| affpa.top/L?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions/wheel-bet&click_id=Gbjizwcgnzc4SQ1mj2DsfT | 83.147.205.153 | 303 See Other | 201 kB |
URL User Request GET HTTP/2affpa.top/L?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions/wheel-bet&click_id=Gbjizwcgnzc4SQ1mj2DsfT IP83.147.205.153:443 ASN#202492 Silverhill Group Holding Ltd
CertificateIssuerLet's Encrypt Subjectaffpa.top Fingerprint97:C0:01:06:36:CA:D6:A5:08:8D:79:54:18:EF:74:D6:DE:50:1B:1C ValidityFri, 03 May 2024 09:58:00 GMT - Thu, 01 Aug 2024 09:57:59 GMT
Size201 kB (201214 bytes) Hash0e06554ef7ae9d8a7fe81d972222ade1 f6bd788bf12164ca64e4d8a3f813f60167e428ec c90bce51eba855b20b3598c22a0146cc86e037de4401f0a661dcdf3ce4c4f3db
GET /L?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions/wheel-bet&click_id=Gbjizwcgnzc4SQ1mj2DsfT HTTP/1.1
Host: affpa.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 303 See Other
server: nginx
date: Tue, 07 May 2024 15:14:48 GMT
cache-control: private
location: https://1xlite-461430.top:443/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet
x-aspnetmvc-version: 5.0
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.005
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/polyfills.js | 178.253.29.51 | 200 OK | 0 B |
URL GET HTTP/21xlite-461430.top/polyfills.js IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /polyfills.js HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2757227m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2757227m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_2757227m_18607c_%22%2C%22pb%22%3A%22fc40969f4a5547868aa12f11866bc762%22%2C%22click_id%22%3A%5B%22Gbjizwcgnzc4SQ1mj2DsfT%22%2C%22Gbjizwcgnzc4SQ1mj2DsfT%22%5D%2C%22site_id%22%3A%22fe58442c%22%2C%22partner_id%22%3A%227f99719f-6df0-4574-8194-8edfe800f8f3%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; platform_type=desktop; auid=sv0dM2Y6RWox/IwhAwkJAg==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:50 GMT
content-type: text/javascript; charset=utf-8
content-length: 0
vary: user-agent
cache-control: public, max-age=2678400, s-maxage=2678400
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-time-ng: 0.003
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.011
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/runtime-baf5b66c.js | 185.244.209.62 | 200 OK | 15 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/runtime-baf5b66c.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (47215), with no line terminators Hashef9def5f3c8a190bfffb14ce24c6eb58 c5fa568c8f9bee2aa988c80a7246e07edd8d84ba d5d3ad6908352036bda426fe1fdc6f1dc03ac13a7029bbf25fa50580abd9064f
GET /_nuxt/desktop/default/runtime-baf5b66c.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:50 GMT
content-type: application/javascript; charset=utf-8
content-length: 14752
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-39a0"
content-encoding: gzip
expires: Tue, 07 May 2024 10:54:45 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-791cf8c9d7c609a0e426aebfe2a7e814-824d47046d8ee609-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T10:54:45+00:00, 2024-05-07T10:57:48+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/ca542d7f.css | 185.244.209.62 | 200 OK | 3.2 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/ca542d7f.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (31339), with no line terminators Hash9e9b190c1ab8126c2576203d5d43ec63 a80ccb6739023605edbd86be13f38a58ff7f4906 c4a28e2bbc67a853613460727d4abba3687be55593a7513a4079ea34579fbb02
GET /_nuxt/desktop/default/css/ca542d7f.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:50 GMT
content-type: text/css
content-length: 3226
last-modified: Mon, 06 May 2024 10:23:04 GMT
etag: "6638af88-c9a"
content-encoding: gzip
expires: Wed, 08 May 2024 09:58:01 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-128c66a67a860f3e12fef3da68286c6e-185da908c578684c-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T09:58:01+00:00, 2024-05-07T10:40:52+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Layout.SeoModule.Lazy-db205bbd.js | 185.244.209.62 | 200 OK | 2.5 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/Layout.SeoModule.Lazy-db205bbd.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (8663), with no line terminators Hasha5db05d47f7f37c06acc29a0f4eeb447 b9ddddb586721548eaa4a62d7ae420bfcfc5bddb 4053d0ffbd3af6bc022131a3f123bd4e88825f1b5f06a74dd2072a2b0fe3f243
GET /_nuxt/desktop/default/Layout.SeoModule.Lazy-db205bbd.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:50 GMT
content-type: application/javascript; charset=utf-8
content-length: 2475
last-modified: Mon, 06 May 2024 10:23:04 GMT
etag: "6638af88-9ab"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:00 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-c93fe97abf804f9952b5d710d560f6d9-e520a5e56b0d5bb6-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:00+00:00, 2024-05-07T14:49:13+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/85148a0b.css | 185.244.209.62 | 200 OK | 4.0 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/85148a0b.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (32277), with no line terminators Hasheeaf257a8645b90669a2ea93b8fb534e d81289258b7a5c126dd860232760852cc8ad865e 3a170c88ab694ad7552f7a84baa04ddb248c32b7f8ffe16d55dd73685de87aa6
GET /_nuxt/desktop/default/css/85148a0b.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:50 GMT
content-type: text/css
content-length: 3964
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-f7c"
content-encoding: gzip
expires: Tue, 07 May 2024 12:54:58 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-2e69f2a7a931f970be73232141a02d5b-41cfb79637c0ee12-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T12:54:58+00:00, 2024-05-07T13:56:30+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Layout.FooterComponent.Lazy-0434410a.js | 185.244.209.62 | 200 OK | 7.8 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/Layout.FooterComponent.Lazy-0434410a.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (28142), with no line terminators Hash9167c6082d419d35f57a606871184d06 d4c4fac03b353c5881c352d6ac0c05947dc2e633 bed35ed9386f6d0d6f3096d00c7d14e042c5cb404f07ef0bb9abb4cc381e89c3
GET /_nuxt/desktop/default/Layout.FooterComponent.Lazy-0434410a.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:50 GMT
content-type: application/javascript; charset=utf-8
content-length: 7775
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-1e5f"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:00 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-f7d2f9a2d214bc1cef8924e720c9b2a8-3c5fb39c8643f7a5-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:00+00:00, 2024-05-07T14:49:13+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Layout.FooterComponent.Lazy/Page.Game.Project-807a62cf.js | 185.244.209.62 | 200 OK | 6.3 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/Layout.FooterComponent.Lazy/Page.Game.Project-807a62cf.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (20014), with no line terminators Hashadc7f8e289bd475a5a922c91b93591b2 540252cd02880714746d3656e61c67e7acab7fda 3b542ce26d333f558f94adb8cac49e58be95a5470eb3079d1dc0b2b7a7c97b6b
GET /_nuxt/desktop/default/Layout.FooterComponent.Lazy/Page.Game.Project-807a62cf.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:50 GMT
content-type: application/javascript; charset=utf-8
content-length: 6258
last-modified: Mon, 06 May 2024 10:23:04 GMT
etag: "6638af88-1872"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:00 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-a0a7dcc66bda409c1182c03a9f9fc44d-0d6ab59e0d6492b9-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:00+00:00, 2024-05-07T14:49:13+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/site-admin/css_vars/f506188b04c16eaa9c664ed23f7ce58e.css | 185.244.209.62 | 200 OK | 46 B |
URL GET HTTP/2v3.traincdn.com/genfiles/site-admin/css_vars/f506188b04c16eaa9c664ed23f7ce58e.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hashf506188b04c16eaa9c664ed23f7ce58e 08d068d7fa5a84beb06ba924a35d84d6bfdab30a b9bfda0e940104e190b19543b94a10d120643bd1516d3ca2d266a0af6c0966e9
GET /genfiles/site-admin/css_vars/f506188b04c16eaa9c664ed23f7ce58e.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:50 GMT
content-type: text/css
content-length: 46
last-modified: Fri, 12 Apr 2024 13:46:52 GMT
etag: "f506188b04c16eaa9c664ed23f7ce58e"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-a233f37bdd4af97b824d6a491ac436dc-c696f90956c4bcc5-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-18T12:47:35+00:00, 2024-05-07T14:34:20+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/5cfdf959.css | 185.244.209.62 | 200 OK | 1.1 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/5cfdf959.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (4632), with no line terminators Hashf74d8b7e31b6ab236a9577348874385d 87091e6542649037a05fc137fa449b713c85225d b33d72295f1edbfc13da30236c4b811cffe4ba8ef758a515914cd69cf02edbf8
GET /_nuxt/desktop/default/css/5cfdf959.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:50 GMT
content-type: text/css
content-length: 1113
last-modified: Mon, 06 May 2024 10:23:04 GMT
etag: "6638af88-459"
content-encoding: gzip
expires: Wed, 08 May 2024 06:45:39 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-33403c71043774bc91a84178a496e5a6-719bb9981ab461d5-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T06:45:39+00:00, 2024-05-07T09:06:33+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/Layout.FooterComponent.Lazy-8e891b7b.js | 185.244.209.62 | 200 OK | 8.3 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/vendors/Layout.FooterComponent.Lazy-8e891b7b.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (29805), with no line terminators Hash93a3cdd4ea0ae5eb295e71988355c5d4 0c9e334aebd99fb9c44575c99abda82d0b53acb1 104a5a19f0a8b4d443e55c32daf49eea2343ee96da27b48c21f09e1425081d62
GET /_nuxt/desktop/default/vendors/Layout.FooterComponent.Lazy-8e891b7b.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:50 GMT
content-type: application/javascript; charset=utf-8
content-length: 8283
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-205b"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:00 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-2e59e93c2ee5ab96dc61d1ec61e8266c-09ddebc7dbce4f9c-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:00+00:00, 2024-05-07T14:49:13+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/version.json | 185.244.209.62 | 200 OK | 44 B |
URL GET HTTP/2v3.traincdn.com/version.json IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
Hash265e4e9c948f929631d7e9bcf0d19d5b c70f40cde4e09003b980fdae5130f3695de16add 62ec6fa5c15470b882bd7e05f5651b0a265a0cb2857cffa5cbfa34b3d2cf42ba
GET /version.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:50 GMT
content-type: application/json
content-length: 44
last-modified: Mon, 06 May 2024 10:24:15 GMT
etag: "6638afcf-2c"
content-encoding: gzip
expires: Mon, 06 May 2024 10:50:26 GMT
cache-control: max-age=60, max-age=60, s-maxage=60
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-91198c0e914df2d9c33c1b37322ad5cb-bc53c2a571dd4e24-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T10:49:26+00:00, 2024-05-07T15:14:49+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/75bcd414.css | 185.244.209.62 | 200 OK | 2.3 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/75bcd414.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (9958), with no line terminators Hash76a1e3dd8e25bf9a48bdd896de779d20 38c3643e25808d1f3ab167273201eac8c113c088 aa36f7a0cd4e7059cfef75dda25cd20e0bd1fbbe3d10a4ed0697cb937f009273
GET /_nuxt/desktop/default/css/75bcd414.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:50 GMT
content-type: text/css
content-length: 2277
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-8e5"
content-encoding: gzip
expires: Tue, 07 May 2024 11:27:59 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-8c15d20f498ed309828c092ece7a05bb-941aa0229a5c92d2-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T11:27:59+00:00, 2024-05-07T12:10:05+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/app-1483c42a.js | 185.244.209.62 | 200 OK | 225 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/app-1483c42a.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (64966), with no line terminators Size225 kB (224914 bytes) Hashc4d75347728629ec3f0b90dc82f0a3d2 ff949fe02da04d39be746f8d091a1a7b30126f7a 8ca2bd3ad104c33fb6189e87cab8992734ca6bf99a631ed413f63444b834d33b
GET /_nuxt/desktop/default/app-1483c42a.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:50 GMT
content-type: application/javascript; charset=utf-8
content-length: 224914
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-36e92"
content-encoding: gzip
expires: Wed, 08 May 2024 09:01:03 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-7ac44251614aab3028b316d8e89c9bde-555cd4a53cf90ac8-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T09:01:03+00:00, 2024-05-07T09:06:10+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/app-d26cc899.js | 185.244.209.62 | 200 OK | 267 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/vendors/app-d26cc899.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (61101) Size267 kB (267237 bytes) Hash1992415420cd9d59941e07133aa0c521 308a748fa982a440a112cb9e449f25a23bd6d83e 94a8f060251c7e705ee8c823783cb067e2844edb0f3900b6b0e91948d92ce907
GET /_nuxt/desktop/default/vendors/app-d26cc899.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:50 GMT
content-type: application/javascript; charset=utf-8
content-length: 267237
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-413e5"
content-encoding: gzip
expires: Tue, 07 May 2024 14:31:58 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-caf0c55fa5aecf8ca0a3161484052db5-621c575bf494c7b7-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:31:58+00:00, 2024-05-07T14:49:12+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/commons/app-2e30fd7d.js | 185.244.209.62 | 200 OK | 47 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/commons/app-2e30fd7d.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65476) Hash03b89bdb4f6013159d40de88c98403b6 cf41351caa86d91b56cf839d54ab28bf8f4f54f8 42d02ce0b520e2d8ce7341a0b07d92cd3833d762337b1f8aabc6f7f23e6fad4a
GET /_nuxt/desktop/default/commons/app-2e30fd7d.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:50 GMT
content-type: application/javascript; charset=utf-8
content-length: 46801
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-b6d1"
content-encoding: gzip
expires: Tue, 07 May 2024 14:31:58 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-fcbd253fb97bfcc34f1a4bd32dd25360-a0a76c38ba60fc96-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:31:58+00:00, 2024-05-07T14:49:13+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/035c0001.css | 185.244.209.62 | 200 OK | 14 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/035c0001.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hashac3b78bdd1c881f78913b967fd22a91f 15295665baa2ccaf71e8a093f333d087621a17ee ee4c84a2fe257a888fcec5809b67b563aba3a4c52f102154ffa19a685434d835
GET /_nuxt/desktop/default/css/035c0001.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:50 GMT
content-type: text/css
content-length: 13859
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-3623"
content-encoding: gzip
expires: Wed, 08 May 2024 09:01:03 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-7a1ef81d335657c55e703b7b946897b9-1372633b7f0c8a4f-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T09:01:03+00:00, 2024-05-07T09:06:10+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/site-admin/colors/f60de5c9eabf4e3e2f1149075d3a68d7.css | 185.244.209.62 | 200 OK | 71 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/site-admin/colors/f60de5c9eabf4e3e2f1149075d3a68d7.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Hashf5660e254e49fc970ed60cdd9fa0ffc0 99bd04acc5c81d86e3ea183c872424079f6a8b6d 88e4f13928799629cae14787cb9544617f81f56b5fde28a42dca0fd3eaad2280
