComponent.Lazy-03d28f55.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (29238), with no line terminators
Size
8.1 kB (8079 bytes)
Hash
9105bbceac693dcda559560f27e7c101
b0ce638a924bf4fd963bda295f1c900b97c07cee
23687885ae2f44cfbffe33487d0327dae07ddd3eb14f8ae00a155efe27e63111

HTTP Headers

GET /_nuxt/desktop/melbet/vendors/Layout.FooterComponent.Lazy-03d28f55.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:52 GMT
content-type: application/javascript; charset=utf-8
content-length: 8079
last-modified: Mon, 06 May 2024 10:22:36 GMT
etag: "6638af6c-1f8f"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:05 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-7ab27bfe86805a5933092cb5f0ac7382-a9b1b7161e7f6494-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:05+00:00, 2024-05-06T15:25:54+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/melbet/Layout.FooterComponent.Lazy/Page.Game.Project-2f1ab718.js

185.244.209.62

200 OK

5.5 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/melbet/Layout.FooterComponent.Lazy/Page.Game.Project-2f1ab718.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (16693), with no line terminators
Size
5.5 kB (5471 bytes)
Hash
20970a1d220a4c62090fcc1dd185d219
d8c3f817ee94033f8d199c9efade3d327ad7df62
e4742bbd5e1d28eef5ccfad2a5826dad3410eae7aa1c3a4452a752ee548e1c50

HTTP Headers

GET /_nuxt/desktop/melbet/Layout.FooterComponent.Lazy/Page.Game.Project-2f1ab718.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:52 GMT
content-type: application/javascript; charset=utf-8
content-length: 5471
last-modified: Mon, 06 May 2024 10:22:36 GMT
etag: "6638af6c-155f"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:05 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-177a935f717d157f81e8c13cc61e6c2c-1eed551ac5c374de-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:05+00:00, 2024-05-06T15:25:54+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/melbet/app-e1c59a2e.js

185.244.209.62

200 OK

214 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/melbet/app-e1c59a2e.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (64966), with no line terminators
Size
214 kB (213643 bytes)
Hash
c3ced8a77599ed29df5a5dbc4cf0d7bc
34bac081031ab93e7f64c64920015830429b7b99
06d6c28236a613c57973fe69964123490141b9f64ad36862f844f69da3b11bd7

HTTP Headers

GET /_nuxt/desktop/melbet/app-e1c59a2e.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:52 GMT
content-type: application/javascript; charset=utf-8
content-length: 213643
last-modified: Mon, 06 May 2024 07:47:54 GMT
etag: "66388b2a-3428b"
content-encoding: gzip
expires: Tue, 07 May 2024 09:01:29 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-094454f85c887bb36f4b96ac7154192c-ae759c4124949e3a-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T09:01:29+00:00, 2024-05-06T09:19:25+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/site-admin/css_vars/f506188b04c16eaa9c664ed23f7ce58e.css

185.244.209.62

200 OK

46 B

URL GET HTTP/2
v3.traincdn.com/genfiles/site-admin/css_vars/f506188b04c16eaa9c664ed23f7ce58e.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
46 B (46 bytes)
Hash
f506188b04c16eaa9c664ed23f7ce58e
08d068d7fa5a84beb06ba924a35d84d6bfdab30a
b9bfda0e940104e190b19543b94a10d120643bd1516d3ca2d266a0af6c0966e9

HTTP Headers

GET /genfiles/site-admin/css_vars/f506188b04c16eaa9c664ed23f7ce58e.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:52 GMT
content-type: text/css
content-length: 46
last-modified: Fri, 12 Apr 2024 13:46:52 GMT
etag: "f506188b04c16eaa9c664ed23f7ce58e"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-e3334599e428db538d8b69985fee87af-2c58d68970ba270d-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-18T12:47:35+00:00, 2024-05-07T06:06:36+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/desktop/contact/302e8adce286b862a87a6c40664fc19c.svg

185.244.209.62

200 OK

463 B

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/desktop/contact/302e8adce286b862a87a6c40664fc19c.svg
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
463 B (463 bytes)
Hash
81a00f13c579bdef2fb3c22b5e1febe8
5d1a07d6994fffad4100091cca530d92204f672e
b34e3965a29e99df0469e13427e11d46cd9e2a55b704b7019936c92940ccb47c

HTTP Headers

GET /genfiles/cms/desktop/contact/302e8adce286b862a87a6c40664fc19c.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:52 GMT
content-type: image/svg+xml
content-length: 463
last-modified: Fri, 23 Feb 2024 11:01:42 GMT
etag: "81a00f13c579bdef2fb3c22b5e1febe8"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-e57c70ab2ba3cbebe3c8c5a2e6fc02c1-2793a30a9ada6f63-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-02-26T12:36:05+00:00, 2024-05-07T06:09:57+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/desktop/contact/86f18367ce2829388dcdabccb99b1740.svg

185.244.209.62

200 OK

263 B

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/desktop/contact/86f18367ce2829388dcdabccb99b1740.svg
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
263 B (263 bytes)
Hash
28e2c161800b61b985a163f5c492ae51
8845ea940210b4ccb195cca855a598e6aaa58ed0
77c93c24e4eb0f8815a7526d405818c9a38ba6e4317f1fee588fffbc00cb17de

HTTP Headers

GET /genfiles/cms/desktop/contact/86f18367ce2829388dcdabccb99b1740.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:52 GMT
content-type: image/svg+xml
content-length: 263
last-modified: Fri, 23 Feb 2024 10:01:24 GMT
etag: "28e2c161800b61b985a163f5c492ae51"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-4c0cf2485f8dbd80a31aae17dda88513-2a09aa22541763c9-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-02-23T12:17:39+00:00, 2024-05-07T06:48:26+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/desktop/contact/6726b16cfb4e516989153ce398d4a0e4.svg

185.244.209.62

200 OK

506 B

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/desktop/contact/6726b16cfb4e516989153ce398d4a0e4.svg
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
506 B (506 bytes)
Hash
9c340eae608db0c25657b4a73d769afe
988fbf333a2e9290211cd9e6b7c98c59719012b0
b92e969acd8a1e0f9cfd1f84080ca5ccb8cb49b105299434c275a8813faf841e

HTTP Headers

GET /genfiles/cms/desktop/contact/6726b16cfb4e516989153ce398d4a0e4.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:52 GMT
content-type: image/svg+xml
content-length: 506
last-modified: Fri, 23 Feb 2024 10:03:36 GMT
etag: "9c340eae608db0c25657b4a73d769afe"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-4d3f7e1049d6b6f08309d3acc7d56f67-5928185d5dd712d5-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-02-23T12:08:45+00:00, 2024-05-07T06:09:57+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/version.json

185.244.209.62

200 OK

44 B

URL GET HTTP/2
v3.traincdn.com/version.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
ASCII text
Size
44 B (44 bytes)
Hash
265e4e9c948f929631d7e9bcf0d19d5b
c70f40cde4e09003b980fdae5130f3695de16add
62ec6fa5c15470b882bd7e05f5651b0a265a0cb2857cffa5cbfa34b3d2cf42ba

HTTP Headers

GET /version.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://melbet-754120.top
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:52 GMT
content-type: application/json
content-length: 44
last-modified: Mon, 06 May 2024 10:24:15 GMT
etag: "6638afcf-2c"
content-encoding: gzip
expires: Mon, 06 May 2024 10:50:26 GMT
cache-control: max-age=60, max-age=60, s-maxage=60
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-10774b402ca4cee03e7b33e2d1332188-7ccc00847363df64-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T10:49:26+00:00, 2024-05-07T06:48:10+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/desktop/contact/37fc33bdd3fe2d0f1508545c8e382c28.svg

185.244.209.62

200 OK

277 B

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/desktop/contact/37fc33bdd3fe2d0f1508545c8e382c28.svg
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
277 B (277 bytes)
Hash
8888345d833210abe50962b497d9ff02
c18d753829ea26cdad28186136c092341fef6889
1c04eab4071a9247ea17dbf567806cb11ba76c2d34be28c849eb89c245157699

HTTP Headers

GET /genfiles/cms/desktop/contact/37fc33bdd3fe2d0f1508545c8e382c28.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:52 GMT
content-type: image/svg+xml
content-length: 277
last-modified: Fri, 23 Feb 2024 10:01:53 GMT
etag: "8888345d833210abe50962b497d9ff02"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-90f0b8baa5876fdb4b2f8ae65a45277d-2a77ee2591e0c915-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-02-23T12:21:55+00:00, 2024-05-07T06:09:57+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/melbet/css/a4d92295.css

185.244.209.62

200 OK

14 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/melbet/css/a4d92295.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
14 kB (13993 bytes)
Hash
3f2eef75fe2ac1698e6576f18fb99db6
6533d989a0ff0c5cf30c90e51e3a948e90a9cd2c
47f6856ae20554f01a6e7e16d470114c515fac43bceb4e33376070724a31b5cd

HTTP Headers

GET /_nuxt/desktop/melbet/css/a4d92295.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:53 GMT
content-type: text/css
content-length: 13993
last-modified: Mon, 06 May 2024 07:47:54 GMT
etag: "66388b2a-36a9"
content-encoding: gzip
expires: Tue, 07 May 2024 09:01:30 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-241cedc0dbb116116a82be2d6c4615df-2a5257d88192d899-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T09:01:30+00:00, 2024-05-06T09:19:26+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/melbet/runtime-f06def2c.js

185.244.209.62

200 OK

14 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/melbet/runtime-f06def2c.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (46602), with no line terminators
Size
14 kB (14289 bytes)
Hash
a9d988dd1d2e09fcb835624a5bca3d6c
c9fe5253ae83c3f2973b27879b2a52da0e42c1ef
ddf13bc67c0485e4b437e1d076a2d6c3734218287259236ae67e67cfaf36ff13

HTTP Headers

GET /_nuxt/desktop/melbet/runtime-f06def2c.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:53 GMT
content-type: application/javascript; charset=utf-8
content-length: 14289
last-modified: Mon, 06 May 2024 10:22:36 GMT
etag: "6638af6c-37d1"
content-encoding: gzip
expires: Tue, 07 May 2024 10:54:19 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-8c1c8ba41d550a5f3122302e58d4e294-2a38cb033e213614-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T10:54:19+00:00, 2024-05-06T10:56:03+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/melbet/css/5cc980cb.css

185.244.209.62

200 OK

2.3 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/melbet/css/5cc980cb.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (9958), with no line terminators
Size
2.3 kB (2276 bytes)
Hash
14990344b6de98d6df544600d6f193ff
03dd1d6e706e43e189a6708980daca1514b88dda
c4a1269e25c3e6ee1119662a2e8666f526e76718951df8e6f5871d69a20e7487

HTTP Headers

GET /_nuxt/desktop/melbet/css/5cc980cb.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:53 GMT
content-type: text/css
content-length: 2276
last-modified: Mon, 06 May 2024 10:22:36 GMT
etag: "6638af6c-8e4"
content-encoding: gzip
expires: Tue, 07 May 2024 11:28:19 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-51acdb71d8a6ceb5a65745bbbd93cf26-622db8b446a8314f-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T11:28:19+00:00, 2024-05-06T13:53:12+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/melbet/vendors/app-9869f357.js

185.244.209.62

200 OK

267 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/melbet/vendors/app-9869f357.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (61101)
Size
267 kB (266653 bytes)
Hash
250e9c69079c9e70662dd71d4a493483
d88298d440cd7c9f5d93517cc37243755e5491ce
135288c06c10bc213fed0d91fb331e31be13526943d1569044e98292bda88b06

HTTP Headers

GET /_nuxt/desktop/melbet/vendors/app-9869f357.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:53 GMT
content-type: application/javascript; charset=utf-8
content-length: 266653
last-modified: Mon, 06 May 2024 10:22:36 GMT
etag: "6638af6c-4119d"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:03 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-4361ff795f09681c3e3ebb56b14b41b4-b46162f75c3870c1-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:03+00:00, 2024-05-06T15:26:16+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Medium.woff2

185.244.209.62

200 OK

65 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Medium.woff2
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 64732, version 1.0
Size
65 kB (64732 bytes)
Hash
3ac5d40d1b3966fc5eb09ecca74d9cbf
a69f32357765dd321519889aeacba5e9ca893bb0
3310766b8f58538d07abded74a2babe1acbe1a3ee820d5b8c8265da666f4fb0c

HTTP Headers

GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Medium.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://melbet-754120.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:53 GMT
content-type: font/woff2
content-length: 64732
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "3ac5d40d1b3966fc5eb09ecca74d9cbf"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-ab8a8d57dd211fe5d2744d7c3f490137-856f976a13b47e82-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T07:56:30+00:00, 2024-05-07T06:39:46+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2

185.244.209.62

200 OK

64 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 63748, version 1.0
Size
64 kB (63748 bytes)
Hash
6887b6f24414dbc612dbf42ccdc76b70
8068d3abfbc6cbf35b55919da45b1f4d2d136238
fc5c015fc32518f1ed810fa84ca28941eb9d5a3c81acc8df69a4dbbeedef7b0c

HTTP Headers

GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://melbet-754120.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:53 GMT
content-type: font/woff2
content-length: 63748
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "6887b6f24414dbc612dbf42ccdc76b70"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-cd628d0eeed72f77c3778941b1750807-71619b74b4bbd3a4-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T07:13:59+00:00, 2024-05-07T06:02:52+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2

185.244.209.62

200 OK

64 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 63920, version 1.0
Size
64 kB (63920 bytes)
Hash
a65527fcb58f66a7cfbc0e6b160538b4
45d260e7fa343401b5bb0df982a014f53e2d253b
fb13c3a1cbac60649b76f7d7f85c1645d35ac69b85ce5f4eb0692505ecc2cd45

HTTP Headers

GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://melbet-754120.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:53 GMT
content-type: font/woff2
content-length: 63920
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "a65527fcb58f66a7cfbc0e6b160538b4"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-9cbba3e4204585cb38e41e0e8dcb684d-2e00a36605f974ba-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T07:54:39+00:00, 2024-05-07T06:30:43+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/check-ob.js

185.244.209.62

200 OK

187 B

URL GET HTTP/2
v3.traincdn.com/_nuxt/check-ob.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text
Size
187 B (187 bytes)
Hash
ced67278c38d1ce1297c121af69fff8a
df6e1531fd84d956263b04254e6f94f5356623f4
2958134c3c00f7c6320858dd66e454c2856e4842821d3523c4cc5e44e1ec8616

HTTP Headers

GET /_nuxt/check-ob.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:53 GMT
content-type: application/javascript; charset=utf-8
content-length: 187
last-modified: Thu, 02 May 2024 12:51:43 GMT
etag: "66338c5f-bb"
content-encoding: gzip
expires: Sat, 04 May 2024 12:55:05 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-e46013a23b0bb7da4745a48f05586f53-fc0236dd00f39796-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-03T12:55:05+00:00, 2024-05-06T11:36:38+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/8-62/desktop/media_asset/3646fb7ef2695280bddd29ce74b3dce4.ico

185.244.209.62

200 OK

1.2 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/8-62/desktop/media_asset/3646fb7ef2695280bddd29ce74b3dce4.ico
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Size
1.2 kB (1150 bytes)
Hash
25d30e9288cfab828497a624104c8757
6ea0e680c129dd780364abc2e4348f24e08fc11a
7973cbf207e94ad3bec9c4d62445c8f69bb753092efb7b4a603913e09e7dd94b

HTTP Headers

GET /genfiles/cms/8-62/desktop/media_asset/3646fb7ef2695280bddd29ce74b3dce4.ico HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:53 GMT
content-type: application/ico
content-length: 1150
last-modified: Fri, 19 May 2023 08:09:09 GMT
etag: "25d30e9288cfab828497a624104c8757"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-0fe9a3b6a0c00ab6cb2e2731d72afb60-3358bea1d8e20375-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T07:29:17+00:00, 2024-05-07T06:02:33+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/melbet/vendors/plugins.v-tooltip-e72480a5.js

185.244.209.62

200 OK

22 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/melbet/vendors/plugins.v-tooltip-e72480a5.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65476)
Size
22 kB (21873 bytes)
Hash
88f0418cf9d96bc928ab572574206b84
4155bd875ea6667982b4bc33affa541fe1da72fe
629fa73fb850e73a18739713b965eed430ae675a19f63697d16ac21bdee9f1bb

HTTP Headers

GET /_nuxt/desktop/melbet/vendors/plugins.v-tooltip-e72480a5.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:53 GMT
content-type: application/javascript; charset=utf-8
content-length: 21873
last-modified: Mon, 06 May 2024 10:22:36 GMT
etag: "6638af6c-5571"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:10 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-ddac3e8c9fa74ac37c68cad5fd76e7e1-83e69ed51f7b940a-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:10+00:00, 2024-05-06T16:56:55+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/melbet/vendors/plugins.vue-notification-d49f5d6a.js

185.244.209.62

200 OK

4.6 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/melbet/vendors/plugins.vue-notification-d49f5d6a.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (12527), with no line terminators
Size
4.6 kB (4556 bytes)
Hash
b2a6611813c970622826409b27b93b96
73d514208b13f98fdbae3daefac1613ea29de329
db4aad6aebd6ed1c3cb177e40ca9d1f883bbf46e70acfca87360362fa40cbfa4

HTTP Headers

GET /_nuxt/desktop/melbet/vendors/plugins.vue-notification-d49f5d6a.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:53 GMT
content-type: application/javascript; charset=utf-8
content-length: 4556
last-modified: Mon, 06 May 2024 10:22:36 GMT
etag: "6638af6c-11cc"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:10 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-26e9dcf471c63352f2084076e1f2fd7e-b0cfcedff967ca1a-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:10+00:00, 2024-05-06T16:56:55+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/melbet/css/e5c0e314.css

185.244.209.62

200 OK

953 B

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/melbet/css/e5c0e314.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (3352), with no line terminators
Size
953 B (953 bytes)
Hash
748da80084597d87b4ff5e98b017b07b
db6ad2ec24bfcbe751a23061d935403e1163f471
4eaf4071f43aaa0243a4c6948131b7a3e03fe6ab1f4228da38e8588c15e01f24

HTTP Headers

GET /_nuxt/desktop/melbet/css/e5c0e314.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:53 GMT
content-type: text/css
content-length: 953
last-modified: Mon, 06 May 2024 10:22:36 GMT
etag: "6638af6c-3b9"
content-encoding: gzip
expires: Tue, 07 May 2024 11:05:09 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-851f7b35e90036499025ed215422a4d4-38106d2dde035c73-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T11:05:09+00:00, 2024-05-06T13:56:48+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/melbet/vendors/plugins.vue-js-modal-d79908d5.js

185.244.209.62

200 OK

8.1 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/melbet/vendors/plugins.vue-js-modal-d79908d5.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (26717), with no line terminators
Size
8.1 kB (8055 bytes)
Hash
4a87e388a2af478d2236f5242ee6dc48
ab36864c48e379ef52d69e265e7f67e794002ab7
18ad039f5ab0629fbe6356e9395ebc171cc5b60e25c6ede49d5d26e73aa48fa9

HTTP Headers

GET /_nuxt/desktop/melbet/vendors/plugins.vue-js-modal-d79908d5.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:53 GMT
content-type: application/javascript; charset=utf-8
content-length: 8055
last-modified: Mon, 06 May 2024 10:22:36 GMT
etag: "6638af6c-1f77"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:10 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-5136083675c23469c4dc2e89172820c7-ae051fa8ce7edfca-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:10+00:00, 2024-05-06T16:56:55+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/melbet/date-fns-locale-21-c057a2f3.js

185.244.209.62

200 OK

2.1 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/melbet/date-fns-locale-21-c057a2f3.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (6960), with no line terminators
Size
2.1 kB (2120 bytes)
Hash
b2429588cd90adffd4de0c5d1533ea5d
7aee62227c45c486254354697c151198be7a7f8a
a215b95ed20c4f14bc5007c8eea61be0b6ea6cb84492e20f0c7f0d174008fc66

HTTP Headers

GET /_nuxt/desktop/melbet/date-fns-locale-21-c057a2f3.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:53 GMT
content-type: application/javascript; charset=utf-8
content-length: 2120
last-modified: Mon, 06 May 2024 10:22:36 GMT
etag: "6638af6c-848"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:10 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-31c30b4338e3bf3332767ac0ef2ca80b-b11a74692e1d2afe-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:10+00:00, 2024-05-06T17:22:10+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/melbet/DC-44a93834.js

185.244.209.62

200 OK

1.0 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/melbet/DC-44a93834.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (2336), with no line terminators
Size
1.0 kB (1000 bytes)
Hash
2af2212948a0bc8a4594a041f353823b
6d2e59a112fa476262f78a6bf66562010224116d
4882e8605295327e076c7f357e1598f4207937e835196875f48b84fd83211d8e

HTTP Headers

GET /_nuxt/desktop/melbet/DC-44a93834.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:54 GMT
content-type: application/javascript; charset=utf-8
content-length: 1000
last-modified: Mon, 06 May 2024 10:22:36 GMT
etag: "6638af6c-3e8"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:07 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-0def550760837a95f2e4b77956d8caa8-60e70b5b91a1a5a6-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:07+00:00, 2024-05-06T16:56:57+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

melbet-754120.top/version.json?timestamp=1715064534007

178.253.15.193

200 OK

44 B

URL GET HTTP/2
melbet-754120.top/version.json?timestamp=1715064534007
IP
178.253.15.193:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerLet's Encrypt
Subjectmelbet-754120.top
Fingerprint35:DF:F6:A2:0B:F0:7A:2F:23:95:26:67:4F:91:2C:C3:FF:94:45:E5
ValidityMon, 25 Mar 2024 05:17:30 GMT - Sun, 23 Jun 2024 05:17:29 GMT

File type
ASCII text
Size
44 B (44 bytes)
Hash
265e4e9c948f929631d7e9bcf0d19d5b
c70f40cde4e09003b980fdae5130f3695de16add
62ec6fa5c15470b882bd7e05f5651b0a265a0cb2857cffa5cbfa34b3d2cf42ba

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /version.json?timestamp=1715064534007 HTTP/1.1
Host: melbet-754120.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_; postback_watcher=%7B%22tag%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22pb%22%3A%2263ebd0811ddf41578e6a6c23886a91b3%22%2C%22click_id%22%3A%22d232c7vd5mya03yed6%22%2C%22r%22%3A%22promotions%2Frocket-launch%22%7D; platform_type=desktop; auid=sv0PwWY5ztStHbceAxdHAg==; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:54 GMT
content-type: application/json
content-length: 44
last-modified: Mon, 06 May 2024 10:24:15 GMT
vary: Accept-Encoding
etag: "6638afcf-2c"
content-encoding: gzip
expires: Tue, 07 May 2024 06:49:54 GMT
access-control-allow-origin: *
cache-control: max-age=60, max-age=60, s-maxage=60
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.008
X-Firefox-Spdy: h2

melbet-754120.top/seo-module-api/api/public/v1/analytics-counters?url=https:%2F%2Fmelbet-754120.top&projectId=62

178.253.15.193

200 OK

75 B

URL GET HTTP/2
melbet-754120.top/seo-module-api/api/public/v1/analytics-counters?url=https:%2F%2Fmelbet-754120.top&projectId=62
IP
178.253.15.193:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerLet's Encrypt
Subjectmelbet-754120.top
Fingerprint35:DF:F6:A2:0B:F0:7A:2F:23:95:26:67:4F:91:2C:C3:FF:94:45:E5
ValidityMon, 25 Mar 2024 05:17:30 GMT - Sun, 23 Jun 2024 05:17:29 GMT

File type
JSON text data
Size
75 B (75 bytes)
Hash
b8fbfbdcc184d3d783415390c265805e
1f96fe707653db64ac451446ce582d4e8d6a67a3
73d0ce49e131b33cb16195b7375fe396cc5c2b6b2899621b556d495fba662150

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /seo-module-api/api/public/v1/analytics-counters?url=https:%2F%2Fmelbet-754120.top&projectId=62 HTTP/1.1
Host: melbet-754120.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_; postback_watcher=%7B%22tag%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22pb%22%3A%2263ebd0811ddf41578e6a6c23886a91b3%22%2C%22click_id%22%3A%22d232c7vd5mya03yed6%22%2C%22r%22%3A%22promotions%2Frocket-launch%22%7D; platform_type=desktop; auid=sv0PwWY5ztStHbceAxdHAg==; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:54 GMT
content-type: application/json
content-length: 75
cache-control: max-age=1200, must-revalidate, public, s-maxage=1800, stale-if-error=86400, stale-while-revalidate=300
x-content-digest: en6a9e5bf3ea600ac55f25e95062d48d1d
age: 149
x-request-id: 02e27d02611e6ec6ec8a5bcad800310c
x-request-guid: 02e27d02611e6ec6ec8a5bcad800310c
x-time-ng: 0.002
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: p;dur=1.2929439544678, wf-uht;dur=0.009
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/melbet/Betting.Core-b4ef71cb.js

185.244.209.62

200 OK

1.5 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/melbet/Betting.Core-b4ef71cb.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (2406), with no line terminators
Size
1.5 kB (1548 bytes)
Hash
c76243c22babcb60c83c8d6e8119525f
d58c40c4fb13fde21913dcc7193e44357340e594
4eb54daf730e736c9b4d7bdd67527331b8018234618201ae401df1a0cbfc2d07

HTTP Headers

GET /_nuxt/desktop/melbet/Betting.Core-b4ef71cb.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:54 GMT
content-type: application/javascript; charset=utf-8
content-length: 1548
last-modified: Mon, 06 May 2024 10:22:36 GMT
etag: "6638af6c-60c"
content-encoding: gzip
expires: Tue, 07 May 2024 10:54:27 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-8975d4a4480c024ef74ae7a2a4fbf497-4c844ba6376f9772-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T10:54:27+00:00, 2024-05-06T10:56:06+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

melbet-754120.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json

178.253.15.193

200 OK

23 B

URL POST HTTP/2
melbet-754120.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json
IP
178.253.15.193:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerLet's Encrypt
Subjectmelbet-754120.top
Fingerprint35:DF:F6:A2:0B:F0:7A:2F:23:95:26:67:4F:91:2C:C3:FF:94:45:E5
ValidityMon, 25 Mar 2024 05:17:30 GMT - Sun, 23 Jun 2024 05:17:29 GMT

File type
JSON text data
Size
23 B (23 bytes)
Hash
caa1a56d63b60acf9112e45537acde7d
302e98abd6121c2d3d1a78753c8e96efc7506410
0db6f9135abb09e18894bd141d090e7372f553d1013f69f2e5bf6c2a196975ef

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json HTTP/1.1
Host: melbet-754120.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Content-Type: application/json
X-Lang: en
X-Uuid: 77465162-0bd2-4b97-a621-c14f241a6bb3
Content-Length: 79
Origin: https://melbet-754120.top
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_; postback_watcher=%7B%22tag%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22pb%22%3A%2263ebd0811ddf41578e6a6c23886a91b3%22%2C%22click_id%22%3A%22d232c7vd5mya03yed6%22%2C%22r%22%3A%22promotions%2Frocket-launch%22%7D; platform_type=desktop; auid=sv0PwWY5ztStHbceAxdHAg==; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:54 GMT
content-type: application/json
content-length: 23
x-time-ng: 0.000
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.023
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/melbet/consultant.supHelperV2-222492f3.js

185.244.209.62

200 OK

1.5 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/melbet/consultant.supHelperV2-222492f3.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (3229), with no line terminators
Size
1.5 kB (1451 bytes)
Hash
d752ef6e0291e3d95edc79023283c34f
5d9797afc5320fcd57aa3c9e15cbbdb5e98c5828
cbbf02bbe74b31882f7f838d1e7a8c58d0048f393861947eee1adec85f1f553b

HTTP Headers

GET /_nuxt/desktop/melbet/consultant.supHelperV2-222492f3.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:54 GMT
content-type: application/javascript; charset=utf-8
content-length: 1451
last-modified: Thu, 02 May 2024 12:51:45 GMT
etag: "66338c61-5ab"
content-encoding: gzip
expires: Sat, 04 May 2024 08:42:04 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-999f4dc273f5270cba86f209d4179751-f4afbf4b3aea64ab-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-03T08:42:04+00:00, 2024-05-06T13:04:51+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/melbet/css/526e44d9.css

185.244.209.62

200 OK

459 B

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/melbet/css/526e44d9.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (1526), with no line terminators
Size
459 B (459 bytes)
Hash
97fdf5b6e7dfddf6ab251e984133b2c3
bb552fe685c52c34e0ed91e4dfaa9df2675ad086
92fcdb73c544b1f2befe78685340fd3371e920187a2232f8e4bffd73985d40e3

HTTP Headers

GET /_nuxt/desktop/melbet/css/526e44d9.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:54 GMT
content-type: text/css
content-length: 459
last-modified: Mon, 06 May 2024 10:22:36 GMT
etag: "6638af6c-1cb"
content-encoding: gzip
expires: Tue, 07 May 2024 11:05:16 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-9856ca6fbc3ec3566c09d8996431c0fa-03103985179b9081-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T11:05:16+00:00, 2024-05-06T13:56:53+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/melbet/vendors/betting.media-27dceda1.js

185.244.209.62

200 OK

17 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/melbet/vendors/betting.media-27dceda1.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (41022), with NEL line terminators
Size
17 kB (16832 bytes)
Hash
e9ae66b817d039460caedd480c69cfb7
7bcc628c4b3564c2ec08d7d7f0f4caeef7fbd92e
b9c5e18eab91a8ecb26c1db3a545530a111029f561183b16dff6d1ac129df86a

HTTP Headers

GET /_nuxt/desktop/melbet/vendors/betting.media-27dceda1.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:54 GMT
content-type: application/javascript; charset=utf-8
content-length: 16832
last-modified: Mon, 06 May 2024 10:22:36 GMT
etag: "6638af6c-41c0"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:15 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-6bb5af0dadb517ede771375916fded62-ba7e168c85971d1a-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:15+00:00, 2024-05-06T15:51:13+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/melbet/css/ff267c5c.css

185.244.209.62

200 OK

1.5 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/melbet/css/ff267c5c.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (7000), with no line terminators
Size
1.5 kB (1486 bytes)
Hash
f379bc6f4b94f34d96f6fe51159bee63
f4c0d4dbef1e1e734e84e05d75e4ff950d06eb60
b2a5bd6495250a19500dd5a6ca62f045c8b70226a668dc63ef40c78883bdae11

HTTP Headers

GET /_nuxt/desktop/melbet/css/ff267c5c.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:54 GMT
content-type: text/css
content-length: 1486
last-modified: Mon, 06 May 2024 10:22:36 GMT
etag: "6638af6c-5ce"
content-encoding: gzip
expires: Tue, 07 May 2024 14:33:32 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-41f95c86fe1a2b7465b984ffc5559499-318a5004fd93666d-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:33:32+00:00, 2024-05-07T05:48:58+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/melbet/betting.media-3a45448c.js

185.244.209.62

200 OK

4.7 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/melbet/betting.media-3a45448c.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (16760), with no line terminators
Size
4.7 kB (4731 bytes)
Hash
742ebe626acd39aa9135566e0bbe61b0
ba53fb30a6a31aef2679a8e2cd3543a501b57277
33b2bf82ecbb162fcd6e9fc0653007b497211df2cfb9518ce1a00d1323c3dec4

HTTP Headers

GET /_nuxt/desktop/melbet/betting.media-3a45448c.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:54 GMT
content-type: application/javascript; charset=utf-8
content-length: 4731
last-modified: Mon, 06 May 2024 10:22:36 GMT
etag: "6638af6c-127b"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:15 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-8eb3fb385b5f9ed39d3b3ca6d85f48cf-7eadfddc1c28ca8e-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:15+00:00, 2024-05-06T15:51:13+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

melbet-754120.top/service-api/gamespreview/getbanner?whence=55&ref=8&gr=62&lng=en&fCountry=137