GET /genfiles/site-admin/colors/f60de5c9eabf4e3e2f1149075d3a68d7.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:50 GMT
content-type: text/css
last-modified: Tue, 07 May 2024 12:38:10 GMT
etag: W/"f60de5c9eabf4e3e2f1149075d3a68d7"
content-encoding: gzip
x-time-ng: 0.002
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-3bfa94db5ed82e6a8509d999d5aed186-307d9fb2a31a0349-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T12:39:42+00:00, 2024-05-07T14:40:02+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2 | 185.244.209.62 | 200 OK | 64 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2 IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 63920, version 1.0 Hasha65527fcb58f66a7cfbc0e6b160538b4 45d260e7fa343401b5bb0df982a014f53e2d253b fb13c3a1cbac60649b76f7d7f85c1645d35ac69b85ce5f4eb0692505ecc2cd45
GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:51 GMT
content-type: font/woff2
content-length: 63920
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "a65527fcb58f66a7cfbc0e6b160538b4"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-a1c206789d9f8cd9b41f60fe41879f8a-b954a4c8aae03641-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T07:54:39+00:00, 2024-05-07T14:34:41+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Medium.woff2 | 185.244.209.62 | 200 OK | 65 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Medium.woff2 IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 64732, version 1.0 Hash3ac5d40d1b3966fc5eb09ecca74d9cbf a69f32357765dd321519889aeacba5e9ca893bb0 3310766b8f58538d07abded74a2babe1acbe1a3ee820d5b8c8265da666f4fb0c
GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Medium.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:51 GMT
content-type: font/woff2
content-length: 64732
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "3ac5d40d1b3966fc5eb09ecca74d9cbf"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-51f95067f41718788206fe10173539d7-b050d6cb928b8f62-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T07:56:30+00:00, 2024-05-07T14:43:55+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/check-ob.js | 185.244.209.62 | 200 OK | 187 B |
URL GET HTTP/2v3.traincdn.com/_nuxt/check-ob.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text Hashced67278c38d1ce1297c121af69fff8a df6e1531fd84d956263b04254e6f94f5356623f4 2958134c3c00f7c6320858dd66e454c2856e4842821d3523c4cc5e44e1ec8616
GET /_nuxt/check-ob.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:51 GMT
content-type: application/javascript; charset=utf-8
content-length: 187
last-modified: Mon, 06 May 2024 10:23:37 GMT
etag: "6638afa9-bb"
content-encoding: gzip
expires: Tue, 07 May 2024 12:56:18 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-abff2ecc757f73cae8b2d12f1f34442c-490d8e0c710ba8aa-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T12:56:18+00:00, 2024-05-07T11:36:39+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/1da51baa342984a84ca1ac8dd900998b.png | 185.244.209.62 | 200 OK | 653 B |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/1da51baa342984a84ca1ac8dd900998b.png IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typePNG image data, 32 x 32, 8-bit colormap, non-interlaced Hashe6f0766cbd95db33da44e7a9140648f2 5f196b1bfe8c3f92bd2ebcd67124e72e81ae6aaf c0399d478788d5d483f104a2e8cb7c32f41cb40e9df0c22e831b2bfa2db63ec0
GET /genfiles/cms/1-285/desktop/media_asset/1da51baa342984a84ca1ac8dd900998b.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:51 GMT
content-type: image/png
content-length: 653
last-modified: Tue, 25 Apr 2023 13:43:56 GMT
etag: "e6f0766cbd95db33da44e7a9140648f2"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-57d9316972f7f7972f93faddd23f46c7-e1366bc4284c7a77-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T07:12:59+00:00, 2024-05-07T15:00:38+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.v-tooltip-ff4800a4.js | 185.244.209.62 | 200 OK | 22 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.v-tooltip-ff4800a4.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65476) Hash45f90516ee8a557d78c08e1e925c1490 adc0363ed75f47f9513a36a94173c6e4940a2adc f5b8b3c4e62dbb4ebc5fd634f5bb17b3145a14c21bdc3e9c0a4dcb45b9e573fe
GET /_nuxt/desktop/default/vendors/plugins.v-tooltip-ff4800a4.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:51 GMT
content-type: application/javascript; charset=utf-8
content-length: 21889
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-5581"
content-encoding: gzip
expires: Tue, 07 May 2024 14:31:59 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-061a402b3fd135ac32de93bc728b607b-06bf4b85307e883d-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:31:59+00:00, 2024-05-07T14:53:12+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.vue-notification-4e9ad522.js | 185.244.209.62 | 200 OK | 4.6 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.vue-notification-4e9ad522.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (12527), with no line terminators Hash805e7c2cd861f2191db66c39ab28e86b a6353246547e9a9fd01093fcb784d708d187e3ef 82686dab55962ead6916346bd901b3fc03357bb2a0e74dfe966ff784d75b2368
GET /_nuxt/desktop/default/vendors/plugins.vue-notification-4e9ad522.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:51 GMT
content-type: application/javascript; charset=utf-8
content-length: 4556
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-11cc"
content-encoding: gzip
expires: Tue, 07 May 2024 14:31:59 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-ad93059b4f240bc59a76abc3d418a85c-bfcc4532aac5a4b2-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:31:59+00:00, 2024-05-07T14:53:12+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.vue-js-modal-11d3184a.js | 185.244.209.62 | 200 OK | 8.1 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.vue-js-modal-11d3184a.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (26717), with no line terminators Hashead4a901af60e4b8138e732f0aea9637 7c1d57d444a07553738ddcb8b6a2bee305a0c215 e6bc116e4cb54d011d2a1fa1f87ab12d1f320aa8dc54c89b1f286f2b02ee14c0
GET /_nuxt/desktop/default/vendors/plugins.vue-js-modal-11d3184a.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:51 GMT
content-type: application/javascript; charset=utf-8
content-length: 8055
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-1f77"
content-encoding: gzip
expires: Tue, 07 May 2024 14:31:59 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-cfe12751aae96d399886dc26d49e4992-9b925391b25e3ce3-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:31:59+00:00, 2024-05-07T14:53:12+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/e5c0e314.css | 185.244.209.62 | 200 OK | 953 B |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/e5c0e314.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (3352), with no line terminators Hash748da80084597d87b4ff5e98b017b07b db6ad2ec24bfcbe751a23061d935403e1163f471 4eaf4071f43aaa0243a4c6948131b7a3e03fe6ab1f4228da38e8588c15e01f24
GET /_nuxt/desktop/default/css/e5c0e314.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:51 GMT
content-type: text/css
content-length: 953
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-3b9"
content-encoding: gzip
expires: Tue, 07 May 2024 11:05:11 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-9a3378d72c752ab656b1376225f7ffae-dcd7abde1f706706-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T11:05:10+00:00, 2024-05-06T15:18:32+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/date-fns-locale-21-290f49eb.js | 185.244.209.62 | 200 OK | 2.1 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/date-fns-locale-21-290f49eb.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (6960), with no line terminators Hash91d17dbf833b48149a8b5d2f21895879 bd71a45fa4419ab4ddbc676f0a9cca2be05e1703 f085ff2e310ab82817411e3ed64d0902de49e149d0958cadb91d518ed5854335
GET /_nuxt/desktop/default/date-fns-locale-21-290f49eb.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:51 GMT
content-type: application/javascript; charset=utf-8
content-length: 2120
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-848"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:15 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-42db75ae4d6459bcac0e2c4f424fbaac-467b2fe907555d15-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:15+00:00, 2024-05-06T16:05:35+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/seo-module-api/api/public/v1/analytics-counters?url=https:%2F%2F1xlite-461430.top&projectId=285 | 178.253.29.51 | 200 OK | 141 B |
URL GET HTTP/21xlite-461430.top/seo-module-api/api/public/v1/analytics-counters?url=https:%2F%2F1xlite-461430.top&projectId=285 IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hashbd9be2fa89d26e9e6f1b2e08ffcd0ed6 90eae25ee792254c7ca97e98c5782078f9bdc37f c11510c5556799ec6bf918684e80903d08cf6237d3c4f94d32a8ebf35d067a1d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /seo-module-api/api/public/v1/analytics-counters?url=https:%2F%2F1xlite-461430.top&projectId=285 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2757227m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2757227m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_2757227m_18607c_%22%2C%22pb%22%3A%22fc40969f4a5547868aa12f11866bc762%22%2C%22click_id%22%3A%5B%22Gbjizwcgnzc4SQ1mj2DsfT%22%2C%22Gbjizwcgnzc4SQ1mj2DsfT%22%5D%2C%22site_id%22%3A%22fe58442c%22%2C%22partner_id%22%3A%227f99719f-6df0-4574-8194-8edfe800f8f3%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; platform_type=desktop; auid=sv0dM2Y6RWox/IwhAwkJAg==; window_width=1920; SESSION=62a580b9db01b9181375582b577707ff
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:51 GMT
content-type: application/json
content-length: 141
cache-control: max-age=1200, must-revalidate, public, s-maxage=1800, stale-if-error=86400, stale-while-revalidate=300
x-content-digest: enebf83560af95b198ca2d2caf127b1151
age: 1191
x-request-id: 7f83d05d90731c813a539137998cc558
x-request-guid: 7f83d05d90731c813a539137998cc558
x-time-ng: 0.002
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: p;dur=1.6920566558838, wf-uht;dur=
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/DC-7e6a4aad.js | 185.244.209.62 | 200 OK | 999 B |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/DC-7e6a4aad.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (2336), with no line terminators Hashb44bc16cd2630bfada5ec9cbdbfcafab 43918946155d48f6cc8ecba42e2cf2cab28debd7 189ec6fd8e44cc47498706a2d2c815da1dc255040ef5ef57f5faa7c10c05ae42
GET /_nuxt/desktop/default/DC-7e6a4aad.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:51 GMT
content-type: application/javascript; charset=utf-8
content-length: 999
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-3e7"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:01 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-cee06f83fabd72cedec1a337b0d3a161-7ac0a67769261dfe-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:01+00:00, 2024-05-07T14:53:12+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-ui/2.2.11/Desktop/Default/client.css | 185.244.209.62 | 200 OK | 178 kB |
URL GET HTTP/2v3.traincdn.com/sys-ui/2.2.11/Desktop/Default/client.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (65536), with no line terminators Size178 kB (178092 bytes) Hash512ee69b18e98077cb9c656b7c39b1ed 96db3c187704ad454d261ca5739f78ac2d83fe96 be096c8357d7dddceb92c470137e37436cd88bf1a3bef8e463fc2d71ff6abca5
GET /sys-ui/2.2.11/Desktop/Default/client.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:50 GMT
content-type: text/css; charset=utf-8
last-modified: Tue, 23 Apr 2024 11:41:52 GMT
etag: W/"5be31e73f9aaf3c05331c4f0cd80e4d9"
x-amz-meta-mtime: 1713872392.088051093
content-encoding: gzip
expires: Wed, 24 Apr 2024 14:28:29 GMT
cache-control: max-age=86400
x-time-ng: 0.008
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-b23a6ebabc29d30ee43e15ed6fa69417-cebe20d5e26b6455-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T14:28:29+00:00, 2024-05-07T14:49:34+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json | 178.253.29.51 | 200 OK | 23 B |
URL POST HTTP/21xlite-461430.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hashfa0f66cea71129b8d39012945beba8af 1b7c67c3fccdd59ef832583fc7a6b1411100ab85 09510c51a3725f41b2898b022641d4aabf747d8e3f8d2d8757f46287bc292851
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet
Content-Type: application/json
X-Lang: en
X-Uuid: 57814f3c-418e-45c1-93b0-eefb613f5be9
Content-Length: 81
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2757227m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2757227m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_2757227m_18607c_%22%2C%22pb%22%3A%22fc40969f4a5547868aa12f11866bc762%22%2C%22click_id%22%3A%5B%22Gbjizwcgnzc4SQ1mj2DsfT%22%2C%22Gbjizwcgnzc4SQ1mj2DsfT%22%5D%2C%22site_id%22%3A%22fe58442c%22%2C%22partner_id%22%3A%227f99719f-6df0-4574-8194-8edfe800f8f3%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; platform_type=desktop; auid=sv0dM2Y6RWox/IwhAwkJAg==; window_width=1920; SESSION=62a580b9db01b9181375582b577707ff
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:51 GMT
content-type: application/json
content-length: 23
x-time-ng: 0.000
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.008
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Betting.Core-d4a24bae.js | 185.244.209.62 | 200 OK | 1.6 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/Betting.Core-d4a24bae.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (2425), with no line terminators Hash3a0e4a54185bcc66d2e032dd30a385eb 627755ca54def0761f25f827d5b4cb483e1ca83d e0bc5ffed1e6fd6285fea94e991fa8ec48a5f17677519c766d7ee7e757a02239
GET /_nuxt/desktop/default/Betting.Core-d4a24bae.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:51 GMT
content-type: application/javascript; charset=utf-8
content-length: 1577
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-629"
content-encoding: gzip
expires: Tue, 07 May 2024 10:54:52 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-a0c8efadab3b40d234889c1c25e72225-bc309535c31bfd52-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T10:54:52+00:00, 2024-05-07T11:19:48+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/consultant.supHelperV2-ef321a16.js | 185.244.209.62 | 200 OK | 1.5 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/consultant.supHelperV2-ef321a16.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (3229), with no line terminators Hash0cc9277dab4117c9b162cc01e1f0b97f 5b7d9007e2d99d3715c5f226aadf44aa4da4332b 6d7637a83c7812813039573e9c67efbb30e4021a971c546621a397eb72ea4bd0
GET /_nuxt/desktop/default/consultant.supHelperV2-ef321a16.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:51 GMT
content-type: application/javascript; charset=utf-8
content-length: 1451
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-5ab"
content-encoding: gzip
expires: Wed, 08 May 2024 08:42:00 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-7dc6851989071a071cd874a159452037-9229e3fa73110b67-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T08:42:00+00:00, 2024-05-07T09:23:42+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/526e44d9.css | 185.244.209.62 | 200 OK | 459 B |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/526e44d9.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (1526), with no line terminators Hash97fdf5b6e7dfddf6ab251e984133b2c3 bb552fe685c52c34e0ed91e4dfaa9df2675ad086 92fcdb73c544b1f2befe78685340fd3371e920187a2232f8e4bffd73985d40e3
GET /_nuxt/desktop/default/css/526e44d9.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:52 GMT
content-type: text/css
content-length: 459
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-1cb"
content-encoding: gzip
expires: Tue, 07 May 2024 11:05:30 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-1d5bb7059f02d1b4938d0a393e4bc7ba-1ffdd01881328c3e-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T11:05:30+00:00, 2024-05-06T15:37:12+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/betting.media-233f5bf5.js | 185.244.209.62 | 200 OK | 17 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/vendors/betting.media-233f5bf5.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (41022), with NEL line terminators Hash45302df89a240c65824afccc0240c030 84573118a402aa9a4ee0321ccf3f914c438a8369 25b695450684f580508f24855ea2d181ecd499e26573010621dd4a2ddc5af16a
GET /_nuxt/desktop/default/vendors/betting.media-233f5bf5.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:52 GMT
content-type: application/javascript; charset=utf-8
content-length: 16831
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-41bf"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:16 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
x-cached-since: 2024-05-06T14:32:16+00:00
traceparent: 00-70bb36dc1f7bc3fc972681eb640dc624-b6323d53098c6b3e-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/ff267c5c.css | 185.244.209.62 | 200 OK | 1.5 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/ff267c5c.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (7000), with no line terminators Hashf379bc6f4b94f34d96f6fe51159bee63 f4c0d4dbef1e1e734e84e05d75e4ff950d06eb60 b2a5bd6495250a19500dd5a6ca62f045c8b70226a668dc63ef40c78883bdae11
GET /_nuxt/desktop/default/css/ff267c5c.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:52 GMT
content-type: text/css
content-length: 1486
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-5ce"
content-encoding: gzip
expires: Tue, 07 May 2024 14:34:32 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-ae7173d9bb749a89594673955db65544-0aaa127528083063-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:34:32+00:00, 2024-05-06T17:08:00+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/betting.media-64ed71be.js | 185.244.209.62 | 200 OK | 4.7 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/betting.media-64ed71be.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (16761), with no line terminators Hashfda91a0dd5e8251a0c4c540d7e54ed52 3c4a6e38286708cd62ff071ccf97e73f37200728 b3c3c2ee09cf4af0164878165cd9971fbfe83a461c18ad0ef7cfc33b36b782ef
GET /_nuxt/desktop/default/betting.media-64ed71be.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:52 GMT
content-type: application/javascript; charset=utf-8
content-length: 4726
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-1276"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:16 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
x-cached-since: 2024-05-06T14:32:16+00:00
traceparent: 00-b4c14d048a29877f8974fa2a7d1b5c20-4e45a773bdb9346e-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/service-api/gamespreview/getbanner?whence=55&ref=1&gr=285&lng=en&fCountry=137 | 178.253.29.51 | 200 OK | 176 B |
URL GET HTTP/21xlite-461430.top/service-api/gamespreview/getbanner?whence=55&ref=1&gr=285&lng=en&fCountry=137 IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hashac86deb03def477abf768a8455c8aa90 87bbc45a47946c01a6f494da652c5b1940e4a62c 6a19047f1e73a26daaac3ec171356c005d39984c931de6c0c0b4184ade05c55b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/gamespreview/getbanner?whence=55&ref=1&gr=285&lng=en&fCountry=137 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2Fwheel-bet
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2757227m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2757227m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_2757227m_18607c_%22%2C%22pb%22%3A%22fc40969f4a5547868aa12f11866bc762%22%2C%22click_id%22%3A%5B%22Gbjizwcgnzc4SQ1mj2DsfT%22%2C%22Gbjizwcgnzc4SQ1mj2DsfT%22%5D%2C%22site_id%22%3A%22fe58442c%22%2C%22partner_id%22%3A%227f99719f-6df0-4574-8194-8edfe800f8f3%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; platform_type=desktop; auid=sv0dM2Y6RWox/IwhAwkJAg==; window_width=1280; SESSION=62a580b9db01b9181375582b577707ff
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:52 GMT
content-type: application/json; charset=utf-8
content-length: 176
x-time-ng: 0.003
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.010
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/session-api/sessions/user | 178.253.29.51 | 200 OK | 16 B |
URL GET HTTP/21xlite-461430.top/session-api/sessions/user IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hash646b2e82b65602d35f7aa6283c387e3a b163a70c5df8e4b0861a23a04f8a6f78393747f4 b68bf12405ee2cb5b76764df21dbc2df0953ddff4072ddc5281d1aab05e8c4ab
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /session-api/sessions/user HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2Fwheel-bet
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2757227m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2757227m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_2757227m_18607c_%22%2C%22pb%22%3A%22fc40969f4a5547868aa12f11866bc762%22%2C%22click_id%22%3A%5B%22Gbjizwcgnzc4SQ1mj2DsfT%22%2C%22Gbjizwcgnzc4SQ1mj2DsfT%22%5D%2C%22site_id%22%3A%22fe58442c%22%2C%22partner_id%22%3A%227f99719f-6df0-4574-8194-8edfe800f8f3%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; platform_type=desktop; auid=sv0dM2Y6RWox/IwhAwkJAg==; window_width=1280; SESSION=62a580b9db01b9181375582b577707ff
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:52 GMT
content-type: application/json
content-length: 16
cache-control: no-cache, private
x-time-ng: 0.003
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: p;dur=1.9819736480713, wf-uht;dur=0.011
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/bff-api/event-logo/v2/suitable.json?lang=en | 178.253.29.51 | 200 OK | 2 B |
URL GET HTTP/21xlite-461430.top/bff-api/event-logo/v2/suitable.json?lang=en IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hashd751713988987e9331980363e24189ce 97d170e1550eee4afc0af065b78cda302a97674c 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /bff-api/event-logo/v2/suitable.json?lang=en HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2Fwheel-bet
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2757227m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2757227m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_2757227m_18607c_%22%2C%22pb%22%3A%22fc40969f4a5547868aa12f11866bc762%22%2C%22click_id%22%3A%5B%22Gbjizwcgnzc4SQ1mj2DsfT%22%2C%22Gbjizwcgnzc4SQ1mj2DsfT%22%5D%2C%22site_id%22%3A%22fe58442c%22%2C%22partner_id%22%3A%227f99719f-6df0-4574-8194-8edfe800f8f3%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; platform_type=desktop; auid=sv0dM2Y6RWox/IwhAwkJAg==; window_width=1280; SESSION=62a580b9db01b9181375582b577707ff
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:52 GMT
content-type: application/json
content-length: 2
cache-control: no-cache, private
server-timing: bff;dur=9.92, dt_total;dur=11.103, wf-uht;dur=0.019
traceparent: 00-af0734d4e3b70128581c10a1c35e7110-e54dd7ea0bac89ba-01
x-dt: 285
x-time-ng: 0.011
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/genfiles/cms/desktop/contact/86f18367ce2829388dcdabccb99b1740.svg | 178.253.29.51 | 200 OK | 263 B |
URL GET HTTP/21xlite-461430.top/genfiles/cms/desktop/contact/86f18367ce2829388dcdabccb99b1740.svg IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
File typeSVG Scalable Vector Graphics image Hash28e2c161800b61b985a163f5c492ae51 8845ea940210b4ccb195cca855a598e6aaa58ed0 77c93c24e4eb0f8815a7526d405818c9a38ba6e4317f1fee588fffbc00cb17de
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /genfiles/cms/desktop/contact/86f18367ce2829388dcdabccb99b1740.svg HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2Fwheel-bet
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2757227m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2757227m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_2757227m_18607c_%22%2C%22pb%22%3A%22fc40969f4a5547868aa12f11866bc762%22%2C%22click_id%22%3A%5B%22Gbjizwcgnzc4SQ1mj2DsfT%22%2C%22Gbjizwcgnzc4SQ1mj2DsfT%22%5D%2C%22site_id%22%3A%22fe58442c%22%2C%22partner_id%22%3A%227f99719f-6df0-4574-8194-8edfe800f8f3%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; platform_type=desktop; auid=sv0dM2Y6RWox/IwhAwkJAg==; window_width=1280; SESSION=62a580b9db01b9181375582b577707ff
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:52 GMT
content-type: image/svg+xml
content-length: 263
last-modified: Fri, 23 Feb 2024 10:01:24 GMT
etag: "28e2c161800b61b985a163f5c492ae51"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/genfiles/cms/desktop/contact/dbc1950bbcc8e27b5dbec1f42635e8d0.svg | 178.253.29.51 | 200 OK | 296 B |
URL GET HTTP/21xlite-461430.top/genfiles/cms/desktop/contact/dbc1950bbcc8e27b5dbec1f42635e8d0.svg IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
File typeSVG Scalable Vector Graphics image Hashb1bf63d00887bb0354e9d89c7d790a01 2d64ab25c9afff682abd6732f62ba62a197e972b a6a4fbbd99a0a82de03f05da827ccd9d019574bf3450727530403c2b5ce92df0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /genfiles/cms/desktop/contact/dbc1950bbcc8e27b5dbec1f42635e8d0.svg HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2Fwheel-bet
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2757227m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2757227m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_2757227m_18607c_%22%2C%22pb%22%3A%22fc40969f4a5547868aa12f11866bc762%22%2C%22click_id%22%3A%5B%22Gbjizwcgnzc4SQ1mj2DsfT%22%2C%22Gbjizwcgnzc4SQ1mj2DsfT%22%5D%2C%22site_id%22%3A%22fe58442c%22%2C%22partner_id%22%3A%227f99719f-6df0-4574-8194-8edfe800f8f3%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; platform_type=desktop; auid=sv0dM2Y6RWox/IwhAwkJAg==; window_width=1280; SESSION=62a580b9db01b9181375582b577707ff
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:52 GMT
content-type: image/svg+xml
content-length: 296
last-modified: Fri, 23 Feb 2024 10:03:47 GMT
etag: "b1bf63d00887bb0354e9d89c7d790a01"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/genfiles/cms/desktop/contact/6726b16cfb4e516989153ce398d4a0e4.svg | 178.253.29.51 | 200 OK | 506 B |
URL GET HTTP/21xlite-461430.top/genfiles/cms/desktop/contact/6726b16cfb4e516989153ce398d4a0e4.svg IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
File typeSVG Scalable Vector Graphics image Hash9c340eae608db0c25657b4a73d769afe 988fbf333a2e9290211cd9e6b7c98c59719012b0 b92e969acd8a1e0f9cfd1f84080ca5ccb8cb49b105299434c275a8813faf841e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /genfiles/cms/desktop/contact/6726b16cfb4e516989153ce398d4a0e4.svg HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2Fwheel-bet
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2757227m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2757227m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_2757227m_18607c_%22%2C%22pb%22%3A%22fc40969f4a5547868aa12f11866bc762%22%2C%22click_id%22%3A%5B%22Gbjizwcgnzc4SQ1mj2DsfT%22%2C%22Gbjizwcgnzc4SQ1mj2DsfT%22%5D%2C%22site_id%22%3A%22fe58442c%22%2C%22partner_id%22%3A%227f99719f-6df0-4574-8194-8edfe800f8f3%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; platform_type=desktop; auid=sv0dM2Y6RWox/IwhAwkJAg==; window_width=1280; SESSION=62a580b9db01b9181375582b577707ff
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:52 GMT
content-type: image/svg+xml
content-length: 506
last-modified: Fri, 23 Feb 2024 10:03:36 GMT
etag: "9c340eae608db0c25657b4a73d769afe"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/checker/redirect/stat/run/ | 178.253.29.51 | 200 OK | 14 B |
URL GET HTTP/21xlite-461430.top/checker/redirect/stat/run/ IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hash2de0d0acfd684235f066bd0ec0c9e3df 68d0cb64805a42d7e40f43e8e198986b43dd6b69 9682f312f23e078bb135f23ea5a178b178e75c02d33672f20044d18c6d258928
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /checker/redirect/stat/run/ HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2Fwheel-bet
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2757227m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2757227m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_2757227m_18607c_%22%2C%22pb%22%3A%22fc40969f4a5547868aa12f11866bc762%22%2C%22click_id%22%3A%5B%22Gbjizwcgnzc4SQ1mj2DsfT%22%2C%22Gbjizwcgnzc4SQ1mj2DsfT%22%5D%2C%22site_id%22%3A%22fe58442c%22%2C%22partner_id%22%3A%227f99719f-6df0-4574-8194-8edfe800f8f3%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; platform_type=desktop; auid=sv0dM2Y6RWox/IwhAwkJAg==; window_width=1280; SESSION=62a580b9db01b9181375582b577707ff; che_g=bad88088-adde-9a12-b173-ae2d8983d4f3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:52 GMT
content-type: application/json
content-length: 14
x-time-ng: 0.001
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.009
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/c65c754d498ddb25accb3498c1e7540b.png | 185.244.209.62 | 200 OK | 5.2 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/c65c754d498ddb25accb3498c1e7540b.png IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typePNG image data, 514 x 514, 8-bit colormap, non-interlaced Hashb9a636eef54b2844b571fe7de49184a7 bf653690790ced40eb3189da075a275d951d1607 001bfcdd52b658d46543a1aec889d35b73b3909b47097cc011b95e96fc9e3743
GET /genfiles/cms/1-285/desktop/media_asset/c65c754d498ddb25accb3498c1e7540b.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:53 GMT
content-type: image/png
content-length: 5202
last-modified: Wed, 28 Feb 2024 07:52:20 GMT
etag: "b9a636eef54b2844b571fe7de49184a7"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
x-cached-since: 2024-04-03T07:12:40+00:00
traceparent: 00-7d2eb0736adcb6152a3016110f3d8a41-0db45ed513b0bcdc-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-promotions-and-bonuses-static/Desktop/Default/44136fa355b3/52cc6f804124.js | 185.244.209.62 | 200 OK | 715 B |
URL GET HTTP/2v3.traincdn.com/sys-static/sys-promotions-and-bonuses-static/Desktop/Default/44136fa355b3/52cc6f804124.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJava source, ASCII text, with very long lines (714) Hashd7b02290885764ec0258b7a672ae3a9b 11fe57a2571848f4f07d56f19644ff3076f762d3 c66e02ef36f7b73f85a025fd87d2efeedd661a0fdf1efb46fb98190ad00a33b6
GET /sys-static/sys-promotions-and-bonuses-static/Desktop/Default/44136fa355b3/52cc6f804124.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:53 GMT
content-type: text/javascript; charset=utf-8
content-length: 715
last-modified: Tue, 07 May 2024 14:08:15 GMT
etag: "d7b02290885764ec0258b7a672ae3a9b"
x-amz-meta-mtime: 1715090739.536183414
expires: Wed, 08 May 2024 14:12:33 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
x-cached-since: 2024-05-07T14:12:33+00:00
traceparent: 00-03ea4cfda5f45dfd8a14988788672e8a-227c641d4ca0f2ac-01
x-id: osix-hw-edge-gc4
cache: HIT, MISS
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-promotions-and-bonuses-static/Desktop/Default/44136fa355b3/26a83e840499.js | 185.244.209.62 | 200 OK | 504 B |
URL GET HTTP/2v3.traincdn.com/sys-static/sys-promotions-and-bonuses-static/Desktop/Default/44136fa355b3/26a83e840499.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJava source, ASCII text, with very long lines (503) Hasha360f35393be0ea4dcc9fd14523f01f7 50c77f70f871224399ad46784749bb4cb583a439 f45e605081d025648a731b46220356191e8accf3f7ea89374c4ddf6cfb5ce577
GET /sys-static/sys-promotions-and-bonuses-static/Desktop/Default/44136fa355b3/26a83e840499.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:53 GMT
content-type: text/javascript; charset=utf-8
content-length: 504
last-modified: Tue, 07 May 2024 14:08:15 GMT
etag: "a360f35393be0ea4dcc9fd14523f01f7"
x-amz-meta-mtime: 1715090739.528183352
expires: Wed, 08 May 2024 14:12:33 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
x-cached-since: 2024-05-07T14:12:33+00:00
traceparent: 00-900520f12a782e710a711f0203123e21-8eef5280ccb5d926-01
x-id: osix-hw-edge-gc4
cache: HIT, MISS
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| widget.suphelper.top/sounds/new-message.mp3 | 172.64.148.184 | 200 OK | 30 kB |
URL GET HTTP/2widget.suphelper.top/sounds/new-message.mp3 IP172.64.148.184:443