178.253.15.193

200 OK

176 B

URL GET HTTP/2
melbet-754120.top/service-api/gamespreview/getbanner?whence=55&ref=8&gr=62&lng=en&fCountry=137
IP
178.253.15.193:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerLet's Encrypt
Subjectmelbet-754120.top
Fingerprint35:DF:F6:A2:0B:F0:7A:2F:23:95:26:67:4F:91:2C:C3:FF:94:45:E5
ValidityMon, 25 Mar 2024 05:17:30 GMT - Sun, 23 Jun 2024 05:17:29 GMT

File type
JSON text data
Size
176 B (176 bytes)
Hash
ac86deb03def477abf768a8455c8aa90
87bbc45a47946c01a6f494da652c5b1940e4a62c
6a19047f1e73a26daaac3ec171356c005d39984c931de6c0c0b4184ade05c55b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /service-api/gamespreview/getbanner?whence=55&ref=8&gr=62&lng=en&fCountry=137 HTTP/1.1
Host: melbet-754120.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions%2Frocket-launch
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_; postback_watcher=%7B%22tag%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22pb%22%3A%2263ebd0811ddf41578e6a6c23886a91b3%22%2C%22click_id%22%3A%22d232c7vd5mya03yed6%22%2C%22r%22%3A%22promotions%2Frocket-launch%22%7D; platform_type=desktop; auid=sv0PwWY5ztStHbceAxdHAg==; window_width=1280; SESSION=6a9dceb345edb3ade02564164fad59f0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:54 GMT
content-type: application/json; charset=utf-8
content-length: 176
x-time-ng: 0.007
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.014
X-Firefox-Spdy: h2

melbet-754120.top/session-api/sessions/user

178.253.15.193

200 OK

16 B

URL GET HTTP/2
melbet-754120.top/session-api/sessions/user
IP
178.253.15.193:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerLet's Encrypt
Subjectmelbet-754120.top
Fingerprint35:DF:F6:A2:0B:F0:7A:2F:23:95:26:67:4F:91:2C:C3:FF:94:45:E5
ValidityMon, 25 Mar 2024 05:17:30 GMT - Sun, 23 Jun 2024 05:17:29 GMT

File type
JSON text data
Size
16 B (16 bytes)
Hash
646b2e82b65602d35f7aa6283c387e3a
b163a70c5df8e4b0861a23a04f8a6f78393747f4
b68bf12405ee2cb5b76764df21dbc2df0953ddff4072ddc5281d1aab05e8c4ab

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /session-api/sessions/user HTTP/1.1
Host: melbet-754120.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions%2Frocket-launch
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_; postback_watcher=%7B%22tag%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22pb%22%3A%2263ebd0811ddf41578e6a6c23886a91b3%22%2C%22click_id%22%3A%22d232c7vd5mya03yed6%22%2C%22r%22%3A%22promotions%2Frocket-launch%22%7D; platform_type=desktop; auid=sv0PwWY5ztStHbceAxdHAg==; window_width=1280; SESSION=6a9dceb345edb3ade02564164fad59f0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:54 GMT
content-type: application/json
content-length: 16
cache-control: no-cache, private
x-time-ng: 0.002
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: p;dur=1.3699531555176, wf-uht;dur=0.012
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/melbet/css/38e5ceb4.css

185.244.209.62

200 OK

143 B

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/melbet/css/38e5ceb4.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
143 B (143 bytes)
Hash
f045220f181ae021ddbeb958256bee39
6a84736b29540b3c650c1051786b6c7c62458fa6
aaab7fee4de6da8347d209803d799b6f174b05814a8c5ecd4978c29736cfea7f

HTTP Headers

GET /_nuxt/desktop/melbet/css/38e5ceb4.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:54 GMT
content-type: text/css
content-length: 143
last-modified: Thu, 02 May 2024 12:51:45 GMT
etag: "66338c61-8f"
content-encoding: gzip
expires: Sat, 04 May 2024 06:45:42 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-eff4aa85d081e909d18619fbf66e78d4-ee9b1b1ec1bee8d5-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-03T06:45:42+00:00, 2024-05-06T13:04:52+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/melbet/Footer.footerLicenseImage-09e53bbb.js

185.244.209.62

200 OK

595 B

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/melbet/Footer.footerLicenseImage-09e53bbb.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (1258), with no line terminators
Size
595 B (595 bytes)
Hash
e36e15b1a9fe7a343085d410dbff3512
d6ed61a8d737e54df4732e7835dc9106a433bb76
2af19c0ba522a100c2452273e3966b24abfd1b2c77a0dd4349d5a67da8f4ad49

HTTP Headers

GET /_nuxt/desktop/melbet/Footer.footerLicenseImage-09e53bbb.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:54 GMT
content-type: application/javascript; charset=utf-8
content-length: 595
last-modified: Mon, 06 May 2024 10:22:36 GMT
etag: "6638af6c-253"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:18 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-01d31e38bf0c1603679e4b447f137ae1-ced8b012bb68e3fe-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:18+00:00, 2024-05-06T16:56:58+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch

178.253.15.193

200 OK

165 kB

URL User Request GET HTTP/2
melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
IP
178.253.15.193:443
ASN
#202492 Silverhill Group Holding Ltd

Certificate
IssuerLet's Encrypt
Subjectmelbet-754120.top
Fingerprint35:DF:F6:A2:0B:F0:7A:2F:23:95:26:67:4F:91:2C:C3:FF:94:45:E5
ValidityMon, 25 Mar 2024 05:17:30 GMT - Sun, 23 Jun 2024 05:17:29 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (46150)
Size
165 kB (165109 bytes)
Hash
2a70f4a9b8bd7a0fc2f39515f249cc52
17aaf9c2891abb84e7f606261b451e971dbe5314
9b6bf7dfec158afb4823c41df3eb83fbe45681647717f233137766f1fee4ae8c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch HTTP/1.1
Host: melbet-754120.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:52 GMT
content-type: text/html; charset=utf-8
content-encoding: br
server-timing: total;dur=496;desc="Nuxt Server Time", dt_total;dur=498.997, wf-uht;dur=0.521
set-cookie: lng=en; Path=/
cookies_agree_type=3; Path=/
tzo=2; Path=/
is12h=0; Path=/
referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; Path=/; Expires=Sat, 06 Jul 2024 06:48:52 GMT
reflinkid=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_; Path=/; Expires=Tue, 07 May 2024 07:48:52 GMT
postback_watcher=%7B%22tag%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22pb%22%3A%2263ebd0811ddf41578e6a6c23886a91b3%22%2C%22click_id%22%3A%22d232c7vd5mya03yed6%22%2C%22r%22%3A%22promotions%2Frocket-launch%22%7D; Path=/; Expires=Thu, 06 Jun 2024 06:48:52 GMT
platform_type=desktop; Path=/; Expires=Fri, 10 May 2024 06:48:52 GMT; Secure; SameSite=None; Partitioned
auid=sv0PwWY5ztStHbceAxdHAg==; path=/; secure; httponly; samesite=lax
traceparent: 00-6d2a4cb683a1f7bf4bb92b93f14e91c0-9be3d2293d73f4be-01
vary: Accept-Encoding
x-dt: 62
x-frame-options: SAMEORIGIN
x-time-ng: 0.499
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/desktop/media_asset/3bc8ec75cba76cdf9552b7ce870e9b8b.png

185.244.209.62

200 OK

4.3 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/desktop/media_asset/3bc8ec75cba76cdf9552b7ce870e9b8b.png
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
PNG image data, 279 x 111, 8-bit colormap, non-interlaced
Size
4.3 kB (4285 bytes)
Hash
50eb08159db1d6f9d09b8063d447ba58
218a0364f0c6b2f8655e2135b09097b60340cce2
b6140b8b58d456f5a39bf55f0c9dc6c52424efda757f22253ea339057be13a36

HTTP Headers

GET /genfiles/cms/desktop/media_asset/3bc8ec75cba76cdf9552b7ce870e9b8b.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:54 GMT
content-type: image/png
content-length: 4285
last-modified: Thu, 02 Nov 2023 09:52:02 GMT
etag: "50eb08159db1d6f9d09b8063d447ba58"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-5404613c1d74d1165f1dbafffa7747b9-724fc98fddd31eff-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T07:59:01+00:00, 2024-05-07T05:48:58+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/8-62/desktop/media_asset/85fcf042560c2f1f16c161dfdf631ad0.png

185.244.209.62

200 OK

2.1 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/8-62/desktop/media_asset/85fcf042560c2f1f16c161dfdf631ad0.png
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
PNG image data, 198 x 40, 8-bit colormap, non-interlaced
Size
2.1 kB (2060 bytes)
Hash
ab8b704574c55dc1f72a7cdec5026c99
878e61b80403368e16057b97650d15beeb5a8149
4f23f43ab972a589ca5db7317943facbd894f79dfee5771352ea00b32988bee1

HTTP Headers

GET /genfiles/cms/8-62/desktop/media_asset/85fcf042560c2f1f16c161dfdf631ad0.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:54 GMT
content-type: image/png
content-length: 2060
last-modified: Tue, 28 Nov 2023 08:47:25 GMT
etag: "ab8b704574c55dc1f72a7cdec5026c99"
x-time-ng: 0.001
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-1c470e632f47fb71b085189b367c354c-989bc4cfeb1a8758-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-01-22T11:57:54+00:00, 2024-05-07T06:25:16+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

melbet-754120.top/genfiles/cms/desktop/contact/302e8adce286b862a87a6c40664fc19c.svg

178.253.15.193

200 OK

463 B

URL GET HTTP/2
melbet-754120.top/genfiles/cms/desktop/contact/302e8adce286b862a87a6c40664fc19c.svg
IP
178.253.15.193:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerLet's Encrypt
Subjectmelbet-754120.top
Fingerprint35:DF:F6:A2:0B:F0:7A:2F:23:95:26:67:4F:91:2C:C3:FF:94:45:E5
ValidityMon, 25 Mar 2024 05:17:30 GMT - Sun, 23 Jun 2024 05:17:29 GMT

File type
SVG Scalable Vector Graphics image
Size
463 B (463 bytes)
Hash
81a00f13c579bdef2fb3c22b5e1febe8
5d1a07d6994fffad4100091cca530d92204f672e
b34e3965a29e99df0469e13427e11d46cd9e2a55b704b7019936c92940ccb47c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/desktop/contact/302e8adce286b862a87a6c40664fc19c.svg HTTP/1.1
Host: melbet-754120.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions%2Frocket-launch
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_; postback_watcher=%7B%22tag%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22pb%22%3A%2263ebd0811ddf41578e6a6c23886a91b3%22%2C%22click_id%22%3A%22d232c7vd5mya03yed6%22%2C%22r%22%3A%22promotions%2Frocket-launch%22%7D; platform_type=desktop; auid=sv0PwWY5ztStHbceAxdHAg==; window_width=1280; SESSION=6a9dceb345edb3ade02564164fad59f0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:55 GMT
content-type: image/svg+xml
content-length: 463
last-modified: Fri, 23 Feb 2024 11:01:42 GMT
etag: "81a00f13c579bdef2fb3c22b5e1febe8"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.007
accept-ranges: bytes
X-Firefox-Spdy: h2

melbet-754120.top/genfiles/cms/desktop/contact/6726b16cfb4e516989153ce398d4a0e4.svg

178.253.15.193

200 OK

506 B

URL GET HTTP/2
melbet-754120.top/genfiles/cms/desktop/contact/6726b16cfb4e516989153ce398d4a0e4.svg
IP
178.253.15.193:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerLet's Encrypt
Subjectmelbet-754120.top
Fingerprint35:DF:F6:A2:0B:F0:7A:2F:23:95:26:67:4F:91:2C:C3:FF:94:45:E5
ValidityMon, 25 Mar 2024 05:17:30 GMT - Sun, 23 Jun 2024 05:17:29 GMT

File type
SVG Scalable Vector Graphics image
Size
506 B (506 bytes)
Hash
9c340eae608db0c25657b4a73d769afe
988fbf333a2e9290211cd9e6b7c98c59719012b0
b92e969acd8a1e0f9cfd1f84080ca5ccb8cb49b105299434c275a8813faf841e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/desktop/contact/6726b16cfb4e516989153ce398d4a0e4.svg HTTP/1.1
Host: melbet-754120.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions%2Frocket-launch
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_; postback_watcher=%7B%22tag%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22pb%22%3A%2263ebd0811ddf41578e6a6c23886a91b3%22%2C%22click_id%22%3A%22d232c7vd5mya03yed6%22%2C%22r%22%3A%22promotions%2Frocket-launch%22%7D; platform_type=desktop; auid=sv0PwWY5ztStHbceAxdHAg==; window_width=1280; SESSION=6a9dceb345edb3ade02564164fad59f0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:55 GMT
content-type: image/svg+xml
content-length: 506
last-modified: Fri, 23 Feb 2024 10:03:36 GMT
etag: "9c340eae608db0c25657b4a73d769afe"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.007
accept-ranges: bytes
X-Firefox-Spdy: h2

melbet-754120.top/genfiles/cms/desktop/contact/86f18367ce2829388dcdabccb99b1740.svg

178.253.15.193

200 OK

263 B

URL GET HTTP/2
melbet-754120.top/genfiles/cms/desktop/contact/86f18367ce2829388dcdabccb99b1740.svg
IP
178.253.15.193:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerLet's Encrypt
Subjectmelbet-754120.top
Fingerprint35:DF:F6:A2:0B:F0:7A:2F:23:95:26:67:4F:91:2C:C3:FF:94:45:E5
ValidityMon, 25 Mar 2024 05:17:30 GMT - Sun, 23 Jun 2024 05:17:29 GMT

File type
SVG Scalable Vector Graphics image
Size
263 B (263 bytes)
Hash
28e2c161800b61b985a163f5c492ae51
8845ea940210b4ccb195cca855a598e6aaa58ed0
77c93c24e4eb0f8815a7526d405818c9a38ba6e4317f1fee588fffbc00cb17de

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/desktop/contact/86f18367ce2829388dcdabccb99b1740.svg HTTP/1.1
Host: melbet-754120.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions%2Frocket-launch
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_; postback_watcher=%7B%22tag%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22pb%22%3A%2263ebd0811ddf41578e6a6c23886a91b3%22%2C%22click_id%22%3A%22d232c7vd5mya03yed6%22%2C%22r%22%3A%22promotions%2Frocket-launch%22%7D; platform_type=desktop; auid=sv0PwWY5ztStHbceAxdHAg==; window_width=1280; SESSION=6a9dceb345edb3ade02564164fad59f0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:55 GMT
content-type: image/svg+xml
content-length: 263
last-modified: Fri, 23 Feb 2024 10:01:24 GMT
etag: "28e2c161800b61b985a163f5c492ae51"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.008
X-Firefox-Spdy: h2

melbet-754120.top/genfiles/cms/desktop/contact/37fc33bdd3fe2d0f1508545c8e382c28.svg

178.253.15.193

200 OK

277 B

URL GET HTTP/2
melbet-754120.top/genfiles/cms/desktop/contact/37fc33bdd3fe2d0f1508545c8e382c28.svg
IP
178.253.15.193:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerLet's Encrypt
Subjectmelbet-754120.top
Fingerprint35:DF:F6:A2:0B:F0:7A:2F:23:95:26:67:4F:91:2C:C3:FF:94:45:E5
ValidityMon, 25 Mar 2024 05:17:30 GMT - Sun, 23 Jun 2024 05:17:29 GMT

File type
SVG Scalable Vector Graphics image
Size
277 B (277 bytes)
Hash
8888345d833210abe50962b497d9ff02
c18d753829ea26cdad28186136c092341fef6889
1c04eab4071a9247ea17dbf567806cb11ba76c2d34be28c849eb89c245157699

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/desktop/contact/37fc33bdd3fe2d0f1508545c8e382c28.svg HTTP/1.1
Host: melbet-754120.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions%2Frocket-launch
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_; postback_watcher=%7B%22tag%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22pb%22%3A%2263ebd0811ddf41578e6a6c23886a91b3%22%2C%22click_id%22%3A%22d232c7vd5mya03yed6%22%2C%22r%22%3A%22promotions%2Frocket-launch%22%7D; platform_type=desktop; auid=sv0PwWY5ztStHbceAxdHAg==; window_width=1280; SESSION=6a9dceb345edb3ade02564164fad59f0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:55 GMT
content-type: image/svg+xml
content-length: 277
last-modified: Fri, 23 Feb 2024 10:01:53 GMT
etag: "8888345d833210abe50962b497d9ff02"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.014
accept-ranges: bytes
X-Firefox-Spdy: h2

melbet-754120.top/checker/redirect/stat/run/

178.253.15.193

200 OK

10 kB

URL GET HTTP/2
melbet-754120.top/checker/redirect/stat/run/
IP
178.253.15.193:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerLet's Encrypt
Subjectmelbet-754120.top
Fingerprint35:DF:F6:A2:0B:F0:7A:2F:23:95:26:67:4F:91:2C:C3:FF:94:45:E5
ValidityMon, 25 Mar 2024 05:17:30 GMT - Sun, 23 Jun 2024 05:17:29 GMT

File type
JSON text data
Size
10 kB (10453 bytes)
Hash
741934b89418d344f6b45d01fe7ddae7
2875d1bff3ba4850c36d335664cb596c17eb6fcf
488059f86ea7968767b02087d83b3e500aa5b3686e6b2522d967ff80eb6c6af9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /checker/redirect/stat/run/ HTTP/1.1
Host: melbet-754120.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions%2Frocket-launch
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_; postback_watcher=%7B%22tag%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22pb%22%3A%2263ebd0811ddf41578e6a6c23886a91b3%22%2C%22click_id%22%3A%22d232c7vd5mya03yed6%22%2C%22r%22%3A%22promotions%2Frocket-launch%22%7D; platform_type=desktop; auid=sv0PwWY5ztStHbceAxdHAg==; window_width=1280; SESSION=6a9dceb345edb3ade02564164fad59f0; che_g=561a934e-fa4f-1c6c-7d58-1a2328e91ea2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:55 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-time-ng: 0.001
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.023
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/8-62/desktop/media_asset/18e0b498b09dbad0786de49541cedf2e.png

185.244.209.62

200 OK

8.6 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/8-62/desktop/media_asset/18e0b498b09dbad0786de49541cedf2e.png
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
Size
8.6 kB (8553 bytes)
Hash
730ef5ee32d449b842210cf128b255ca
1d268159bd07bbce9e00c5d8d57f779b53ca4815
c2a8928bb13d656a07b9d88ebe3d253835a0e8715a9ba154a90f027223c25b5d

HTTP Headers

GET /genfiles/cms/8-62/desktop/media_asset/18e0b498b09dbad0786de49541cedf2e.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:55 GMT
content-type: image/png
content-length: 8553
last-modified: Thu, 29 Feb 2024 10:16:30 GMT
etag: "730ef5ee32d449b842210cf128b255ca"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-7b2e289034d2a165224176c27766c506-965a8b5bc3f55d62-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-03T07:12:48+00:00, 2024-05-07T06:30:44+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-promotions-and-bonuses-static/Desktop/Melbet/44136fa355b3/4f817b1c7fd8.js

185.244.209.62

200 OK

715 B

URL GET HTTP/2
v3.traincdn.com/sys-static/sys-promotions-and-bonuses-static/Desktop/Melbet/44136fa355b3/4f817b1c7fd8.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
Java source, ASCII text, with very long lines (714)
Size
715 B (715 bytes)
Hash
f85953a4743a6680ebbd5a5ab4456d2a
904b5348cd03f598c1e06aa443cbe749ab14cbab
5719f0bf388e45f7dfe9432b290a4a81956ed5531f395c230481e0b01678cc4b

HTTP Headers

GET /sys-static/sys-promotions-and-bonuses-static/Desktop/Melbet/44136fa355b3/4f817b1c7fd8.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://melbet-754120.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:55 GMT
content-type: text/javascript; charset=utf-8
content-length: 715
last-modified: Mon, 06 May 2024 13:05:25 GMT
etag: "f85953a4743a6680ebbd5a5ab4456d2a"
x-amz-meta-mtime: 1715000575.060470534
expires: Tue, 07 May 2024 13:08:37 GMT
cache-control: max-age=86400
x-time-ng: 0.003
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-73e21b73ba6d22194d6755c02854b4af-52efe740e819fa60-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T13:08:37+00:00, 2024-05-06T19:47:13+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-promotions-and-bonuses-static/Desktop/Melbet/44136fa355b3/694280a8ba14.js

185.244.209.62

200 OK

504 B

URL GET HTTP/2
v3.traincdn.com/sys-static/sys-promotions-and-bonuses-static/Desktop/Melbet/44136fa355b3/694280a8ba14.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
Java source, ASCII text, with very long lines (503)
Size
504 B (504 bytes)
Hash
7374c5495be990f25f384da6a5630f1b
668f9f3bc508d13766d9c0102c1b396c375586b1
a8d8dff522f5ff4c3067e67ab735a56eda1b97fac1efbae5952157edd267f554

HTTP Headers

GET /sys-static/sys-promotions-and-bonuses-static/Desktop/Melbet/44136fa355b3/694280a8ba14.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://melbet-754120.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:55 GMT
content-type: text/javascript; charset=utf-8
content-length: 504
last-modified: Mon, 06 May 2024 13:05:25 GMT
etag: "7374c5495be990f25f384da6a5630f1b"
x-amz-meta-mtime: 1715000575.060470534
expires: Tue, 07 May 2024 13:08:37 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-eefc597f9effcda314b28de24e4e2ceb-5641f745c30578a8-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T13:08:37+00:00, 2024-05-06T19:47:13+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

melbet-754120.top/static-promotion/desktop/melbet/e727ce13.modern.js

178.253.15.193

82 kB

URL
melbet-754120.top/static-promotion/desktop/melbet/e727ce13.modern.js
IP
178.253.15.193:0
ASN
#202492 Silverhill Group Holding Ltd

Certificate
IssuerLet's Encrypt
Subjectmelbet-754120.top
Fingerprint35:DF:F6:A2:0B:F0:7A:2F:23:95:26:67:4F:91:2C:C3:FF:94:45:E5
ValidityMon, 25 Mar 2024 05:17:30 GMT - Sun, 23 Jun 2024 05:17:29 GMT

File type
JavaScript source, ASCII text, with very long lines (65485)
Size
82 kB (81741 bytes)
Hash
b6561f24f8aec0281751b562ab073a61
da737594bc17942218c1ecf460b5be61d9491900
ffe1ebe612ca496d1a2d7d53ecbb9c5b8c8f9b0c9790cda1c2f06fc538e0dcbb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static-promotion/desktop/melbet/e727ce13.modern.js HTTP/1.1
Host: melbet-754120.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/promo-frame/en/promotion/rocket-launch
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_; postback_watcher=%7B%22tag%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22pb%22%3A%2263ebd0811ddf41578e6a6c23886a91b3%22%2C%22click_id%22%3A%22d232c7vd5mya03yed6%22%2C%22r%22%3A%22promotions%2Frocket-launch%22%7D; platform_type=desktop; auid=sv0PwWY5ztStHbceAxdHAg==; window_width=1280; SESSION=6a9dceb345edb3ade02564164fad59f0; che_g=561a934e-fa4f-1c6c-7d58-1a2328e91ea2; application_locale=en; sh.session.id=01f5b214-f542-4bd9-a044-27f699e50c7b
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:56 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 06 May 2024 13:32:11 GMT
vary: Accept-Encoding
etag: W/"6638dbdb-2837e"
expires: Wed, 08 May 2024 06:48:55 GMT
cache-control: max-age=86400
content-encoding: br
x-time-ng: 0.000, 0.019
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.033
X-Firefox-Spdy: h2

v3.traincdn.com/version.json

185.244.209.62

200 OK

44 B

URL GET HTTP/2
v3.traincdn.com/version.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
ASCII text
Size
44 B (44 bytes)
Hash
265e4e9c948f929631d7e9bcf0d19d5b
c70f40cde4e09003b980fdae5130f3695de16add
62ec6fa5c15470b882bd7e05f5651b0a265a0cb2857cffa5cbfa34b3d2cf42ba

HTTP Headers

GET /version.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://melbet-754120.top
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:57 GMT
content-type: application/json
content-length: 44
last-modified: Mon, 06 May 2024 10:24:15 GMT
etag: "6638afcf-2c"
content-encoding: gzip
expires: Mon, 06 May 2024 10:50:26 GMT
cache-control: max-age=60, max-age=60, s-maxage=60
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-2fc48b24c9cd1505ce79224603bc4a17-e12a92aeee418857-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T10:49:26+00:00, 2024-05-07T06:48:10+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

melbet-754120.top/static-promotion/desktop/melbet/b460eaf9.modern.js

178.253.15.193

292 B

URL
melbet-754120.top/static-promotion/desktop/melbet/b460eaf9.modern.js
IP
178.253.15.193:0
ASN
#202492 Silverhill Group Holding Ltd

Certificate
IssuerLet's Encrypt
Subjectmelbet-754120.top
Fingerprint35:DF:F6:A2:0B:F0:7A:2F:23:95:26:67:4F:91:2C:C3:FF:94:45:E5
ValidityMon, 25 Mar 2024 05:17:30 GMT - Sun, 23 Jun 2024 05:17:29 GMT

File type
JavaScript source, ASCII text, with no line terminators
Size
292 B (292 bytes)
Hash
3bbde77d10ef10444e7c887d47113686
7f5c065a563c919892fe1a52f0955d8f99d6dd33
5883489d2d1759091beabf21f525c5e0de533d3b73ee4f96f39f72a2b822e348

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static-promotion/desktop/melbet/b460eaf9.modern.js HTTP/1.1
Host: melbet-754120.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/promo-frame/en/promotion/rocket-launch
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_; postback_watcher=%7B%22tag%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22pb%22%3A%2263ebd0811ddf41578e6a6c23886a91b3%22%2C%22click_id%22%3A%22d232c7vd5mya03yed6%22%2C%22r%22%3A%22promotions%2Frocket-launch%22%7D; platform_type=desktop; auid=sv0PwWY5ztStHbceAxdHAg==; window_width=0; SESSION=6a9dceb345edb3ade02564164fad59f0; che_g=561a934e-fa4f-1c6c-7d58-1a2328e91ea2; application_locale=en; sh.session.id=01f5b214-f542-4bd9-a044-27f699e50c7b
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 292
last-modified: Mon, 06 May 2024 13:32:11 GMT
etag: "6638dbdb-124"
expires: Wed, 08 May 2024 06:48:57 GMT
cache-control: max-age=86400
accept-ranges: bytes
x-time-ng: 0.000, 0.033
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.041
X-Firefox-Spdy: h2

widget.suphelper.top/services/widget/v2/most-required?projectId=5b617f99fdf00b25dc78dfce&credentials=%7B%22$type%22:%22GuestCredentials%22,%22id%22:%2201f5b214-f542-4bd9-a044-27f699e50c7b%22%7D

104.18.39.72

200 OK

75 kB

URL GET HTTP/2
widget.suphelper.top/services/widget/v2/most-required?projectId=5b617f99fdf00b25dc78dfce&credentials=%7B%22$type%22:%22GuestCredentials%22,%22id%22:%2201f5b214-f542-4bd9-a044-27f699e50c7b%22%7D
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://widget.suphelper.top/
Certificate
IssuerGoogle Trust Services LLC
Subjectsuphelper.top
Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36
ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT

File type
gzip compressed data, from Unix
Size
75 kB (74848 bytes)
Hash
321385692b53b1f7a73b3e8d574a3500
b516ecf648672ac1330cccefab0e072315f38c09
0ab4015e04640ddc475b0dee2fe6c67c491622dad4e7833dcb0c392042589f00

HTTP Headers

GET /services/widget/v2/most-required?projectId=5b617f99fdf00b25dc78dfce&credentials=%7B%22$type%22:%22GuestCredentials%22,%22id%22:%2201f5b214-f542-4bd9-a044-27f699e50c7b%22%7D HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 07 May 2024 06:48:56 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 87ff44670c895688-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1/desktop/promotions/rocket-launch/logo.png

185.244.209.62

1.0 kB

URL
v3.traincdn.com/genfiles/cms/1/desktop/promotions/rocket-launch/logo.png
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
PNG image data, 158 x 28, 8-bit colormap, non-interlaced
Size
1.0 kB (1001 bytes)
Hash
8e549a491f9940ba8545be94c0da75c9
153f7b7d85a0cfab4d68dac7001883f29940e07e
cfaa1c79b631ee365fd4a984c1cae051eef15ac1818e1af2471a6e2a41d3961f

HTTP Headers

GET /genfiles/cms/1/desktop/promotions/rocket-launch/logo.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:57 GMT
content-type: image/png
content-length: 1001
last-modified: Tue, 11 Jul 2023 07:16:06 GMT
etag: "8e549a491f9940ba8545be94c0da75c9"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-2f59e99f11d96b04c36d9fcd92112fda-c36ff28773c49236-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T11:35:54+00:00, 2024-05-07T06:11:54+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

melbet-754120.top/static-promotion/desktop/melbet/99696c83.modern.js

178.253.15.193

338 kB

URL
melbet-754120.top/static-promotion/desktop/melbet/99696c83.modern.js
IP
178.253.15.193:0
ASN
#202492 Silverhill Group Holding Ltd

Certificate
IssuerLet's Encrypt
Subjectmelbet-754120.top
Fingerprint35:DF:F6:A2:0B:F0:7A:2F:23:95:26:67:4F:91:2C:C3:FF:94:45:E5
ValidityMon, 25 Mar 2024 05:17:30 GMT - Sun, 23 Jun 2024 05:17:29 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (60173)
Size
338 kB (338345 bytes)
Hash
e9426985bc2c37fd6f48cb70e67efc3c
6f3371b3dc5bbf7c04565765bc120a88d0d5f536
85aa50911c1405a4edd7bb81015e7149bd9f768f881f6f6a35608a5e516bf39b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static-promotion/desktop/melbet/99696c83.modern.js HTTP/1.1
Host: melbet-754120.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/promo-frame/en/promotion/rocket-launch
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_; postback_watcher=%7B%22tag%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22pb%22%3A%2263ebd0811ddf41578e6a6c23886a91b3%22%2C%22click_id%22%3A%22d232c7vd5mya03yed6%22%2C%22r%22%3A%22promotions%2Frocket-launch%22%7D; platform_type=desktop; auid=sv0PwWY5ztStHbceAxdHAg==; window_width=1280; SESSION=6a9dceb345edb3ade02564164fad59f0; che_g=561a934e-fa4f-1c6c-7d58-1a2328e91ea2; application_locale=en; sh.session.id=01f5b214-f542-4bd9-a044-27f699e50c7b
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:56 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 06 May 2024 13:32:11 GMT
vary: Accept-Encoding
etag: W/"6638dbdb-501784"
expires: Wed, 08 May 2024 06:48:56 GMT
cache-control: max-age=86400
content-encoding: br
x-time-ng: 0.000, 0.048
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.062
X-Firefox-Spdy: h2

melbet-754120.top/static-promotion/desktop/melbet/5797281e.modern.js

178.253.15.193

12 kB

URL
melbet-754120.top/static-promotion/desktop/melbet/5797281e.modern.js
IP
178.253.15.193:0
ASN
#202492 Silverhill Group Holding Ltd

Certificate
IssuerLet's Encrypt
Subjectmelbet-754120.top
Fingerprint35:DF:F6:A2:0B:F0:7A:2F:23:95:26:67:4F:91:2C:C3:FF:94:45:E5
ValidityMon, 25 Mar 2024 05:17:30 GMT - Sun, 23 Jun 2024 05:17:29 GMT