Requested byhttps://widget.suphelper.top/ CertificateIssuerGoogle Trust Services LLC Subjectsuphelper.top Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36 ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT
File typeMPEG ADTS, layer III, v1, 192 kbps, 48 kHz, JntStereo Hashef9af24dc7dbd24ffd99c832e1300351 f78744a5013038446c468de14f205f2d52373fd6 5049d7fe87a7327a291441181d1a328a15f46a21081b970502c540406011c9b9
GET /sounds/new-message.mp3 HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 15:14:54 GMT
content-type: audio/mpeg
content-length: 29952
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=14400
last-modified: Thu, 02 May 2024 07:01:48 GMT
etag: W/"7500-18f381bf786"
cf-cache-status: HIT
age: 1433
expires: Tue, 07 May 2024 19:14:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8802298f8f8a56bb-OSL
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/shared-assets/__shared_sweetalert2_X3CQ7PJQ.js | 185.244.209.62 | 200 OK | 169 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/shared-assets/__shared_sweetalert2_X3CQ7PJQ.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Size169 kB (169175 bytes) Hashb5a597dcd765a913eb9a9fe1a8262b50 d6a2d93f8a19d4186f45ec7741693fe840812171 6a43c273d62e4c9651b3cc5cb4fb81fff8242dbcdcd351ee6236740e1c3bfc01
GET /sys-static/shared-assets/__shared_sweetalert2_X3CQ7PJQ.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:53 GMT
content-type: text/javascript; charset=utf-8
last-modified: Mon, 06 May 2024 14:40:26 GMT
etag: W/"138de5d55ee831195dd90bbf5c557926"
x-amz-meta-mtime: 1715006282.054749806
content-encoding: gzip
expires: Tue, 07 May 2024 15:18:13 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-555b9b4e71daec5cec4fe0b4bab0ec13-88ef0f9f3038208c-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T15:18:13+00:00, 2024-05-06T15:55:32+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| widget.suphelper.top/_next/static/chunks/663-81a4add2f1c95639.js | 172.64.148.184 | 200 OK | 108 kB |
URL GET HTTP/2widget.suphelper.top/_next/static/chunks/663-81a4add2f1c95639.js IP172.64.148.184:443
Requested byhttps://widget.suphelper.top/ CertificateIssuerGoogle Trust Services LLC Subjectsuphelper.top Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36 ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT
File typegzip compressed data, from Unix Size108 kB (108258 bytes) Hashe7df9657eff9b95f1ef6463cfc41730e 0da482f10789c69a08a1d7a04d4b1917a0f42423 7f2dc570cd7c62b9ab89b46ec69c8f9d15d8a654254096ecc268246e00aceca0
GET /_next/static/chunks/663-81a4add2f1c95639.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 15:14:53 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Thu, 28 Mar 2024 06:56:31 GMT
etag: W/"5b0da-18e83d890e3"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 596819
expires: Wed, 07 May 2025 15:14:53 GMT
server: cloudflare
cf-ray: 8802298b580f56bb-OSL
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/shared-assets/__shared_popper_js_MO5RLEN3.js | 185.244.209.62 | 200 OK | 45 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/shared-assets/__shared_popper_js_MO5RLEN3.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Hash7eaa7333cb0e6eb28834ceafcb663c82 f3179e86265a2806c8b303c03da21a9fc317c213 04917b819d7e0c6d13197a4d2fc249118cca285edcb4d51e2aa07553a8743372
GET /sys-static/shared-assets/__shared_popper_js_MO5RLEN3.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:53 GMT
content-type: text/javascript; charset=utf-8
last-modified: Mon, 06 May 2024 14:40:26 GMT
etag: W/"598d5481ac96b9bf8013b0eb1413b8e5"
x-amz-meta-mtime: 1715006282.054749806
content-encoding: gzip
expires: Tue, 07 May 2024 15:32:23 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-54943e001d01554ae05bcc2914526469-b647733fc07c74d1-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T15:32:23+00:00, 2024-05-07T12:56:57+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| widget.suphelper.top/_next/static/chunks/0c294a17-329dda05de2a378d.js | 172.64.148.184 | 200 OK | 104 kB |
URL GET HTTP/2widget.suphelper.top/_next/static/chunks/0c294a17-329dda05de2a378d.js IP172.64.148.184:443
Requested byhttps://widget.suphelper.top/ CertificateIssuerGoogle Trust Services LLC Subjectsuphelper.top Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36 ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT
File typegzip compressed data, from Unix Size104 kB (103479 bytes) Hash32881fa1467756d2c456dc0f42dc58c1 a895e45488d9c5ce48d4ce07352abc3331c12b83 46a00b88632d3fb8fc3079cb4ee6566de016a50ecda32dd4c017c23381d2bf36
GET /_next/static/chunks/0c294a17-329dda05de2a378d.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 15:14:53 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Wed, 17 Jan 2024 06:19:55 GMT
etag: W/"2925-18d161388b8"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 596819
expires: Wed, 07 May 2025 15:14:53 GMT
server: cloudflare
cf-ray: 8802298b580956bb-OSL
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/shared-assets/__shared_accept_language_parser_QKZ6ULEV.js | 185.244.209.62 | 200 OK | 114 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/shared-assets/__shared_accept_language_parser_QKZ6ULEV.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Size114 kB (114128 bytes) Hash38c14faaa9048db64ab7b3f8399bfe23 089ea64c0ed27a9e624ad9503d4dd05d1a6a4c7f 4f15055bea3bef2900585691426aacb654ffa44a8b035f20d4f202b9e8a98136
GET /sys-static/shared-assets/__shared_accept_language_parser_QKZ6ULEV.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:53 GMT
content-type: text/javascript; charset=utf-8
last-modified: Mon, 06 May 2024 14:40:26 GMT
etag: W/"518e0ae196483ada8b528a1f2b7df0a1"
x-amz-meta-mtime: 1715006282.054749806
content-encoding: gzip
expires: Tue, 07 May 2024 15:18:11 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-6510fa9f44faeccf0332070a8df6de22-65ef30e81907b627-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T15:18:11+00:00, 2024-05-06T15:53:14+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/shared-assets/__shared_vue_final_modal_XPPMTKII.js | 185.244.209.62 | 200 OK | 401 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/shared-assets/__shared_vue_final_modal_XPPMTKII.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Size401 kB (400762 bytes) Hash3279a8f761915390e61d806ba308c1e7 0df895346b9408ef1de33e857ceb8bda24158d0a cccd1c348d52d22dcb32721d6b373776ec2839c5976004b45cc7bd10c6d5a75c
GET /sys-static/shared-assets/__shared_vue_final_modal_XPPMTKII.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:53 GMT
content-type: text/javascript; charset=utf-8
last-modified: Mon, 06 May 2024 13:05:33 GMT
etag: W/"701ad5a22b8ea7213a53e334d0898349"
x-amz-meta-mtime: 1715000580.880463816
content-encoding: gzip
expires: Wed, 08 May 2024 12:42:07 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-c6942c5460ae5a2b74b8289be20589dc-895f3a2fe0f7193b-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T12:42:07+00:00, 2024-05-07T12:51:04+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/bg-modal-sm.png | 185.244.209.62 | | 22 kB |
URL v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/bg-modal-sm.png IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typePNG image data, 300 x 384, 8-bit colormap, non-interlaced Hashf3d658114fabe920924c0a04006c99f3 fb2c771f18f033e15518b9613f125d8c6b5974fb 6b6238d18444d496485e783e1b1390ee8d05d15a2faa433e12db43e97c180487
GET /genfiles/cms/1/desktop/promotions/wheelBet/bg-modal-sm.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:55 GMT
content-type: image/png
content-length: 21826
last-modified: Wed, 15 Nov 2023 08:09:45 GMT
etag: "f3d658114fabe920924c0a04006c99f3"
x-time-ng: 0.003
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
x-cached-since: 2024-04-21T21:05:05+00:00
traceparent: 00-949a9869cf75973d57190c48bde13f36-139157f94cddd481-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/bg-modal.png | 185.244.209.62 | | 84 kB |
URL v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/bg-modal.png IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typePNG image data, 954 x 631, 8-bit colormap, non-interlaced Hash0212b288b8e42c03fb5c998703979369 e0c97fdddabd92ec8b2c75921424ac35ee479021 fc3b7b016ef8f586b9030601f492e2768aa7fa081f7de7284e501aee8909da05
GET /genfiles/cms/1/desktop/promotions/wheelBet/bg-modal.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:55 GMT
content-type: image/png
content-length: 83859
last-modified: Wed, 15 Nov 2023 08:09:46 GMT
etag: "0212b288b8e42c03fb5c998703979369"
x-time-ng: 0.003
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
x-cached-since: 2024-04-21T21:05:05+00:00
traceparent: 00-7a6f659243e9740ed410e2467cf3fed4-98d5a41be01aed61-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/bg-modal-md.png | 185.244.209.62 | | 33 kB |
URL v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/bg-modal-md.png IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typePNG image data, 640 x 241, 8-bit colormap, non-interlaced Hash35a6fc3c5e3c0a8a2edf0afb5f11ae51 d7b150e5d8bda4159c3d8df6cc97bc14aa911faa ff9d73e0cdc7fb6abc3ba688fd99c2c4fa02db23a12367645bdab3e0aa39e605
GET /genfiles/cms/1/desktop/promotions/wheelBet/bg-modal-md.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:55 GMT
content-type: image/png
content-length: 33159
last-modified: Wed, 15 Nov 2023 08:09:46 GMT
etag: "35a6fc3c5e3c0a8a2edf0afb5f11ae51"
x-time-ng: 0.079
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
x-cached-since: 2024-04-21T21:05:04+00:00
traceparent: 00-d02eedfb950b66f5c5e716403e2fe866-68cd7b6718830fc0-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/not-available.png | 185.244.209.62 | | 741 B |
URL v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/not-available.png IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typePNG image data, 30 x 34, 8-bit colormap, non-interlaced Hash20dc9615d00d0b41d165bbd81d27d4eb 15fedf85f294dd472d60a160c7c8f42e23beec3b a06cb168275016f3ef9855789fab4e1573abf0be0b6ae6ba3f8a886922ca11be
GET /genfiles/cms/1/desktop/promotions/wheelBet/not-available.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:55 GMT
content-type: image/png
content-length: 741
last-modified: Wed, 15 Nov 2023 08:09:40 GMT
etag: "20dc9615d00d0b41d165bbd81d27d4eb"
x-time-ng: 0.002
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
x-cached-since: 2024-04-21T21:07:33+00:00
traceparent: 00-c0ae110bd0d3a6d75997706a9f7926bb-ffe341992e6d9117-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| widget.suphelper.top/_next/static/f385e6db/_buildManifest.js | 172.64.148.184 | 200 OK | 11 kB |
URL GET HTTP/2widget.suphelper.top/_next/static/f385e6db/_buildManifest.js IP172.64.148.184:443
Requested byhttps://widget.suphelper.top/ CertificateIssuerGoogle Trust Services LLC Subjectsuphelper.top Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36 ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT
File typegzip compressed data, from Unix Hashc3f5edd2e3599a47d893536ef3a1abc0 504931e1f833fb6f87c481ee1568bb42db666d1d e64091fc247dd922b99447b79bd051d8e85f69ae70c146b3add602999e83c08d
GET /_next/static/f385e6db/_buildManifest.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 15:14:53 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Thu, 02 May 2024 07:01:48 GMT
etag: W/"207-18f381bf92a"
vary: Accept-Encoding
cf-cache-status: HIT
age: 461237
expires: Wed, 07 May 2025 15:14:53 GMT
server: cloudflare
cf-ray: 8802298b581c56bb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/coins-modal.png | 185.244.209.62 | | 11 kB |
URL v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/coins-modal.png IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typePNG image data, 664 x 333, 8-bit colormap, non-interlaced Hashf272ce9226c4d2cce4f29804ad2e67a8 902035422d3dd02a9f47518802b1dede2dd4f8e0 efc060941ecc035adf117291c5f630d8a27cb789d02d52701d50be93dbef424d
GET /genfiles/cms/1/desktop/promotions/wheelBet/coins-modal.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:55 GMT
content-type: image/png
content-length: 10844
last-modified: Wed, 15 Nov 2023 08:09:42 GMT
etag: "f272ce9226c4d2cce4f29804ad2e67a8"
x-time-ng: 0.002
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
x-cached-since: 2024-04-21T21:06:54+00:00
traceparent: 00-be86875c6ed42ef2af57d6d16e2293de-e8d6b1851bbd7ecd-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/coins-md.png | 185.244.209.62 | | 11 kB |
URL v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/coins-md.png IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typePNG image data, 473 x 411, 8-bit colormap, non-interlaced Hash584e5721ed6fc7ff490fcacad2c29b72 543580f66fff7a05f601940dc98c9867046277d7 0c31fd6c2f8f4212c78bf42f3e8f03bce2162ad85578502c304bb50e5d3038b4
GET /genfiles/cms/1/desktop/promotions/wheelBet/coins-md.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:55 GMT
content-type: image/png
content-length: 11398
last-modified: Wed, 15 Nov 2023 08:09:43 GMT
etag: "584e5721ed6fc7ff490fcacad2c29b72"
x-time-ng: 0.002
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
x-cached-since: 2024-05-07T14:27:55+00:00
traceparent: 00-ade98e29d406d16c5e1cbb823f198181-4dd9d0dfc4e7b2a5-01
x-id: osix-hw-edge-gc4
cache: HIT, MISS
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/coins-tab-1.png | 185.244.209.62 | | 14 kB |
URL v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/coins-tab-1.png IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typePNG image data, 1011 x 317, 8-bit colormap, non-interlaced Hashbfe95965feeb258fb926212928c91895 fede9c24a1dee9664827472c899884658f75a0b6 05c04cc3cc3a29421f493fbc1632f4b4df60e45849d4b1ee1edb215958660eb1
GET /genfiles/cms/1/desktop/promotions/wheelBet/coins-tab-1.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:55 GMT
content-type: image/png
content-length: 13616
last-modified: Wed, 15 Nov 2023 08:09:42 GMT
etag: "bfe95965feeb258fb926212928c91895"
x-time-ng: 0.018
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
x-cached-since: 2024-05-07T14:17:39+00:00
traceparent: 00-62eaff94fabe580406db43cc6b49db42-c8d30eba52a64eeb-01
x-id: osix-hw-edge-gc4
cache: HIT, MISS
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| widget.suphelper.top/_next/static/chunks/81.9c6562bba5669b47.js | 172.64.148.184 | 200 OK | 45 kB |
URL GET HTTP/2widget.suphelper.top/_next/static/chunks/81.9c6562bba5669b47.js IP172.64.148.184:443
Requested byhttps://widget.suphelper.top/ CertificateIssuerGoogle Trust Services LLC Subjectsuphelper.top Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36 ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT
File typegzip compressed data, from Unix Hash3aae87e03460bb113e566efb2c2e342e 624edba45624709501e6d2318147a1fa44ef76f5 90c4c5d11bfda45d7aa63e787596431691aa241db7daf543dc66832ce7c94378
GET /_next/static/chunks/81.9c6562bba5669b47.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 15:14:53 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Mon, 22 Jan 2024 07:49:06 GMT
etag: W/"8f42-18d3024f9c4"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 600881
expires: Wed, 07 May 2025 15:14:53 GMT
server: cloudflare
cf-ray: 8802298efe6856bb-OSL
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/line-bottom.png | 185.244.209.62 | | 8.5 kB |
URL v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/line-bottom.png IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typePNG image data, 631 x 101, 8-bit colormap, non-interlaced Hash30d68039c4aa17eec5c6851592d09b3a 3efe06ebf6246ea1038b237f06d512dfd5a895e0 f81eabacc8b5e0cf41de56a7d177f5e1848bb5be563f4b98a3e6ebbaa4cb69cc
GET /genfiles/cms/1/desktop/promotions/wheelBet/line-bottom.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:55 GMT
content-type: image/png
content-length: 8530
last-modified: Wed, 15 Nov 2023 08:09:41 GMT
etag: "30d68039c4aa17eec5c6851592d09b3a"
x-time-ng: 0.004
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
x-cached-since: 2024-04-24T23:53:39+00:00
traceparent: 00-9f6e4f7fe2e3f586fe2d4a3561374abf-e9e3824242498dd8-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/line-modal-bottom.png | 185.244.209.62 | | 8.4 kB |