File type
JavaScript source, ASCII text, with very long lines (65330), with no line terminators
Size
12 kB (12209 bytes)
Hash
225d93a4f4f39187b1a86b8063aa5216
0173c54c68b31b8d59defd967279c310201cddf4
5ba7f753788beac4a287300026b1cbb936e6ab10978410621334e6b02c7d9ec4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static-promotion/desktop/melbet/5797281e.modern.js HTTP/1.1
Host: melbet-754120.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/promo-frame/en/promotion/rocket-launch
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_; postback_watcher=%7B%22tag%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22pb%22%3A%2263ebd0811ddf41578e6a6c23886a91b3%22%2C%22click_id%22%3A%22d232c7vd5mya03yed6%22%2C%22r%22%3A%22promotions%2Frocket-launch%22%7D; platform_type=desktop; auid=sv0PwWY5ztStHbceAxdHAg==; window_width=0; SESSION=6a9dceb345edb3ade02564164fad59f0; che_g=561a934e-fa4f-1c6c-7d58-1a2328e91ea2; application_locale=en; sh.session.id=01f5b214-f542-4bd9-a044-27f699e50c7b
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:57 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 06 May 2024 13:32:11 GMT
vary: Accept-Encoding
etag: W/"6638dbdb-ff32"
expires: Wed, 08 May 2024 06:48:57 GMT
cache-control: max-age=86400
content-encoding: br
x-time-ng: 0.000, 0.006
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.014
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1/desktop/promotions/rocket-launch/dice-1.png

185.244.209.62

7.8 kB

URL
v3.traincdn.com/genfiles/cms/1/desktop/promotions/rocket-launch/dice-1.png
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
PNG image data, 180 x 179, 8-bit colormap, non-interlaced
Size
7.8 kB (7813 bytes)
Hash
607e366fc82400daedb04a563dfb6ca8
bc3b41fa0ddba6339aa162fd4f1dd38d8d93d0a4
57a3328707343323f9610740df2058c57c4dfaa42bcc7b53874b6b546b89607c

HTTP Headers

GET /genfiles/cms/1/desktop/promotions/rocket-launch/dice-1.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:57 GMT
content-type: image/png
content-length: 7813
last-modified: Tue, 11 Jul 2023 07:16:06 GMT
etag: "607e366fc82400daedb04a563dfb6ca8"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-96be1e72b6a56b31bf1ef5b45a284ea7-cc456a93c328404d-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T11:34:56+00:00, 2024-05-07T06:11:53+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1/desktop/promotions/rocket-launch/dice-2.png

185.244.209.62

6.4 kB

URL
v3.traincdn.com/genfiles/cms/1/desktop/promotions/rocket-launch/dice-2.png
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
PNG image data, 153 x 160, 8-bit colormap, non-interlaced
Size
6.4 kB (6394 bytes)
Hash
b40677f85f207a6ea9768e53cfcb813f
6ffa8bb96e78abfebd3950e12523a5566cf1e6a6
86d6f45ae3f25c06dccaeb130e1d08bcd45dba10d012eb7e675d91183b4bb989

HTTP Headers

GET /genfiles/cms/1/desktop/promotions/rocket-launch/dice-2.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:57 GMT
content-type: image/png
content-length: 6394
last-modified: Tue, 11 Jul 2023 07:16:06 GMT
etag: "b40677f85f207a6ea9768e53cfcb813f"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-7a3319636970b4878b7ef179823c7484-13f694c8c5f560b5-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T11:32:24+00:00, 2024-05-07T06:11:51+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1/desktop/promotions/rocket-launch/dice-3.png

185.244.209.62

7.4 kB

URL
v3.traincdn.com/genfiles/cms/1/desktop/promotions/rocket-launch/dice-3.png
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
PNG image data, 151 x 151, 8-bit colormap, non-interlaced
Size
7.4 kB (7428 bytes)
Hash
b2276cf4d5efcd34b1475749ff43112a
c4bd1579e20547281e128cea41b4b4a7cc555f50
0b086f0478757e282240ca35437f7cf9b87d32bef30cf5abbb363b111eaafc3b

HTTP Headers

GET /genfiles/cms/1/desktop/promotions/rocket-launch/dice-3.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:58 GMT
content-type: image/png
content-length: 7428
last-modified: Tue, 11 Jul 2023 07:16:06 GMT
etag: "b2276cf4d5efcd34b1475749ff43112a"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-f38ce167e45b16eb167b14ffcdae9bd0-087afcd1a9bb17f8-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-03T05:22:35+00:00, 2024-05-07T06:11:54+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1/desktop/promotions/rocket-launch/spin-btn-bg.png

185.244.209.62

9.5 kB

URL
v3.traincdn.com/genfiles/cms/1/desktop/promotions/rocket-launch/spin-btn-bg.png
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
PNG image data, 195 x 194, 8-bit colormap, non-interlaced
Size
9.5 kB (9465 bytes)
Hash
f5f8759a6b9b5a043e32077661a9f5ff
beddda60961b9140d07dda50d3d5018bc6e00f70
2c6bc3397dcf9d9dac7f83f5b44c8f29cfd2d43a8b7f60e00d04c81be498c5a7

HTTP Headers

GET /genfiles/cms/1/desktop/promotions/rocket-launch/spin-btn-bg.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:58 GMT
content-type: image/png
content-length: 9465
last-modified: Tue, 11 Jul 2023 07:16:27 GMT
etag: "f5f8759a6b9b5a043e32077661a9f5ff"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-a06901ee3aa158e054e77b94770ece7f-c17203a6c8ebb531-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T07:01:26+00:00, 2024-05-07T05:59:10+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1/desktop/promotions/rocket-launch/card-1.webp

185.244.209.62

2.2 kB

URL
v3.traincdn.com/genfiles/cms/1/desktop/promotions/rocket-launch/card-1.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
2.2 kB (2224 bytes)
Hash
28c9119ff8a99fcf9afaff1ccea7b1d0
aec127bb46592505090a1f4bd276d759630518e8
6aaaf8e99d3ed87dae256242d658424e91d369b461727e05519e7dfd9dfcb5bb

HTTP Headers

GET /genfiles/cms/1/desktop/promotions/rocket-launch/card-1.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:58 GMT
content-type: image/webp
content-length: 2224
last-modified: Tue, 11 Jul 2023 07:15:16 GMT
etag: "28c9119ff8a99fcf9afaff1ccea7b1d0"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-e51fb7b11834049e5370087f61e0d2e6-fe8cadb1cd98e8e9-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T11:32:24+00:00, 2024-05-07T06:11:52+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/sfiles/games-images/game-animations/game-316-animation-black.svg

185.244.209.62

200 OK

15 kB

URL GET HTTP/2
v3.traincdn.com/sfiles/games-images/game-animations/game-316-animation-black.svg
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
15 kB (15170 bytes)
Hash
d28821918aab8174d693b6d87363b80b
509877c8f393456a103ace6ea9985a2984e0532e
7c87b35302fc62fd466db3ec6b417fee6efa25deae89def1244706e943646fed

HTTP Headers

GET /sfiles/games-images/game-animations/game-316-animation-black.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:55 GMT
content-type: image/svg+xml
last-modified: Fri, 19 Jan 2024 09:59:24 GMT
etag: W/"88c7494782d28e031153f61058f8a5f6"
x-amz-meta-origin-date-iso8601: 2024-01-17T18:40:56.000Z
expires: Tue, 07 May 2024 00:01:13 GMT
cache-control: max-age=86400, public
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-ca1c4fbfec4db998a25cdb02c0d586a3-a2eaf7abfe9f4aac-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T00:01:13+00:00, 2024-05-07T05:48:58+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1/desktop/promotions/rocket-launch/wheel-large.webp

185.244.209.62

25 kB

URL
v3.traincdn.com/genfiles/cms/1/desktop/promotions/rocket-launch/wheel-large.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
25 kB (25256 bytes)
Hash
331737d304d472eab077a5030ff6ff64
9f68f398a14bac292aa151da049873f33841906a
023c9abab90b38b8c6413a0a45430099e70d7fc07244ec12cd145c4a79166787

HTTP Headers

GET /genfiles/cms/1/desktop/promotions/rocket-launch/wheel-large.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:58 GMT
content-type: image/webp
content-length: 25256
last-modified: Tue, 11 Jul 2023 07:16:27 GMT
etag: "331737d304d472eab077a5030ff6ff64"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-ad5d8501fa389605bb1bd8f7acf068d0-27c3fb5806eff5cd-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T19:07:29+00:00, 2024-05-07T06:48:57+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-435XWQE678&l=dataLayer&cx=c

142.250.74.168

103 kB

URL
www.googletagmanager.com/gtag/js?id=G-435XWQE678&l=dataLayer&cx=c
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
JavaScript source, ASCII text, with very long lines (5955)
Size
103 kB (102700 bytes)
Hash
cc075f2bbd4930f98c8d732931f42b70
e155591e80ebb18ad4983e5a3b7df7dac2b1ae9b
301a467072285c0a647c77d35050256f951432c77250e3fdf962e2043cc4c617

HTTP Headers

GET /gtag/js?id=G-435XWQE678&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 07 May 2024 06:48:58 GMT
expires: Tue, 07 May 2024 06:48:58 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 102700
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

melbet-754120.top/paysystems/information/systems?lang=en&ref_id=8&geo=NO

178.253.15.193

200 OK

31 kB

URL GET HTTP/2
melbet-754120.top/paysystems/information/systems?lang=en&ref_id=8&geo=NO
IP
178.253.15.193:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerLet's Encrypt
Subjectmelbet-754120.top
Fingerprint35:DF:F6:A2:0B:F0:7A:2F:23:95:26:67:4F:91:2C:C3:FF:94:45:E5
ValidityMon, 25 Mar 2024 05:17:30 GMT - Sun, 23 Jun 2024 05:17:29 GMT

File type
JSON text data
Size
31 kB (30830 bytes)
Hash
cdbb4b6bb06f4489cb767e4fe89c8c16
9cb2e0f20861fa7f506dd3509a953eaae9786dcf
b49a12debc7518dc8148378c678ce0f31b8de749e71ad4909710335302aca19b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /paysystems/information/systems?lang=en&ref_id=8&geo=NO HTTP/1.1
Host: melbet-754120.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions%2Frocket-launch
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_; postback_watcher=%7B%22tag%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22pb%22%3A%2263ebd0811ddf41578e6a6c23886a91b3%22%2C%22click_id%22%3A%22d232c7vd5mya03yed6%22%2C%22r%22%3A%22promotions%2Frocket-launch%22%7D; platform_type=desktop; auid=sv0PwWY5ztStHbceAxdHAg==; window_width=1280; SESSION=6a9dceb345edb3ade02564164fad59f0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:55 GMT
content-type: application/json
cache-control: max-age=0, must-revalidate, private
content-encoding: br
expires: Tue, 07 May 2024 06:48:55 GMT
set-cookie: application_locale=en; expires=Thu, 06 Jun 2024 06:48:55 GMT; Max-Age=2592000; path=/; secure; samesite=lax
traceparent: 00-d50eb4a833812f2f406ea4080d8ede25-6461bec053a0db90-01
vary: Accept-Encoding
x-dt: 62
x-time-ng: 0.194, 0.215
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=215.718, wf-uht;dur=0.237
X-Firefox-Spdy: h2

v3.traincdn.com/sys-ui/2.2.11/Desktop/Default/client.css

185.244.209.62

200 OK

194 kB

URL GET HTTP/2
v3.traincdn.com/sys-ui/2.2.11/Desktop/Default/client.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
194 kB (193770 bytes)
Hash
6f8ba9cc8484fa603d8980c9799ecb94
b77507d030ded743bd73aacfd4980939e0baaa5a
9f0d48feb2dd3c17ecf9fe79888af97fa5b5844c46db6865702396cd2ae06943

HTTP Headers

GET /sys-ui/2.2.11/Desktop/Default/client.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:53 GMT
content-type: text/css; charset=utf-8
last-modified: Tue, 23 Apr 2024 11:41:52 GMT
etag: W/"5be31e73f9aaf3c05331c4f0cd80e4d9"
x-amz-meta-mtime: 1713872392.088051093
content-encoding: gzip
expires: Wed, 24 Apr 2024 14:28:29 GMT
cache-control: max-age=86400
x-time-ng: 0.008
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-d6ea9d0f33918086fb4ea665862e79e9-67ad72073336a514-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T14:28:29+00:00, 2024-05-06T14:47:23+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/site-admin/colors/5d4395229383c2ca750c2971d3e725b9.css

185.244.209.62

200 OK

16 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/site-admin/colors/5d4395229383c2ca750c2971d3e725b9.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
16 kB (15804 bytes)
Hash
a1fd48ee5b4d0f3966b6287d6f201ca3
5d5b8b3041ea4231347bbed45d284e77e6c6bbfe
8a3a02a329a2367f17a858dbc7f42f1ba47f003a02965e4933984075b358e2ba

HTTP Headers

GET /genfiles/site-admin/colors/5d4395229383c2ca750c2971d3e725b9.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:52 GMT
content-type: text/css
last-modified: Fri, 29 Mar 2024 10:33:48 GMT
etag: W/"c49766de1f84e4ca660cdb6691de1e01"
content-encoding: gzip
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-1cdca28bb9f479fc2fae657e5324588e-b713058e43d4d016-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-03-29T11:37:16+00:00, 2024-05-07T06:39:49+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

melbet-754120.top/web-api/api/third-party/banner-for-header

178.253.15.193

200 OK

34 kB

URL GET HTTP/2
melbet-754120.top/web-api/api/third-party/banner-for-header
IP
178.253.15.193:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerLet's Encrypt
Subjectmelbet-754120.top
Fingerprint35:DF:F6:A2:0B:F0:7A:2F:23:95:26:67:4F:91:2C:C3:FF:94:45:E5
ValidityMon, 25 Mar 2024 05:17:30 GMT - Sun, 23 Jun 2024 05:17:29 GMT

File type
JSON text data
Size
34 kB (34046 bytes)
Hash
5bf3d7f756d22136832e2bdeefd47ea8
5d77312e307fb237d2d0007af82c6f5dc2c6ae6e
ba5f3ea40e95f49bce11942f375ebd3882eb837976eda5c0cb78b9b99ca7b485

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /web-api/api/third-party/banner-for-header HTTP/1.1
Host: melbet-754120.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions%2Frocket-launch
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_; postback_watcher=%7B%22tag%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22pb%22%3A%2263ebd0811ddf41578e6a6c23886a91b3%22%2C%22click_id%22%3A%22d232c7vd5mya03yed6%22%2C%22r%22%3A%22promotions%2Frocket-launch%22%7D; platform_type=desktop; auid=sv0PwWY5ztStHbceAxdHAg==; window_width=1280; SESSION=6a9dceb345edb3ade02564164fad59f0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:54 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: br
server-timing: p;dur=16, dt_total;dur=55.713, wf-uht;dur=0.064
traceparent: 00-999038d13c9c41b3b6ffe4530ecf7322-c8fd264dbe41a14c-01
vary: Accept-Encoding
x-dt: 62
x-time-ng: 0.041
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

melbet-754120.top/promo-frame/bff-api/config/all.json?lang=en

178.253.15.193

30 kB

URL
melbet-754120.top/promo-frame/bff-api/config/all.json?lang=en
IP
178.253.15.193:0
ASN
#202492 Silverhill Group Holding Ltd

Certificate
IssuerLet's Encrypt
Subjectmelbet-754120.top
Fingerprint35:DF:F6:A2:0B:F0:7A:2F:23:95:26:67:4F:91:2C:C3:FF:94:45:E5
ValidityMon, 25 Mar 2024 05:17:30 GMT - Sun, 23 Jun 2024 05:17:29 GMT

File type
JSON text data
Size
30 kB (30362 bytes)
Hash
91d7898b93369495cc8fca258abee279
34acd9c0b1534eca06dedebf6fbca69c4b028692
245f4abeafbde07d922e29bfb1168b8b11ece0e8e9f7feb05590c4e51d7be36b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /promo-frame/bff-api/config/all.json?lang=en HTTP/1.1
Host: melbet-754120.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/promo-frame/en/promotion/rocket-launch
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_; postback_watcher=%7B%22tag%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22pb%22%3A%2263ebd0811ddf41578e6a6c23886a91b3%22%2C%22click_id%22%3A%22d232c7vd5mya03yed6%22%2C%22r%22%3A%22promotions%2Frocket-launch%22%7D; platform_type=desktop; auid=sv0PwWY5ztStHbceAxdHAg==; window_width=1280; SESSION=6a9dceb345edb3ade02564164fad59f0; che_g=561a934e-fa4f-1c6c-7d58-1a2328e91ea2; application_locale=en; sh.session.id=01f5b214-f542-4bd9-a044-27f699e50c7b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:57 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, private
x-cache-hit: 1
x-cache-expire: 595
x-time-ng: 0.003
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: bff;dur=2.59, wf-uht;dur=0.023
X-Firefox-Spdy: h2

melbet-754120.top/web-api/external-api/promotions/rocket-launch

178.253.15.193

852 B

URL
melbet-754120.top/web-api/external-api/promotions/rocket-launch
IP
178.253.15.193:0
ASN
#202492 Silverhill Group Holding Ltd

Certificate
IssuerLet's Encrypt
Subjectmelbet-754120.top
Fingerprint35:DF:F6:A2:0B:F0:7A:2F:23:95:26:67:4F:91:2C:C3:FF:94:45:E5
ValidityMon, 25 Mar 2024 05:17:30 GMT - Sun, 23 Jun 2024 05:17:29 GMT

File type
JSON text data
Size
852 B (852 bytes)
Hash
99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /web-api/external-api/promotions/rocket-launch HTTP/1.1
Host: melbet-754120.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/promo-frame/en/promotion/rocket-launch
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_; postback_watcher=%7B%22tag%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22pb%22%3A%2263ebd0811ddf41578e6a6c23886a91b3%22%2C%22click_id%22%3A%22d232c7vd5mya03yed6%22%2C%22r%22%3A%22promotions%2Frocket-launch%22%7D; platform_type=desktop; auid=sv0PwWY5ztStHbceAxdHAg==; window_width=0; SESSION=6a9dceb345edb3ade02564164fad59f0; che_g=561a934e-fa4f-1c6c-7d58-1a2328e91ea2; application_locale=en; sh.session.id=01f5b214-f542-4bd9-a044-27f699e50c7b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 403 Forbidden
server: nginx
date: Tue, 07 May 2024 06:48:58 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: br
server-timing: p;dur=28, dt_total;dur=29.617
traceparent: 00-727241a4a8fddad99e09a44c66dfcd35-56942bee92624473-01
vary: Accept-Encoding
x-dt: 62
x-time-ng: 0.029
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

melbet-754120.top/genfiles/cms/8-62/desktop/media_asset/f71c7d3da5b31948996998f1397e2910.json

178.253.15.193

200 OK

167 B

URL GET HTTP/2
melbet-754120.top/genfiles/cms/8-62/desktop/media_asset/f71c7d3da5b31948996998f1397e2910.json
IP
178.253.15.193:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerLet's Encrypt
Subjectmelbet-754120.top
Fingerprint35:DF:F6:A2:0B:F0:7A:2F:23:95:26:67:4F:91:2C:C3:FF:94:45:E5
ValidityMon, 25 Mar 2024 05:17:30 GMT - Sun, 23 Jun 2024 05:17:29 GMT

File type
JSON text data
Size
167 B (167 bytes)
Hash
03158ff80c6e448da55d5672eb032b77
fc39a273b30415c7431f21fecdc4a5bf2694c7e2
e584a61ab508b69c5b9a4ab2e4dd86e3b7e7094547c4739d048ab1f639a8025c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/8-62/desktop/media_asset/f71c7d3da5b31948996998f1397e2910.json HTTP/1.1
Host: melbet-754120.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions%2Frocket-launch
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_; postback_watcher=%7B%22tag%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22pb%22%3A%2263ebd0811ddf41578e6a6c23886a91b3%22%2C%22click_id%22%3A%22d232c7vd5mya03yed6%22%2C%22r%22%3A%22promotions%2Frocket-launch%22%7D; platform_type=desktop; auid=sv0PwWY5ztStHbceAxdHAg==; window_width=0; SESSION=6a9dceb345edb3ade02564164fad59f0; che_g=561a934e-fa4f-1c6c-7d58-1a2328e91ea2; application_locale=en; sh.session.id=01f5b214-f542-4bd9-a044-27f699e50c7b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:59 GMT
content-type: application/json
content-length: 167
last-modified: Tue, 22 Aug 2023 06:44:27 GMT
etag: "03158ff80c6e448da55d5672eb032b77"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.013
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/shared-assets/__shared_chunk_Y7BFQXXC.js

185.244.209.62

200 OK

1.5 kB

URL GET HTTP/2
v3.traincdn.com/sys-static/shared-assets/__shared_chunk_Y7BFQXXC.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
1.5 kB (1514 bytes)
Hash
cfafd804f0ae34c2cb9d5ae7445ef78e
74dd4e0259f16528a2e6b19a5da3431b8e311022
c971e6af97b6c8cce3d2c6327138e2c1e3c14a236d09d8d3a98edc003109c7b3

HTTP Headers

GET /sys-static/shared-assets/__shared_chunk_Y7BFQXXC.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://melbet-754120.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:55 GMT
content-type: text/javascript; charset=utf-8
last-modified: Mon, 06 May 2024 14:40:26 GMT
etag: W/"8fecd56fc5520134f3c39b17431fe0c2"
x-amz-meta-mtime: 1715006282.054749806
content-encoding: gzip
expires: Tue, 07 May 2024 15:18:04 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-bd3d5eff5264e9aae90658201826b254-446eb03b59f7972c-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T15:18:04+00:00, 2024-05-06T15:57:12+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-435XWQE678&cid=49551864.1715064539&gtm=45je4510v9100497636za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=1417055993

142.250.74.35

42 B

URL
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-435XWQE678&cid=49551864.1715064539&gtm=45je4510v9100497636za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=1417055993
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-435XWQE678&cid=49551864.1715064539&gtm=45je4510v9100497636za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=1417055993 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 07 May 2024 06:48:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

melbet-754120.top/genfiles/cms/8-62/desktop/media_asset/072b845d0578c63307f3aa450cd167f5.json

178.253.15.193

200 OK

1.2 kB

URL GET HTTP/2
melbet-754120.top/genfiles/cms/8-62/desktop/media_asset/072b845d0578c63307f3aa450cd167f5.json
IP
178.253.15.193:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerLet's Encrypt
Subjectmelbet-754120.top
Fingerprint35:DF:F6:A2:0B:F0:7A:2F:23:95:26:67:4F:91:2C:C3:FF:94:45:E5
ValidityMon, 25 Mar 2024 05:17:30 GMT - Sun, 23 Jun 2024 05:17:29 GMT

File type
JSON text data
Size
1.2 kB (1216 bytes)
Hash
9977624e85566fe8861d8655edf8455f
f24cf536479c8af3886bedce1abf09368d2c5680
2bbc40ea29d65431b6bc3135ecf98a6e654c19fc9eec8434aeea5b1823eb5f37

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/8-62/desktop/media_asset/072b845d0578c63307f3aa450cd167f5.json HTTP/1.1
Host: melbet-754120.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions%2Frocket-launch
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_; postback_watcher=%7B%22tag%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22pb%22%3A%2263ebd0811ddf41578e6a6c23886a91b3%22%2C%22click_id%22%3A%22d232c7vd5mya03yed6%22%2C%22r%22%3A%22promotions%2Frocket-launch%22%7D; platform_type=desktop; auid=sv0PwWY5ztStHbceAxdHAg==; window_width=0; SESSION=6a9dceb345edb3ade02564164fad59f0; che_g=561a934e-fa4f-1c6c-7d58-1a2328e91ea2; application_locale=en; sh.session.id=01f5b214-f542-4bd9-a044-27f699e50c7b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:59 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Thu, 04 Apr 2024 11:33:44 GMT
etag: W/"9977624e85566fe8861d8655edf8455f"
content-encoding: br
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.013
X-Firefox-Spdy: h2

melbet-754120.top/genfiles/cms/8-62/desktop/media_asset/80c28ec678bf84b4437bdff8447b6e61.json

178.253.15.193

200 OK

822 B

URL GET HTTP/2
melbet-754120.top/genfiles/cms/8-62/desktop/media_asset/80c28ec678bf84b4437bdff8447b6e61.json
IP
178.253.15.193:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerLet's Encrypt
Subjectmelbet-754120.top
Fingerprint35:DF:F6:A2:0B:F0:7A:2F:23:95:26:67:4F:91:2C:C3:FF:94:45:E5
ValidityMon, 25 Mar 2024 05:17:30 GMT - Sun, 23 Jun 2024 05:17:29 GMT

File type
JSON text data
Size
822 B (822 bytes)
Hash
be781196159e458a9a157a93f6981363
54b5bb6ddb54aefb6dc1eeeab89afdf48079e959
71bf1763541ee0d4298863f03c291b09029668d448e8077518717b8810ac910f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/8-62/desktop/media_asset/80c28ec678bf84b4437bdff8447b6e61.json HTTP/1.1
Host: melbet-754120.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://melbet-754120.top/en/bonus/rules
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_; postback_watcher=%7B%22tag%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22pb%22%3A%2263ebd0811ddf41578e6a6c23886a91b3%22%2C%22click_id%22%3A%22d232c7vd5mya03yed6%22%2C%22r%22%3A%22promotions%2Frocket-launch%22%7D; platform_type=desktop; auid=sv0PwWY5ztStHbceAxdHAg==; window_width=0; SESSION=6a9dceb345edb3ade02564164fad59f0; che_g=561a934e-fa4f-1c6c-7d58-1a2328e91ea2; application_locale=en; sh.session.id=01f5b214-f542-4bd9-a044-27f699e50c7b; _ga_435XWQE678=GS1.1.1715064539.1.0.1715064539.60.0.0; _ga=GA1.1.49551864.1715064539
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:59 GMT
content-type: application/json
content-length: 822
last-modified: Mon, 08 Apr 2024 09:13:20 GMT
etag: "be781196159e458a9a157a93f6981363"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.008
X-Firefox-Spdy: h2

melbet-754120.top/genfiles/cms/8-62/desktop/media_asset/9680db2bb8f716c46bbc51c0b870afe9.json

178.253.15.193

200 OK

184 B

URL GET HTTP/2
melbet-754120.top/genfiles/cms/8-62/desktop/media_asset/9680db2bb8f716c46bbc51c0b870afe9.json
IP
178.253.15.193:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerLet's Encrypt
Subjectmelbet-754120.top
Fingerprint35:DF:F6:A2:0B:F0:7A:2F:23:95:26:67:4F:91:2C:C3:FF:94:45:E5
ValidityMon, 25 Mar 2024 05:17:30 GMT - Sun, 23 Jun 2024 05:17:29 GMT

File type
JSON text data
Size
184 B (184 bytes)
Hash
36777c63209967831ddd2926e229b69b
7a59de3bd5fd0406a1becbd4fc6bdb49a996a0fa
c2087429233dc14f1ad96cf9b7d1f4ecf0f32fabab7fc37999644a488d10dbc2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/8-62/desktop/media_asset/9680db2bb8f716c46bbc51c0b870afe9.json HTTP/1.1
Host: melbet-754120.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://melbet-754120.top/en/bonus/rules
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_; postback_watcher=%7B%22tag%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22pb%22%3A%2263ebd0811ddf41578e6a6c23886a91b3%22%2C%22click_id%22%3A%22d232c7vd5mya03yed6%22%2C%22r%22%3A%22promotions%2Frocket-launch%22%7D; platform_type=desktop; auid=sv0PwWY5ztStHbceAxdHAg==; window_width=0; SESSION=6a9dceb345edb3ade02564164fad59f0; che_g=561a934e-fa4f-1c6c-7d58-1a2328e91ea2; application_locale=en; sh.session.id=01f5b214-f542-4bd9-a044-27f699e50c7b; _ga_435XWQE678=GS1.1.1715064539.1.0.1715064539.60.0.0; _ga=GA1.1.49551864.1715064539
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:59 GMT
content-type: application/json
content-length: 184
last-modified: Thu, 09 Nov 2023 06:23:04 GMT
etag: "36777c63209967831ddd2926e229b69b"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.009
X-Firefox-Spdy: h2

melbet-754120.top/bonus-api/category?currency=NOK&language=en

178.253.15.193

200 OK

511 B

URL GET HTTP/2
melbet-754120.top/bonus-api/category?currency=NOK&language=en
IP
178.253.15.193:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerLet's Encrypt
Subjectmelbet-754120.top
Fingerprint35:DF:F6:A2:0B:F0:7A:2F:23:95:26:67:4F:91:2C:C3:FF:94:45:E5
ValidityMon, 25 Mar 2024 05:17:30 GMT - Sun, 23 Jun 2024 05:17:29 GMT

File type
JSON text data
Size
511 B (511 bytes)
Hash
b6a03893f409d39e47a9b7abd77a0d54
6bca7640e6fb57bbc76fb01c93b573773ca60acb
cb6700c4bd89c218144c6ae6077e8005a8b81cd8b6ba62955162aba8079a2e5d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /bonus-api/category?currency=NOK&language=en HTTP/1.1
Host: melbet-754120.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://melbet-754120.top/en/bonus/rules
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_; postback_watcher=%7B%22tag%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22pb%22%3A%2263ebd0811ddf41578e6a6c23886a91b3%22%2C%22click_id%22%3A%22d232c7vd5mya03yed6%22%2C%22r%22%3A%22promotions%2Frocket-launch%22%7D; platform_type=desktop; auid=sv0PwWY5ztStHbceAxdHAg==; window_width=0; SESSION=6a9dceb345edb3ade02564164fad59f0; che_g=561a934e-fa4f-1c6c-7d58-1a2328e91ea2; application_locale=en; sh.session.id=01f5b214-f542-4bd9-a044-27f699e50c7b; _ga_435XWQE678=GS1.1.1715064539.1.0.1715064539.60.0.0; _ga=GA1.1.49551864.1715064539
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:59 GMT
content-type: application/json
content-length: 511
cache-control: no-cache, private
server-timing: p;dur=3.3760070800781, dt_total;dur=22.987, wf-uht;dur=0.030
traceparent: 00-6fa499f48e2fe2baeb014b06a067f360-a5d3b56aa2c58fde-01
x-dt: 62
x-request-id: 1553d197cdac0083252dca6e7f5dc7e7
x-time-ng: 0.005
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

melbet-754120.top/genfiles/cms/8-62/desktop/media_asset/2773ca8dd3a7e989fa3dda8023ec2769.json

178.253.15.193

200 OK

6.6 kB

URL GET HTTP/2
melbet-754120.top/genfiles/cms/8-62/desktop/media_asset/2773ca8dd3a7e989fa3dda8023ec2769.json
IP
178.253.15.193:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerLet's Encrypt
Subjectmelbet-754120.top
Fingerprint35:DF:F6:A2:0B:F0:7A:2F:23:95:26:67:4F:91:2C:C3:FF:94:45:E5
ValidityMon, 25 Mar 2024 05:17:30 GMT - Sun, 23 Jun 2024 05:17:29 GMT

File type
JSON text data
Size
6.6 kB (6614 bytes)
Hash
b26a415353b83bc6b08c1cdab5caee2f
85c655b0c74e2a3f6bef230062f2dff910fc6e4e
5a17c23c2edc35555f543a1b5cc623d99383b384d0577d20352c1073439ef663

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/8-62/desktop/media_asset/2773ca8dd3a7e989fa3dda8023ec2769.json HTTP/1.1
Host: melbet-754120.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions%2Frocket-launch
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_; postback_watcher=%7B%22tag%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22pb%22%3A%2263ebd0811ddf41578e6a6c23886a91b3%22%2C%22click_id%22%3A%22d232c7vd5mya03yed6%22%2C%22r%22%3A%22promotions%2Frocket-launch%22%7D; platform_type=desktop; auid=sv0PwWY5ztStHbceAxdHAg==; window_width=0; SESSION=6a9dceb345edb3ade02564164fad59f0; che_g=561a934e-fa4f-1c6c-7d58-1a2328e91ea2; application_locale=en; sh.session.id=01f5b214-f542-4bd9-a044-27f699e50c7b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:59 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Fri, 02 Feb 2024 08:24:30 GMT
etag: W/"b26a415353b83bc6b08c1cdab5caee2f"
content-encoding: br
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.008
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-435XWQE678&gtm=45je4510v9100497636za200&_p=1715064537278&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=49551864.1715064539&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=1&sid=1715064539&sct=1&seg=0&dl=https%3A%2F%2Fmelbet-754120.top%2Fpromo-frame%2Fen%2Fpromotion%2Frocket-launch&dr=https%3A%2F%2Fmelbet-754120.top%2Fen%2Fpromotions%2Frocket-launch%3Ftag%3Dd_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%26pb%3D63ebd0811ddf41578e6a6c23886a91b3%26click_id%3Dd232c7vd5mya03yed6%26r%3Dpromotions%2Frocket-launch&dt=Melbet&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3363

216.239.34.36

0 B

URL
region1.analytics.google.com/g/collect?v=2&tid=G-435XWQE678&gtm=45je4510v9100497636za200&_p=1715064537278&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=49551864.1715064539&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=1&sid=1715064539&sct=1&seg=0&dl=https%3A%2F%2Fmelbet-754120.top%2Fpromo-frame%2Fen%2Fpromotion%2Frocket-launch&dr=https%3A%2F%2Fmelbet-754120.top%2Fen%2Fpromotions%2Frocket-launch%3Ftag%3Dd_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%26pb%3D63ebd0811ddf41578e6a6c23886a91b3%26click_id%3Dd232c7vd5mya03yed6%26r%3Dpromotions%2Frocket-launch&dt=Melbet&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3363
IP
216.239.34.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-435XWQE678&gtm=45je4510v9100497636za200&_p=1715064537278&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=49551864.1715064539&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=1&sid=1715064539&sct=1&seg=0&dl=https%3A%2F%2Fmelbet-754120.top%2Fpromo-frame%2Fen%2Fpromotion%2Frocket-launch&dr=https%3A%2F%2Fmelbet-754120.top%2Fen%2Fpromotions%2Frocket-launch%3Ftag%3Dd_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%26pb%3D63ebd0811ddf41578e6a6c23886a91b3%26click_id%3Dd232c7vd5mya03yed6%26r%3Dpromotions%2Frocket-launch&dt=Melbet&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3363 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://melbet-754120.top
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://melbet-754120.top
date: Tue, 07 May 2024 06:48:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

v3.traincdn.com/sys-icons/1.0.330/62/common.svg

185.244.209.62

200 OK

86 kB

URL GET HTTP/2
v3.traincdn.com/sys-icons/1.0.330/62/common.svg
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
86 kB (85657 bytes)
Hash
35899f6a93eece1224fa4f2a94b47969
2aa488a11835637d260639b5f6d00c3521d65b95
a7b2d01be640980e9cf44a70be73ef4ebd9c6d26f0655b5928d4d071c42618ee

HTTP Headers

GET /sys-icons/1.0.330/62/common.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://melbet-754120.top
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:59 GMT
content-type: image/svg+xml
last-modified: Tue, 16 Apr 2024 09:41:03 GMT
etag: W/"39b7443416624e718f8d9899ee65e8f6"
x-amz-meta-mtime: 1713260458.174664971
content-encoding: gzip
expires: Fri, 19 Apr 2024 12:43:37 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-63afafdb961abaf6f8a302e5e96ac55c-d9e1763134208b2a-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-18T12:43:37+00:00, 2024-05-06T21:22:38+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

melbet-754120.top/genfiles/cms/8-62/desktop/media_asset/6f2896f0df987fbe08e8b18d91841b17.json

178.253.15.193

200 OK

13 kB

URL GET HTTP/2
melbet-754120.top/genfiles/cms/8-62/desktop/media_asset/6f2896f0df987fbe08e8b18d91841b17.json
IP
178.253.15.193:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerLet's Encrypt
Subjectmelbet-754120.top
Fingerprint35:DF:F6:A2:0B:F0:7A:2F:23:95:26:67:4F:91:2C:C3:FF:94:45:E5
ValidityMon, 25 Mar 2024 05:17:30 GMT - Sun, 23 Jun 2024 05:17:29 GMT

File type
JSON text data
Size
13 kB (12705 bytes)
Hash
338264fc869e8f0b86b0d6c9d92102b0
83b4d35816df0e1486b766251e74d23f28b77824
015355a44429f40dd63b566dd1e9b1b76af3dfa28dcd25a43e82820ba0847b8d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/8-62/desktop/media_asset/6f2896f0df987fbe08e8b18d91841b17.json HTTP/1.1
Host: melbet-754120.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions%2Frocket-launch
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_; postback_watcher=%7B%22tag%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22pb%22%3A%2263ebd0811ddf41578e6a6c23886a91b3%22%2C%22click_id%22%3A%22d232c7vd5mya03yed6%22%2C%22r%22%3A%22promotions%2Frocket-launch%22%7D; platform_type=desktop; auid=sv0PwWY5ztStHbceAxdHAg==; window_width=0; SESSION=6a9dceb345edb3ade02564164fad59f0; che_g=561a934e-fa4f-1c6c-7d58-1a2328e91ea2; application_locale=en; sh.session.id=01f5b214-f542-4bd9-a044-27f699e50c7b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:59 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Fri, 02 Feb 2024 08:34:11 GMT
etag: W/"338264fc869e8f0b86b0d6c9d92102b0"
content-encoding: br
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.009
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/casino-bonus.jpg

185.244.209.62

200 OK

72 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/casino-bonus.jpg
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 25.4 (Windows), datetime=2024:02:05 17:10:43], baseline, precision 8, 315x250, components 3
Size
72 kB (71576 bytes)
Hash
897a2925c07cf123dbd7719c270ac42d
afd9ec621656600fd91c833e06732f7d486ea287
39280be400392edb953741f1a6408b61841bee69680111941a771032f2c76bbb

HTTP Headers

GET /genfiles/cms/8-62/desktop/bonus/rules/casino-bonus.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:49:00 GMT
content-type: image/jpeg
content-length: 71576
last-modified: Mon, 01 Apr 2024 10:24:08 GMT
etag: "897a2925c07cf123dbd7719c270ac42d"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-68ef7a490e5585972a72058dd58b457f-efd59e1666782ded-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T19:16:29+00:00, 2024-05-07T06:48:58+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/vip-cashback.jpg

185.244.209.62

200 OK

77 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/vip-cashback.jpg
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 25.4 (Windows), datetime=2024:02:13 15:11:15], baseline, precision 8, 315x250, components 3
Size
77 kB (76833 bytes)
Hash
93456a0fa5ebb7af30831fcda69fa4a9
a14c063912d9972b62fe24afd52c0ff2139133b5
da3b2ed7f667dc7d7e4b68be92b9a40f6004882c16afac8a427959e3c3a9219a

HTTP Headers

GET /genfiles/cms/8-62/desktop/bonus/rules/vip-cashback.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:49:00 GMT
content-type: image/jpeg
content-length: 76833
last-modified: Mon, 01 Apr 2024 14:18:37 GMT
etag: "93456a0fa5ebb7af30831fcda69fa4a9"
x-time-ng: 0.007
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-86ddee8c42b52ea571113150b65f9ce9-90316c3276e78c97-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T19:16:29+00:00, 2024-05-07T06:48:58+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/bonus-cms/wU10MSv-2haG-R66dzNkPQzxHDwkyf4U/champions-league.jpg

185.244.209.62

200 OK

62 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/bonus-cms/wU10MSv-2haG-R66dzNkPQzxHDwkyf4U/champions-league.jpg
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JPEG image data, baseline, precision 8, 315x250, components 3
Size
62 kB (61579 bytes)
Hash
da059c1caf5b3a93afe1faffaa16edb1
adab3ea2c0602520ccdb3a6d5109b99d49d78f34
e8f3974eabd87169f24c83aec5027e11966a8b164c602abcd45fb38e9a3cee78

HTTP Headers

GET /genfiles/bonus-cms/wU10MSv-2haG-R66dzNkPQzxHDwkyf4U/champions-league.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:49:00 GMT
content-type: image/jpeg
content-length: 61579
last-modified: Wed, 24 Jan 2024 07:01:08 GMT
etag: "da059c1caf5b3a93afe1faffaa16edb1"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-1038ffa86d53018d7e6605c24ebe25ae-560a9000d442043f-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-03-24T12:57:03+00:00, 2024-05-07T06:36:46+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/champion-bet.jpg

185.244.209.62

200 OK

44 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/champion-bet.jpg
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JPEG image data, progressive, precision 8, 315x250, components 3
Size
44 kB (43788 bytes)
Hash
db1e745f098b58702bfbe1338f193d42
bc548a9d754946a1f586eb26cec628d836240326
5262cf81fb6435f85ebc93250df08667c87f1b96da93e212a1f008ffabeafa86

HTTP Headers

GET /genfiles/cms/8-62/desktop/bonus/rules/champion-bet.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:49:00 GMT
content-type: image/jpeg
content-length: 43788
last-modified: Mon, 10 Jul 2023 11:15:19 GMT
etag: "db1e745f098b58702bfbe1338f193d42"
x-time-ng: 0.002
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-808a5cf2ea9b924ed79014e516ae695f-9ac42d24bd26f544-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T19:16:29+00:00, 2024-05-07T06:48:58+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

images.dmca.com/Badges/DMCABadgeHelper.min.js

194.242.11.186

200 OK

181 kB

URL GET HTTP/2
images.dmca.com/Badges/DMCABadgeHelper.min.js
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerLet's Encrypt
Subjectimages.dmca.com
Fingerprint1B:0D:EB:BB:64:38:A8:0F:2A:D5:27:4C:BE:4D:68:E9:E3:CB:58:4D
ValiditySat, 20 Apr 2024 01:13:42 GMT - Fri, 19 Jul 2024 01:13:41 GMT

File type
JavaScript source, ASCII text
Size
181 kB (180968 bytes)
Hash
bac6fb686027b93b6565e1b1e5e8e213
e585bdd95488444f0ce2888d8281dbdaf73ca2ea
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0

HTTP Headers

GET /Badges/DMCABadgeHelper.min.js HTTP/1.1
Host: images.dmca.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 06:48:55 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 1574055
cdn-uid: c136c664-112d-4533-8247-f90f6849ab39
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31536000
etag: W/"26b181f16d28d51:0"
last-modified: Fri, 21 Jun 2019 20:14:34 GMT
x-powered-by: ASP.NET
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/24/2024 18:47:36
cdn-edgestorageid: 830
link: <https://dmca-images.azurewebsites.net/Badges/DMCABadgeHelper.min.js>; rel="canonical"
cdn-status: 200
cdn-requestid: 68b396f6f3467e116694326898e178d9
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2

melbet-754120.top/bff-api/config/contacts.json?type=2&lang=en

178.253.15.193

200 OK

72 kB

URL GET HTTP/2
melbet-754120.top/bff-api/config/contacts.json?type=2&lang=en
IP
178.253.15.193:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerLet's Encrypt
Subjectmelbet-754120.top
Fingerprint35:DF:F6:A2:0B:F0:7A:2F:23:95:26:67:4F:91:2C:C3:FF:94:45:E5
ValidityMon, 25 Mar 2024 05:17:30 GMT - Sun, 23 Jun 2024 05:17:29 GMT

File type
JSON text data
Size
72 kB (71558 bytes)
Hash
323cad16a9c87e67b894420203cc0bcc
01887cf69b9d8c7fb22b83d9c7932063ccd5faf7
c71f5ad2f639554af78e8d87f60c8b9ef923fcf8ce327084fc2cc458b7fac357

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /bff-api/config/contacts.json?type=2&lang=en HTTP/1.1
Host: melbet-754120.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions%2Frocket-launch
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_; postback_watcher=%7B%22tag%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22pb%22%3A%2263ebd0811ddf41578e6a6c23886a91b3%22%2C%22click_id%22%3A%22d232c7vd5mya03yed6%22%2C%22r%22%3A%22promotions%2Frocket-launch%22%7D; platform_type=desktop; auid=sv0PwWY5ztStHbceAxdHAg==; window_width=1280; SESSION=6a9dceb345edb3ade02564164fad59f0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:55 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: br
server-timing: bff;dur=1.02, dt_total;dur=37.122, wf-uht;dur=0.045
traceparent: 00-23485ea72a40e971c9ef4dce322751df-6bf123ecdd741a19-01
vary: Accept-Encoding
x-cache-expire: 599
x-cache-hit: 1
x-dt: 62
x-time-ng: 0.020
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

melbet-754120.top/genfiles/cms/8-62/desktop/media_asset/af86bf1ebf439cba3c1bc254ecb108ee.json

178.253.15.193

200 OK

48 kB

URL GET HTTP/2
melbet-754120.top/genfiles/cms/8-62/desktop/media_asset/af86bf1ebf439cba3c1bc254ecb108ee.json
IP
178.253.15.193:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerLet's Encrypt
Subjectmelbet-754120.top
Fingerprint35:DF:F6:A2:0B:F0:7A:2F:23:95:26:67:4F:91:2C:C3:FF:94:45:E5
ValidityMon, 25 Mar 2024 05:17:30 GMT - Sun, 23 Jun 2024 05:17:29 GMT

File type
JSON text data
Size
48 kB (48190 bytes)
Hash
ebf334d97e7d4c0e9bf4abc24a529284
a35462c7c84b46569145cf7844f141810c90f529
179513a49dd49899b7359ac910781ee10fd8040d83fab4414571903e410f3710

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/8-62/desktop/media_asset/af86bf1ebf439cba3c1bc254ecb108ee.json HTTP/1.1
Host: melbet-754120.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://melbet-754120.top/en/bonus/rules
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_; postback_watcher=%7B%22tag%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22pb%22%3A%2263ebd0811ddf41578e6a6c23886a91b3%22%2C%22click_id%22%3A%22d232c7vd5mya03yed6%22%2C%22r%22%3A%22promotions%2Frocket-launch%22%7D; platform_type=desktop; auid=sv0PwWY5ztStHbceAxdHAg==; window_width=0; SESSION=6a9dceb345edb3ade02564164fad59f0; che_g=561a934e-fa4f-1c6c-7d58-1a2328e91ea2; application_locale=en; sh.session.id=01f5b214-f542-4bd9-a044-27f699e50c7b; _ga_435XWQE678=GS1.1.1715064539.1.0.1715064539.60.0.0; _ga=GA1.1.49551864.1715064539
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:59 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Fri, 26 Apr 2024 18:28:34 GMT
etag: W/"ebf334d97e7d4c0e9bf4abc24a529284"
content-encoding: br
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.010
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/cashback-rewards.jpg

185.244.209.62

200 OK

64 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/cashback-rewards.jpg
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 315x250, components 3
Size
64 kB (63769 bytes)
Hash
63b46cb838c2e40188450d82595ca654
e1be25f3af18e22eaea08ce4acff72d872c26ec6
9692d3244e3b70de2e9a8a0979ce40b0e2c2c3a986e5661419ffa6484ddae5e0

HTTP Headers

GET /genfiles/cms/8-62/desktop/bonus/rules/cashback-rewards.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:49:00 GMT
content-type: image/jpeg
content-length: 63769
last-modified: Wed, 02 Aug 2023 10:25:52 GMT
etag: "63b46cb838c2e40188450d82595ca654"
x-time-ng: 0.003
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-1d4e4659c75b060076716c551d9e08da-d80f1103ad969648-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T19:16:29+00:00, 2024-05-07T06:48:58+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-435XWQE678&gtm=45je4510v9100497636za200&_p=1715064537278&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=49551864.1715064539&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AEAI&_s=2&sid=1715064539&sct=1&seg=0&dl=https%3A%2F%2Fmelbet-754120.top%2Fpromo-frame%2Fen%2Fpromotion%2Frocket-launch&dr=https%3A%2F%2Fmelbet-754120.top%2Fen%2Fpromotions%2Frocket-launch%3Ftag%3Dd_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%26pb%3D63ebd0811ddf41578e6a6c23886a91b3%26click_id%3Dd232c7vd5mya03yed6%26r%3Dpromotions%2Frocket-launch&dt=Melbet&en=scroll&epn.percent_scrolled=90&tfd=3586

216.239.34.36

0 B

URL
region1.analytics.google.com/g/collect?v=2&tid=G-435XWQE678&gtm=45je4510v9100497636za200&_p=1715064537278&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=49551864.1715064539&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AEAI&_s=2&sid=1715064539&sct=1&seg=0&dl=https%3A%2F%2Fmelbet-754120.top%2Fpromo-frame%2Fen%2Fpromotion%2Frocket-launch&dr=https%3A%2F%2Fmelbet-754120.top%2Fen%2Fpromotions%2Frocket-launch%3Ftag%3Dd_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%26pb%3D63ebd0811ddf41578e6a6c23886a91b3%26click_id%3Dd232c7vd5mya03yed6%26r%3Dpromotions%2Frocket-launch&dt=Melbet&en=scroll&epn.percent_scrolled=90&tfd=3586
IP
216.239.34.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-435XWQE678&gtm=45je4510v9100497636za200&_p=1715064537278&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=49551864.1715064539&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AEAI&_s=2&sid=1715064539&sct=1&seg=0&dl=https%3A%2F%2Fmelbet-754120.top%2Fpromo-frame%2Fen%2Fpromotion%2Frocket-launch&dr=https%3A%2F%2Fmelbet-754120.top%2Fen%2Fpromotions%2Frocket-launch%3Ftag%3Dd_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%26pb%3D63ebd0811ddf41578e6a6c23886a91b3%26click_id%3Dd232c7vd5mya03yed6%26r%3Dpromotions%2Frocket-launch&dt=Melbet&en=scroll&epn.percent_scrolled=90&tfd=3586 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://melbet-754120.top
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/3 204 No Content
access-control-allow-origin: https://melbet-754120.top
date: Tue, 07 May 2024 06:49:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/fast-games-day.jpg

185.244.209.62

200 OK

98 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/fast-games-day.jpg
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JPEG image data, progressive, precision 8, 315x250, components 3
Size
98 kB (98176 bytes)
Hash
564000ec1f5f950cc1cf100110951735
e9fa24c4c6814fa70f20fd1552f51330f8ad3441
877ab51d1b260a4e630fa9e94ce849462dcbbbe3336b340e934d1697bec3069c

HTTP Headers

GET /genfiles/cms/8-62/desktop/bonus/rules/fast-games-day.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:49:00 GMT
content-type: image/jpeg
content-length: 98176
last-modified: Fri, 29 Mar 2024 11:15:27 GMT
etag: "564000ec1f5f950cc1cf100110951735"
x-time-ng: 0.003
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-cc963605fc6d5f59d61520c276a78b53-43c93a778121bdf4-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T19:16:29+00:00, 2024-05-07T06:48:58+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

melbet-754120.top/static-promotion/desktop/melbet/0ec57c8b.modern.js

178.253.15.193

54 kB

URL
melbet-754120.top/static-promotion/desktop/melbet/0ec57c8b.modern.js
IP
178.253.15.193:0
ASN
#202492 Silverhill Group Holding Ltd

Certificate
IssuerLet's Encrypt
Subjectmelbet-754120.top
Fingerprint35:DF:F6:A2:0B:F0:7A:2F:23:95:26:67:4F:91:2C:C3:FF:94:45:E5
ValidityMon, 25 Mar 2024 05:17:30 GMT - Sun, 23 Jun 2024 05:17:29 GMT

File type
JavaScript source, ASCII text, with very long lines (5113), with no line terminators
Size
54 kB (54170 bytes)
Hash
5bba19a935fe2c55eb6b3368bce2757e
79b3b37a9c242ec90a09c96573172e64a55cbd6b
e328276a8586c3f20a5be0c8d4152fd5f54bb0ab7b63a0d7071e45ccf4dbb474

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static-promotion/desktop/melbet/0ec57c8b.modern.js HTTP/1.1
Host: melbet-754120.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/promo-frame/en/promotion/rocket-launch
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_; postback_watcher=%7B%22tag%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22pb%22%3A%2263ebd0811ddf41578e6a6c23886a91b3%22%2C%22click_id%22%3A%22d232c7vd5mya03yed6%22%2C%22r%22%3A%22promotions%2Frocket-launch%22%7D; platform_type=desktop; auid=sv0PwWY5ztStHbceAxdHAg==; window_width=1280; SESSION=6a9dceb345edb3ade02564164fad59f0; che_g=561a934e-fa4f-1c6c-7d58-1a2328e91ea2; application_locale=en; sh.session.id=01f5b214-f542-4bd9-a044-27f699e50c7b
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:55 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 06 May 2024 13:32:11 GMT
vary: Accept-Encoding
etag: W/"6638dbdb-13f9"
expires: Wed, 08 May 2024 06:48:55 GMT
cache-control: max-age=86400
content-encoding: br
x-time-ng: 0.000, 0.001
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.010
X-Firefox-Spdy: h2

melbet-754120.top/genfiles/cms/8-62/desktop/media_asset/c10fd23c48680da80cd91354d5afe192.json

178.253.15.193

200 OK

14 kB

URL GET HTTP/2
melbet-754120.top/genfiles/cms/8-62/desktop/media_asset/c10fd23c48680da80cd91354d5afe192.json
IP
178.253.15.193:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerLet's Encrypt
Subjectmelbet-754120.top
Fingerprint35:DF:F6:A2:0B:F0:7A:2F:23:95:26:67:4F:91:2C:C3:FF:94:45:E5
ValidityMon, 25 Mar 2024 05:17:30 GMT - Sun, 23 Jun 2024 05:17:29 GMT

File type
JSON text data
Size
14 kB (13851 bytes)
Hash
00016d59394dbec5ec0fb1cc7cc87f70
ac61517dc4d77edd46e06aa66dca8b47e21fc64a
d8a350d41a5611bf32b7c03888b7bd9921eb2b016760c22d95fd5f6cb0c2e8ec

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/8-62/desktop/media_asset/c10fd23c48680da80cd91354d5afe192.json HTTP/1.1
Host: melbet-754120.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions%2Frocket-launch
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_; postback_watcher=%7B%22tag%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22pb%22%3A%2263ebd0811ddf41578e6a6c23886a91b3%22%2C%22click_id%22%3A%22d232c7vd5mya03yed6%22%2C%22r%22%3A%22promotions%2Frocket-launch%22%7D; platform_type=desktop; auid=sv0PwWY5ztStHbceAxdHAg==; window_width=0; SESSION=6a9dceb345edb3ade02564164fad59f0; che_g=561a934e-fa4f-1c6c-7d58-1a2328e91ea2; application_locale=en; sh.session.id=01f5b214-f542-4bd9-a044-27f699e50c7b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:59 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Mon, 25 Mar 2024 15:12:25 GMT
etag: W/"00016d59394dbec5ec0fb1cc7cc87f70"
content-encoding: br
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.008
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/casino-bonus.webp

185.244.209.62

200 OK

23 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/casino-bonus.webp
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp
Size
23 kB (22882 bytes)
Hash
ed2680e764c01a7611e96d0f26286230
8cea6de1328630ce2c19894cd80136dbd49a6f27
71828cabaf6069994e6d5e0f50b4ad25732c6cb86eb1a4e10e5b15720d0fd070

HTTP Headers

GET /genfiles/cms/8-62/desktop/bonus/rules/casino-bonus.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:49:00 GMT
content-type: image/webp
content-length: 22882
last-modified: Mon, 01 Apr 2024 10:24:07 GMT
etag: "ed2680e764c01a7611e96d0f26286230"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-d0b5a1365852801a010430cc6327ec76-718d3bede847b187-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-16T05:53:56+00:00, 2024-05-07T06:48:58+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/vip-cashback.webp

185.244.209.62

200 OK

26 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/vip-cashback.webp
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp
Size
26 kB (26496 bytes)
Hash
4e476cfdca097283604a1c89195b1953
2eb875e526b1a22b76cd92c8642209205948fbc3
7a1aec20890059c13a3a0608b834047e76f23420954575f25108d408ec508bc3

HTTP Headers

GET /genfiles/cms/8-62/desktop/bonus/rules/vip-cashback.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:49:00 GMT
content-type: image/webp
content-length: 26496
last-modified: Mon, 01 Apr 2024 14:18:36 GMT
etag: "4e476cfdca097283604a1c89195b1953"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-26e5f28c0090ed1ac1729d42e26f6c65-38aa8b07ba741342-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-16T05:53:56+00:00, 2024-05-07T06:48:58+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/bonus-cms/wU10MSv-2haG-R66dzNkPQzxHDwkyf4U/champions-league.webp

185.244.209.62

200 OK

49 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/bonus-cms/wU10MSv-2haG-R66dzNkPQzxHDwkyf4U/champions-league.webp
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp
Size
49 kB (49390 bytes)
Hash
91859e367ff3e1877918056014ce0942
d95ed8e96a5b7d7a333a746a6364f62d40e79d33
7962fcaf9150fad55d6c169728c643f686307dd2d001ef30962e0ed06800f3ed

HTTP Headers

GET /genfiles/bonus-cms/wU10MSv-2haG-R66dzNkPQzxHDwkyf4U/champions-league.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:49:00 GMT
content-type: image/webp
content-length: 49390
last-modified: Wed, 24 Jan 2024 07:01:08 GMT
etag: "91859e367ff3e1877918056014ce0942"
x-time-ng: 0.003
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-1c33415e11eefbf2b9cbe9be86f1a6f3-d00745ff5c41bb33-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-02-05T11:00:01+00:00, 2024-05-07T06:25:45+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/champion-bet.webp

185.244.209.62

200 OK

13 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/champion-bet.webp
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp
Size
13 kB (13202 bytes)
Hash
eda739fbd6da745178241198296c15d7
9b80863a599a68f6ecc92c35b66a2e38285cb015
19d0359fb9455e24ae4025a6c8d9c1f5bb1e1bbf28969048693d39b07f5f4227

HTTP Headers

GET /genfiles/cms/8-62/desktop/bonus/rules/champion-bet.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:49:00 GMT
content-type: image/webp
content-length: 13202
last-modified: Mon, 10 Jul 2023 11:15:32 GMT
etag: "eda739fbd6da745178241198296c15d7"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-7c49a9da420f42ff711047b14206ff5a-0aadec8ab5d6fc02-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-16T05:53:57+00:00, 2024-05-07T06:48:58+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

melbet-754120.top/genfiles/cms/8-62/desktop/media_asset/2ad8f2433b186f3e6ee3d5fd00911a58.json

178.253.15.193

200 OK

48 kB

URL GET HTTP/2
melbet-754120.top/genfiles/cms/8-62/desktop/media_asset/2ad8f2433b186f3e6ee3d5fd00911a58.json
IP
178.253.15.193:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerLet's Encrypt
Subjectmelbet-754120.top
Fingerprint35:DF:F6:A2:0B:F0:7A:2F:23:95:26:67:4F:91:2C:C3:FF:94:45:E5
ValidityMon, 25 Mar 2024 05:17:30 GMT - Sun, 23 Jun 2024 05:17:29 GMT

File type
JSON text data
Size
48 kB (47839 bytes)
Hash
5964e3e4fd5fa89ee9aee228e1572aa9
a2496d82f9dd777e1095c853e4fe281f33ce131f
6483a840daa604ea63da72f2defeb1cc09e4e4ee09243966f7d7ba49e351e940

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/8-62/desktop/media_asset/2ad8f2433b186f3e6ee3d5fd00911a58.json HTTP/1.1
Host: melbet-754120.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions%2Frocket-launch
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_; postback_watcher=%7B%22tag%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22pb%22%3A%2263ebd0811ddf41578e6a6c23886a91b3%22%2C%22click_id%22%3A%22d232c7vd5mya03yed6%22%2C%22r%22%3A%22promotions%2Frocket-launch%22%7D; platform_type=desktop; auid=sv0PwWY5ztStHbceAxdHAg==; window_width=0; SESSION=6a9dceb345edb3ade02564164fad59f0; che_g=561a934e-fa4f-1c6c-7d58-1a2328e91ea2; application_locale=en; sh.session.id=01f5b214-f542-4bd9-a044-27f699e50c7b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:59 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Tue, 05 Dec 2023 11:58:16 GMT
etag: W/"5964e3e4fd5fa89ee9aee228e1572aa9"
content-encoding: br
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.008
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/bonus-cms/QwQYMo0EfR-LKDHweurDE8zbhXr3frJl/basketback.webp

185.244.209.62

200 OK

48 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/bonus-cms/QwQYMo0EfR-LKDHweurDE8zbhXr3frJl/basketback.webp
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp
Size
48 kB (47468 bytes)
Hash
9e570155ca645a16ae780a1d06abbc71
7b3f49c3620192d805b62b5117e4dcd83c91b267
6880feca015ea68d29030f960dd3c5920a7984ecdbca54e22985406c37755505

HTTP Headers

GET /genfiles/bonus-cms/QwQYMo0EfR-LKDHweurDE8zbhXr3frJl/basketback.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:49:00 GMT
content-type: image/webp
content-length: 47468
last-modified: Tue, 16 Jan 2024 07:19:35 GMT
etag: "9e570155ca645a16ae780a1d06abbc71"
x-time-ng: 0.002
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-9c34bd59e8b4434c0e298e81e19d382c-4e2706e1d54fe92c-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-01-19T12:26:00+00:00, 2024-05-07T06:36:46+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/bonus-cms/7zOhjEIpjiQEppcfSEUZIra94qNRyCbh/cyber-back.webp

185.244.209.62

200 OK

37 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/bonus-cms/7zOhjEIpjiQEppcfSEUZIra94qNRyCbh/cyber-back.webp
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp
Size
37 kB (37170 bytes)
Hash
889b023602679c7e617f7e0532cb61d7
1fd5f41155443ffbeaae039757f96cd51ce88de2
0dad1cf06f8c9504ad7cf93c1311d54b7905c2e17b9811b8364f5efea81dd2ee

HTTP Headers

GET /genfiles/bonus-cms/7zOhjEIpjiQEppcfSEUZIra94qNRyCbh/cyber-back.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:49:00 GMT
content-type: image/webp
content-length: 37170
last-modified: Tue, 26 Mar 2024 11:03:32 GMT
etag: "889b023602679c7e617f7e0532cb61d7"
x-time-ng: 0.003
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-3b5157c55fb916220805c2290b19d702-cf020c333fa61357-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-03T09:05:06+00:00, 2024-05-07T06:36:46+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/cashback-rewards.webp

185.244.209.62

200 OK

12 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/cashback-rewards.webp
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp
Size
12 kB (12510 bytes)
Hash
136a879953715f534f67941367a5e601
98d328ca9bcf355b203c2e23e941cc87e9057829
1c57fdfe5947a818d84f68167562b3aa740a66ffdcbdfa743ff2d588a94f90b0

HTTP Headers

GET /genfiles/cms/8-62/desktop/bonus/rules/cashback-rewards.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:49:00 GMT
content-type: image/webp
content-length: 12510
last-modified: Wed, 02 Aug 2023 10:25:52 GMT
etag: "136a879953715f534f67941367a5e601"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-4e61d6da04874024ded311c9d0ca527f-9549c046dab38210-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-16T05:53:59+00:00, 2024-05-07T06:48:58+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/fast-games-day.webp