URL v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/line-modal-bottom.png IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typePNG image data, 662 x 99, 8-bit colormap, non-interlaced Hashfbc8c4ca00e2ca9e3932ef3178152748 94d32d9a2d617636044e46a337b035def017ee72 6163a56401f7b0a01bd8cb02b8c6135a58b8ceaf22543d63c790364dcb45f316
GET /genfiles/cms/1/desktop/promotions/wheelBet/line-modal-bottom.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:55 GMT
content-type: image/png
content-length: 8432
last-modified: Wed, 15 Nov 2023 08:09:41 GMT
etag: "fbc8c4ca00e2ca9e3932ef3178152748"
x-time-ng: 0.079
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
x-cached-since: 2024-04-26T12:55:16+00:00
traceparent: 00-4223bdf0abccab628544948cbde97c67-bb7b00ecd0428cd3-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/person-md.png | 185.244.209.62 | | 38 kB |
URL v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/person-md.png IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typePNG image data, 340 x 698, 8-bit colormap, non-interlaced Hashea62ce421290b849807ba3479204f22c def98e2b2d888cc7432b803b89777899ea85ed83 d3321878900eab952b8517763d060c22f3a33b1509dbf1a5b4e6461c19868346
GET /genfiles/cms/1/desktop/promotions/wheelBet/person-md.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:55 GMT
content-type: image/png
content-length: 37957
last-modified: Wed, 15 Nov 2023 08:09:40 GMT
etag: "ea62ce421290b849807ba3479204f22c"
x-time-ng: 0.002
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
x-cached-since: 2024-05-07T14:27:58+00:00
traceparent: 00-814e862ad04dd44629f813547d47fb7c-27ab627f0626df6d-01
x-id: osix-hw-edge-gc4
cache: HIT, MISS
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/coins-md.webp | 185.244.209.62 | | 11 kB |
URL v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/coins-md.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash386bde2102de14d58339c852bd38e06a 49bb599bbe5c06d537890cbb2940ab38840258bf 4695fcc638997d404d69d39badf6f480a69addb9d6be026d4a58016f24db7930
GET /genfiles/cms/1/desktop/promotions/wheelBet/coins-md.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:56 GMT
content-type: image/webp
content-length: 11170
last-modified: Wed, 15 Nov 2023 08:09:43 GMT
etag: "386bde2102de14d58339c852bd38e06a"
x-time-ng: 0.003
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
x-cached-since: 2024-05-07T14:58:24+00:00
traceparent: 00-0d18ddf35891c1f8f26995f8010d9066-5d0f855de75b6720-01
x-id: osix-hw-edge-gc4
cache: HIT, MISS
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| widget.suphelper.top/injector.js | 172.64.148.184 | 200 OK | 908 kB |
URL GET HTTP/2widget.suphelper.top/injector.js IP172.64.148.184:443
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerGoogle Trust Services LLC Subjectsuphelper.top Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36 ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT
File typegzip compressed data, from Unix Size908 kB (908192 bytes) Hashefe482bf18be479e792e9c92db01fe14 04136cf4c3823ba84d24363ea0f2e7c29e93ff6c cccbdf1073f586d06df95965d354267ae1a11c458b4289fc36478caef8c87e1a
GET /injector.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 15:14:52 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=14400
last-modified: Thu, 02 May 2024 07:01:48 GMT
etag: W/"32e7a-18f381bf77a"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 24
expires: Tue, 07 May 2024 19:14:52 GMT
server: cloudflare
cf-ray: 88022988dbf456bb-OSL
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/wheel-inner-sm.webp | 185.244.209.62 | | 8.6 kB |
URL v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/wheel-inner-sm.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash732ba048fd5210acc34a16b9cb695a81 d5b729ae66784afcdf482904634152e23c9112bb ca91019b23d93d2a2c16ea5cf93b4ac60376c9dc40dad19bd2886cf185b4a6c5
GET /genfiles/cms/1/desktop/promotions/wheelBet/wheel-inner-sm.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:56 GMT
content-type: image/webp
content-length: 8550
last-modified: Wed, 15 Nov 2023 08:08:24 GMT
etag: "732ba048fd5210acc34a16b9cb695a81"
x-time-ng: 0.002
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
x-cached-since: 2024-05-07T15:08:38+00:00
traceparent: 00-c1d046e8d6aa324205873276348ca13a-8c816cbf9b719fff-01
x-id: osix-hw-edge-gc4
cache: HIT, MISS
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/line-top.png | 185.244.209.62 | | 7.6 kB |
URL v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/line-top.png IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typePNG image data, 631 x 92, 8-bit colormap, non-interlaced Hash65178f3b0a19c75d64d24f22e047664f 5d1f08431e1a60f0d256937ecff6d119c8bdc832 53b9fa530ad8441d60fe627acd4f66720a0479327258df2f9d4dc241315af97a
GET /genfiles/cms/1/desktop/promotions/wheelBet/line-top.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:56 GMT
content-type: image/png
content-length: 7625
last-modified: Wed, 15 Nov 2023 08:09:40 GMT
etag: "65178f3b0a19c75d64d24f22e047664f"
x-time-ng: 0.067
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
x-cached-since: 2024-04-24T23:54:02+00:00
traceparent: 00-5c22de6086a9677e44f656e8203cae76-7494ad421c12df97-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/person-tab.png | 185.244.209.62 | | 93 kB |
URL v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/person-tab.png IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typePNG image data, 457 x 1091, 8-bit colormap, non-interlaced Hashc8445d93b49f947b0e199766f004a175 f7c88fa271b38e44b299ac4c1bc59c306838aed5 0c0ef066ad6e3103440de2df8eaec11c041bdb02777e641557b78151a6194ae2
GET /genfiles/cms/1/desktop/promotions/wheelBet/person-tab.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:55 GMT
content-type: image/png
content-length: 93196
last-modified: Wed, 15 Nov 2023 08:09:40 GMT
etag: "c8445d93b49f947b0e199766f004a175"
x-time-ng: 0.047
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
x-cached-since: 2024-05-07T14:57:13+00:00
traceparent: 00-d4b8ea2e9819646d18087274217b2ff8-39bb3fd921a2522a-01
x-id: osix-hw-edge-gc4
cache: HIT, MISS
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/line-modal-top.png | 185.244.209.62 | | 8.4 kB |
URL v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/line-modal-top.png IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typePNG image data, 703 x 99, 8-bit colormap, non-interlaced Hash2bf563655f552a5c41e55847e35b5dc9 c0d20ecdd7f2d7c1ecda173913372ce5a22897cb fc019808675fc2cc1fe86582b803a9ffbc3046b190f94869833d6c36eab73679
GET /genfiles/cms/1/desktop/promotions/wheelBet/line-modal-top.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:56 GMT
content-type: image/png
content-length: 8393
last-modified: Wed, 15 Nov 2023 08:09:40 GMT
etag: "2bf563655f552a5c41e55847e35b5dc9"
x-time-ng: 0.006
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
x-cached-since: 2024-04-26T12:54:39+00:00
traceparent: 00-4e6706886450e62a3686110c763ea34a-0670d936eca3a4fe-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/person-tab.webp | 185.244.209.62 | | 86 kB |
URL v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/person-tab.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash2b31876239d7477574e1f6c28e9226b8 2f0aaab7061b5268da322768b7bb9e2ee4849cda dec68c7ee18d3f0739456ec1f96edec787d39e2b0d67683eca0d537c15bcde41
GET /genfiles/cms/1/desktop/promotions/wheelBet/person-tab.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:56 GMT
content-type: image/webp
content-length: 85822
last-modified: Wed, 15 Nov 2023 08:09:39 GMT
etag: "2b31876239d7477574e1f6c28e9226b8"
x-time-ng: 0.002
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
x-cached-since: 2024-05-07T14:57:17+00:00
traceparent: 00-30d7fd111b8379732e50ecf5a00d48e5-20b10fb51041c466-01
x-id: osix-hw-edge-gc4
cache: HIT, MISS
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/wheel-external-md.png | 185.244.209.62 | | 42 kB |
URL v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/wheel-external-md.png IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typePNG image data, 508 x 490, 8-bit colormap, non-interlaced Hash14cf7dd6b977a86820688da92be750e7 2a1f5759ce2398b0b52b2807cdf8ddf5e38a019c a75eccad428fa865346dacd05d2dc89a5eda9de0ee5d9b292f943cbe33fd1940
GET /genfiles/cms/1/desktop/promotions/wheelBet/wheel-external-md.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:56 GMT
content-type: image/png
content-length: 41966
last-modified: Wed, 15 Nov 2023 08:08:28 GMT
etag: "14cf7dd6b977a86820688da92be750e7"
x-time-ng: 0.004
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
x-cached-since: 2024-05-07T15:13:22+00:00
traceparent: 00-8462f2f156a5456a0ce80cfdeee735e5-83957ce6cdc24315-01
x-id: osix-hw-edge-gc4
cache: HIT, MISS
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/wheel-inner-md.png | 185.244.209.62 | | 22 kB |
URL v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/wheel-inner-md.png IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typePNG image data, 344 x 345, 8-bit colormap, non-interlaced Hash5480c9459e1e9e02874f8302f2ce028a 45067ece8decc72463f568c9745495c31710f18f 30c6edd2790a05b416072aad2afc01b5524aae9b6cca9a89fd73cceb4268ff65
GET /genfiles/cms/1/desktop/promotions/wheelBet/wheel-inner-md.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:56 GMT
content-type: image/png
content-length: 21981
last-modified: Wed, 15 Nov 2023 08:08:25 GMT
etag: "5480c9459e1e9e02874f8302f2ce028a"
x-time-ng: 0.003
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
x-cached-since: 2024-05-07T14:57:14+00:00
traceparent: 00-8f1477fce9e05705ceb9c5f168f3f9e2-e77855e5fc268382-01
x-id: osix-hw-edge-gc4
cache: HIT, MISS
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/wheel-light-md.png | 185.244.209.62 | | 13 kB |
URL v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/wheel-light-md.png IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typePNG image data, 302 x 302, 8-bit colormap, non-interlaced Hash5fbe7fe2d6477f6381307e8b8e205146 487e50d6f73609791fe027b3355d9dea07fe0f2c 054bdc3abb0033c9328a4a1b5223b283349555fddb35f442e5aa21b847ed434d
GET /genfiles/cms/1/desktop/promotions/wheelBet/wheel-light-md.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:56 GMT
content-type: image/png
content-length: 13394
last-modified: Wed, 15 Nov 2023 08:08:22 GMT
etag: "5fbe7fe2d6477f6381307e8b8e205146"
x-time-ng: 0.002
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
x-cached-since: 2024-05-07T14:28:00+00:00
traceparent: 00-f90c49b97d30d63d9ca4e5424fa77723-9166ec4abd82d6cc-01
x-id: osix-hw-edge-gc4
cache: HIT, MISS
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/blik.png | 185.244.209.62 | | 1.3 kB |
URL v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/blik.png IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typePNG image data, 103 x 56, 8-bit colormap, non-interlaced Hash9a901afc44d0db8d99560f5fdeac9cd3 c4f63f282c334a0af06fcbf4f10275d3be7b9f87 11f7f4511af8fe7d6292e340517376d7fa7850153dee5953007fe68d21f92f57
GET /genfiles/cms/1/desktop/promotions/wheelBet/blik.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:56 GMT
content-type: image/png
content-length: 1277
last-modified: Wed, 15 Nov 2023 08:09:43 GMT
etag: "9a901afc44d0db8d99560f5fdeac9cd3"
x-time-ng: 0.045
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
x-cached-since: 2024-04-26T13:17:53+00:00
traceparent: 00-b6b5c104b12566f30a118c92cda3d155-c24c85302af402a0-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/coins-tab-1.webp | 185.244.209.62 | | 12 kB |
URL v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/coins-tab-1.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash6d8b79282ea938ebc164543780bf6c95 b6d2d84a6848483f92def2ebbe42b2f3e0ae649b 30aae6f5426e82f3124451d70a82798d1b3d0da5066ed6b0ba29d1158988b963
GET /genfiles/cms/1/desktop/promotions/wheelBet/coins-tab-1.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:56 GMT
content-type: image/webp
content-length: 12430
last-modified: Wed, 15 Nov 2023 08:09:42 GMT
etag: "6d8b79282ea938ebc164543780bf6c95"
x-time-ng: 0.046
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
x-cached-since: 2024-05-07T14:28:01+00:00
traceparent: 00-74dca8f405d111092bc739a3b2cbdfdf-e390d7f2390c624f-01
x-id: osix-hw-edge-gc4
cache: HIT, MISS
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/coins.webp | 185.244.209.62 | | 30 kB |
URL v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/coins.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashafeb21e89500b7d2f76c11e9c26db33a 1f1aeba726915f8183b9bafa4666008827f4ed6f 989c6db4825fd3d9f125a7915c07de6a672cf08b971c0e60593a1ff192101cf4
GET /genfiles/cms/1/desktop/promotions/wheelBet/coins.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:56 GMT
content-type: image/webp
content-length: 30308
last-modified: Wed, 15 Nov 2023 08:09:41 GMT
etag: "afeb21e89500b7d2f76c11e9c26db33a"
x-time-ng: 0.002
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
x-cached-since: 2024-05-07T14:28:01+00:00
traceparent: 00-243b57e7d2001c5264d5c07a0d09ca84-05cc3337c744bcdf-01
x-id: osix-hw-edge-gc4
cache: HIT, MISS
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/bg__desc.webp | 185.244.209.62 | | 118 B |
URL v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/bg__desc.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hashb58d632409efb03916cfef3229576c55 c2fb66483c899f427b0354d52b080ce8bb6b47c4 b0b0fadb436530e81236a3d97058fc501d732eb24768845c5e97ac8ac3c32176
GET /genfiles/cms/1/desktop/promotions/wheelBet/bg__desc.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Tue, 07 May 2024 15:14:56 GMT
content-type: text/html; charset=utf-8
content-length: 118
strict-transport-security: max-age=15724800; includeSubDomains
x-id-shield: am3-hw-edge-gc89
traceparent: 00-572a307f4e5a7fae576de86d90eb3677-68a87f286b51477e-01
x-id: osix-hw-edge-gc4
cache: MISS, MISS
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/wheel-light.png | 185.244.209.62 | | 36 kB |
URL v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/wheel-light.png IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typePNG image data, 604 x 604, 8-bit colormap, non-interlaced Hash2b4eba7f5f5cc445fdb5f527787b5035 62a02ab999f211485a86432d7bf77a19a2cee01d b9e2a1998ff9b48d5f5f32e5edded584d326abd3586cd44bfdae0ba0429ec944
GET /genfiles/cms/1/desktop/promotions/wheelBet/wheel-light.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:56 GMT
content-type: image/png
content-length: 35620
last-modified: Wed, 15 Nov 2023 08:08:23 GMT
etag: "2b4eba7f5f5cc445fdb5f527787b5035"
x-time-ng: 0.003
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
x-cached-since: 2024-05-07T14:34:35+00:00
traceparent: 00-582ff9d500b73c04850cdaf55064119e-74fc60b4d319ad99-01
x-id: osix-hw-edge-gc4
cache: HIT, MISS
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-promotions-and-bonuses-static/Desktop/Default/44136fa355b3/7cf92a6ad5dd.css | 185.244.209.62 | 200 OK | 19 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/sys-promotions-and-bonuses-static/Desktop/Default/44136fa355b3/7cf92a6ad5dd.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Hash4afd400c959979c5c8aea520cccee533 3dd0aae9401e0cb17de92556b5a25bc9c103fa52 88e013aa0b49784b53f29bd97df256af3d5717519aa74cf23a1a43d9c5e8ae14
GET /sys-static/sys-promotions-and-bonuses-static/Desktop/Default/44136fa355b3/7cf92a6ad5dd.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:50 GMT
content-type: text/css; charset=utf-8
last-modified: Tue, 07 May 2024 14:08:15 GMT
etag: W/"bac057f37c069276bd125b5d58da8733"
x-amz-meta-mtime: 1715090739.536183414
content-encoding: gzip
expires: Wed, 08 May 2024 14:12:20 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
x-cached-since: 2024-05-07T14:12:20+00:00
traceparent: 00-062c1ce8e24bf1e2016caa139e2d27c0-12bfbc139fd8becf-01
x-id: osix-hw-edge-gc4
cache: HIT, MISS
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=UA-131019888-1&l=dataLayer&cx=c | 142.250.74.168 | | 71 kB |