185.244.209.62

200 OK

21 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/fast-games-day.webp
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp
Size
21 kB (21078 bytes)
Hash
67bdb129fc2ffcb0b134921a071b2b54
6fcd8bd5c4e28cd0e06b681da73143162a992902
a32082f6ab227bda7a5eaf2e8aa78a0aec6193d7bb9bebcd77ab97c6daec619a

HTTP Headers

GET /genfiles/cms/8-62/desktop/bonus/rules/fast-games-day.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:49:00 GMT
content-type: image/webp
content-length: 21078
last-modified: Fri, 29 Mar 2024 11:15:27 GMT
etag: "67bdb129fc2ffcb0b134921a071b2b54"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-23d975e91fbd606de0161885a534a36e-541904e473bd713b-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-16T05:53:59+00:00, 2024-05-07T06:48:58+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/toto-free.webp

185.244.209.62

200 OK

13 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/toto-free.webp
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 390x310, Scaling: [none]x[none], YUV color, decoders should clamp
Size
13 kB (13260 bytes)
Hash
8737cad057632fa19faabdd708f407c9
1a15939969580c222ed7fe4a94b31e5fbf8e6523
79cf3e1198f4f76e1a9352b8996b63805f969c898eadad4459362b2669877b4a

HTTP Headers

GET /genfiles/cms/8-62/desktop/bonus/rules/toto-free.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:49:00 GMT
content-type: image/webp
content-length: 13260
last-modified: Tue, 14 Nov 2023 13:17:06 GMT
etag: "8737cad057632fa19faabdd708f407c9"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-ebf3e25bd81a09b00a37589e0e9c4205-bcc4df753baec9df-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-16T05:53:59+00:00, 2024-05-07T06:48:58+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/returnsexpress.webp

185.244.209.62

200 OK

7.4 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/returnsexpress.webp
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp
Size
7.4 kB (7424 bytes)
Hash
d06b4e52f7d6f7660dce28d236cd16bb
9ee48e2f27e1c09ea0a6b107cb9a30dce0f5e467
1cc9f9ebca11814d1923f5c46e5026e3328744e66d521f1b0cfa19d224a022b6

HTTP Headers

GET /genfiles/cms/8-62/desktop/bonus/rules/returnsexpress.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:49:00 GMT
content-type: image/webp
content-length: 7424
last-modified: Tue, 06 Feb 2024 14:21:32 GMT
etag: "d06b4e52f7d6f7660dce28d236cd16bb"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-22555bce8eed642ca1503246157cc057-7004670ec7967bcb-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-16T05:54:00+00:00, 2024-05-07T06:48:58+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/100-bets.webp

185.244.209.62

200 OK

60 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/100-bets.webp
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 315x250, components 3
Size
60 kB (60008 bytes)
Hash
0a1ec7ecb9018872a49113b1b3093da7
d204b4fa28750e45fa372a849ab1d7ca8f131eef
51c97fcb33e06d8bacc936cc6b719d8de53493f9151bb0ff1fe5bca9171990d8

HTTP Headers

GET /genfiles/cms/8-62/desktop/bonus/rules/100-bets.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:49:00 GMT
content-type: image/webp
content-length: 60008
last-modified: Tue, 11 Apr 2023 21:29:14 GMT
etag: "0a1ec7ecb9018872a49113b1b3093da7"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-7909513266433a358b2621e2899aa836-7119088324c8c7d5-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-16T05:54:00+00:00, 2024-05-07T06:48:58+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/fastgames-daily-tournament.webp

185.244.209.62

200 OK

50 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/fastgames-daily-tournament.webp
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp
Size
50 kB (50180 bytes)
Hash
289b15d53b2d5f81b6efbb9e295db379
1a3f88b6069ced7975efde5009c016a60eccb1d2
6a386e6e0e248e85261a104ecdf1134024a499b8de28b5e79e175fa80a6cfaad

HTTP Headers

GET /genfiles/cms/8-62/desktop/bonus/rules/fastgames-daily-tournament.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:49:00 GMT
content-type: image/webp
content-length: 50180
last-modified: Tue, 11 Apr 2023 21:29:20 GMT
etag: "289b15d53b2d5f81b6efbb9e295db379"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-22febb590970bfd0705b2cccc8f43218-21772143ec7466fe-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-16T05:54:00+00:00, 2024-05-07T06:48:58+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/express.webp

185.244.209.62

200 OK

9.7 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/express.webp
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp
Size
9.7 kB (9746 bytes)
Hash
a10106c80edc15cd858a5921a1bb31d4
5e3cd835bac6cf88d208585e0ccb4b848464544a
a270b1868f388a8f667f009cd1f4570a21148a120bca940e56322636e8768cea

HTTP Headers

GET /genfiles/cms/8-62/desktop/bonus/rules/express.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:49:00 GMT
content-type: image/webp
content-length: 9746
last-modified: Fri, 28 Jul 2023 08:46:22 GMT
etag: "a10106c80edc15cd858a5921a1bb31d4"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-a183fe0356411331a8e861b35fda1962-ca32b159c7b79a03-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-16T05:54:01+00:00, 2024-05-07T06:48:58+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/longer.webp

185.244.209.62

200 OK

11 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/longer.webp
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp
Size
11 kB (11432 bytes)
Hash
6c5ac9a5a0b27a76633344e0a903158c
09286d8d1cfa626f2ae00637512892feeeb7e79e
a93e77f220ecea8ea8a74619b8b99732223160bf7d739b4460e04a3a2277c23e

HTTP Headers

GET /genfiles/cms/8-62/desktop/bonus/rules/longer.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:49:00 GMT
content-type: image/webp
content-length: 11432
last-modified: Mon, 14 Aug 2023 11:16:44 GMT
etag: "6c5ac9a5a0b27a76633344e0a903158c"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-bbadc3245e2ffe69496d9a4de535d064-489414e6765b32d0-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-16T05:54:01+00:00, 2024-05-07T06:48:58+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/royal-monday.webp

185.244.209.62

200 OK

16 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/royal-monday.webp
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp
Size
16 kB (16124 bytes)
Hash
619df42aa6c817c181d2e7cdb2bb9257
1594ac4af2b0b631eb2fa6e7a89181146458b2f9
8ad50317228e1ef56731255def1f1518c378b9fcc61485acf3ae5c23735d2428

HTTP Headers

GET /genfiles/cms/8-62/desktop/bonus/rules/royal-monday.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:49:00 GMT
content-type: image/webp
content-length: 16124
last-modified: Thu, 27 Jul 2023 07:58:48 GMT
etag: "619df42aa6c817c181d2e7cdb2bb9257"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-93ce891f743e7b6d0060b2f27a32098f-b6942c4b308abe7f-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-16T05:54:01+00:00, 2024-05-07T06:48:58+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/1st/8-137.webp

185.244.209.62

404 Not Found

118 B

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/1st/8-137.webp
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
118 B (118 bytes)
Hash
b58d632409efb03916cfef3229576c55
c2fb66483c899f427b0354d52b080ce8bb6b47c4
b0b0fadb436530e81236a3d97058fc501d732eb24768845c5e97ac8ac3c32176

HTTP Headers

GET /genfiles/cms/8-62/desktop/bonus/rules/1st/8-137.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Tue, 07 May 2024 06:49:00 GMT
content-type: text/html; charset=utf-8
content-length: 118
strict-transport-security: max-age=15724800; includeSubDomains
x-id-shield: am3-hw-edge-gc88
traceparent: 00-268c8371f6904261ef18e04e45fe580f-24579dfd27286bf0-01
x-id: osix-hw-edge-gc4
cache: MISS, MISS
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/for-their.webp

185.244.209.62

200 OK

9.0 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/for-their.webp
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp
Size
9.0 kB (8992 bytes)
Hash
3796bcadb72d7e4c45d3063ad366d415
6fa15bbe53d0e33e29da5cfe1dacdf7d2b6590c0
5070fb2fae51c514672cee0390c539388b4dba85bd8eec11e0264ed8d8516028

HTTP Headers

GET /genfiles/cms/8-62/desktop/bonus/rules/for-their.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:49:00 GMT
content-type: image/webp
content-length: 8992
last-modified: Tue, 11 Apr 2023 21:29:20 GMT
etag: "3796bcadb72d7e4c45d3063ad366d415"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-41e845f24e9e9804baadb91b7da2898a-394172b578e5962f-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-16T05:54:02+00:00, 2024-05-07T06:48:58+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/wishing-you-a-happy-birthday.webp

185.244.209.62

200 OK

10 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/wishing-you-a-happy-birthday.webp
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp
Size
10 kB (10046 bytes)
Hash
715f239d270fa2d2e8599f80aa32352e
0a9a51267b3dbc64e783df70ca0589bb1630540d
170f8e3dffc490e4e213c3183c8f5471abce8606910e24c76e413bab037f0636

HTTP Headers

GET /genfiles/cms/8-62/desktop/bonus/rules/wishing-you-a-happy-birthday.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:49:00 GMT
content-type: image/webp
content-length: 10046
last-modified: Tue, 11 Apr 2023 21:29:37 GMT
etag: "715f239d270fa2d2e8599f80aa32352e"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-02ef1a176fd3551a8c420cbffb386204-2040631fa487de2c-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-16T05:54:02+00:00, 2024-05-07T06:48:58+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

widget.suphelper.top/_next/static/chunks/663-81a4add2f1c95639.js

104.18.39.72

200 OK

144 kB

URL GET HTTP/2
widget.suphelper.top/_next/static/chunks/663-81a4add2f1c95639.js
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://widget.suphelper.top/
Certificate
IssuerGoogle Trust Services LLC
Subjectsuphelper.top
Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36
ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT

File type
gzip compressed data, from Unix
Size
144 kB (143601 bytes)
Hash
39c3fbe16261baf5b6c855a519ce8115
ac5fcdce2319d29c8ef3db094357599b49110732
757c2c894de5a40530f9194227cd40ff27002f2696e6b147737f4fc190e4ac72

HTTP Headers

GET /_next/static/chunks/663-81a4add2f1c95639.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 07 May 2024 06:48:55 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Thu, 28 Mar 2024 06:56:31 GMT
etag: W/"5b0da-18e83d890e3"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 566461
expires: Wed, 07 May 2025 06:48:55 GMT
server: cloudflare
cf-ray: 87ff44638f725688-OSL
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-promotions-and-bonuses-static/Desktop/Melbet/44136fa355b3/bcacd1eac43a.css

185.244.209.62

200 OK

54 kB

URL GET HTTP/2
v3.traincdn.com/sys-static/sys-promotions-and-bonuses-static/Desktop/Melbet/44136fa355b3/bcacd1eac43a.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
54 kB (54248 bytes)
Hash
fef109abeb6a6090b78556e349bdaa45
a98b1b00526e3832abd1cd9dd58f9034f6760655
da7e99037c3a8c77e7c9e060d7544472fdea030c8bb3916133a01e316f4eeb1d

HTTP Headers

GET /sys-static/sys-promotions-and-bonuses-static/Desktop/Melbet/44136fa355b3/bcacd1eac43a.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:52 GMT
content-type: text/css; charset=utf-8
last-modified: Thu, 02 May 2024 10:06:09 GMT
etag: W/"e10ff0240cb41456d98910f7ff68efa1"
x-amz-meta-mtime: 1714644218.639503854
content-encoding: gzip
expires: Fri, 03 May 2024 13:01:22 GMT
cache-control: max-age=86400
x-time-ng: 0.003
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-b8f7d412aa73b45c52e4c6a986725738-021402513c60de3e-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-02T13:01:22+00:00, 2024-05-07T06:48:52+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

widget.suphelper.top/_next/static/chunks/main-fa1d3b21fd97b583.js

104.18.39.72

200 OK

72 kB

URL GET HTTP/2
widget.suphelper.top/_next/static/chunks/main-fa1d3b21fd97b583.js
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://widget.suphelper.top/
Certificate
IssuerGoogle Trust Services LLC
Subjectsuphelper.top
Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36
ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT

File type
gzip compressed data, from Unix
Size
72 kB (72446 bytes)
Hash
0fdddc9ae961a59c537e85eb1e438087
3999509309d8cf4b600f1c922c5adbbcdb41afff
8c91ebe4e0307fc6a060ebdbaa1bce7b31fabba00a94086c7c0d1e49fce2a2a4

HTTP Headers

GET /_next/static/chunks/main-fa1d3b21fd97b583.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 07 May 2024 06:48:55 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://file-hosting-api-stage.kube.prod.cons.lan https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Thu, 09 Nov 2023 06:03:45 GMT
etag: W/"1a544-18bb2adf0eb"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 556620
expires: Wed, 07 May 2025 06:48:55 GMT
server: cloudflare
cf-ray: 87ff44637f525688-OSL
X-Firefox-Spdy: h2

widget.suphelper.top/_next/static/chunks/pages/index-ed7cd77912c6e3a9.js

104.18.39.72

200 OK

23 kB

URL GET HTTP/2
widget.suphelper.top/_next/static/chunks/pages/index-ed7cd77912c6e3a9.js
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://widget.suphelper.top/
Certificate
IssuerGoogle Trust Services LLC
Subjectsuphelper.top
Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36
ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT

File type
gzip compressed data, from Unix
Size
23 kB (23433 bytes)
Hash
4d4221afc4d3b144e7bd4301aa1ac2db
0f23f304cbd6794030a16ae91b4de74ea16037a7
71de5a89c23d7ea6c2d904798d946795de5e8bb60346360aa24b79dad4943ba4

HTTP Headers

GET /_next/static/chunks/pages/index-ed7cd77912c6e3a9.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 07 May 2024 06:48:55 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Wed, 24 Apr 2024 22:20:24 GMT
etag: W/"1a2b2-18f12321a97"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 566461
expires: Wed, 07 May 2025 06:48:55 GMT
server: cloudflare
cf-ray: 87ff44638f745688-OSL
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/bonus-cms/U1ZyYzSmLUZ6zg8PzlgZ_g4dyhi4xAvl/MB_Usyk-Fury_945x370_1.webp

185.244.209.62

404 Not Found

118 B

URL GET HTTP/2
v3.traincdn.com/genfiles/bonus-cms/U1ZyYzSmLUZ6zg8PzlgZ_g4dyhi4xAvl/MB_Usyk-Fury_945x370_1.webp
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
118 B (118 bytes)
Hash
b58d632409efb03916cfef3229576c55
c2fb66483c899f427b0354d52b080ce8bb6b47c4
b0b0fadb436530e81236a3d97058fc501d732eb24768845c5e97ac8ac3c32176

HTTP Headers

GET /genfiles/bonus-cms/U1ZyYzSmLUZ6zg8PzlgZ_g4dyhi4xAvl/MB_Usyk-Fury_945x370_1.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Tue, 07 May 2024 06:49:00 GMT
content-type: text/html; charset=utf-8
content-length: 118
strict-transport-security: max-age=15724800; includeSubDomains
x-id-shield: am3-hw-edge-gc89
traceparent: 00-27792d70acd12dbd93ccbcf88d01c583-2740919b3df17621-01
x-id: osix-hw-edge-gc4
cache: MISS, MISS
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/1st.webp

185.244.209.62

200 OK

7.1 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/1st.webp
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp
Size
7.1 kB (7090 bytes)
Hash
b4c2c9aa532bffe478e0487349c03070
032995c70694dd21bdc1eb50473f6d5e923f0e3a
bbbda47df55e51324f27f364186892b73f8cd636c83af456b9431dc6575a3cf3

HTTP Headers

GET /genfiles/cms/8-62/desktop/bonus/rules/1st.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:49:00 GMT
content-type: image/webp
content-length: 7090
last-modified: Mon, 25 Mar 2024 15:27:43 GMT
etag: "b4c2c9aa532bffe478e0487349c03070"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-8cdc4203542d1276c63e95b80b653b11-0afd4231f8610814-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-16T06:25:43+00:00, 2024-05-07T06:48:59+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

melbet-754120.top/genfiles/cms/8-62/desktop/media_asset/62869422ecb4beefe9124fda456b3a6c.json

178.253.15.193

200 OK

58 kB

URL GET HTTP/2
melbet-754120.top/genfiles/cms/8-62/desktop/media_asset/62869422ecb4beefe9124fda456b3a6c.json
IP
178.253.15.193:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerLet's Encrypt
Subjectmelbet-754120.top
Fingerprint35:DF:F6:A2:0B:F0:7A:2F:23:95:26:67:4F:91:2C:C3:FF:94:45:E5
ValidityMon, 25 Mar 2024 05:17:30 GMT - Sun, 23 Jun 2024 05:17:29 GMT

File type
JSON text data
Size
58 kB (57783 bytes)
Hash
38f190a4cb1989aed041659da0a372aa
eec181f8bddbf93e43c35f7718b3f9dac029bab6
cd2726700d70053e8bc5c7a2c24930598c56856147745eb208722586a17eb6f4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/8-62/desktop/media_asset/62869422ecb4beefe9124fda456b3a6c.json HTTP/1.1
Host: melbet-754120.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions%2Frocket-launch
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_; postback_watcher=%7B%22tag%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22pb%22%3A%2263ebd0811ddf41578e6a6c23886a91b3%22%2C%22click_id%22%3A%22d232c7vd5mya03yed6%22%2C%22r%22%3A%22promotions%2Frocket-launch%22%7D; platform_type=desktop; auid=sv0PwWY5ztStHbceAxdHAg==; window_width=0; SESSION=6a9dceb345edb3ade02564164fad59f0; che_g=561a934e-fa4f-1c6c-7d58-1a2328e91ea2; application_locale=en; sh.session.id=01f5b214-f542-4bd9-a044-27f699e50c7b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:59 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Thu, 14 Mar 2024 18:43:44 GMT
etag: W/"38f190a4cb1989aed041659da0a372aa"
content-encoding: br
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.008
X-Firefox-Spdy: h2

melbet-754120.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json

178.253.15.193

200 OK

23 B

URL POST HTTP/2
melbet-754120.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json
IP
178.253.15.193:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerLet's Encrypt
Subjectmelbet-754120.top
Fingerprint35:DF:F6:A2:0B:F0:7A:2F:23:95:26:67:4F:91:2C:C3:FF:94:45:E5
ValidityMon, 25 Mar 2024 05:17:30 GMT - Sun, 23 Jun 2024 05:17:29 GMT

File type
JSON text data
Size
23 B (23 bytes)
Hash
3f561304a58322fc68833a18f39e1e1e
4cd2926c9f6a39c68f49994fce3523ad903b65c0
52dae5ab5328f334161908a7069772c35cfdc0f5131a6de25d49d7aaad044703

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json HTTP/1.1
Host: melbet-754120.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://melbet-754120.top/en/bonus/rules
Content-Type: application/json
X-Lang: en
X-Uuid: 77465162-0bd2-4b97-a621-c14f241a6bb3
Content-Length: 253
Origin: https://melbet-754120.top
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_; postback_watcher=%7B%22tag%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22pb%22%3A%2263ebd0811ddf41578e6a6c23886a91b3%22%2C%22click_id%22%3A%22d232c7vd5mya03yed6%22%2C%22r%22%3A%22promotions%2Frocket-launch%22%7D; platform_type=desktop; auid=sv0PwWY5ztStHbceAxdHAg==; window_width=0; SESSION=6a9dceb345edb3ade02564164fad59f0; che_g=561a934e-fa4f-1c6c-7d58-1a2328e91ea2; application_locale=en; sh.session.id=01f5b214-f542-4bd9-a044-27f699e50c7b; _ga_435XWQE678=GS1.1.1715064539.1.0.1715064539.60.0.0; _ga=GA1.1.49551864.1715064539
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:49:00 GMT
content-type: application/json
content-length: 23
x-time-ng: 0.001
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.008
X-Firefox-Spdy: h2

melbet-754120.top/genfiles/web-app-v2/dictionary2/v3_main/en/dictionary_d9d50db5460edefb6ee48a02056afe99.json

178.253.15.193

38 kB

URL
melbet-754120.top/genfiles/web-app-v2/dictionary2/v3_main/en/dictionary_d9d50db5460edefb6ee48a02056afe99.json
IP
178.253.15.193:0
ASN
#202492 Silverhill Group Holding Ltd

Certificate
IssuerLet's Encrypt
Subjectmelbet-754120.top
Fingerprint35:DF:F6:A2:0B:F0:7A:2F:23:95:26:67:4F:91:2C:C3:FF:94:45:E5
ValidityMon, 25 Mar 2024 05:17:30 GMT - Sun, 23 Jun 2024 05:17:29 GMT

File type
JSON text data
Size
38 kB (38154 bytes)
Hash
85a1a0d2601ffaca629d7624f2f32260
408f09211843fadbf956b2fa7ef9b5a98d6ec9c0
125a8137c155862f23824a45592b88ef5cc4e55a68c7c87e255e0fcf4ee9f7a4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/web-app-v2/dictionary2/v3_main/en/dictionary_d9d50db5460edefb6ee48a02056afe99.json HTTP/1.1
Host: melbet-754120.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/promo-frame/en/promotion/rocket-launch
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_; postback_watcher=%7B%22tag%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22pb%22%3A%2263ebd0811ddf41578e6a6c23886a91b3%22%2C%22click_id%22%3A%22d232c7vd5mya03yed6%22%2C%22r%22%3A%22promotions%2Frocket-launch%22%7D; platform_type=desktop; auid=sv0PwWY5ztStHbceAxdHAg==; window_width=1920; SESSION=6a9dceb345edb3ade02564164fad59f0; che_g=561a934e-fa4f-1c6c-7d58-1a2328e91ea2; application_locale=en; sh.session.id=01f5b214-f542-4bd9-a044-27f699e50c7b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:57 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
last-modified: Fri, 03 May 2024 16:08:46 GMT
etag: W/"85a1a0d2601ffaca629d7624f2f32260"
content-encoding: br
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.014
X-Firefox-Spdy: h2

melbet-754120.top/web-api/session

178.253.15.193

204 No Content

0 B

URL GET HTTP/2
melbet-754120.top/web-api/session
IP
178.253.15.193:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerLet's Encrypt
Subjectmelbet-754120.top
Fingerprint35:DF:F6:A2:0B:F0:7A:2F:23:95:26:67:4F:91:2C:C3:FF:94:45:E5
ValidityMon, 25 Mar 2024 05:17:30 GMT - Sun, 23 Jun 2024 05:17:29 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /web-api/session HTTP/1.1
Host: melbet-754120.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://melbet-754120.top/en/bonus/rules
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_; postback_watcher=%7B%22tag%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22pb%22%3A%2263ebd0811ddf41578e6a6c23886a91b3%22%2C%22click_id%22%3A%22d232c7vd5mya03yed6%22%2C%22r%22%3A%22promotions%2Frocket-launch%22%7D; platform_type=desktop; auid=sv0PwWY5ztStHbceAxdHAg==; window_width=0; SESSION=6a9dceb345edb3ade02564164fad59f0; che_g=561a934e-fa4f-1c6c-7d58-1a2328e91ea2; application_locale=en; sh.session.id=01f5b214-f542-4bd9-a044-27f699e50c7b; _ga_435XWQE678=GS1.1.1715064539.1.0.1715064539.60.0.0; _ga=GA1.1.49551864.1715064539
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Tue, 07 May 2024 06:49:02 GMT
cache-control: no-cache, private
server-timing: p;dur=17, dt_total;dur=29.242, wf-uht;dur=0.037
traceparent: 00-7cd021f3cc58f71c8960301f69cfcef2-15157e28f372c17d-01
x-dt: 62
x-time-ng: 0.023
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/melbet/vendors/conversion-eda6875d.js

185.244.209.62

200 OK

66 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/melbet/vendors/conversion-eda6875d.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
66 kB (66478 bytes)
Hash
44f2f1534037692a3b4d905b50e72a77
3a354eb1c5d1dec11479856be06eec91f67c646f
fb132dc14c689250123c08e9fd97c4bdccc161a11c52205062f262eae1b2e868

HTTP Headers

GET /_nuxt/desktop/melbet/vendors/conversion-eda6875d.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:49:02 GMT
content-type: application/javascript; charset=utf-8
content-length: 66478
last-modified: Mon, 06 May 2024 10:22:36 GMT
etag: "6638af6c-103ae"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:45 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-657868558de41913ac1ccc736ac3f742-9a130c158728d074-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:45+00:00, 2024-05-06T17:22:19+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

melbet-754120.top/hd-api/external/api/web/v1/converslon/load

178.253.15.193

200 OK

76 kB

URL GET HTTP/2
melbet-754120.top/hd-api/external/api/web/v1/converslon/load
IP
178.253.15.193:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerLet's Encrypt
Subjectmelbet-754120.top
Fingerprint35:DF:F6:A2:0B:F0:7A:2F:23:95:26:67:4F:91:2C:C3:FF:94:45:E5
ValidityMon, 25 Mar 2024 05:17:30 GMT - Sun, 23 Jun 2024 05:17:29 GMT

File type
gzip compressed data
Size
76 kB (76102 bytes)
Hash
76b82919d174c45a6c748ee90133371c
221ae596e453bc22cf7e552fcbcd6b7d57868438
47376d71a3275c798a945fb521aa11273ca501ff6cdae5763ea70d7b5c2ba4d3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /hd-api/external/api/web/v1/converslon/load HTTP/1.1
Host: melbet-754120.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://melbet-754120.top/en/bonus/rules
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_; postback_watcher=%7B%22tag%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22pb%22%3A%2263ebd0811ddf41578e6a6c23886a91b3%22%2C%22click_id%22%3A%22d232c7vd5mya03yed6%22%2C%22r%22%3A%22promotions%2Frocket-launch%22%7D; platform_type=desktop; auid=sv0PwWY5ztStHbceAxdHAg==; window_width=0; SESSION=6a9dceb345edb3ade02564164fad59f0; che_g=561a934e-fa4f-1c6c-7d58-1a2328e91ea2; application_locale=en; sh.session.id=01f5b214-f542-4bd9-a044-27f699e50c7b; _ga_435XWQE678=GS1.1.1715064539.1.0.1715064539.60.0.0; _ga=GA1.1.49551864.1715064539
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:49:02 GMT
content-type: application/json
content-encoding: gzip
traceparent: 00-f20cb2d741d7f8dd93949793b23ef8bb-7cc2f8d01bc8263d-01
vary: Accept-Encoding
x-dt: 62
x-request-guid: de49658d50d3ac3069189e22a35ba428
x-time-ng: 0.005
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=4.575, wf-uht;dur=0.013
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Medium.woff2

185.244.209.62

200 OK

65 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Medium.woff2
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 64732, version 1.0
Size
65 kB (64732 bytes)
Hash
3ac5d40d1b3966fc5eb09ecca74d9cbf
a69f32357765dd321519889aeacba5e9ca893bb0
3310766b8f58538d07abded74a2babe1acbe1a3ee820d5b8c8265da666f4fb0c

HTTP Headers

GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Medium.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://melbet-754120.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:49:03 GMT
content-type: font/woff2
content-length: 64732
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "3ac5d40d1b3966fc5eb09ecca74d9cbf"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-ba1b49a0eb4d22b0c713fbb52989347f-683ce730bd5e4f43-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T07:56:30+00:00, 2024-05-07T06:39:46+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2

185.244.209.62

200 OK

64 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 63920, version 1.0
Size
64 kB (63920 bytes)
Hash
a65527fcb58f66a7cfbc0e6b160538b4
45d260e7fa343401b5bb0df982a014f53e2d253b
fb13c3a1cbac60649b76f7d7f85c1645d35ac69b85ce5f4eb0692505ecc2cd45

HTTP Headers

GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://melbet-754120.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:49:03 GMT
content-type: font/woff2
content-length: 63920
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "a65527fcb58f66a7cfbc0e6b160538b4"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-61785e2ba8c83898401614052c5bbe99-1dba900f1fadc1c0-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T07:54:39+00:00, 2024-05-07T06:30:43+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

melbet-754120.top/hd-api/external/api/web/v1/j/684f8h735g7f5473d58906b6c1e9d7dc4cbaa74026e9036d3721

178.253.15.193

200 OK

517 B

URL POST HTTP/2
melbet-754120.top/hd-api/external/api/web/v1/j/684f8h735g7f5473d58906b6c1e9d7dc4cbaa74026e9036d3721
IP
178.253.15.193:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerLet's Encrypt
Subjectmelbet-754120.top
Fingerprint35:DF:F6:A2:0B:F0:7A:2F:23:95:26:67:4F:91:2C:C3:FF:94:45:E5
ValidityMon, 25 Mar 2024 05:17:30 GMT - Sun, 23 Jun 2024 05:17:29 GMT

File type
JSON text data
Size
517 B (517 bytes)
Hash
e2b66e0bda6f2d0f21d8a08fcafd410a
94b2a17c9fcc03a9c61fda53c388ea653f31f4a1
d07277079e4f51031a7ec35a765adf99b82c4824316d6789f5e8e22576dfec79

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /hd-api/external/api/web/v1/j/684f8h735g7f5473d58906b6c1e9d7dc4cbaa74026e9036d3721 HTTP/1.1
Host: melbet-754120.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://melbet-754120.top/en/bonus/rules
X-Requested-With: XMLHttpRequest
Content-Type: application/json
Content-Length: 105916
Origin: https://melbet-754120.top
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_; postback_watcher=%7B%22tag%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22pb%22%3A%2263ebd0811ddf41578e6a6c23886a91b3%22%2C%22click_id%22%3A%22d232c7vd5mya03yed6%22%2C%22r%22%3A%22promotions%2Frocket-launch%22%7D; platform_type=desktop; auid=sv0PwWY5ztStHbceAxdHAg==; window_width=0; SESSION=6a9dceb345edb3ade02564164fad59f0; che_g=561a934e-fa4f-1c6c-7d58-1a2328e91ea2; application_locale=en; sh.session.id=01f5b214-f542-4bd9-a044-27f699e50c7b; _ga_435XWQE678=GS1.1.1715064539.1.0.1715064539.60.0.0; _ga=GA1.1.49551864.1715064539
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:49:04 GMT
content-type: application/json
content-length: 517
content-encoding: gzip
traceparent: 00-05c6fbb0d308504fb87d20b7b4387607-8f49dfd078ba2d1e-01
vary: Accept-Encoding
x-dt: 62
x-request-guid: 33a92daafa19a210b6442840ca41c2e8
x-time-ng: 0.061
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=66.627, wf-uht;dur=0.091
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/melbet/analytics-cef615e4.js

185.244.209.62

200 OK

2.4 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/melbet/analytics-cef615e4.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (6444), with no line terminators
Size
2.4 kB (2433 bytes)
Hash
5eb8fda9ab49584fa24e09cea47cae17
f37704e2ffd37e536a3664448f4a51a53e18fae8
f6b530fe510a8d1df812687f34e1e2516a46d1e39ba815c8a821c5cdadf9e1cb

HTTP Headers

GET /_nuxt/desktop/melbet/analytics-cef615e4.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:49:05 GMT
content-type: application/javascript; charset=utf-8
content-length: 2433
last-modified: Thu, 02 May 2024 12:51:45 GMT
etag: "66338c61-981"
content-encoding: gzip
expires: Sat, 04 May 2024 08:42:22 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-a39888012f362e8d0d27424c038461bb-4780cbe12871e197-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-03T08:42:22+00:00, 2024-05-06T13:05:04+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-435XWQE678

142.250.74.168

200 OK

103 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-435XWQE678
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (5955)
Size
103 kB (102735 bytes)
Hash
591dd669ed6e9ae2d39b286129abf488
164c45f0625693eba9cbe794a8a3ce181f3055c7
070a4465de9d8c67b54a188d7a62fff357bd1f8bf9ae9dfbffffdce353f375ba

HTTP Headers

GET /gtag/js?id=G-435XWQE678 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 07 May 2024 06:49:05 GMT
expires: Tue, 07 May 2024 06:49:05 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 102735
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.googletagmanager.com/gtm.js?id=GTM-5P5J869

142.250.74.168

200 OK

109 kB

URL GET HTTP/3
www.googletagmanager.com/gtm.js?id=GTM-5P5J869
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (34865)
Size
109 kB (109175 bytes)
Hash
1acf4950135b81b44f281d5864b58e6a
7dce4b1b4a6a5e419b5058d9e11e67a86937e7da
fabd6afc23284602bf53af08cf8f6291681c7d89733221d6b3b5965781c16a06

HTTP Headers

GET /gtm.js?id=GTM-5P5J869 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 07 May 2024 06:49:05 GMT
expires: Tue, 07 May 2024 06:49:05 GMT
cache-control: private, max-age=900
last-modified: Tue, 07 May 2024 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 109175
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

radar.cedexis.com/1/23802/radar.js

45.54.49.5

302 Moved Temporarily

154 B

URL GET HTTP/1.1
radar.cedexis.com/1/23802/radar.js
IP
45.54.49.5:443
ASN
#63911 NetActuate, Inc

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerDigiCert Inc
Subjectradar.cedexis.com
Fingerprint33:58:79:8E:87:A5:C3:05:CA:E2:82:50:61:CF:72:83:BD:64:80:C1
ValidityFri, 29 Mar 2024 00:00:00 GMT - Fri, 28 Mar 2025 23:59:59 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
154 B (154 bytes)
Hash
cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319

HTTP Headers

GET /1/23802/radar.js HTTP/1.1
Host: radar.cedexis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 07 May 2024 06:49:05 GMT
Content-Type: text/html
Content-Length: 154
Connection: keep-alive
Location: /1707728419/stub.js
Expires: Tue, 07 May 2024 06:59:05 GMT
Cache-Control: max-age=600
Vary: User-Agent,DNT

www.googletagmanager.com/gtag/destination?id=G-8SZ536WC7F&l=dataLayer&cx=c

142.250.74.168

200 OK

99 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/destination?id=G-8SZ536WC7F&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (5945)
Size
99 kB (99206 bytes)
Hash
41f651a130ccc117a811eb5123d2d067
1d50628c2aaef12cfb8b488d0cd869ff1c6d1a1b
2e2c022046dbf7717f6e07c1865a2f8234e5090e9e202ebaf1a26a8ad9ecc794

HTTP Headers

GET /gtag/destination?id=G-8SZ536WC7F&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 07 May 2024 06:49:05 GMT
expires: Tue, 07 May 2024 06:49:05 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 99206
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.googletagmanager.com/gtag/js?id=G-8SZ536WC7F&l=dataLayer&cx=c

142.250.74.168

200 OK

99 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-8SZ536WC7F&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (5945)
Size
99 kB (99175 bytes)
Hash
7d4f5b66a909046f853e91135f74c9a1
ec11c3a65177e2fe33565e5201200657e4cb5cbb
250be2de992ed1ba771728471723583fac8cde7661e4c4d315b44c65739c97b3

HTTP Headers

GET /gtag/js?id=G-8SZ536WC7F&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 07 May 2024 06:49:05 GMT
expires: Tue, 07 May 2024 06:49:05 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 99175
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

radar.cedexis.com/1707728419/stub.js

45.54.49.5

200 OK

271 B

URL GET HTTP/1.1
radar.cedexis.com/1707728419/stub.js
IP
45.54.49.5:443
ASN
#63911 NetActuate, Inc

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerDigiCert Inc
Subjectradar.cedexis.com
Fingerprint33:58:79:8E:87:A5:C3:05:CA:E2:82:50:61:CF:72:83:BD:64:80:C1
ValidityFri, 29 Mar 2024 00:00:00 GMT - Fri, 28 Mar 2025 23:59:59 GMT

File type
JavaScript source, ASCII text
Size
271 B (271 bytes)
Hash
82dec77fd0353c7c71ce053b8601387e
fbbca95419e1d0c042e0a5fdf10f380aca66188c
39f2b7b0fa78d37d0c84d2d6618bd635d86fd683d9bcdd5729850cb2a62522f7

HTTP Headers

GET /1707728419/stub.js HTTP/1.1
Host: radar.cedexis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://melbet-754120.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 May 2024 06:49:05 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 12 Feb 2024 09:50:42 GMT
Vary: Accept-Encoding
ETag: W/"65c9e9f2-186"
Expires: Tue, 21 May 2024 06:49:05 GMT
Cache-Control: max-age=1209600, public
Content-Encoding: gzip

v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/1st/8-137-slider.webp

185.244.209.62

404 Not Found

118 B

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/1st/8-137-slider.webp
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
118 B (118 bytes)
Hash
b58d632409efb03916cfef3229576c55
c2fb66483c899f427b0354d52b080ce8bb6b47c4
b0b0fadb436530e81236a3d97058fc501d732eb24768845c5e97ac8ac3c32176

HTTP Headers

GET /genfiles/cms/8-62/desktop/bonus/rules/1st/8-137-slider.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Tue, 07 May 2024 06:49:05 GMT
content-type: text/html; charset=utf-8
content-length: 118
strict-transport-security: max-age=15724800; includeSubDomains
x-id-shield: am3-hw-edge-gc89
traceparent: 00-77e10aa1f85386f24af9c4146c65d160-ec71bbdbcbb31214-01
x-id: osix-hw-edge-gc4
cache: MISS, MISS
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8SZ536WC7F&cid=49551864.1715064539&gtm=45je4510v894765892z8894758050za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=51183267

142.250.74.35

200 OK

42 B

URL GET HTTP/3
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8SZ536WC7F&cid=49551864.1715064539&gtm=45je4510v894765892z8894758050za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=51183267
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.no
Fingerprint7D:68:6D:B1:32:34:52:51:20:C9:53:FF:B9:B7:8F:7E:05:F9:F5:97
ValidityTue, 16 Apr 2024 04:31:00 GMT - Tue, 09 Jul 2024 04:30:59 GMT

File type
GIF image data, version 89a, 1 x 1
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8SZ536WC7F&cid=49551864.1715064539&gtm=45je4510v894765892z8894758050za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=51183267 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 07 May 2024 06:49:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/1st-slider.webp

185.244.209.62

200 OK

11 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/1st-slider.webp
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 945x370, Scaling: [none]x[none], YUV color, decoders should clamp
Size
11 kB (11216 bytes)
Hash
b6ad2e035f957c30e3cc47030c5e6f1e
21f8501ebd99e63a82d7494a6ab54c7050852f71
8e9e73f87bc8e540fe0a804f7131962df9711e269d21815e6ac400a261d0a90b

HTTP Headers

GET /genfiles/cms/8-62/desktop/bonus/rules/1st-slider.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:49:05 GMT
content-type: image/webp
content-length: 11216
last-modified: Mon, 25 Mar 2024 15:27:03 GMT
etag: "b6ad2e035f957c30e3cc47030c5e6f1e"
x-time-ng: 0.043
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-47f69bd1d9b093c4ddfae16e5bfd3237-08fcef5c3d9358ab-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-02T20:38:47+00:00, 2024-05-07T06:49:04+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

widget.suphelper.top/_next/static/chunks/webpack-fb94d2f19425a3e3.js

104.18.39.72

200 OK

4.0 kB

URL GET HTTP/2
widget.suphelper.top/_next/static/chunks/webpack-fb94d2f19425a3e3.js
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://widget.suphelper.top/
Certificate
IssuerGoogle Trust Services LLC
Subjectsuphelper.top
Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36
ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT

File type
gzip compressed data, from Unix
Size
4.0 kB (3969 bytes)
Hash
afebe1745b8dfe0ab977d1c7b0744b4a
100ebcbb6636dbd63f1f33bb91941266af9a46e0
1b0213f2a8fd5d0e0b2ee5bbb6e0460510513573106e585c1c1eb260e36186ae

HTTP Headers

GET /_next/static/chunks/webpack-fb94d2f19425a3e3.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 07 May 2024 06:48:55 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://file-hosting-api-stage.kube.prod.cons.lan https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Thu, 09 Nov 2023 06:03:45 GMT
etag: W/"ed0-18bb2adf0eb"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 562180
expires: Wed, 07 May 2025 06:48:55 GMT
server: cloudflare
cf-ray: 87ff44636f455688-OSL
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-8SZ536WC7F&gtm=45je4510v894765892z8894758050za200&_p=1715064545270&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=49551864.1715064539&ecid=387341031&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1715064545&sct=1&seg=0&dl=https%3A%2F%2Fmelbet-754120.top%2Fen%2Fbonus%2Frules&dt=MelBet%20bonus%20%E1%90%89%20All%20MelBet%20bonuses%20%E1%90%89%20melbet-754120.top&en=gtm.init_consent&_fv=1&_ss=1&tfd=14093

216.239.34.36

204 No Content

0 B

URL POST HTTP/3
region1.analytics.google.com/g/collect?v=2&tid=G-8SZ536WC7F&gtm=45je4510v894765892z8894758050za200&_p=1715064545270&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=49551864.1715064539&ecid=387341031&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1715064545&sct=1&seg=0&dl=https%3A%2F%2Fmelbet-754120.top%2Fen%2Fbonus%2Frules&dt=MelBet%20bonus%20%E1%90%89%20All%20MelBet%20bonuses%20%E1%90%89%20melbet-754120.top&en=gtm.init_consent&_fv=1&_ss=1&tfd=14093
IP
216.239.34.36:443
ASN
#15169 GOOGLE

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-8SZ536WC7F&gtm=45je4510v894765892z8894758050za200&_p=1715064545270&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=49551864.1715064539&ecid=387341031&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1715064545&sct=1&seg=0&dl=https%3A%2F%2Fmelbet-754120.top%2Fen%2Fbonus%2Frules&dt=MelBet%20bonus%20%E1%90%89%20All%20MelBet%20bonuses%20%E1%90%89%20melbet-754120.top&en=gtm.init_consent&_fv=1&_ss=1&tfd=14093 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://melbet-754120.top
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/3 204 No Content
access-control-allow-origin: https://melbet-754120.top
date: Tue, 07 May 2024 06:49:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

region1.analytics.google.com/g/collect?v=2&tid=G-8SZ536WC7F&gtm=45je4510v894765892z8894758050za200&_p=1715064545270&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=49551864.1715064539&ecid=387341031&ul=en-us&sr=1280x1024&pscdl=noapi&sid=1715064545&sct=1&seg=0&dl=https%3A%2F%2Fmelbet-754120.top%2Fen%2Fbonus%2Frules&dt=MelBet%20bonus%20%E1%90%89%20All%20MelBet%20bonuses%20%E1%90%89%20melbet-754120.top&_s=2&tfd=14182

216.239.34.36

204 No Content

0 B

URL POST HTTP/3
region1.analytics.google.com/g/collect?v=2&tid=G-8SZ536WC7F&gtm=45je4510v894765892z8894758050za200&_p=1715064545270&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=49551864.1715064539&ecid=387341031&ul=en-us&sr=1280x1024&pscdl=noapi&sid=1715064545&sct=1&seg=0&dl=https%3A%2F%2Fmelbet-754120.top%2Fen%2Fbonus%2Frules&dt=MelBet%20bonus%20%E1%90%89%20All%20MelBet%20bonuses%20%E1%90%89%20melbet-754120.top&_s=2&tfd=14182
IP
216.239.34.36:443
ASN
#15169 GOOGLE

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-8SZ536WC7F&gtm=45je4510v894765892z8894758050za200&_p=1715064545270&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=49551864.1715064539&ecid=387341031&ul=en-us&sr=1280x1024&pscdl=noapi&sid=1715064545&sct=1&seg=0&dl=https%3A%2F%2Fmelbet-754120.top%2Fen%2Fbonus%2Frules&dt=MelBet%20bonus%20%E1%90%89%20All%20MelBet%20bonuses%20%E1%90%89%20melbet-754120.top&_s=2&tfd=14182 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 141
Origin: https://melbet-754120.top
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/3 204 No Content
access-control-allow-origin: https://melbet-754120.top
date: Tue, 07 May 2024 06:49:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

region1.analytics.google.com/g/collect?v=2&tid=G-8SZ536WC7F&gtm=45je4510v894765892z8894758050za200&_p=1715064545270&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=49551864.1715064539&ecid=387341031&ul=en-us&sr=1280x1024&pscdl=noapi&ec_mode=a&_s=3&sid=1715064545&sct=1&seg=1&dl=https%3A%2F%2Fmelbet-754120.top%2Fen%2Fbonus%2Frules&dt=MelBet%20bonus%20%E1%90%89%20All%20MelBet%20bonuses%20%E1%90%89%20melbet-754120.top&en=page_view&tfd=14183

216.239.34.36

204 No Content

0 B

URL POST HTTP/3
region1.analytics.google.com/g/collect?v=2&tid=G-8SZ536WC7F&gtm=45je4510v894765892z8894758050za200&_p=1715064545270&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=49551864.1715064539&ecid=387341031&ul=en-us&sr=1280x1024&pscdl=noapi&ec_mode=a&_s=3&sid=1715064545&sct=1&seg=1&dl=https%3A%2F%2Fmelbet-754120.top%2Fen%2Fbonus%2Frules&dt=MelBet%20bonus%20%E1%90%89%20All%20MelBet%20bonuses%20%E1%90%89%20melbet-754120.top&en=page_view&tfd=14183
IP
216.239.34.36:443
ASN
#15169 GOOGLE

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-8SZ536WC7F&gtm=45je4510v894765892z8894758050za200&_p=1715064545270&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=49551864.1715064539&ecid=387341031&ul=en-us&sr=1280x1024&pscdl=noapi&ec_mode=a&_s=3&sid=1715064545&sct=1&seg=1&dl=https%3A%2F%2Fmelbet-754120.top%2Fen%2Fbonus%2Frules&dt=MelBet%20bonus%20%E1%90%89%20All%20MelBet%20bonuses%20%E1%90%89%20melbet-754120.top&en=page_view&tfd=14183 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://melbet-754120.top
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/3 204 No Content
access-control-allow-origin: https://melbet-754120.top
date: Tue, 07 May 2024 06:49:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

melbet-754120.top/bonus-api/bonus?currency=NOK&language=en

178.253.15.193

200 OK

104 kB

URL GET HTTP/2
melbet-754120.top/bonus-api/bonus?currency=NOK&language=en
IP
178.253.15.193:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerLet's Encrypt
Subjectmelbet-754120.top
Fingerprint35:DF:F6:A2:0B:F0:7A:2F:23:95:26:67:4F:91:2C:C3:FF:94:45:E5
ValidityMon, 25 Mar 2024 05:17:30 GMT - Sun, 23 Jun 2024 05:17:29 GMT

File type
JSON text data
Size
104 kB (104329 bytes)
Hash
e97b2425b64811922b3af75a4e9b9c04
07eb666fb66baf4e89fb0c3edde5f3ff193f8177
037e0c6a66feb55b98605f09d51bd38777a89b0e0cb9ab92e89a6c509326a9af

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /bonus-api/bonus?currency=NOK&language=en HTTP/1.1
Host: melbet-754120.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://melbet-754120.top/en/bonus/rules
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_; postback_watcher=%7B%22tag%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22pb%22%3A%2263ebd0811ddf41578e6a6c23886a91b3%22%2C%22click_id%22%3A%22d232c7vd5mya03yed6%22%2C%22r%22%3A%22promotions%2Frocket-launch%22%7D; platform_type=desktop; auid=sv0PwWY5ztStHbceAxdHAg==; window_width=0; SESSION=6a9dceb345edb3ade02564164fad59f0; che_g=561a934e-fa4f-1c6c-7d58-1a2328e91ea2; application_locale=en; sh.session.id=01f5b214-f542-4bd9-a044-27f699e50c7b; _ga_435XWQE678=GS1.1.1715064539.1.0.1715064539.60.0.0; _ga=GA1.1.49551864.1715064539
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:59 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: br
server-timing: p;dur=4.3299198150635, dt_total;dur=6.977, wf-uht;dur=0.015
traceparent: 00-3b64de737348b7de0958eaa213d713d5-ff69cae0d44ba230-01
vary: Accept-Encoding
x-dt: 62
x-request-id: 17bdd3a9a8f9876cbc4e200ef6234036
x-time-ng: 0.006
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-435XWQE678&gtm=45je4510v9100497636za200&_p=1715064545270&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=49551864.1715064539&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1715064539&sct=1&seg=1&dl=https%3A%2F%2Fmelbet-754120.top%2Fen%2Fbonus%2Frules&dt=MelBet%20bonus%20%E1%90%89%20All%20MelBet%20bonuses%20%E1%90%89%20melbet-754120.top&en=page_view&_ee=1&ep.optimize_id=GTM-5R4MT54&tfd=18821

216.239.34.36

204 No Content

0 B

URL POST HTTP/3
region1.analytics.google.com/g/collect?v=2&tid=G-435XWQE678&gtm=45je4510v9100497636za200&_p=1715064545270&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=49551864.1715064539&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1715064539&sct=1&seg=1&dl=https%3A%2F%2Fmelbet-754120.top%2Fen%2Fbonus%2Frules&dt=MelBet%20bonus%20%E1%90%89%20All%20MelBet%20bonuses%20%E1%90%89%20melbet-754120.top&en=page_view&_ee=1&ep.optimize_id=GTM-5R4MT54&tfd=18821
IP
216.239.34.36:443
ASN
#15169 GOOGLE

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-435XWQE678&gtm=45je4510v9100497636za200&_p=1715064545270&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=49551864.1715064539&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1715064539&sct=1&seg=1&dl=https%3A%2F%2Fmelbet-754120.top%2Fen%2Fbonus%2Frules&dt=MelBet%20bonus%20%E1%90%89%20All%20MelBet%20bonuses%20%E1%90%89%20melbet-754120.top&en=page_view&_ee=1&ep.optimize_id=GTM-5R4MT54&tfd=18821 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://melbet-754120.top
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/3 204 No Content
access-control-allow-origin: https://melbet-754120.top
date: Tue, 07 May 2024 06:49:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/vip-cashback-slider.jpg

185.244.209.62

200 OK

74 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/vip-cashback-slider.jpg
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 25.5 (Windows), datetime=2024:03:18 12:48:37], progressive, precision 8, 945x370, components 3
Size
74 kB (73766 bytes)
Hash
bbb30ce4c556b725c02025094f98864c
ef54bda8be960ba8be7ecdca0c4a1d1095d283b3
41bcb9935232c6f2008ffe3ceaee86493eb611d31b082b1d294c193768cf7d42

HTTP Headers

GET /genfiles/cms/8-62/desktop/bonus/rules/vip-cashback-slider.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:49:15 GMT
content-type: image/jpeg
content-length: 142860
last-modified: Mon, 01 Apr 2024 14:18:37 GMT
etag: "f7a562951d81d50aa647f245accad6d1"
x-time-ng: 0.002
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-5a7fe117fa574fa23d2de2a09c0b6307-97782abdda4d32af-01
x-id: osix-hw-edge-gc4
cache: REVALIDATED, HIT
x-cached-since: 2024-05-07T06:49:14+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/bonus-cms/wU10MSv-2haG-R66dzNkPQzxHDwkyf4U/champions-league-slider.webp

185.244.209.62

108 kB

URL
v3.traincdn.com/genfiles/bonus-cms/wU10MSv-2haG-R66dzNkPQzxHDwkyf4U/champions-league-slider.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 945x370, Scaling: [none]x[none], YUV color, decoders should clamp
Size
108 kB (107534 bytes)
Hash
12e52438af265e033cf08f78a7366c29
9d98a097207c84b2d870e81e4f39124b05014814
51b99f0f5b4f2ba05936c528d9ba2ba0fc7ade5c0094263e3cc9469b786be828

HTTP Headers

GET /genfiles/bonus-cms/wU10MSv-2haG-R66dzNkPQzxHDwkyf4U/champions-league-slider.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:49:20 GMT
content-type: image/webp
content-length: 107534
last-modified: Wed, 24 Jan 2024 07:01:15 GMT
etag: "12e52438af265e033cf08f78a7366c29"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-65c7fee2dade78c12f23e4fc2d261908-c2a54a7e0ec3dff9-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T08:00:20+00:00, 2024-05-07T06:49:19+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

pp23vi1.com/static/pixel.gif?1715064561386

178.253.14.123

43 B

URL
pp23vi1.com/static/pixel.gif?1715064561386
IP
178.253.14.123:0
ASN
#202492 Silverhill Group Holding Ltd

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /static/pixel.gif?1715064561386 HTTP/1.1
Host: pp23vi1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:49:21 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
X-Firefox-Spdy: h2

widget.suphelper.top/_next/static/f385e6db/_buildManifest.js

104.18.39.72

200 OK

519 B

URL GET HTTP/2
widget.suphelper.top/_next/static/f385e6db/_buildManifest.js
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://widget.suphelper.top/
Certificate
IssuerGoogle Trust Services LLC
Subjectsuphelper.top
Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36
ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT

File type
ASCII text, with very long lines (547), with no line terminators
Size
519 B (519 bytes)
Hash
063abc9f05b28326f5878dcd728ca1f7
321099ea5d4fa6792974fd44503ffb3e75e5c5b0
73109b74c039aec5fc1e3f4e3c2e15585b1ba094f3e8291b0cd67f51b4b830c4

HTTP Headers

GET /_next/static/f385e6db/_buildManifest.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 06:48:55 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Thu, 02 May 2024 07:01:48 GMT
etag: W/"207-18f381bf92a"
vary: Accept-Encoding
cf-cache-status: HIT
age: 430879
expires: Wed, 07 May 2025 06:48:55 GMT
server: cloudflare
cf-ray: 87ff44638f775688-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/royal-monday.jpg

0.0.0.0

0 B

URL GET
v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/royal-monday.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /genfiles/cms/8-62/desktop/bonus/rules/royal-monday.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

melbet-754120.top/web-api/api/web/v1/config/actualDomain

178.253.15.193

200 OK

269 B

URL GET HTTP/2
melbet-754120.top/web-api/api/web/v1/config/actualDomain
IP
178.253.15.193:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerLet's Encrypt
Subjectmelbet-754120.top
Fingerprint35:DF:F6:A2:0B:F0:7A:2F:23:95:26:67:4F:91:2C:C3:FF:94:45:E5
ValidityMon, 25 Mar 2024 05:17:30 GMT - Sun, 23 Jun 2024 05:17:29 GMT

File type
ASCII text, with very long lines (309), with no line terminators
Size
269 B (269 bytes)
Hash
b0d3b898b7be7d0adb40e42ec6e6ff6d
debcb8d8c96eb233da0bc2e0fb62f36e6ce6f2cb
22d103f974ca078916a112caa33f8392471e56f1e1562ecf340113365e5a7da5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /web-api/api/web/v1/config/actualDomain HTTP/1.1
Host: melbet-754120.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_; postback_watcher=%7B%22tag%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22pb%22%3A%2263ebd0811ddf41578e6a6c23886a91b3%22%2C%22click_id%22%3A%22d232c7vd5mya03yed6%22%2C%22r%22%3A%22promotions%2Frocket-launch%22%7D; platform_type=desktop; auid=sv0PwWY5ztStHbceAxdHAg==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:54 GMT
content-type: application/vnd.api+json
vary: Accept-Encoding
cache-control: no-cache, private
server-timing: p;dur=49, dt_total;dur=51.452, wf-uht;dur=0.064
set-cookie: SESSION=6a9dceb345edb3ade02564164fad59f0; path=/; secure; HttpOnly; SameSite=Lax
ua=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
traceparent: 00-17db2c4a7ba1da073dd2096f560197b5-482635284373e56f-01
x-dt: 62
x-time-ng: 0.051
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/shared-assets/__shared_vue_deps_OVKZGHR6.js

185.244.209.62

200 OK

81 kB

URL GET HTTP/2
v3.traincdn.com/sys-static/shared-assets/__shared_vue_deps_OVKZGHR6.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type

Size
81 kB (81096 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sys-static/shared-assets/__shared_vue_deps_OVKZGHR6.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://melbet-754120.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:55 GMT
content-type: text/javascript; charset=utf-8
last-modified: Mon, 06 May 2024 10:22:32 GMT
etag: W/"39ee2eb3f7c493e991990cc0353dba17"
x-amz-meta-mtime: 1714990874.149504817
content-encoding: gzip
expires: Tue, 07 May 2024 12:42:06 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-f9a96530c476e8bb89c332c1c4c07339-c0bde213708f598f-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T12:42:06+00:00, 2024-05-06T12:50:28+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

melbet-754120.top/bff-api/config/all.json?lang=en

178.253.15.193

200 OK

114 kB

URL GET HTTP/2
melbet-754120.top/bff-api/config/all.json?lang=en
IP
178.253.15.193:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerLet's Encrypt
Subjectmelbet-754120.top
Fingerprint35:DF:F6:A2:0B:F0:7A:2F:23:95:26:67:4F:91:2C:C3:FF:94:45:E5
ValidityMon, 25 Mar 2024 05:17:30 GMT - Sun, 23 Jun 2024 05:17:29 GMT

File type
JSON text data
Size
114 kB (113567 bytes)
Hash
91d7898b93369495cc8fca258abee279
34acd9c0b1534eca06dedebf6fbca69c4b028692
245f4abeafbde07d922e29bfb1168b8b11ece0e8e9f7feb05590c4e51d7be36b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /bff-api/config/all.json?lang=en HTTP/1.1
Host: melbet-754120.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions%2Frocket-launch
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
x-geoip2-country-code: ru
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_; postback_watcher=%7B%22tag%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22pb%22%3A%2263ebd0811ddf41578e6a6c23886a91b3%22%2C%22click_id%22%3A%22d232c7vd5mya03yed6%22%2C%22r%22%3A%22promotions%2Frocket-launch%22%7D; platform_type=desktop; auid=sv0PwWY5ztStHbceAxdHAg==; window_width=1280; SESSION=6a9dceb345edb3ade02564164fad59f0; che_g=561a934e-fa4f-1c6c-7d58-1a2328e91ea2; application_locale=en; sh.session.id=01f5b214-f542-4bd9-a044-27f699e50c7b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:55 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: br
server-timing: bff;dur=105.24, dt_total;dur=118.949, wf-uht;dur=0.136
traceparent: 00-edc3473bcdefb8b6fec9cb21dd99c209-3d9432d251c5e68b-01
vary: Accept-Encoding
x-dt: 62
x-time-ng: 0.119
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

melbet-754120.top/genfiles/cms/8-62/desktop/media_asset/638c8cd5e340c23be1ee3f1a1a8cc402.json

178.253.15.193

200 OK

10 kB

URL GET HTTP/2
melbet-754120.top/genfiles/cms/8-62/desktop/media_asset/638c8cd5e340c23be1ee3f1a1a8cc402.json
IP
178.253.15.193:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerLet's Encrypt
Subjectmelbet-754120.top
Fingerprint35:DF:F6:A2:0B:F0:7A:2F:23:95:26:67:4F:91:2C:C3:FF:94:45:E5
ValidityMon, 25 Mar 2024 05:17:30 GMT - Sun, 23 Jun 2024 05:17:29 GMT

File type
JSON text data
Size
10 kB (10370 bytes)
Hash
ee702cdbc65faf50843762bd9534a1aa
5c78ac8aa3155597543f63349686b02926eecd36
ec388b1801623dbd0e1f497cb6a898425222ea538c039b2a8dafc7720cceea28

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/8-62/desktop/media_asset/638c8cd5e340c23be1ee3f1a1a8cc402.json HTTP/1.1
Host: melbet-754120.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions%2Frocket-launch
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_; postback_watcher=%7B%22tag%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22pb%22%3A%2263ebd0811ddf41578e6a6c23886a91b3%22%2C%22click_id%22%3A%22d232c7vd5mya03yed6%22%2C%22r%22%3A%22promotions%2Frocket-launch%22%7D; platform_type=desktop; auid=sv0PwWY5ztStHbceAxdHAg==; window_width=0; SESSION=6a9dceb345edb3ade02564164fad59f0; che_g=561a934e-fa4f-1c6c-7d58-1a2328e91ea2; application_locale=en; sh.session.id=01f5b214-f542-4bd9-a044-27f699e50c7b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:59 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Fri, 02 Feb 2024 09:29:36 GMT
etag: W/"ee702cdbc65faf50843762bd9534a1aa"
content-encoding: br
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.008
X-Firefox-Spdy: h2

melbet-754120.top/genfiles/cms/8-62/desktop/media_asset/abc1459f4c984eb223152c95913b324d.json

178.253.15.193

200 OK

884 B

URL GET HTTP/2
melbet-754120.top/genfiles/cms/8-62/desktop/media_asset/abc1459f4c984eb223152c95913b324d.json
IP
178.253.15.193:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerLet's Encrypt
Subjectmelbet-754120.top
Fingerprint35:DF:F6:A2:0B:F0:7A:2F:23:95:26:67:4F:91:2C:C3:FF:94:45:E5
ValidityMon, 25 Mar 2024 05:17:30 GMT - Sun, 23 Jun 2024 05:17:29 GMT

File type
ASCII text, with very long lines (974), with no line terminators
Size
884 B (884 bytes)
Hash
73177e72cd29dd7ce6b1b687d5e81dc0
5ae507604a9e46ffa8a9eec733d41ff4e77441b9
1de297b5b2bc3a2d536ab86a5f6629798f5e26712d3ce377b272e8badb8ba5c5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/8-62/desktop/media_asset/abc1459f4c984eb223152c95913b324d.json HTTP/1.1
Host: melbet-754120.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions%2Frocket-launch
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_; postback_watcher=%7B%22tag%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22pb%22%3A%2263ebd0811ddf41578e6a6c23886a91b3%22%2C%22click_id%22%3A%22d232c7vd5mya03yed6%22%2C%22r%22%3A%22promotions%2Frocket-launch%22%7D; platform_type=desktop; auid=sv0PwWY5ztStHbceAxdHAg==; window_width=0; SESSION=6a9dceb345edb3ade02564164fad59f0; che_g=561a934e-fa4f-1c6c-7d58-1a2328e91ea2; application_locale=en; sh.session.id=01f5b214-f542-4bd9-a044-27f699e50c7b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:59 GMT
content-type: application/json
content-length: 884
last-modified: Thu, 31 Aug 2023 12:36:12 GMT
etag: "c2eb16bc46aea587d16e3eb8bff889ad"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.010
X-Firefox-Spdy: h2

melbet-754120.top/genfiles/cms/8-62/desktop/media_asset/81cb91d4f6c612821963806bd9d35cde.json

178.253.15.193

200 OK

2.1 kB

URL GET HTTP/2
melbet-754120.top/genfiles/cms/8-62/desktop/media_asset/81cb91d4f6c612821963806bd9d35cde.json
IP
178.253.15.193:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerLet's Encrypt
Subjectmelbet-754120.top
Fingerprint35:DF:F6:A2:0B:F0:7A:2F:23:95:26:67:4F:91:2C:C3:FF:94:45:E5
ValidityMon, 25 Mar 2024 05:17:30 GMT - Sun, 23 Jun 2024 05:17:29 GMT

File type
ASCII text, with very long lines (2312), with no line terminators
Size
2.1 kB (2098 bytes)
Hash
2d5270e21920794c45722f1b38bc3126
0dcff3583623d9ae40af7bb4e1ddcf4af013ae7a
9d36b1d8190dd4fa0b48e9c7071a50087be3f8300110018647271ee09cc49819