URL www.googletagmanager.com/gtag/js?id=UA-131019888-1&l=dataLayer&cx=c IP142.250.74.168:0
File typeJavaScript source, ASCII text, with very long lines (1822) Hash604bfb01bd6f0e17327782aefb8e36b9 6262a7ffbc3150056a876815894a06810c60d8a9 dfe9f521b94b9fac30baac5a9b630026032cf1461c5a86cd503cb7dd8bcd2753
GET /gtag/js?id=UA-131019888-1&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 07 May 2024 15:14:56 GMT
expires: Tue, 07 May 2024 15:14:56 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 70773
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/wheel-external-md.webp | 185.244.209.62 | | 44 kB |
URL v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/wheel-external-md.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash01419e8765b9a2155475a1a4d5c5f050 4ac00539264029113306ed95e7317e500a173780 d9f068635bbc801f2831512588121de1e5acdc5c48c6c2d0a317b914d36c7aaf
GET /genfiles/cms/1/desktop/promotions/wheelBet/wheel-external-md.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:56 GMT
content-type: image/webp
content-length: 43722
last-modified: Fri, 15 Dec 2023 11:22:27 GMT
etag: "01419e8765b9a2155475a1a4d5c5f050"
x-time-ng: 0.003
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
x-cached-since: 2024-05-07T14:57:17+00:00
traceparent: 00-9fd3b5027b00f08743d6ee7f393ec6ca-11d3e132c3284b6c-01
x-id: osix-hw-edge-gc4
cache: HIT, MISS
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/wheel-inner-sm.png | 185.244.209.62 | | 49 kB |
URL v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/wheel-inner-sm.png IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typePNG image data, 345 x 345, 8-bit colormap, non-interlaced Hash76e616589092e2a075a2f9ef294e66b0 712cbbfd77a0d429c981efafa38c68bb53546f39 89008b1fcf47490063c1cc59004a2895af55ba57e9bf166713ab1473903712d7
GET /genfiles/cms/1/desktop/promotions/wheelBet/wheel-inner-sm.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:56 GMT
content-type: image/png
content-length: 48850
last-modified: Wed, 15 Nov 2023 08:08:25 GMT
etag: "76e616589092e2a075a2f9ef294e66b0"
x-time-ng: 0.006
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
x-cached-since: 2024-05-07T14:28:00+00:00
traceparent: 00-85434a40cbc36cda53cbacf0911e9435-dbc1e4317b57c610-01
x-id: osix-hw-edge-gc4
cache: HIT, MISS
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/wheel-inner.webp | 185.244.209.62 | | 14 kB |
URL v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/wheel-inner.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashf502eacdec6ffdf0ddf5210a4999ac15 a78dfce0d1a01deb7b78bf1555e61690545fad6b d760731175f9c7bf1f5bd8c425fda80462c39e4586119370411e5485a97cc929
GET /genfiles/cms/1/desktop/promotions/wheelBet/wheel-inner.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:56 GMT
content-type: image/webp
content-length: 14290
last-modified: Wed, 15 Nov 2023 08:08:24 GMT
etag: "f502eacdec6ffdf0ddf5210a4999ac15"
x-time-ng: 0.002
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
x-cached-since: 2024-05-07T14:57:18+00:00
traceparent: 00-63e9fa9ec700abd2a90db114ca489b07-382359ca59d6b57c-01
x-id: osix-hw-edge-gc4
cache: HIT, MISS
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/wheel-btn.webp | 185.244.209.62 | | 4.1 kB |
URL v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/wheel-btn.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash588f3b952822319125d8a21cb3e21469 4c46b0913dfb859fbfe3266b97ef65eea094dcaa afeee16776a05a2b85a4f244c582dcb1b096ba141f000627a7e1563160ecdbdc
GET /genfiles/cms/1/desktop/promotions/wheelBet/wheel-btn.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:56 GMT
content-type: image/webp
content-length: 4104
last-modified: Wed, 15 Nov 2023 08:08:28 GMT
etag: "588f3b952822319125d8a21cb3e21469"
x-time-ng: 0.002
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
x-cached-since: 2024-05-02T10:23:21+00:00
traceparent: 00-71a5e6b8fe7df58c4c2c35d3bba5ced5-1e168825b5522603-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/wheel-inner.png | 185.244.209.62 | | 76 kB |
URL v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/wheel-inner.png IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typePNG image data, 687 x 689, 8-bit colormap, non-interlaced Hashba4739c3bfd31e5b6f1270c3f8e55f6c ba0a2bb1ac255a9ba8fa73db6d9366897c0ef4c7 593723276ba15f7651302477014bbd9873a13dd0d8b4cd3de97db20287712884
GET /genfiles/cms/1/desktop/promotions/wheelBet/wheel-inner.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:56 GMT
content-type: image/png
content-length: 75745
last-modified: Wed, 15 Nov 2023 08:08:24 GMT
etag: "ba4739c3bfd31e5b6f1270c3f8e55f6c"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
x-cached-since: 2024-05-07T14:57:14+00:00
traceparent: 00-252fb142e2c373479784876c309e6de7-eea52edbf84f2411-01
x-id: osix-hw-edge-gc4
cache: HIT, MISS
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/person.png | 185.244.209.62 | | 128 kB |
URL v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/person.png IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typePNG image data, 679 x 1396, 8-bit colormap, non-interlaced Size128 kB (128051 bytes) Hash3eca2e5366710fc3f2f799e00986927b 9d372c52d999396e39fb4b5c9b8fff4cacbefff9 29ee5fb61866f6d5afc908865cfa812d0e6050f5684ba33849a7714f324a0d3f
GET /genfiles/cms/1/desktop/promotions/wheelBet/person.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:56 GMT
content-type: image/png
content-length: 128051
last-modified: Wed, 15 Nov 2023 08:09:38 GMT
etag: "3eca2e5366710fc3f2f799e00986927b"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
x-cached-since: 2024-05-07T14:57:13+00:00
traceparent: 00-ce44ac01117f40695283672e9e90e8f3-a0f4b0b71cc004b5-01
x-id: osix-hw-edge-gc4
cache: HIT, MISS
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/wheel-light-md.webp | 185.244.209.62 | | 17 kB |
URL v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/wheel-light-md.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash386e2b6405329591c3528dc854b1bcd5 029f4b2de40e7f67778b3cdb020cb6fb2c88411b 9ae570ff70b272591fe9643cf539340c177db56599cc30b9ada0016d9e3fdd66
GET /genfiles/cms/1/desktop/promotions/wheelBet/wheel-light-md.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:56 GMT
content-type: image/webp
content-length: 17374
last-modified: Fri, 15 Dec 2023 11:22:27 GMT
etag: "386e2b6405329591c3528dc854b1bcd5"
x-time-ng: 0.049
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
x-cached-since: 2024-05-07T14:28:04+00:00
traceparent: 00-f58633e4147c3285c1a1fef6137ed8eb-47dc5bffd1f4669e-01
x-id: osix-hw-edge-gc4
cache: HIT, MISS
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/wheel-external.png | 185.244.209.62 | | 211 kB |
URL v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/wheel-external.png IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typePNG image data, 1016 x 980, 8-bit colormap, non-interlaced Size211 kB (210956 bytes) Hash0d6d5e8b177cb328e9929bbd949d7f4f 02dcde0ab126cd56705cc1da52cf277ebce5eb73 0e81d0c29d2493b98ce6e336ce30215a39995f4a6d900333df7b6bd7d01e5ee0
GET /genfiles/cms/1/desktop/promotions/wheelBet/wheel-external.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:56 GMT
content-type: image/png
content-length: 210956
last-modified: Wed, 15 Nov 2023 08:08:28 GMT
etag: "0d6d5e8b177cb328e9929bbd949d7f4f"
x-time-ng: 0.104
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
x-cached-since: 2024-05-07T14:57:14+00:00
traceparent: 00-bd31443f11cb6edfb01d1249cecedd0f-13861ba22a13712a-01
x-id: osix-hw-edge-gc4
cache: HIT, MISS
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/person.webp | 185.244.209.62 | | 104 kB |
URL v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/person.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Size104 kB (103654 bytes) Hash744d3d08cbd126d56242095da9c56b37 bbd86ca9a1b7a4db623255731f4ec9c9e6a5eae3 2aef83bfe4bd2976deb730c5b892f4b95a4fe74d328b65a35d610cb7aeb3e872
GET /genfiles/cms/1/desktop/promotions/wheelBet/person.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:56 GMT
content-type: image/webp
content-length: 103654
last-modified: Wed, 15 Nov 2023 08:09:38 GMT
etag: "744d3d08cbd126d56242095da9c56b37"
x-time-ng: 0.002
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
x-cached-since: 2024-05-07T15:08:38+00:00
traceparent: 00-ed349bf22119cdaca2d7b18a2cefdc27-a608c52ca90b7d9f-01
x-id: osix-hw-edge-gc4
cache: HIT, MISS
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/wheel-external.webp | 185.244.209.62 | | 192 kB |
URL v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/wheel-external.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Size192 kB (191936 bytes) Hashd1a1bf3175394f1b5480727d951f9144 f3840ae9f328ac04f31e3b4bb90f8b6c4758ee89 7c9fb1f84cfec05795dacbfbdcda39b58b0a9ea7064bb11766b519a10c29249c
GET /genfiles/cms/1/desktop/promotions/wheelBet/wheel-external.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:56 GMT
content-type: image/webp
content-length: 191936
last-modified: Fri, 15 Dec 2023 11:22:27 GMT
etag: "d1a1bf3175394f1b5480727d951f9144"
x-time-ng: 0.104
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
x-cached-since: 2024-05-07T14:57:17+00:00
traceparent: 00-a9acd11d99226b5c7252ec57cca1020a-aeded4cc8ca60d81-01
x-id: osix-hw-edge-gc4
cache: HIT, MISS
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/b0276b0a7ae86d0dc87c292efc4ad16c.json | 178.253.29.51 | 200 OK | 884 B |
URL GET HTTP/21xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/b0276b0a7ae86d0dc87c292efc4ad16c.json IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hashc2eb16bc46aea587d16e3eb8bff889ad ed5e1e8dfaf6a7f9d067aed73191d522d71f6510 37c40a123ec6f4f9ebd9f26e2ccb1df2cfbfb98cee84ec03bb6153e6351590b9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /genfiles/cms/1-285/desktop/media_asset/b0276b0a7ae86d0dc87c292efc4ad16c.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2Fwheel-bet
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2757227m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2757227m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_2757227m_18607c_%22%2C%22pb%22%3A%22fc40969f4a5547868aa12f11866bc762%22%2C%22click_id%22%3A%5B%22Gbjizwcgnzc4SQ1mj2DsfT%22%2C%22Gbjizwcgnzc4SQ1mj2DsfT%22%5D%2C%22site_id%22%3A%22fe58442c%22%2C%22partner_id%22%3A%227f99719f-6df0-4574-8194-8edfe800f8f3%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; platform_type=desktop; auid=sv0dM2Y6RWox/IwhAwkJAg==; window_width=0; SESSION=62a580b9db01b9181375582b577707ff; che_g=bad88088-adde-9a12-b173-ae2d8983d4f3; sh.session.id=c3ec7c3d-3538-4b43-b274-941081661add; application_locale=en; _ga_7V60YW2S5H=GS1.1.1715094895.1.0.1715094895.60.0.0; _ga=GA1.1.1791400071.1715094896
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:56 GMT
content-type: application/json
content-length: 884
last-modified: Thu, 31 Aug 2023 12:36:01 GMT
etag: "c2eb16bc46aea587d16e3eb8bff889ad"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/c6fd0f94684461b018b5d68900173ba3.json | 178.253.29.51 | 200 OK | 473 B |
URL GET HTTP/21xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/c6fd0f94684461b018b5d68900173ba3.json IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hashe67aa19ef00fd2285c7b4ecbb6018306 5b01d4786d6fbfbd5de7901eb4359a55466f434a 135c1042c31e3674d8a1b3b9e7179f4f36868048ca6058ea458ff291b8880b5e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /genfiles/cms/1-285/desktop/media_asset/c6fd0f94684461b018b5d68900173ba3.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2Fwheel-bet
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2757227m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2757227m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_2757227m_18607c_%22%2C%22pb%22%3A%22fc40969f4a5547868aa12f11866bc762%22%2C%22click_id%22%3A%5B%22Gbjizwcgnzc4SQ1mj2DsfT%22%2C%22Gbjizwcgnzc4SQ1mj2DsfT%22%5D%2C%22site_id%22%3A%22fe58442c%22%2C%22partner_id%22%3A%227f99719f-6df0-4574-8194-8edfe800f8f3%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; platform_type=desktop; auid=sv0dM2Y6RWox/IwhAwkJAg==; window_width=0; SESSION=62a580b9db01b9181375582b577707ff; che_g=bad88088-adde-9a12-b173-ae2d8983d4f3; sh.session.id=c3ec7c3d-3538-4b43-b274-941081661add; application_locale=en; _ga_7V60YW2S5H=GS1.1.1715094895.1.0.1715094895.60.0.0; _ga=GA1.1.1791400071.1715094896
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:56 GMT
content-type: application/json
content-length: 473
last-modified: Tue, 06 Jun 2023 13:22:27 GMT
etag: "e67aa19ef00fd2285c7b4ecbb6018306"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/73ad3e60e189f328e251a53aec716273.json | 178.253.29.51 | 200 OK | 846 B |
URL GET HTTP/21xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/73ad3e60e189f328e251a53aec716273.json IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hash730bd58f457e46b6ac3b9f6028a8e162 79d4e964a4de0e58973705ff75bd01d22dd163e5 e167d372543fa4e7e3b4c8a17f67dbfb6a60adc1371ae5c7e7e8ebff97829485
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /genfiles/cms/1-285/desktop/media_asset/73ad3e60e189f328e251a53aec716273.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2Fwheel-bet
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2757227m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2757227m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_2757227m_18607c_%22%2C%22pb%22%3A%22fc40969f4a5547868aa12f11866bc762%22%2C%22click_id%22%3A%5B%22Gbjizwcgnzc4SQ1mj2DsfT%22%2C%22Gbjizwcgnzc4SQ1mj2DsfT%22%5D%2C%22site_id%22%3A%22fe58442c%22%2C%22partner_id%22%3A%227f99719f-6df0-4574-8194-8edfe800f8f3%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; platform_type=desktop; auid=sv0dM2Y6RWox/IwhAwkJAg==; window_width=0; SESSION=62a580b9db01b9181375582b577707ff; che_g=bad88088-adde-9a12-b173-ae2d8983d4f3; sh.session.id=c3ec7c3d-3538-4b43-b274-941081661add; application_locale=en; _ga_7V60YW2S5H=GS1.1.1715094895.1.0.1715094895.60.0.0; _ga=GA1.1.1791400071.1715094896
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:56 GMT
content-type: application/json
content-length: 846
last-modified: Mon, 07 Aug 2023 13:49:51 GMT
etag: "730bd58f457e46b6ac3b9f6028a8e162"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/9b68ddfb3774b1a7929de6e484aca49a.json | 178.253.29.51 | 200 OK | 167 B |
URL GET HTTP/21xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/9b68ddfb3774b1a7929de6e484aca49a.json IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hash03158ff80c6e448da55d5672eb032b77 fc39a273b30415c7431f21fecdc4a5bf2694c7e2 e584a61ab508b69c5b9a4ab2e4dd86e3b7e7094547c4739d048ab1f639a8025c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /genfiles/cms/1-285/desktop/media_asset/9b68ddfb3774b1a7929de6e484aca49a.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2Fwheel-bet
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2757227m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2757227m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_2757227m_18607c_%22%2C%22pb%22%3A%22fc40969f4a5547868aa12f11866bc762%22%2C%22click_id%22%3A%5B%22Gbjizwcgnzc4SQ1mj2DsfT%22%2C%22Gbjizwcgnzc4SQ1mj2DsfT%22%5D%2C%22site_id%22%3A%22fe58442c%22%2C%22partner_id%22%3A%227f99719f-6df0-4574-8194-8edfe800f8f3%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; platform_type=desktop; auid=sv0dM2Y6RWox/IwhAwkJAg==; window_width=0; SESSION=62a580b9db01b9181375582b577707ff; che_g=bad88088-adde-9a12-b173-ae2d8983d4f3; sh.session.id=c3ec7c3d-3538-4b43-b274-941081661add; application_locale=en; _ga_7V60YW2S5H=GS1.1.1715094895.1.0.1715094895.60.0.0; _ga=GA1.1.1791400071.1715094896
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:56 GMT
content-type: application/json
content-length: 167
last-modified: Tue, 22 Aug 2023 06:44:19 GMT
etag: "03158ff80c6e448da55d5672eb032b77"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/ab7b4a1bc60033d1ee0be64d0074e4b0.json | 178.253.29.51 | 200 OK | 976 B |
URL GET HTTP/21xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/ab7b4a1bc60033d1ee0be64d0074e4b0.json IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hash5004f1883be9a4a8985c93b9323311d3 3d2a8c62126da89fd84c27b59e816d27a3862e07 af74469643e07baba128bf91fdd87f0f255c8503fae04cb3d17961b600f0617d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /genfiles/cms/1-285/desktop/media_asset/ab7b4a1bc60033d1ee0be64d0074e4b0.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2Fwheel-bet
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2757227m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2757227m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_2757227m_18607c_%22%2C%22pb%22%3A%22fc40969f4a5547868aa12f11866bc762%22%2C%22click_id%22%3A%5B%22Gbjizwcgnzc4SQ1mj2DsfT%22%2C%22Gbjizwcgnzc4SQ1mj2DsfT%22%5D%2C%22site_id%22%3A%22fe58442c%22%2C%22partner_id%22%3A%227f99719f-6df0-4574-8194-8edfe800f8f3%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; platform_type=desktop; auid=sv0dM2Y6RWox/IwhAwkJAg==; window_width=0; SESSION=62a580b9db01b9181375582b577707ff; che_g=bad88088-adde-9a12-b173-ae2d8983d4f3; sh.session.id=c3ec7c3d-3538-4b43-b274-941081661add; application_locale=en; _ga_7V60YW2S5H=GS1.1.1715094895.1.0.1715094895.60.0.0; _ga=GA1.1.1791400071.1715094896
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:56 GMT
content-type: application/json
content-length: 976
last-modified: Wed, 07 Jun 2023 08:08:57 GMT
etag: "5004f1883be9a4a8985c93b9323311d3"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.009
X-Firefox-Spdy: h2
|
|
| www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7V60YW2S5H&cid=1791400071.1715094896>m=45je4510v893859730za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=1799425337 | 142.250.74.163 | | 42 B |
URL www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7V60YW2S5H&cid=1791400071.1715094896>m=45je4510v893859730za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=1799425337 IP142.250.74.163:0
File typeGIF image data, version 89a, 1 x 1 Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7V60YW2S5H&cid=1791400071.1715094896>m=45je4510v893859730za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=1799425337 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 07 May 2024 15:14:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/aa6acd622b31a2a6ee8785b888acb885.json | 178.253.29.51 | 200 OK | 543 B |
URL GET HTTP/21xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/aa6acd622b31a2a6ee8785b888acb885.json IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hash2f999350fc2eea344d910e8a01de406d bcfeaa8fadc7ca87115d7e36c955bd0df504b8ad c73c55fa3a522662241013a108e6043dd4cde3fbfa2be0ed4a4940582e26ed36
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /genfiles/cms/1-285/desktop/media_asset/aa6acd622b31a2a6ee8785b888acb885.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/bonus/rules
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2757227m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2757227m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_2757227m_18607c_%22%2C%22pb%22%3A%22fc40969f4a5547868aa12f11866bc762%22%2C%22click_id%22%3A%5B%22Gbjizwcgnzc4SQ1mj2DsfT%22%2C%22Gbjizwcgnzc4SQ1mj2DsfT%22%5D%2C%22site_id%22%3A%22fe58442c%22%2C%22partner_id%22%3A%227f99719f-6df0-4574-8194-8edfe800f8f3%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; platform_type=desktop; auid=sv0dM2Y6RWox/IwhAwkJAg==; window_width=0; SESSION=62a580b9db01b9181375582b577707ff; che_g=bad88088-adde-9a12-b173-ae2d8983d4f3; sh.session.id=c3ec7c3d-3538-4b43-b274-941081661add; application_locale=en; _ga_7V60YW2S5H=GS1.1.1715094895.1.0.1715094895.60.0.0; _ga=GA1.1.1791400071.1715094896
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:56 GMT
content-type: application/json
content-length: 543
last-modified: Thu, 29 Feb 2024 14:14:28 GMT
etag: "2f999350fc2eea344d910e8a01de406d"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/392fdb004d073448b345d2db7414a498.json | 178.253.29.51 | 200 OK | 822 B |
URL GET HTTP/21xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/392fdb004d073448b345d2db7414a498.json IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hashbe781196159e458a9a157a93f6981363 54b5bb6ddb54aefb6dc1eeeab89afdf48079e959 71bf1763541ee0d4298863f03c291b09029668d448e8077518717b8810ac910f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /genfiles/cms/1-285/desktop/media_asset/392fdb004d073448b345d2db7414a498.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/bonus/rules
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2757227m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2757227m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_2757227m_18607c_%22%2C%22pb%22%3A%22fc40969f4a5547868aa12f11866bc762%22%2C%22click_id%22%3A%5B%22Gbjizwcgnzc4SQ1mj2DsfT%22%2C%22Gbjizwcgnzc4SQ1mj2DsfT%22%5D%2C%22site_id%22%3A%22fe58442c%22%2C%22partner_id%22%3A%227f99719f-6df0-4574-8194-8edfe800f8f3%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; platform_type=desktop; auid=sv0dM2Y6RWox/IwhAwkJAg==; window_width=0; SESSION=62a580b9db01b9181375582b577707ff; che_g=bad88088-adde-9a12-b173-ae2d8983d4f3; sh.session.id=c3ec7c3d-3538-4b43-b274-941081661add; application_locale=en; _ga_7V60YW2S5H=GS1.1.1715094895.1.0.1715094895.60.0.0; _ga=GA1.1.1791400071.1715094896
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:56 GMT
content-type: application/json
content-length: 822
last-modified: Mon, 08 Apr 2024 09:13:00 GMT
etag: "be781196159e458a9a157a93f6981363"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/e06c9d6a2655d78a28144abe88798172.json | 178.253.29.51 | 200 OK | 499 B |
URL GET HTTP/21xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/e06c9d6a2655d78a28144abe88798172.json IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hashe3d17d66f9e675ca9273e04470203275 e676da597ad577652921e9af98e79b986ec158ae 5c26acb3823aedc062268da24385061135d42171888bb5f5a0a8f63ba09c67d2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /genfiles/cms/1-285/desktop/media_asset/e06c9d6a2655d78a28144abe88798172.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/bonus/rules
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2757227m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2757227m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_2757227m_18607c_%22%2C%22pb%22%3A%22fc40969f4a5547868aa12f11866bc762%22%2C%22click_id%22%3A%5B%22Gbjizwcgnzc4SQ1mj2DsfT%22%2C%22Gbjizwcgnzc4SQ1mj2DsfT%22%5D%2C%22site_id%22%3A%22fe58442c%22%2C%22partner_id%22%3A%227f99719f-6df0-4574-8194-8edfe800f8f3%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; platform_type=desktop; auid=sv0dM2Y6RWox/IwhAwkJAg==; window_width=0; SESSION=62a580b9db01b9181375582b577707ff; che_g=bad88088-adde-9a12-b173-ae2d8983d4f3; sh.session.id=c3ec7c3d-3538-4b43-b274-941081661add; application_locale=en; _ga_7V60YW2S5H=GS1.1.1715094895.1.0.1715094895.60.0.0; _ga=GA1.1.1791400071.1715094896
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:56 GMT
content-type: application/json
content-length: 499
last-modified: Mon, 05 Jun 2023 14:13:26 GMT
etag: "e3d17d66f9e675ca9273e04470203275"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/6cedaf252b67d0dbabeecb596db64871.json | 178.253.29.51 | 200 OK | 547 B |
URL GET HTTP/21xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/6cedaf252b67d0dbabeecb596db64871.json IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hashb26a415353b83bc6b08c1cdab5caee2f 85c655b0c74e2a3f6bef230062f2dff910fc6e4e 5a17c23c2edc35555f543a1b5cc623d99383b384d0577d20352c1073439ef663
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /genfiles/cms/1-285/desktop/media_asset/6cedaf252b67d0dbabeecb596db64871.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2Fwheel-bet
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2757227m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2757227m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_2757227m_18607c_%22%2C%22pb%22%3A%22fc40969f4a5547868aa12f11866bc762%22%2C%22click_id%22%3A%5B%22Gbjizwcgnzc4SQ1mj2DsfT%22%2C%22Gbjizwcgnzc4SQ1mj2DsfT%22%5D%2C%22site_id%22%3A%22fe58442c%22%2C%22partner_id%22%3A%227f99719f-6df0-4574-8194-8edfe800f8f3%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; platform_type=desktop; auid=sv0dM2Y6RWox/IwhAwkJAg==; window_width=0; SESSION=62a580b9db01b9181375582b577707ff; che_g=bad88088-adde-9a12-b173-ae2d8983d4f3; sh.session.id=c3ec7c3d-3538-4b43-b274-941081661add; application_locale=en; _ga_7V60YW2S5H=GS1.1.1715094895.1.0.1715094895.60.0.0; _ga=GA1.1.1791400071.1715094896
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:56 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Fri, 02 Feb 2024 08:24:16 GMT
etag: W/"b26a415353b83bc6b08c1cdab5caee2f"
content-encoding: br
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.013
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/bd0cfa10966f2d8720b2c5663287c9e0.json | 178.253.29.51 | 200 OK | 958 B |
URL GET HTTP/21xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/bd0cfa10966f2d8720b2c5663287c9e0.json IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hash24ec1c171afe6836881e2fba1ed559a0 588a08d22de446d484f8f51402994f37ff2527c2 a0c14f5476683e6eb7381c1820c0e914c02911ab9d24170e61548e661017f96f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /genfiles/cms/1-285/desktop/media_asset/bd0cfa10966f2d8720b2c5663287c9e0.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/bonus/rules
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2757227m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2757227m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_2757227m_18607c_%22%2C%22pb%22%3A%22fc40969f4a5547868aa12f11866bc762%22%2C%22click_id%22%3A%5B%22Gbjizwcgnzc4SQ1mj2DsfT%22%2C%22Gbjizwcgnzc4SQ1mj2DsfT%22%5D%2C%22site_id%22%3A%22fe58442c%22%2C%22partner_id%22%3A%227f99719f-6df0-4574-8194-8edfe800f8f3%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; platform_type=desktop; auid=sv0dM2Y6RWox/IwhAwkJAg==; window_width=0; SESSION=62a580b9db01b9181375582b577707ff; che_g=bad88088-adde-9a12-b173-ae2d8983d4f3; sh.session.id=c3ec7c3d-3538-4b43-b274-941081661add; application_locale=en; _ga_7V60YW2S5H=GS1.1.1715094895.1.0.1715094895.60.0.0; _ga=GA1.1.1791400071.1715094896
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:56 GMT
content-type: application/json
content-length: 958
last-modified: Tue, 18 Apr 2023 10:33:32 GMT
etag: "24ec1c171afe6836881e2fba1ed559a0"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/deee851bab70137a6ff846c91be5a425.json | 178.253.29.51 | 200 OK | 184 B |
URL GET HTTP/21xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/deee851bab70137a6ff846c91be5a425.json IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hash36777c63209967831ddd2926e229b69b 7a59de3bd5fd0406a1becbd4fc6bdb49a996a0fa c2087429233dc14f1ad96cf9b7d1f4ecf0f32fabab7fc37999644a488d10dbc2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /genfiles/cms/1-285/desktop/media_asset/deee851bab70137a6ff846c91be5a425.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/bonus/rules
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2757227m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2757227m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_2757227m_18607c_%22%2C%22pb%22%3A%22fc40969f4a5547868aa12f11866bc762%22%2C%22click_id%22%3A%5B%22Gbjizwcgnzc4SQ1mj2DsfT%22%2C%22Gbjizwcgnzc4SQ1mj2DsfT%22%5D%2C%22site_id%22%3A%22fe58442c%22%2C%22partner_id%22%3A%227f99719f-6df0-4574-8194-8edfe800f8f3%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; platform_type=desktop; auid=sv0dM2Y6RWox/IwhAwkJAg==; window_width=0; SESSION=62a580b9db01b9181375582b577707ff; che_g=bad88088-adde-9a12-b173-ae2d8983d4f3; sh.session.id=c3ec7c3d-3538-4b43-b274-941081661add; application_locale=en; _ga_7V60YW2S5H=GS1.1.1715094895.1.0.1715094895.60.0.0; _ga=GA1.1.1791400071.1715094896
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:56 GMT
content-type: application/json
content-length: 184
last-modified: Thu, 09 Nov 2023 06:22:56 GMT
etag: "36777c63209967831ddd2926e229b69b"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| region1.analytics.google.com/g/collect?v=2&tid=G-7V60YW2S5H>m=45je4510v893859730za200&_p=1715094895230&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1791400071.1715094896&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1715094895&sct=1&seg=0&dl=https%3A%2F%2F1xlite-461430.top%2Fpromo-frame%2Fen%2Fpromotion%2Fwheel-bet&dr=https%3A%2F%2F1xlite-461430.top%2Fen%2Fpromotions%2Fwheel-bet%3Ftag%3Dd_2757227m_18607c_%26pb%3Dfc40969f4a5547868aa12f11866bc762%26click_id%3DGbjizwcgnzc4SQ1mj2DsfT%26click_id%3DGbjizwcgnzc4SQ1mj2DsfT%26site_id%3Dfe58442c%26partner_id%3D7f99719f-6df0-4574-8194-8edfe800f8f3%26r%3Dpromotions%2Fwheel-bet&dt=Site&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2333 | 216.239.34.36 | | 0 B |
URL region1.analytics.google.com/g/collect?v=2&tid=G-7V60YW2S5H>m=45je4510v893859730za200&_p=1715094895230&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1791400071.1715094896&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1715094895&sct=1&seg=0&dl=https%3A%2F%2F1xlite-461430.top%2Fpromo-frame%2Fen%2Fpromotion%2Fwheel-bet&dr=https%3A%2F%2F1xlite-461430.top%2Fen%2Fpromotions%2Fwheel-bet%3Ftag%3Dd_2757227m_18607c_%26pb%3Dfc40969f4a5547868aa12f11866bc762%26click_id%3DGbjizwcgnzc4SQ1mj2DsfT%26click_id%3DGbjizwcgnzc4SQ1mj2DsfT%26site_id%3Dfe58442c%26partner_id%3D7f99719f-6df0-4574-8194-8edfe800f8f3%26r%3Dpromotions%2Fwheel-bet&dt=Site&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2333 IP216.239.34.36:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-7V60YW2S5H>m=45je4510v893859730za200&_p=1715094895230&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1791400071.1715094896&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1715094895&sct=1&seg=0&dl=https%3A%2F%2F1xlite-461430.top%2Fpromo-frame%2Fen%2Fpromotion%2Fwheel-bet&dr=https%3A%2F%2F1xlite-461430.top%2Fen%2Fpromotions%2Fwheel-bet%3Ftag%3Dd_2757227m_18607c_%26pb%3Dfc40969f4a5547868aa12f11866bc762%26click_id%3DGbjizwcgnzc4SQ1mj2DsfT%26click_id%3DGbjizwcgnzc4SQ1mj2DsfT%26site_id%3Dfe58442c%26partner_id%3D7f99719f-6df0-4574-8194-8edfe800f8f3%26r%3Dpromotions%2Fwheel-bet&dt=Site&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2333 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://1xlite-461430.top
date: Tue, 07 May 2024 15:14:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/e146d07dba2ed6087cb9b401ce8b1b43.json | 178.253.29.51 | 200 OK | 712 B |
URL GET HTTP/21xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/e146d07dba2ed6087cb9b401ce8b1b43.json IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hash338264fc869e8f0b86b0d6c9d92102b0 83b4d35816df0e1486b766251e74d23f28b77824 015355a44429f40dd63b566dd1e9b1b76af3dfa28dcd25a43e82820ba0847b8d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /genfiles/cms/1-285/desktop/media_asset/e146d07dba2ed6087cb9b401ce8b1b43.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2Fwheel-bet
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2757227m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2757227m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_2757227m_18607c_%22%2C%22pb%22%3A%22fc40969f4a5547868aa12f11866bc762%22%2C%22click_id%22%3A%5B%22Gbjizwcgnzc4SQ1mj2DsfT%22%2C%22Gbjizwcgnzc4SQ1mj2DsfT%22%5D%2C%22site_id%22%3A%22fe58442c%22%2C%22partner_id%22%3A%227f99719f-6df0-4574-8194-8edfe800f8f3%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; platform_type=desktop; auid=sv0dM2Y6RWox/IwhAwkJAg==; window_width=0; SESSION=62a580b9db01b9181375582b577707ff; che_g=bad88088-adde-9a12-b173-ae2d8983d4f3; sh.session.id=c3ec7c3d-3538-4b43-b274-941081661add; application_locale=en; _ga_7V60YW2S5H=GS1.1.1715094895.1.0.1715094895.60.0.0; _ga=GA1.1.1791400071.1715094896
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:56 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Fri, 02 Feb 2024 08:33:56 GMT
etag: W/"338264fc869e8f0b86b0d6c9d92102b0"
content-encoding: br
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/web-api/bonus | 178.253.29.51 | 200 OK | 7.6 kB |
URL GET HTTP/21xlite-461430.top/web-api/bonus IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hash7ae4e8cce7a1e0cb747eec504d0b9a56 c1774de52d91fe890499d94c6dafcaf32a032fde 9ec5756188b32c1bd163ae843df891cd6c73433c7429d06cfddb4f34528a77e6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /web-api/bonus HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/bonus/rules
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2757227m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2757227m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_2757227m_18607c_%22%2C%22pb%22%3A%22fc40969f4a5547868aa12f11866bc762%22%2C%22click_id%22%3A%5B%22Gbjizwcgnzc4SQ1mj2DsfT%22%2C%22Gbjizwcgnzc4SQ1mj2DsfT%22%5D%2C%22site_id%22%3A%22fe58442c%22%2C%22partner_id%22%3A%227f99719f-6df0-4574-8194-8edfe800f8f3%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; platform_type=desktop; auid=sv0dM2Y6RWox/IwhAwkJAg==; window_width=0; SESSION=62a580b9db01b9181375582b577707ff; che_g=bad88088-adde-9a12-b173-ae2d8983d4f3; sh.session.id=c3ec7c3d-3538-4b43-b274-941081661add; application_locale=en; _ga_7V60YW2S5H=GS1.1.1715094895.1.0.1715094895.60.0.0; _ga=GA1.1.1791400071.1715094896
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:57 GMT
content-type: application/vnd.api+json
vary: Accept-Encoding
cache-control: no-cache, private
server-timing: p;dur=234, dt_total;dur=236.290, wf-uht;dur=0.249
traceparent: 00-f4b90f31a5b8dd27e1887cd02506bf51-93b4164457e2c872-01
x-dt: 285
x-time-ng: 0.236
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| region1.analytics.google.com/g/collect?v=2&tid=G-7V60YW2S5H>m=45je4510v893859730za200&_p=1715094895230&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1791400071.1715094896&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AEA&_s=2&sid=1715094895&sct=1&seg=0&dl=https%3A%2F%2F1xlite-461430.top%2Fpromo-frame%2Fen%2Fpromotion%2Fwheel-bet&dr=https%3A%2F%2F1xlite-461430.top%2Fen%2Fpromotions%2Fwheel-bet%3Ftag%3Dd_2757227m_18607c_%26pb%3Dfc40969f4a5547868aa12f11866bc762%26click_id%3DGbjizwcgnzc4SQ1mj2DsfT%26click_id%3DGbjizwcgnzc4SQ1mj2DsfT%26site_id%3Dfe58442c%26partner_id%3D7f99719f-6df0-4574-8194-8edfe800f8f3%26r%3Dpromotions%2Fwheel-bet&dt=Site&en=scroll&epn.percent_scrolled=90&tfd=3164 | 216.239.34.36 | | 0 B |
URL region1.analytics.google.com/g/collect?v=2&tid=G-7V60YW2S5H>m=45je4510v893859730za200&_p=1715094895230&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1791400071.1715094896&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AEA&_s=2&sid=1715094895&sct=1&seg=0&dl=https%3A%2F%2F1xlite-461430.top%2Fpromo-frame%2Fen%2Fpromotion%2Fwheel-bet&dr=https%3A%2F%2F1xlite-461430.top%2Fen%2Fpromotions%2Fwheel-bet%3Ftag%3Dd_2757227m_18607c_%26pb%3Dfc40969f4a5547868aa12f11866bc762%26click_id%3DGbjizwcgnzc4SQ1mj2DsfT%26click_id%3DGbjizwcgnzc4SQ1mj2DsfT%26site_id%3Dfe58442c%26partner_id%3D7f99719f-6df0-4574-8194-8edfe800f8f3%26r%3Dpromotions%2Fwheel-bet&dt=Site&en=scroll&epn.percent_scrolled=90&tfd=3164 IP216.239.34.36:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-7V60YW2S5H>m=45je4510v893859730za200&_p=1715094895230&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1791400071.1715094896&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AEA&_s=2&sid=1715094895&sct=1&seg=0&dl=https%3A%2F%2F1xlite-461430.top%2Fpromo-frame%2Fen%2Fpromotion%2Fwheel-bet&dr=https%3A%2F%2F1xlite-461430.top%2Fen%2Fpromotions%2Fwheel-bet%3Ftag%3Dd_2757227m_18607c_%26pb%3Dfc40969f4a5547868aa12f11866bc762%26click_id%3DGbjizwcgnzc4SQ1mj2DsfT%26click_id%3DGbjizwcgnzc4SQ1mj2DsfT%26site_id%3Dfe58442c%26partner_id%3D7f99719f-6df0-4574-8194-8edfe800f8f3%26r%3Dpromotions%2Fwheel-bet&dt=Site&en=scroll&epn.percent_scrolled=90&tfd=3164 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/3 204 No Content
access-control-allow-origin: https://1xlite-461430.top
date: Tue, 07 May 2024 15:14:57 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/promo-store.jpg | 185.244.209.62 | 200 OK | 49 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/promo-store.jpg IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 315x250, components 3 Hash1c2fbcd07b32b9cb53fce335a61c25b3 49a90889c78c1a98157fa4f37784ed68c0923bfb 2537e87525f9f356342c592f4ed11dc54833c992f615cf0d7c4f56055908f7b0
GET /genfiles/cms/1-285/desktop/bonus/rules/promo-store.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:57 GMT
content-type: image/jpeg
content-length: 49253
last-modified: Tue, 16 May 2023 09:09:12 GMT
etag: "1c2fbcd07b32b9cb53fce335a61c25b3"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-9760234db3b8f01b37532e2166ab5e78-2cba002895245194-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T09:07:45+00:00, 2024-05-07T15:01:56+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-icons/1.0.330/285/common.svg | 185.244.209.62 | 200 OK | 74 kB |
URL GET HTTP/2v3.traincdn.com/sys-icons/1.0.330/285/common.svg IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Hash28c9a01f742e2f5874d5e1758f310052 64028ab3c1b0922d840c1c6e7e65c1b7c2b495db 5449b8e6b4137816d16e6960c5ec9a87cb152d51568acc167ee533730438563e
GET /sys-icons/1.0.330/285/common.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:57 GMT
content-type: image/svg+xml
last-modified: Tue, 16 Apr 2024 09:41:01 GMT
etag: W/"7bf3e9e7d79beac942f5e7748a3af2e6"
x-amz-meta-mtime: 1713260458.134664491
content-encoding: gzip
expires: Fri, 19 Apr 2024 12:42:12 GMT
cache-control: max-age=86400
x-time-ng: 0.001
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-5a5c5a72b01ae846347efee3aa394e9c-ce76c669899a7271-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-18T12:42:12+00:00, 2024-05-06T15:18:42+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/bonus-cms/jg5PV_YdYioJAU_-6Y2q-61NVnwVkPXm/315x250.jpg | 185.244.209.62 | 200 OK | 47 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/bonus-cms/jg5PV_YdYioJAU_-6Y2q-61NVnwVkPXm/315x250.jpg IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJPEG image data, progressive, precision 8, 315x250, components 3 Hash216a38d79f9477b9511e8d6e833776c5 c815c57cfd39b9c878cf00fba194565e2f9d83e2 57cbedf6644066e605c780a59efd060413a8a464ff8531fd9334dcd58a2a1658
GET /genfiles/bonus-cms/jg5PV_YdYioJAU_-6Y2q-61NVnwVkPXm/315x250.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:57 GMT
content-type: image/jpeg
content-length: 47326
last-modified: Sat, 13 Jan 2024 19:54:13 GMT
etag: "216a38d79f9477b9511e8d6e833776c5"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-ac18cde5bc11f8d03633c8d5f7db1bdf-eea3e524979c81ed-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-01-14T13:18:00+00:00, 2024-05-07T14:48:50+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/slot-ten-deposit.jpg | 185.244.209.62 | 200 OK | 44 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/slot-ten-deposit.jpg IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJPEG image data, progressive, precision 8, 315x250, components 3 Hashc37fcadea18df30563df3801edbc452e 79ad3ca2442918aa4c8c7647e4cda21081eaaef3 f5cd0b9aff7d896d296fbca52989ef5e15c3ec075d94a08fc5cda37367325858
GET /genfiles/cms/1-285/desktop/bonus/rules/slot-ten-deposit.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:57 GMT
content-type: image/jpg
content-length: 43559
last-modified: Tue, 11 Apr 2023 17:52:48 GMT
etag: "c37fcadea18df30563df3801edbc452e"
x-time-ng: 0.001
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
x-cached-since: 2024-04-15T20:42:36+00:00
traceparent: 00-8b396b137b79bae81e8df3cc5c3519bb-bb864370b664d740-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/2903bfe80b6e7c82e302d5e50a0c0a15.json | 178.253.29.51 | 200 OK | 36 kB |
URL GET HTTP/21xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/2903bfe80b6e7c82e302d5e50a0c0a15.json IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hash4ceca6711e35f002e5d82e7e710000c1 1bd282f8a354b362b4a860ef3fa2fb915f9211a8 cbb3ecf2ae1465a5d387c3e4582a5bafa1368c96db6ad3cdef0951a363dd9f0d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /genfiles/cms/1-285/desktop/media_asset/2903bfe80b6e7c82e302d5e50a0c0a15.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/bonus/rules
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2757227m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2757227m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_2757227m_18607c_%22%2C%22pb%22%3A%22fc40969f4a5547868aa12f11866bc762%22%2C%22click_id%22%3A%5B%22Gbjizwcgnzc4SQ1mj2DsfT%22%2C%22Gbjizwcgnzc4SQ1mj2DsfT%22%5D%2C%22site_id%22%3A%22fe58442c%22%2C%22partner_id%22%3A%227f99719f-6df0-4574-8194-8edfe800f8f3%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; platform_type=desktop; auid=sv0dM2Y6RWox/IwhAwkJAg==; window_width=0; SESSION=62a580b9db01b9181375582b577707ff; che_g=bad88088-adde-9a12-b173-ae2d8983d4f3; sh.session.id=c3ec7c3d-3538-4b43-b274-941081661add; application_locale=en; _ga_7V60YW2S5H=GS1.1.1715094895.1.0.1715094895.60.0.0; _ga=GA1.1.1791400071.1715094896
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:56 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Thu, 04 Apr 2024 06:25:42 GMT
etag: W/"4ceca6711e35f002e5d82e7e710000c1"
content-encoding: br
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/7ed46ee2457f0198b31a2f0e27129049.json | 178.253.29.51 | 200 OK | 46 kB |
URL GET HTTP/21xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/7ed46ee2457f0198b31a2f0e27129049.json IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hashf117f2ecd3a10db0e2d79159b68fcf2f c3477f016b8a8001b765835b30c64ef6f6a37c95 59d4508907da1d618732422129b741f7288c7b344d0d0d6236f16e16c0bc257d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /genfiles/cms/1-285/desktop/media_asset/7ed46ee2457f0198b31a2f0e27129049.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/bonus/rules
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2757227m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2757227m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_2757227m_18607c_%22%2C%22pb%22%3A%22fc40969f4a5547868aa12f11866bc762%22%2C%22click_id%22%3A%5B%22Gbjizwcgnzc4SQ1mj2DsfT%22%2C%22Gbjizwcgnzc4SQ1mj2DsfT%22%5D%2C%22site_id%22%3A%22fe58442c%22%2C%22partner_id%22%3A%227f99719f-6df0-4574-8194-8edfe800f8f3%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; platform_type=desktop; auid=sv0dM2Y6RWox/IwhAwkJAg==; window_width=0; SESSION=62a580b9db01b9181375582b577707ff; che_g=bad88088-adde-9a12-b173-ae2d8983d4f3; sh.session.id=c3ec7c3d-3538-4b43-b274-941081661add; application_locale=en; _ga_7V60YW2S5H=GS1.1.1715094895.1.0.1715094895.60.0.0; _ga=GA1.1.1791400071.1715094896
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:56 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Mon, 26 Jun 2023 07:10:34 GMT
etag: W/"f117f2ecd3a10db0e2d79159b68fcf2f"
content-encoding: br
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/bets-by-telegram.jpg | 185.244.209.62 | 200 OK | 57 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/bets-by-telegram.jpg IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 315x250, components 3 Hashb36c33ea87fb7182f2f9421abfb72690 580f23b173130d4a62bca8cd1407aec579a53604 3f605506d69c625bc8ea7b0be5ed54a0fa25553c8483d04a9758cbde1ed7c9f4
GET /genfiles/cms/1-285/desktop/bonus/rules/bets-by-telegram.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:57 GMT
content-type: image/jpeg
content-length: 57016
last-modified: Mon, 15 May 2023 10:48:49 GMT
etag: "b36c33ea87fb7182f2f9421abfb72690"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
x-cached-since: 2023-12-18T09:07:45+00:00
traceparent: 00-be217e626c907efbbb99d9feee4bf630-44d2364e5f02f5bc-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/become-legend.jpg | 185.244.209.62 | 200 OK | 90 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/become-legend.jpg IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJPEG image data, progressive, precision 8, 315x250, components 3 Hashe0c1361334cb5a6aa3754a26333118d5 ab90e5a90f440d0021e8f4203009ff0e502a21d7 9b6d8913e5ab587260c00c70cfa1753c922da4504b1b83e77b51aafc431b06dc
GET /genfiles/cms/1-285/desktop/bonus/rules/become-legend.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:57 GMT
content-type: image/jpeg
content-length: 89964
last-modified: Fri, 01 Mar 2024 08:28:39 GMT
etag: "e0c1361334cb5a6aa3754a26333118d5"
x-time-ng: 0.001
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
x-cached-since: 2024-04-15T20:49:53+00:00
traceparent: 00-55bfb43fb5eec5159ee47940cc639f67-a372747a8c0b3ca3-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/bonus-cms/zefs6LIEfbtUI44nkGmWQKOz9Mf44P65/315x250.jpg | 185.244.209.62 | 200 OK | 16 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/bonus-cms/zefs6LIEfbtUI44nkGmWQKOz9Mf44P65/315x250.jpg IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), default quality", baseline, precision 8, 315x250, components 3 Hashb518acee0104246b098bda6134889bc4 e4ca37cab5e6dd8ee57a68d8603a1411e51dfe4b 40b4c87fa9509cc9ca4bd5386c74a81eb68e779059838fe2b31ab7c88b2be463
GET /genfiles/bonus-cms/zefs6LIEfbtUI44nkGmWQKOz9Mf44P65/315x250.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:57 GMT
content-type: image/jpeg
content-length: 16420
last-modified: Mon, 22 Jan 2024 16:34:45 GMT
etag: "b518acee0104246b098bda6134889bc4"
x-time-ng: 0.013
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-710c154ad9d5ac66d9e7ac9ae8b46b9d-7803085cb1cdfaa1-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-10T10:44:06+00:00, 2024-05-07T15:01:56+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/promo-store.webp | 185.244.209.62 | 200 OK | 22 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/promo-store.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp Hash376807f6eceb28fcc2624716e09fbbd9 baf70080537063c8b9df5d817edd6f97d2b66a37 66ccd156391c11311536fe220c908a69687ae95701c6ae2a24e139938dcb70e7
GET /genfiles/cms/1-285/desktop/bonus/rules/promo-store.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:57 GMT
content-type: image/webp
content-length: 22354
last-modified: Tue, 16 May 2023 09:09:04 GMT
etag: "376807f6eceb28fcc2624716e09fbbd9"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-652c0363ded173d525d0153d477188ba-db46de3a9a442354-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T08:27:23+00:00, 2024-05-07T14:18:40+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/bonus-api/bonus?currency=NOK&language=en | 178.253.29.51 | 200 OK | 31 kB |
URL GET HTTP/21xlite-461430.top/bonus-api/bonus?currency=NOK&language=en IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hash3f3bd442e05857c71ca82b3d06825551 1e9e557aeff15a847510b0217465505ae5e2d266 beaa45613af85f47f9561ab54c226998b01c04ebb103b15e937d4999b6644be6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /bonus-api/bonus?currency=NOK&language=en HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/bonus/rules
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2757227m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2757227m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_2757227m_18607c_%22%2C%22pb%22%3A%22fc40969f4a5547868aa12f11866bc762%22%2C%22click_id%22%3A%5B%22Gbjizwcgnzc4SQ1mj2DsfT%22%2C%22Gbjizwcgnzc4SQ1mj2DsfT%22%5D%2C%22site_id%22%3A%22fe58442c%22%2C%22partner_id%22%3A%227f99719f-6df0-4574-8194-8edfe800f8f3%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; platform_type=desktop; auid=sv0dM2Y6RWox/IwhAwkJAg==; window_width=0; SESSION=62a580b9db01b9181375582b577707ff; che_g=bad88088-adde-9a12-b173-ae2d8983d4f3; sh.session.id=c3ec7c3d-3538-4b43-b274-941081661add; application_locale=en; _ga_7V60YW2S5H=GS1.1.1715094895.1.0.1715094895.60.0.0; _ga=GA1.1.1791400071.1715094896
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:57 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: br
server-timing: p;dur=223.13714027405, dt_total;dur=251.504, wf-uht;dur=0.265
traceparent: 00-bf394549d8356e3251243ad362d9892a-16e6232c7ba9b603-01
vary: Accept-Encoding
x-dt: 285
x-request-id: 34a37840c05b665b7dbb24b9cb63c3bc
x-time-ng: 0.229
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/bonus-cms/jg5PV_YdYioJAU_-6Y2q-61NVnwVkPXm/315x250.webp | 185.244