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/8-62/desktop/media_asset/81cb91d4f6c612821963806bd9d35cde.json HTTP/1.1
Host: melbet-754120.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_; postback_watcher=%7B%22tag%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22pb%22%3A%2263ebd0811ddf41578e6a6c23886a91b3%22%2C%22click_id%22%3A%22d232c7vd5mya03yed6%22%2C%22r%22%3A%22promotions%2Frocket-launch%22%7D; platform_type=desktop; auid=sv0PwWY5ztStHbceAxdHAg==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:53 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Thu, 29 Feb 2024 10:19:31 GMT
etag: W/"fd0004c1375a2b69cd1d1cc669fe9120"
content-encoding: br
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.008
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/shared-assets/__shared_chunk_M4D4AAJL.js

185.244.209.62

200 OK

101 kB

URL GET HTTP/2
v3.traincdn.com/sys-static/shared-assets/__shared_chunk_M4D4AAJL.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (35828)
Size
101 kB (100701 bytes)
Hash
51ddc52774f4e5bd6a6f1c22e9d19674
374c2fbb2b68ad9c28898dfe60da3fd828ccf7c4
642e66ee14ca90b6ff8f91fbfdce400c6834a037dee18a60a72922ea727bb442

HTTP Headers

GET /sys-static/shared-assets/__shared_chunk_M4D4AAJL.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://melbet-754120.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:55 GMT
content-type: text/javascript; charset=utf-8
last-modified: Mon, 06 May 2024 10:22:32 GMT
etag: W/"51ddc52774f4e5bd6a6f1c22e9d19674"
x-amz-meta-mtime: 1714990874.153504753
content-encoding: gzip
expires: Tue, 07 May 2024 12:42:06 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-8e51ec4f9bb3b9b6251cf94f6ab72d6a-363f83fb204c1bac-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T12:42:06+00:00, 2024-05-06T12:50:29+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/desktop/media_asset/1259a02484c8dd98903cb809a61ba47c.png

185.244.209.62

200 OK

10 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/desktop/media_asset/1259a02484c8dd98903cb809a61ba47c.png
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
PNG image data, 256 x 256, 8-bit colormap, non-interlaced
Size
10 kB (10407 bytes)
Hash
e672c7363dae4ad6e8339be53f761bfc
e7a420ea10d37f6eb1b4678cd07f2eb47d709308
bb3ef9919331f9569cd85569d4150f677da39d20fc9224057561fd7cc101e294

HTTP Headers

GET /genfiles/cms/desktop/media_asset/1259a02484c8dd98903cb809a61ba47c.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:55 GMT
content-type: image/png
content-length: 10407
last-modified: Tue, 11 Apr 2023 22:46:06 GMT
etag: "e672c7363dae4ad6e8339be53f761bfc"
x-time-ng: 0.001
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-65917ee3fdf4d398b17b766d7c831fe5-42ad2eadf285b307-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T08:48:23+00:00, 2024-05-07T06:12:23+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/shared-assets/__shared_localforage_PLMWICWN.js

185.244.209.62

200 OK

30 kB

URL GET HTTP/2
v3.traincdn.com/sys-static/shared-assets/__shared_localforage_PLMWICWN.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (30255)
Size
30 kB (30277 bytes)
Hash
dfa127e93d125d4f6c566203eaf225f2
32c1fd89c4eeed7ac2a942582b3786659b15cd43
cf5077d1cff62ce76807408ebc2203563b7a221ddf1cf38339c6d54289bff390

HTTP Headers

GET /sys-static/shared-assets/__shared_localforage_PLMWICWN.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://melbet-754120.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:55 GMT
content-type: text/javascript; charset=utf-8
last-modified: Mon, 06 May 2024 14:40:26 GMT
etag: W/"dfa127e93d125d4f6c566203eaf225f2"
x-amz-meta-mtime: 1715006282.054749806
content-encoding: gzip
expires: Tue, 07 May 2024 15:18:11 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-54ee0a7c38eb1b9e9d5986b44b5a370f-25a61621c45b1494-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T15:18:11+00:00, 2024-05-06T16:00:49+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

melbet-754120.top/genfiles/cms/8-62/desktop/media_asset/29938bab51da1425f8a9c67510226b94.json

178.253.15.193

200 OK

473 B

URL GET HTTP/2
melbet-754120.top/genfiles/cms/8-62/desktop/media_asset/29938bab51da1425f8a9c67510226b94.json
IP
178.253.15.193:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerLet's Encrypt
Subjectmelbet-754120.top
Fingerprint35:DF:F6:A2:0B:F0:7A:2F:23:95:26:67:4F:91:2C:C3:FF:94:45:E5
ValidityMon, 25 Mar 2024 05:17:30 GMT - Sun, 23 Jun 2024 05:17:29 GMT

File type
ASCII text, with very long lines (522), with no line terminators
Size
473 B (473 bytes)
Hash
f3440f6f4afdcd28fb77909da59d385d
a2d60764b1ba4ab5a19d7f5ce9e48a1df55197ea
27c629a48bf70e54e36e8a1a500e562335783afca1dcbff87a7afbac73f04b60

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/8-62/desktop/media_asset/29938bab51da1425f8a9c67510226b94.json HTTP/1.1
Host: melbet-754120.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions%2Frocket-launch
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_; postback_watcher=%7B%22tag%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22pb%22%3A%2263ebd0811ddf41578e6a6c23886a91b3%22%2C%22click_id%22%3A%22d232c7vd5mya03yed6%22%2C%22r%22%3A%22promotions%2Frocket-launch%22%7D; platform_type=desktop; auid=sv0PwWY5ztStHbceAxdHAg==; window_width=0; SESSION=6a9dceb345edb3ade02564164fad59f0; che_g=561a934e-fa4f-1c6c-7d58-1a2328e91ea2; application_locale=en; sh.session.id=01f5b214-f542-4bd9-a044-27f699e50c7b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:59 GMT
content-type: application/json
content-length: 473
last-modified: Tue, 06 Jun 2023 13:22:47 GMT
etag: "e67aa19ef00fd2285c7b4ecbb6018306"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.008
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/promo_store-slider.webp

185.244.209.62

200 OK

36 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/promo_store-slider.webp
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
36 kB (35814 bytes)
Hash
697f9dce38fbb48fc307862e282d305c
5be71129f74307e1ad72e13816e6def6a761e963
17466adb0c7f15e0c4009356996114172898dfd62f9e8077e592395f6b414728

HTTP Headers

GET /genfiles/cms/8-62/desktop/bonus/rules/promo_store-slider.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:49:00 GMT
content-type: image/webp
content-length: 35814
last-modified: Wed, 18 Oct 2023 22:02:05 GMT
etag: "697f9dce38fbb48fc307862e282d305c"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-46d366ecac69c8b125f9137479c7544a-b1ceb332fbb03aa3-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-01-22T14:44:58+00:00, 2024-05-07T06:25:45+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/8-62/desktop/media_asset/54ab1458328fabd32fda93e1ef6ffd30.png

185.244.209.62

200 OK

16 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/8-62/desktop/media_asset/54ab1458328fabd32fda93e1ef6ffd30.png
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
PNG image data, 800 x 800, 8-bit colormap, non-interlaced
Size
16 kB (15879 bytes)
Hash
0f8c2ec63cdbfe481ab43252ab3ee0d6
270a890972b158bd7d0cde631506f10b8037b9a9
113cd7a5e5ad995b54fc54448c78d5ffd366c5a2da7b3c2c282abd30f6a23df3

HTTP Headers

GET /genfiles/cms/8-62/desktop/media_asset/54ab1458328fabd32fda93e1ef6ffd30.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:54 GMT
content-type: image/png
content-length: 15879
last-modified: Thu, 02 Nov 2023 06:59:14 GMT
etag: "0f8c2ec63cdbfe481ab43252ab3ee0d6"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-92b455ab236933d5903e85e88e772606-112b071e064b179b-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T07:57:59+00:00, 2024-05-07T05:48:58+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/shared-assets/__shared_sweetalert2_X3CQ7PJQ.js

185.244.209.62

200 OK

69 kB

URL GET HTTP/2
v3.traincdn.com/sys-static/shared-assets/__shared_sweetalert2_X3CQ7PJQ.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (32238)
Size
69 kB (68856 bytes)
Hash
138de5d55ee831195dd90bbf5c557926
4413082980942643803d8d4567df2f8395c0e868
55a6d9d38b0c68a21367ae7ae43333bfa61e2eddd38b2376eb5b192f0a0383cd

HTTP Headers

GET /sys-static/shared-assets/__shared_sweetalert2_X3CQ7PJQ.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://melbet-754120.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:55 GMT
content-type: text/javascript; charset=utf-8
last-modified: Mon, 06 May 2024 14:40:26 GMT
etag: W/"138de5d55ee831195dd90bbf5c557926"
x-amz-meta-mtime: 1715006282.054749806
content-encoding: gzip
expires: Tue, 07 May 2024 15:18:13 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-d199e689b863382ee780079e09902fd4-585a2a2d7370b655-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T15:18:13+00:00, 2024-05-06T15:55:32+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/express.jpg

0.0.0.0

0 B

URL GET
v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/express.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /genfiles/cms/8-62/desktop/bonus/rules/express.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/returnsexpress.jpg

0.0.0.0

0 B

URL GET
v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/returnsexpress.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /genfiles/cms/8-62/desktop/bonus/rules/returnsexpress.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

v3.traincdn.com/sys-ui/3.2.3/Desktop/Default/client.css

185.244.209.62

200 OK

1.0 MB

URL GET HTTP/2
v3.traincdn.com/sys-ui/3.2.3/Desktop/Default/client.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type

Size
1.0 MB (1048668 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sys-ui/3.2.3/Desktop/Default/client.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:52 GMT
content-type: text/css; charset=utf-8
last-modified: Fri, 19 Apr 2024 10:53:25 GMT
etag: W/"64d292a033c097211f9f4c21ffbcb2b0"
x-amz-meta-mtime: 1713523729.13591556
content-encoding: gzip
expires: Wed, 24 Apr 2024 12:54:48 GMT
cache-control: max-age=86400
x-time-ng: 0.003
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-c28ccfb10348a88b3762bebc6a9d527f-def2f69c666413c5-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T12:54:48+00:00, 2024-05-06T15:05:37+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/casino-bonus-slider.jpg

185.244.209.62

200 OK

0 B

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/casino-bonus-slider.jpg
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /genfiles/cms/8-62/desktop/bonus/rules/casino-bonus-slider.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:49:10 GMT
content-type: image/jpeg
content-length: 103496
last-modified: Mon, 01 Apr 2024 10:24:07 GMT
etag: "44e8a10d6abe1e448292cc0664ecde1c"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-d6327569058e0c0d3fcf04297a88d16a-65b10e41cdefe87b-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T19:16:30+00:00, 2024-05-07T06:49:09+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

widget.suphelper.top/injector.js

104.18.39.72

200 OK

208 kB

URL GET HTTP/2
widget.suphelper.top/injector.js
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerGoogle Trust Services LLC
Subjectsuphelper.top
Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36
ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT

File type

Size
208 kB (208506 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /injector.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 06:48:55 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=14400
last-modified: Thu, 02 May 2024 07:01:48 GMT
etag: W/"32e7a-18f381bf77a"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 1
expires: Tue, 07 May 2024 10:48:55 GMT
server: cloudflare
cf-ray: 87ff44609ad85688-OSL
X-Firefox-Spdy: h2

melbet-754120.top/web-api/bonus

178.253.15.193

200 OK

44 kB

URL GET HTTP/2
melbet-754120.top/web-api/bonus
IP
178.253.15.193:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerLet's Encrypt
Subjectmelbet-754120.top
Fingerprint35:DF:F6:A2:0B:F0:7A:2F:23:95:26:67:4F:91:2C:C3:FF:94:45:E5
ValidityMon, 25 Mar 2024 05:17:30 GMT - Sun, 23 Jun 2024 05:17:29 GMT

File type

Size
44 kB (43649 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /web-api/bonus HTTP/1.1
Host: melbet-754120.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://melbet-754120.top/en/bonus/rules
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_; postback_watcher=%7B%22tag%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22pb%22%3A%2263ebd0811ddf41578e6a6c23886a91b3%22%2C%22click_id%22%3A%22d232c7vd5mya03yed6%22%2C%22r%22%3A%22promotions%2Frocket-launch%22%7D; platform_type=desktop; auid=sv0PwWY5ztStHbceAxdHAg==; window_width=0; SESSION=6a9dceb345edb3ade02564164fad59f0; che_g=561a934e-fa4f-1c6c-7d58-1a2328e91ea2; application_locale=en; sh.session.id=01f5b214-f542-4bd9-a044-27f699e50c7b; _ga_435XWQE678=GS1.1.1715064539.1.0.1715064539.60.0.0; _ga=GA1.1.49551864.1715064539
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:59 GMT
content-type: application/vnd.api+json
vary: Accept-Encoding
cache-control: no-cache, private
server-timing: p;dur=114, dt_total;dur=157.820, wf-uht;dur=0.180
traceparent: 00-a84a54b12249a3143544a26266225014-0ef7b7f5c2ecb38e-01
x-dt: 62
x-time-ng: 0.123
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/longer.jpg

0.0.0.0

0 B

URL GET
v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/longer.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /genfiles/cms/8-62/desktop/bonus/rules/longer.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/wishing-you-a-happy-birthday.jpg

0.0.0.0

0 B

URL GET
v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/wishing-you-a-happy-birthday.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /genfiles/cms/8-62/desktop/bonus/rules/wishing-you-a-happy-birthday.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

v3.traincdn.com/sys-static/shared-assets/__shared_popper_js_MO5RLEN3.js

185.244.209.62

200 OK

21 kB

URL GET HTTP/2
v3.traincdn.com/sys-static/shared-assets/__shared_popper_js_MO5RLEN3.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (21232)
Size
21 kB (21252 bytes)
Hash
598d5481ac96b9bf8013b0eb1413b8e5
cc7e3384da379a215ac43b2385e901e22ceb6327
1488ecc35389c72a3aa26d468420069f6b719db456ea82605762311da663b65f

HTTP Headers

GET /sys-static/shared-assets/__shared_popper_js_MO5RLEN3.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://melbet-754120.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:55 GMT
content-type: text/javascript; charset=utf-8
last-modified: Sat, 04 May 2024 09:05:54 GMT
etag: W/"598d5481ac96b9bf8013b0eb1413b8e5"
x-amz-meta-mtime: 1714813304.849408028
content-encoding: gzip
expires: Sun, 05 May 2024 15:32:01 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-3e95ce0f7aca983445a479541a637ca6-a4fc1f720b85172c-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-04T15:32:01+00:00, 2024-05-06T12:52:42+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

melbet-754120.top/genfiles/cms/8-62/desktop/media_asset/b07d27b4dd3bda7b09322ad73d71fd33.json

178.253.15.193

200 OK

846 B

URL GET HTTP/2
melbet-754120.top/genfiles/cms/8-62/desktop/media_asset/b07d27b4dd3bda7b09322ad73d71fd33.json
IP
178.253.15.193:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerLet's Encrypt
Subjectmelbet-754120.top
Fingerprint35:DF:F6:A2:0B:F0:7A:2F:23:95:26:67:4F:91:2C:C3:FF:94:45:E5
ValidityMon, 25 Mar 2024 05:17:30 GMT - Sun, 23 Jun 2024 05:17:29 GMT

File type
ASCII text, with very long lines (939), with no line terminators
Size
846 B (846 bytes)
Hash
3b0f052f0ee72363f47a2f3f18d5ebe5
6ff620b7b03e7e310268c686774efbac9042b281
e544e033d1ff581ba781fc652a2af30eebfbcb7ea7649002ccbdc26faa8f1ebc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/8-62/desktop/media_asset/b07d27b4dd3bda7b09322ad73d71fd33.json HTTP/1.1
Host: melbet-754120.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions%2Frocket-launch
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_; postback_watcher=%7B%22tag%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22pb%22%3A%2263ebd0811ddf41578e6a6c23886a91b3%22%2C%22click_id%22%3A%22d232c7vd5mya03yed6%22%2C%22r%22%3A%22promotions%2Frocket-launch%22%7D; platform_type=desktop; auid=sv0PwWY5ztStHbceAxdHAg==; window_width=0; SESSION=6a9dceb345edb3ade02564164fad59f0; che_g=561a934e-fa4f-1c6c-7d58-1a2328e91ea2; application_locale=en; sh.session.id=01f5b214-f542-4bd9-a044-27f699e50c7b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:59 GMT
content-type: application/json
content-length: 846
last-modified: Mon, 07 Aug 2023 13:49:59 GMT
etag: "730bd58f457e46b6ac3b9f6028a8e162"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.011
X-Firefox-Spdy: h2

widget.suphelper.top/_next/static/f385e6db/_middlewareManifest.js

104.18.39.72

200 OK

92 B

URL GET HTTP/2
widget.suphelper.top/_next/static/f385e6db/_middlewareManifest.js
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://widget.suphelper.top/
Certificate
IssuerGoogle Trust Services LLC
Subjectsuphelper.top
Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36
ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT

File type
ASCII text, with no line terminators
Size
92 B (92 bytes)
Hash
7c3f7e060745668041278118c0bb3d6d
e639f56695b3cc30d78dce7a0084aa8299a1311a
de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a

HTTP Headers

GET /_next/static/f385e6db/_middlewareManifest.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 06:48:55 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Thu, 02 May 2024 07:01:48 GMT
etag: W/"5c-18f381bf92a"
vary: Accept-Encoding
cf-cache-status: HIT
age: 430885
expires: Wed, 07 May 2025 06:48:55 GMT
server: cloudflare
cf-ray: 87ff44639f965688-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/bonus-cms/MPX1DC_0jFP-gQPbQ0mr9TV_eQukkW8O/big-four.webp

185.244.209.62

200 OK

47 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/bonus-cms/MPX1DC_0jFP-gQPbQ0mr9TV_eQukkW8O/big-four.webp
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp
Size
47 kB (47196 bytes)
Hash
a39329f2d27e1de0e783ffb41c4d7630
1a035a892f7cbf8bac4486c4f1f5463f4c2f523d
2b269bcadeb8762d062fc4a6bd21ef176f4c8303da45531b0ec424c69823801b

HTTP Headers

GET /genfiles/bonus-cms/MPX1DC_0jFP-gQPbQ0mr9TV_eQukkW8O/big-four.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:49:00 GMT
content-type: image/webp
content-length: 47196
last-modified: Wed, 27 Dec 2023 08:46:35 GMT
etag: "a39329f2d27e1de0e783ffb41c4d7630"
x-time-ng: 0.001
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-27db8630f93a140388ce4442b22dea7b-c5b075fa546eda05-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-01-10T11:02:53+00:00, 2024-05-07T06:36:46+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/sys-icons/1.0.328/62/common.svg

185.244.209.62

200 OK

148 kB

URL GET HTTP/2
v3.traincdn.com/sys-icons/1.0.328/62/common.svg
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
148 kB (147832 bytes)
Hash
39b7443416624e718f8d9899ee65e8f6
67759f7d39d8f53e29a4bc36d60250ab6b61da84
502962a31fa5f9ac885b0c01ebab68465a0679d5281571e87c576fb8130b3577

HTTP Headers

GET /sys-icons/1.0.328/62/common.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://melbet-754120.top
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:54 GMT
content-type: image/svg+xml
last-modified: Mon, 15 Apr 2024 07:13:35 GMT
etag: W/"39b7443416624e718f8d9899ee65e8f6"
x-amz-meta-mtime: 1713165210.305888364
content-encoding: gzip
expires: Tue, 23 Apr 2024 10:38:09 GMT
cache-control: max-age=86400
x-time-ng: 0.003
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-0a157a3be0d5be8dd2c12b6351eb318b-fdec577566a245a9-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-22T10:38:09+00:00, 2024-05-06T13:56:54+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/bonus-cms/U1ZyYzSmLUZ6zg8PzlgZ_g4dyhi4xAvl/MB_Usyk-Fury_945x370_1.jpg

185.244.209.62

200 OK

57 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/bonus-cms/U1ZyYzSmLUZ6zg8PzlgZ_g4dyhi4xAvl/MB_Usyk-Fury_945x370_1.jpg
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), default quality", baseline, precision 8, 945x370, components 3
Size
57 kB (57380 bytes)
Hash
62bdae22ee3ec116993118fa8afee7cc
f806e8cd3c63640514781a88e5252d32c0217dfd
ecaf4da18512a578c7e202bc4f54c1e656421d4574c3b3cfa065d58c7ed81a0f

HTTP Headers

GET /genfiles/bonus-cms/U1ZyYzSmLUZ6zg8PzlgZ_g4dyhi4xAvl/MB_Usyk-Fury_945x370_1.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:49:00 GMT
content-type: image/jpeg
content-length: 57380
last-modified: Fri, 02 Feb 2024 12:29:10 GMT
etag: "62bdae22ee3ec116993118fa8afee7cc"
x-time-ng: 0.004
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-b6775034e90caa3fcd171ee8af09f2ef-afd1e31b5fe8dd77-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-08T09:00:38+00:00, 2024-05-07T06:48:59+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

widget.suphelper.top/_next/static/chunks/framework-49f1e091cbf6b261.js

104.18.39.72

200 OK

141 kB

URL GET HTTP/2
widget.suphelper.top/_next/static/chunks/framework-49f1e091cbf6b261.js
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://widget.suphelper.top/
Certificate
IssuerGoogle Trust Services LLC
Subjectsuphelper.top
Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36
ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
141 kB (140949 bytes)
Hash
896d1930437c1ab92b8a359c1d6fdaae
71e0e23d1af9722f356eb5d1c497d100ec8b0f7a
8c508636d885890bfb5c56bcd6dad1b8b64c498781d351b588a8de7f686774d4

HTTP Headers

GET /_next/static/chunks/framework-49f1e091cbf6b261.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 06:48:55 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Mon, 11 Mar 2024 06:37:37 GMT
etag: W/"22695-18e2c3b24d9"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 562180
expires: Wed, 07 May 2025 06:48:55 GMT
server: cloudflare
cf-ray: 87ff44636f4a5688-OSL
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/promo_store.jpg

185.244.209.62

200 OK

12 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/promo_store.jpg
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 315x250, components 3
Size
12 kB (11769 bytes)
Hash
52f9e37c05e29ba0d81e825e283a9f49
a168aaf94b3edfcdd66b29b54cb6b0f51e442bf2
a4f355980d8cbb63c1ad649a747497cf3ee66e74f9a4fb768a281332cf4fe222

HTTP Headers

GET /genfiles/cms/8-62/desktop/bonus/rules/promo_store.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:49:00 GMT
content-type: image/jpeg
content-length: 11769
last-modified: Fri, 22 Sep 2023 14:24:40 GMT
etag: "52f9e37c05e29ba0d81e825e283a9f49"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-f35fb24f1b16dfabaaa409580b878b81-5f5247fe46964e19-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-03-24T12:57:03+00:00, 2024-05-07T06:36:46+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

melbet-754120.top/genfiles/cms/8-62/desktop/media_asset/03e9964bac24b357133323fa7cd1ecc8.json

178.253.15.193

200 OK

1.5 kB

URL GET HTTP/2
melbet-754120.top/genfiles/cms/8-62/desktop/media_asset/03e9964bac24b357133323fa7cd1ecc8.json
IP
178.253.15.193:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerLet's Encrypt
Subjectmelbet-754120.top
Fingerprint35:DF:F6:A2:0B:F0:7A:2F:23:95:26:67:4F:91:2C:C3:FF:94:45:E5
ValidityMon, 25 Mar 2024 05:17:30 GMT - Sun, 23 Jun 2024 05:17:29 GMT

File type
ASCII text, with very long lines (1638), with no line terminators
Size
1.5 kB (1494 bytes)
Hash
1c21f311ce7d2fce86538083de17fbcc
ac92eb66bd5dc5221bb1c6106f951876b3fa083c
5298ed1b0e5f830e5fcc0e7247e439bfacf590a5a30eae05fcc49dfcae2d0d4d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/8-62/desktop/media_asset/03e9964bac24b357133323fa7cd1ecc8.json HTTP/1.1
Host: melbet-754120.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://melbet-754120.top/en/bonus/rules
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_; postback_watcher=%7B%22tag%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22pb%22%3A%2263ebd0811ddf41578e6a6c23886a91b3%22%2C%22click_id%22%3A%22d232c7vd5mya03yed6%22%2C%22r%22%3A%22promotions%2Frocket-launch%22%7D; platform_type=desktop; auid=sv0PwWY5ztStHbceAxdHAg==; window_width=0; SESSION=6a9dceb345edb3ade02564164fad59f0; che_g=561a934e-fa4f-1c6c-7d58-1a2328e91ea2; application_locale=en; sh.session.id=01f5b214-f542-4bd9-a044-27f699e50c7b; _ga_435XWQE678=GS1.1.1715064539.1.0.1715064539.60.0.0; _ga=GA1.1.49551864.1715064539
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:59 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Fri, 12 May 2023 15:17:30 GMT
etag: W/"b0a50f5239a6ca38097f89684eae43e4"
content-encoding: br
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.008
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/100-bets.jpg

0.0.0.0

0 B

URL GET
v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/100-bets.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /genfiles/cms/8-62/desktop/bonus/rules/100-bets.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

widget.suphelper.top/_next/static/chunks/81.9c6562bba5669b47.js

104.18.39.72

200 OK

37 kB

URL GET HTTP/2
widget.suphelper.top/_next/static/chunks/81.9c6562bba5669b47.js
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://widget.suphelper.top/
Certificate
IssuerGoogle Trust Services LLC
Subjectsuphelper.top
Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36
ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT

File type
JavaScript source, ASCII text, with very long lines (36674), with no line terminators
Size
37 kB (36674 bytes)
Hash
6782c8abf3d14391f6ed5c805a973cf5
a08b255c0084e14d74199f5af64522ffaba14486
88331f3bf38157ecb0e64f22c08a582384dc74c8bae09d9f78b9eab5fe82cfa3

HTTP Headers

GET /_next/static/chunks/81.9c6562bba5669b47.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 06:48:56 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Mon, 22 Jan 2024 07:49:06 GMT
etag: W/"8f42-18d3024f9c4"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 570524
expires: Wed, 07 May 2025 06:48:56 GMT
server: cloudflare
cf-ray: 87ff44670c995688-OSL
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/8-62/desktop/media_asset/dd77c8f1b5bd23e38cd81fb7d861af10.svg

185.244.209.62

200 OK

2.1 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/8-62/desktop/media_asset/dd77c8f1b5bd23e38cd81fb7d861af10.svg
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
2.1 kB (2064 bytes)
Hash
e91fdc974a10e9b35db1864d10ffce25
32fc5162288a2c7fe433f24fc2476466dfb0e9b2
e84a6e2b41dc725400369d3ddc5f9c272fd16512610beecd999e92031aeaa781

HTTP Headers

GET /genfiles/cms/8-62/desktop/media_asset/dd77c8f1b5bd23e38cd81fb7d861af10.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:52 GMT
content-type: image/svg+xml
last-modified: Tue, 02 May 2023 09:45:56 GMT
etag: W/"d42c74d73d96359d81835c55d7389576"
content-encoding: gzip
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-05c87d438f1989448d24057848dffe7b-195b232d30f0af02-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-01-15T09:58:00+00:00, 2024-05-07T05:48:56+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/for-their.jpg

0.0.0.0

0 B

URL GET
v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/for-their.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /genfiles/cms/8-62/desktop/bonus/rules/for-their.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/toto-free.jpg

0.0.0.0

0 B

URL GET
v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/toto-free.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /genfiles/cms/8-62/desktop/bonus/rules/toto-free.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

v3.traincdn.com/sys-static/sys-promotions-and-bonuses-static/Desktop/Melbet/44136fa355b3/entry-70d2ec9b.js

185.244.209.62

200 OK

888 kB

URL GET HTTP/2
v3.traincdn.com/sys-static/sys-promotions-and-bonuses-static/Desktop/Melbet/44136fa355b3/entry-70d2ec9b.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type

Size
888 kB (888497 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sys-static/sys-promotions-and-bonuses-static/Desktop/Melbet/44136fa355b3/entry-70d2ec9b.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://melbet-754120.top
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:54 GMT
content-type: text/javascript; charset=utf-8
last-modified: Mon, 06 May 2024 13:05:25 GMT
etag: W/"e08ce24d344be0010164a524e64fbced"
x-amz-meta-mtime: 1715000575.06447053
content-encoding: gzip
expires: Tue, 07 May 2024 13:08:25 GMT
cache-control: max-age=86400
x-time-ng: 0.003
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-7bd7268b1db54be952b80140a8a7c720-d9d3e57b57cb0fd7-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T13:08:25+00:00, 2024-05-06T15:05:43+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

melbet-754120.top/genfiles/cms/8-62/desktop/media_asset/ae543d3e837a09b8a8d24496983c05c1.json

178.253.15.193

200 OK

10 kB

URL GET HTTP/2
melbet-754120.top/genfiles/cms/8-62/desktop/media_asset/ae543d3e837a09b8a8d24496983c05c1.json
IP
178.253.15.193:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerLet's Encrypt
Subjectmelbet-754120.top
Fingerprint35:DF:F6:A2:0B:F0:7A:2F:23:95:26:67:4F:91:2C:C3:FF:94:45:E5
ValidityMon, 25 Mar 2024 05:17:30 GMT - Sun, 23 Jun 2024 05:17:29 GMT

File type
JSON text data
Size
10 kB (10158 bytes)
Hash
e5e68fdba731c76ec0a416e7799cf4f9
b8b3233ff91489cdd2ad056073cfd625bd4715a5
a7221bf33f5f39552a192e8357d466bd30b0530bddc89aad0d35de565a26b6df

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/8-62/desktop/media_asset/ae543d3e837a09b8a8d24496983c05c1.json HTTP/1.1
Host: melbet-754120.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions%2Frocket-launch
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_; postback_watcher=%7B%22tag%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22pb%22%3A%2263ebd0811ddf41578e6a6c23886a91b3%22%2C%22click_id%22%3A%22d232c7vd5mya03yed6%22%2C%22r%22%3A%22promotions%2Frocket-launch%22%7D; platform_type=desktop; auid=sv0PwWY5ztStHbceAxdHAg==; window_width=0; SESSION=6a9dceb345edb3ade02564164fad59f0; che_g=561a934e-fa4f-1c6c-7d58-1a2328e91ea2; application_locale=en; sh.session.id=01f5b214-f542-4bd9-a044-27f699e50c7b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:59 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Tue, 11 Apr 2023 21:30:21 GMT
etag: W/"e5e68fdba731c76ec0a416e7799cf4f9"
content-encoding: br
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.008
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/1st/8-137-slider.jpg

0.0.0.0

0 B

URL GET
v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/1st/8-137-slider.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /genfiles/cms/8-62/desktop/bonus/rules/1st/8-137-slider.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

widget.suphelper.top/_next/static/f385e6db/_ssgManifest.js

104.18.39.72

200 OK

77 B

URL GET HTTP/2
widget.suphelper.top/_next/static/f385e6db/_ssgManifest.js
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://widget.suphelper.top/
Certificate
IssuerGoogle Trust Services LLC
Subjectsuphelper.top
Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36
ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT

File type
ASCII text, with no line terminators
Size
77 B (77 bytes)
Hash
b6652df95db52feb4daf4eca35380933
65451d110137761b318c82d9071c042db80c4036
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

HTTP Headers

GET /_next/static/f385e6db/_ssgManifest.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 06:48:55 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Thu, 02 May 2024 07:01:48 GMT
etag: W/"4d-18f381bf92a"
vary: Accept-Encoding
cf-cache-status: HIT
age: 430885
expires: Wed, 07 May 2025 06:48:55 GMT
server: cloudflare
cf-ray: 87ff44639f925688-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

widget.suphelper.top/

104.18.39.72

200 OK

496 kB

URL GET HTTP/2
widget.suphelper.top/
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerGoogle Trust Services LLC
Subjectsuphelper.top
Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36
ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT

File type

Size
496 kB (496420 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 06:48:55 GMT
content-type: text/html; charset=utf-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=60, stale-while-revalidate=30
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 87ff44622d625688-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

widget.suphelper.top/_next/static/chunks/pages/_app-9c47c295eecaa68a.js

104.18.39.72

200 OK

1.0 MB

URL GET HTTP/2
widget.suphelper.top/_next/static/chunks/pages/_app-9c47c295eecaa68a.js
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://widget.suphelper.top/
Certificate
IssuerGoogle Trust Services LLC
Subjectsuphelper.top
Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36
ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
1.0 MB (1015847 bytes)
Hash
5997e7f54cf2aebf463f16902ccbc7fc
659b9677d6196eabd63ce0feb5f4466accb72df7
08d0ab3696a84b16c7cc5306bf6d83dd27f99a2ce221ed337bf09dec8ebf95db

HTTP Headers

GET /_next/static/chunks/pages/_app-9c47c295eecaa68a.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 06:48:55 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Thu, 02 May 2024 07:01:48 GMT
etag: W/"f8027-18f381bf92a"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 430885
expires: Wed, 07 May 2025 06:48:55 GMT
server: cloudflare
cf-ray: 87ff44637f5d5688-OSL
X-Firefox-Spdy: h2

widget.suphelper.top/_next/static/chunks/0c294a17-329dda05de2a378d.js

104.18.39.72

200 OK

10 kB

URL GET HTTP/2
widget.suphelper.top/_next/static/chunks/0c294a17-329dda05de2a378d.js
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://widget.suphelper.top/
Certificate
IssuerGoogle Trust Services LLC
Subjectsuphelper.top
Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36
ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT

File type
JavaScript source, ASCII text, with very long lines (10533), with no line terminators
Size
10 kB (10533 bytes)
Hash
54b2d4e92e16d2ea51898124107af46a
ab4225b696e63c9040de1511fa229cf65b4d3750
e17ccea95df87c35add9994b01ef7bb6e8b5c2ebea282c461199a140a5675662

HTTP Headers

GET /_next/static/chunks/0c294a17-329dda05de2a378d.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 06:48:55 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Wed, 17 Jan 2024 06:19:55 GMT
etag: W/"2925-18d161388b8"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 566461
expires: Wed, 07 May 2025 06:48:55 GMT
server: cloudflare
cf-ray: 87ff44638f705688-OSL
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/bonus-cms/QwQYMo0EfR-LKDHweurDE8zbhXr3frJl/basketback.jpg

185.244.209.62

200 OK

23 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/bonus-cms/QwQYMo0EfR-LKDHweurDE8zbhXr3frJl/basketback.jpg
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), default quality", baseline, precision 8, 315x250, components 3
Size
23 kB (23324 bytes)
Hash
6291e03abd2188d47974626cccc60830
a7e563403ecc2e0d48228d736985cc16972a6a6b
a8eb6eb9e89527fa1316746e4dc1ebec75d539a8d056855f28596a469a274994

HTTP Headers

GET /genfiles/bonus-cms/QwQYMo0EfR-LKDHweurDE8zbhXr3frJl/basketback.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:49:00 GMT
content-type: image/jpeg
content-length: 23324
last-modified: Tue, 16 Jan 2024 07:19:35 GMT
etag: "6291e03abd2188d47974626cccc60830"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-57834d4b16be95f4b6aebcf8d1c668ad-078e6197fe623a55-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-03-24T12:57:03+00:00, 2024-05-07T06:36:46+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/shared-assets/__shared_vue_final_modal_XPPMTKII.js

185.244.209.62

200 OK

25 kB

URL GET HTTP/2
v3.traincdn.com/sys-static/shared-assets/__shared_vue_final_modal_XPPMTKII.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (17403)
Size
25 kB (25139 bytes)
Hash
701ad5a22b8ea7213a53e334d0898349
87749d947f6aa40eb671447b58261d710ec5479b
07669c2ea7c29dd69e47f5518ba73b76389f3479e19f7362b461ef0fff96c1f0

HTTP Headers

GET /sys-static/shared-assets/__shared_vue_final_modal_XPPMTKII.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://melbet-754120.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:55 GMT
content-type: text/javascript; charset=utf-8
last-modified: Mon, 06 May 2024 10:22:32 GMT
etag: W/"701ad5a22b8ea7213a53e334d0898349"
x-amz-meta-mtime: 1714990874.153504753
content-encoding: gzip
expires: Tue, 07 May 2024 12:42:06 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-771182bcb37f95bb5201daf1ff345b45-9e6086f466e633d0-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T12:42:06+00:00, 2024-05-06T12:50:28+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

melbet-754120.top/promo-frame/en/promotion/rocket-launch

178.253.15.193

200 OK

4.7 kB

URL GET HTTP/2
melbet-754120.top/promo-frame/en/promotion/rocket-launch
IP
178.253.15.193:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerLet's Encrypt
Subjectmelbet-754120.top
Fingerprint35:DF:F6:A2:0B:F0:7A:2F:23:95:26:67:4F:91:2C:C3:FF:94:45:E5
ValidityMon, 25 Mar 2024 05:17:30 GMT - Sun, 23 Jun 2024 05:17:29 GMT

File type
HTML document, ASCII text, with very long lines (4844), with no line terminators
Size
4.7 kB (4682 bytes)
Hash
dda9fd2461d259ee312fcbb927f570a3
d001a3874bfcfc3183ff96f68be2eb08ef7fec55
a02b8d4b1231651d82fbb8cc0918bdd3b61e5a4c14000bb82c7f34e50c169ea1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /promo-frame/en/promotion/rocket-launch HTTP/1.1
Host: melbet-754120.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_; postback_watcher=%7B%22tag%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22pb%22%3A%2263ebd0811ddf41578e6a6c23886a91b3%22%2C%22click_id%22%3A%22d232c7vd5mya03yed6%22%2C%22r%22%3A%22promotions%2Frocket-launch%22%7D; platform_type=desktop; auid=sv0PwWY5ztStHbceAxdHAg==; window_width=1280; SESSION=6a9dceb345edb3ade02564164fad59f0; che_g=561a934e-fa4f-1c6c-7d58-1a2328e91ea2; application_locale=en; sh.session.id=01f5b214-f542-4bd9-a044-27f699e50c7b
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:55 GMT
content-type: text/html; charset=utf-8
accept-ranges: none
content-encoding: gzip
etag: "124a-0kIZw5a6VzZrkIhagcNubii4PV8"
server-timing: total;dur=0;desc="Nuxt Server Time", dt_total;dur=1.812, dt_total;dur=4.167, wf-uht;dur=0.012
traceparent: 00-2b3740230ace87c1317e6862285f46ac-13f658af5609307d-01, 00-2b3740230ace87c1317e6862285f46ac-13f658af5609307d-01
vary: Accept-Encoding
x-dt: 62, 62
x-time-ng: 0.001, 0.004
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

widget.suphelper.top/sounds/new-message.mp3

104.18.39.72

200 OK

30 kB

URL GET HTTP/2
widget.suphelper.top/sounds/new-message.mp3
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://widget.suphelper.top/
Certificate
IssuerGoogle Trust Services LLC
Subjectsuphelper.top
Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36
ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT

File type
MPEG ADTS, layer III, v1, 192 kbps, 48 kHz, JntStereo
Size
30 kB (29952 bytes)
Hash
ef9af24dc7dbd24ffd99c832e1300351
f78744a5013038446c468de14f205f2d52373fd6
5049d7fe87a7327a291441181d1a328a15f46a21081b970502c540406011c9b9

HTTP Headers

GET /sounds/new-message.mp3 HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 06:48:56 GMT
content-type: audio/mpeg
content-length: 29952
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=14400
last-modified: Thu, 02 May 2024 07:01:48 GMT
etag: W/"7500-18f381bf786"
cf-cache-status: HIT
age: 3520
expires: Tue, 07 May 2024 10:48:56 GMT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff44679d5a5688-OSL
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/1st/8-137.jpg

0.0.0.0

0 B

URL GET
v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/1st/8-137.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /genfiles/cms/8-62/desktop/bonus/rules/1st/8-137.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

v3.traincdn.com/genfiles/bonus-cms/U1ZyYzSmLUZ6zg8PzlgZ_g4dyhi4xAvl/MB_Usyk-Fury_315x250.webp

185.244.209.62

200 OK

52 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/bonus-cms/U1ZyYzSmLUZ6zg8PzlgZ_g4dyhi4xAvl/MB_Usyk-Fury_315x250.webp
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp
Size
52 kB (51576 bytes)
Hash
cc53ff60dd3948bf76a380b8008a95f4
8d1d35192a822bf4d9e373daf0027bb511eac279
99c22015e880105928e870b64209f952314377d4a896b1d6235569ed6e924466

HTTP Headers

GET /genfiles/bonus-cms/U1ZyYzSmLUZ6zg8PzlgZ_g4dyhi4xAvl/MB_Usyk-Fury_315x250.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:49:00 GMT
content-type: image/webp
content-length: 51576
last-modified: Fri, 02 Feb 2024 12:29:05 GMT
etag: "cc53ff60dd3948bf76a380b8008a95f4"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-8c8b0cdbed5637674016c59620bbd7c2-078e5e099ffe3dd8-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-08T09:00:13+00:00, 2024-05-07T06:36:46+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

melbet-754120.top/seo-module-api/api/v1/visual?group_id=62&ref_id=8&url=https:%2F%2Fmelbet-754120.top%2Fen%2Fbonus%2Frules&geo=no&language=en&domain=melbet-754120.top&timezone=2&stream=bonus&section=rules&ref[id]=8&project[id]=62

178.253.15.193

200 OK

160 B

URL GET HTTP/2
melbet-754120.top/seo-module-api/api/v1/visual?group_id=62&ref_id=8&url=https:%2F%2Fmelbet-754120.top%2Fen%2Fbonus%2Frules&geo=no&language=en&domain=melbet-754120.top&timezone=2&stream=bonus&section=rules&ref[id]=8&project[id]=62
IP
178.253.15.193:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerLet's Encrypt
Subjectmelbet-754120.top
Fingerprint35:DF:F6:A2:0B:F0:7A:2F:23:95:26:67:4F:91:2C:C3:FF:94:45:E5
ValidityMon, 25 Mar 2024 05:17:30 GMT - Sun, 23 Jun 2024 05:17:29 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
160 B (160 bytes)
Hash
982a9b10313db9f3ef6def97921fd34b
c48196d44c94a72dab034759157b83c2927d7268
66f9ea199128862da549eebc99b748db95778d62a9c11151a429937219995d6d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /seo-module-api/api/v1/visual?group_id=62&ref_id=8&url=https:%2F%2Fmelbet-754120.top%2Fen%2Fbonus%2Frules&geo=no&language=en&domain=melbet-754120.top&timezone=2&stream=bonus&section=rules&ref[id]=8&project[id]=62 HTTP/1.1
Host: melbet-754120.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://melbet-754120.top/en/bonus/rules
content-type: application/json
x-requested-with: XMLHttpRequest
x-geoip2-country-code: ru
sub-request-id: 82f241591c52492bab614c3ed17a80b1
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_; postback_watcher=%7B%22tag%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22pb%22%3A%2263ebd0811ddf41578e6a6c23886a91b3%22%2C%22click_id%22%3A%22d232c7vd5mya03yed6%22%2C%22r%22%3A%22promotions%2Frocket-launch%22%7D; platform_type=desktop; auid=sv0PwWY5ztStHbceAxdHAg==; window_width=0; SESSION=6a9dceb345edb3ade02564164fad59f0; che_g=561a934e-fa4f-1c6c-7d58-1a2328e91ea2; application_locale=en; sh.session.id=01f5b214-f542-4bd9-a044-27f699e50c7b; _ga_435XWQE678=GS1.1.1715064539.1.0.1715064539.60.0.0; _ga=GA1.1.49551864.1715064539
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:59 GMT
content-type: application/json
content-length: 160
cache-control: max-age=1200, must-revalidate, public, s-maxage=1800, stale-if-error=86400, stale-while-revalidate=300
x-content-digest: en53915f1c7e0862417a924f3b20ed711a
age: 0
x-request-id: 105dae24f786ae110cc9650e97d8c7d7
x-request-guid: 105dae24f786ae110cc9650e97d8c7d7
x-time-ng: 0.020
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: p;dur=18.786907196045, wf-uht;dur=0.028
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/promo_store.webp

185.244.209.62

200 OK

11 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/promo_store.webp
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp
Size
11 kB (11192 bytes)
Hash
6dbaba1de32844c8b20031542bca7913
bc12d28080ac79914ec715091f81a4e4d93dcdb8
10438357d3f60bd424e2f89f35b906eee523b9ca84a370a288ff8a2bdba4303d

HTTP Headers

GET /genfiles/cms/8-62/desktop/bonus/rules/promo_store.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:49:00 GMT
content-type: image/webp
content-length: 11192
last-modified: Fri, 22 Sep 2023 14:24:40 GMT
etag: "6dbaba1de32844c8b20031542bca7913"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-db53dc2397e340b351d63aecee3a5781-acc3ba580783140a-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T07:58:08+00:00, 2024-05-07T06:36:46+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

melbet-754120.top/genfiles/cms/8-62/desktop/media_asset/eae0454e490b1de89202443f0bcbb2c7.json

178.253.15.193

200 OK

12 kB

URL GET HTTP/2
melbet-754120.top/genfiles/cms/8-62/desktop/media_asset/eae0454e490b1de89202443f0bcbb2c7.json
IP
178.253.15.193:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerLet's Encrypt
Subjectmelbet-754120.top
Fingerprint35:DF:F6:A2:0B:F0:7A:2F:23:95:26:67:4F:91:2C:C3:FF:94:45:E5
ValidityMon, 25 Mar 2024 05:17:30 GMT - Sun, 23 Jun 2024 05:17:29 GMT

File type
JSON text data
Size
12 kB (11769 bytes)
Hash
9e5da15e44d6b6bab0cfc7c07ba9495d
4a67254b45112089d0833028de0c9c81acb930a3
0d51ae7eaa1511001f9b8b562a49d1b55d177a655f26035364485f02d5384af9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/8-62/desktop/media_asset/eae0454e490b1de89202443f0bcbb2c7.json HTTP/1.1
Host: melbet-754120.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://melbet-754120.top/en/bonus/rules
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_; postback_watcher=%7B%22tag%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22pb%22%3A%2263ebd0811ddf41578e6a6c23886a91b3%22%2C%22click_id%22%3A%22d232c7vd5mya03yed6%22%2C%22r%22%3A%22promotions%2Frocket-launch%22%7D; platform_type=desktop; auid=sv0PwWY5ztStHbceAxdHAg==; window_width=0; SESSION=6a9dceb345edb3ade02564164fad59f0; che_g=561a934e-fa4f-1c6c-7d58-1a2328e91ea2; application_locale=en; sh.session.id=01f5b214-f542-4bd9-a044-27f699e50c7b; _ga_435XWQE678=GS1.1.1715064539.1.0.1715064539.60.0.0; _ga=GA1.1.49551864.1715064539
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:59 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Sat, 20 Apr 2024 09:17:26 GMT
etag: W/"9e5da15e44d6b6bab0cfc7c07ba9495d"
content-encoding: br
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.008
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/casino-bonus-slider.webp

185.244.209.62

200 OK

42 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/casino-bonus-slider.webp
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 945x370, Scaling: [none]x[none], YUV color, decoders should clamp
Size
42 kB (42546 bytes)
Hash
56f61a634c0bcc48be3903864274a8ef
60d4b692020430c1ab5b79377e7193c2fec4a0b4
7a6f16acd640c703bfb7ebaf417b3359056ef8042c5d65453f54097bf3cdf675

HTTP Headers

GET /genfiles/cms/8-62/desktop/bonus/rules/casino-bonus-slider.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:49:00 GMT
content-type: image/webp
content-length: 42546
last-modified: Mon, 01 Apr 2024 10:24:07 GMT
etag: "56f61a634c0bcc48be3903864274a8ef"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-97794c4a21212f4b44f267e964a26a46-a07589353e40cef3-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-16T12:55:57+00:00, 2024-05-07T06:48:58+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

widget.suphelper.top/_next/static/chunks/7413e8b9-8adee4b5b5407a55.js

104.18.39.72

200 OK

78 kB

URL GET HTTP/2
widget.suphelper.top/_next/static/chunks/7413e8b9-8adee4b5b5407a55.js
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://widget.suphelper.top/
Certificate
IssuerGoogle Trust Services LLC
Subjectsuphelper.top
Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36
ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
78 kB (77801 bytes)
Hash
dc6852529f28802d37affa5953d07260
4edd220fe8df4b009a1775ebe57f19d40999659f
4aefb18221e4fb46818b0f52302b7c7717e45701e26990726cce645d8c80ed84

HTTP Headers

GET /_next/static/chunks/7413e8b9-8adee4b5b5407a55.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 06:48:55 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Mon, 22 Jan 2024 07:49:06 GMT
etag: W/"12fe9-18d3024f9c4"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 562180
expires: Wed, 07 May 2025 06:48:55 GMT
server: cloudflare
cf-ray: 87ff44637f6b5688-OSL
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/bonus-cms/MPX1DC_0jFP-gQPbQ0mr9TV_eQukkW8O/big-four.jpg

185.244.209.62

200 OK

23 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/bonus-cms/MPX1DC_0jFP-gQPbQ0mr9TV_eQukkW8O/big-four.jpg
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 315x250, components 3
Size
23 kB (22769 bytes)
Hash
e3034ffab9a7ae416b1e33c2fcf34d06
770d66f167d706420264f8d8b298c34fb16ca6bb
6e3d727a472f5de076b6675c7449795feec7db693d1d1842ec75994918d0d8be

HTTP Headers

GET /genfiles/bonus-cms/MPX1DC_0jFP-gQPbQ0mr9TV_eQukkW8O/big-four.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:49:00 GMT
content-type: image/jpeg
content-length: 22769
last-modified: Wed, 27 Dec 2023 08:46:35 GMT
etag: "e3034ffab9a7ae416b1e33c2fcf34d06"
x-time-ng: 0.001
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-6f2aa80760f492c7e83ded6a3d3fb2af-1c9b81e144cdceea-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-03-24T12:57:03+00:00, 2024-05-07T06:36:46+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/fastgames-daily-tournament.jpg

0.0.0.0

0 B

URL GET
v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/fastgames-daily-tournament.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /genfiles/cms/8-62/desktop/bonus/rules/fastgames-daily-tournament.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

melbet-754120.top/genfiles/cms/8-62/desktop/media_asset/86c5cd21eafd54d0c2744f82978b7d91.json

178.253.15.193

200 OK

8.1 kB

URL GET HTTP/2
melbet-754120.top/genfiles/cms/8-62/desktop/media_asset/86c5cd21eafd54d0c2744f82978b7d91.json
IP
178.253.15.193:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerLet's Encrypt
Subjectmelbet-754120.top
Fingerprint35:DF:F6:A2:0B:F0:7A:2F:23:95:26:67:4F:91:2C:C3:FF:94:45:E5
ValidityMon, 25 Mar 2024 05:17:30 GMT - Sun, 23 Jun 2024 05:17:29 GMT

File type
ASCII text, with very long lines (8926), with no line terminators
Size
8.1 kB (8075 bytes)
Hash
33a8d84b65be76b07b379586ce0f30f4
d3c3a3a7c188444d7c25961a62149b97f9de1725
8cbf747c3e3ffa25baee745930d5855d78ec027e3e0c6e0bc69bfde8bc16aeaa

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/8-62/desktop/media_asset/86c5cd21eafd54d0c2744f82978b7d91.json HTTP/1.1
Host: melbet-754120.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://melbet-754120.top/en/bonus/rules
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_; postback_watcher=%7B%22tag%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22pb%22%3A%2263ebd0811ddf41578e6a6c23886a91b3%22%2C%22click_id%22%3A%22d232c7vd5mya03yed6%22%2C%22r%22%3A%22promotions%2Frocket-launch%22%7D; platform_type=desktop; auid=sv0PwWY5ztStHbceAxdHAg==; window_width=0; SESSION=6a9dceb345edb3ade02564164fad59f0; che_g=561a934e-fa4f-1c6c-7d58-1a2328e91ea2; application_locale=en; sh.session.id=01f5b214-f542-4bd9-a044-27f699e50c7b; _ga_435XWQE678=GS1.1.1715064539.1.0.1715064539.60.0.0; _ga=GA1.1.49551864.1715064539
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:59 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Wed, 13 Dec 2023 14:46:21 GMT
etag: W/"a60fb63e7c35ba8cdb1d0851ff960b1b"
content-encoding: br
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.007
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/shared-assets/__shared_accept_language_parser_QKZ6ULEV.js

185.244.209.62

200 OK

1.3 kB

URL GET HTTP/2
v3.traincdn.com/sys-static/shared-assets/__shared_accept_language_parser_QKZ6ULEV.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (1315), with no line terminators
Size
1.3 kB (1297 bytes)
Hash
59eb3a17023ed081e317722b7fabcddc
5e0908391af13d117ecdd61ef7406f3eb9b0e792
df460865a4a9ae1d3c260be0dd7a8a7eef1bc4a0839fdd09fe22165e3754ba71

HTTP Headers

GET /sys-static/shared-assets/__shared_accept_language_parser_QKZ6ULEV.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://melbet-754120.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:55 GMT
content-type: text/javascript; charset=utf-8
last-modified: Mon, 06 May 2024 14:40:26 GMT
etag: W/"518e0ae196483ada8b528a1f2b7df0a1"
x-amz-meta-mtime: 1715006282.054749806
content-encoding: gzip
expires: Tue, 07 May 2024 15:18:11 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-7e7575f5f7e6d255bf73a4d14fd5ae2b-9916661c4a67befb-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T15:18:11+00:00, 2024-05-06T15:53:14+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

melbet-754120.top/genfiles/cms/8-62/desktop/media_asset/6eaab04f6c296eb674ae8ad1f3818afe.json

178.253.15.193

200 OK

2.1 kB

URL GET HTTP/2
melbet-754120.top/genfiles/cms/8-62/desktop/media_asset/6eaab04f6c296eb674ae8ad1f3818afe.json
IP
178.253.15.193:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerLet's Encrypt
Subjectmelbet-754120.top
Fingerprint35:DF:F6:A2:0B:F0:7A:2F:23:95:26:67:4F:91:2C:C3:FF:94:45:E5
ValidityMon, 25 Mar 2024 05:17:30 GMT - Sun, 23 Jun 2024 05:17:29 GMT

File type
ASCII text, with very long lines (2351), with no line terminators
Size
2.1 kB (2141 bytes)
Hash
58c9d6c7dfc878d8ae64c64b6bb8f26e
46f4cf3fe0fe809b3a93bd20691807f9fd4cf255
8ebb368c039b9e7dbfdb300759b0283cb592d87dfae9832af0d711e62293b3fc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/8-62/desktop/media_asset/6eaab04f6c296eb674ae8ad1f3818afe.json HTTP/1.1
Host: melbet-754120.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://melbet-754120.top/en/bonus/rules
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_; postback_watcher=%7B%22tag%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22pb%22%3A%2263ebd0811ddf41578e6a6c23886a91b3%22%2C%22click_id%22%3A%22d232c7vd5mya03yed6%22%2C%22r%22%3A%22promotions%2Frocket-launch%22%7D; platform_type=desktop; auid=sv0PwWY5ztStHbceAxdHAg==; window_width=0; SESSION=6a9dceb345edb3ade02564164fad59f0; che_g=561a934e-fa4f-1c6c-7d58-1a2328e91ea2; application_locale=en; sh.session.id=01f5b214-f542-4bd9-a044-27f699e50c7b; _ga_435XWQE678=GS1.1.1715064539.1.0.1715064539.60.0.0; _ga=GA1.1.49551864.1715064539
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:59 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Tue, 28 Nov 2023 09:58:23 GMT
etag: W/"7732f8bd58534b14f8a924ada315e69d"
content-encoding: br
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.060
X-Firefox-Spdy: h2

melbet-754120.top/genfiles/cms/8-62/desktop/media_asset/92b555fe034e9620cde2a57530beeca8.json

178.253.15.193

200 OK

976 B

URL GET HTTP/2
melbet-754120.top/genfiles/cms/8-62/desktop/media_asset/92b555fe034e9620cde2a57530beeca8.json
IP
178.253.15.193:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerLet's Encrypt
Subjectmelbet-754120.top
Fingerprint35:DF:F6:A2:0B:F0:7A:2F:23:95:26:67:4F:91:2C:C3:FF:94:45:E5
ValidityMon, 25 Mar 2024 05:17:30 GMT - Sun, 23 Jun 2024 05:17:29 GMT

File type
ASCII text, with very long lines (1073), with no line terminators
Size
976 B (976 bytes)
Hash
4aef7d2720415517c7359896b1c52865
2f49f7159107f72cb80acccddb6b181a9e2604ba
457f95472ed58dd7659c0045150439e2f780c70fe19c8a04ef0e34832817ad93

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/8-62/desktop/media_asset/92b555fe034e9620cde2a57530beeca8.json HTTP/1.1
Host: melbet-754120.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions%2Frocket-launch
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_; postback_watcher=%7B%22tag%22%3A%22d_3265333m_59359c_%7Bcampaign_id%7D_%7Bad_id%7D_%22%2C%22pb%22%3A%2263ebd0811ddf41578e6a6c23886a91b3%22%2C%22click_id%22%3A%22d232c7vd5mya03yed6%22%2C%22r%22%3A%22promotions%2Frocket-launch%22%7D; platform_type=desktop; auid=sv0PwWY5ztStHbceAxdHAg==; window_width=0; SESSION=6a9dceb345edb3ade02564164fad59f0; che_g=561a934e-fa4f-1c6c-7d58-1a2328e91ea2; application_locale=en; sh.session.id=01f5b214-f542-4bd9-a044-27f699e50c7b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:59 GMT
content-type: application/json
content-length: 976
last-modified: Wed, 07 Jun 2023 08:09:33 GMT
etag: "5004f1883be9a4a8985c93b9323311d3"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.008
X-Firefox-Spdy: h2

widget.suphelper.top/_next/static/chunks/1743016e-d00d67a74426f155.js

104.18.39.72

200 OK

481 kB

URL GET HTTP/2
widget.suphelper.top/_next/static/chunks/1743016e-d00d67a74426f155.js
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://widget.suphelper.top/
Certificate
IssuerGoogle Trust Services LLC
Subjectsuphelper.top
Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36
ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
481 kB (480579 bytes)
Hash
46260bb46d51262abee818c0c3bcf1c6
fe3be222aec74704fad1fa2559788b1fa287094a
20700e65659e04d422580d9c792ba811b7b76de4ec1b3163c284af83bd5a7d6c

HTTP Headers

GET /_next/static/chunks/1743016e-d00d67a74426f155.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 06:48:55 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Wed, 17 Jan 2024 06:19:55 GMT
etag: W/"75543-18d161388b8"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 556620
expires: Wed, 07 May 2025 06:48:55 GMT
server: cloudflare
cf-ray: 87ff44637f675688-OSL
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/bonus-cms/U1ZyYzSmLUZ6zg8PzlgZ_g4dyhi4xAvl/MB_Usyk-Fury_315x250.jpg

185.244.209.62

200 OK

25 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/bonus-cms/U1ZyYzSmLUZ6zg8PzlgZ_g4dyhi4xAvl/MB_Usyk-Fury_315x250.jpg
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), default quality", baseline, precision 8, 315x250, components 3
Size
25 kB (25343 bytes)
Hash
eb104511531d7e5d43a9f37d38cb750e
a837f082ee5aeaf4c20a0ec5bbc9a84df1772ee0
5e04ed7e16a3b0f9ff373ac89eea2c8829f3449a909f526f8d2e50d5851c0622

HTTP Headers

GET /genfiles/bonus-cms/U1ZyYzSmLUZ6zg8PzlgZ_g4dyhi4xAvl/MB_Usyk-Fury_315x250.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:49:00 GMT
content-type: image/jpeg
content-length: 25343
last-modified: Fri, 02 Feb 2024 12:29:05 GMT
etag: "eb104511531d7e5d43a9f37d38cb750e"
x-time-ng: 0.029
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-87779a4f3173529d70de166b0a1dc813-51cfefb27dd43bf8-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-08T12:14:00+00:00, 2024-05-07T06:36:46+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/sys-icons/1.0.328/62/logos.svg

185.244.209.62

200 OK

43 kB

URL GET HTTP/2
v3.traincdn.com/sys-icons/1.0.328/62/logos.svg
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
43 kB (42787 bytes)
Hash
c45fb3adb3e47bdbd03c88fc4c4309aa
9ce991739a2879970ba12baf56108c8fcdefefb1
61d5aead50750c6e8a7bfde801abbf6f4ab75e387fdcc748ec6784e219e4d727

HTTP Headers

GET /sys-icons/1.0.328/62/logos.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://melbet-754120.top
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:48:55 GMT
content-type: image/svg+xml
last-modified: Mon, 15 Apr 2024 07:13:35 GMT
etag: W/"c45fb3adb3e47bdbd03c88fc4c4309aa"
x-amz-meta-mtime: 1713165210.305888364
content-encoding: gzip
expires: Tue, 23 Apr 2024 10:38:09 GMT
cache-control: max-age=86400
x-time-ng: 0.003
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-c603e21e497fa22b74c2027ea165006d-ffc0b431fabceb4b-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-22T10:38:09+00:00, 2024-05-06T13:56:55+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/bonus-cms/7zOhjEIpjiQEppcfSEUZIra94qNRyCbh/cyber-back.jpg

185.244.209.62

200 OK

0 B

URL GET HTTP/2
v3.traincdn.com/genfiles/bonus-cms/7zOhjEIpjiQEppcfSEUZIra94qNRyCbh/cyber-back.jpg
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /genfiles/bonus-cms/7zOhjEIpjiQEppcfSEUZIra94qNRyCbh/cyber-back.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:49:00 GMT
content-type: image/jpeg
content-length: 47788
last-modified: Tue, 26 Mar 2024 11:03:32 GMT
etag: "b9452587067ecd05240dd45077d9666a"
x-time-ng: 0.017
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-2f68f33a58ad09813fe67738bc5ea742-b22252f7a586033c-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-03T15:16:04+00:00, 2024-05-07T06:36:46+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/non-stop-drop-slider.webp

185.244.209.62

200 OK

43 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/8-62/desktop/bonus/rules/non-stop-drop-slider.webp
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://melbet-754120.top/en/promotions/rocket-launch?tag=d_3265333m_59359c_{campaign_id}_{ad_id}_&pb=63ebd0811ddf41578e6a6c23886a91b3&click_id=d232c7vd5mya03yed6&r=promotions/rocket-launch
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 945x370, Scaling: [none]x[none], YUV color, decoders should clamp
Size
43 kB (42790 bytes)
Hash
7d065a6670e766edfeed182ada7f7b02
f280ca74185f2c6af53c4344208b89d5fd5bb847
3d72d4d1f9c65fc5267cff47d8e41740b78cb8b1b685bf3a6b46d6a9f243422e

HTTP Headers

GET /genfiles/cms/8-62/desktop/bonus/rules/non-stop-drop-slider.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melbet-754120.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:49:00 GMT
content-type: image/webp
content-length: 42790
last-modified: Wed, 31 Jan 2024 08:28:01 GMT
etag: "7d065a6670e766edfeed182ada7f7b02"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-34f51b90dddd12d77662de9b98b16b8e-527090a023cc83eb-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T19:05:47+00:00, 2024-05-07T06:48:58+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (71)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML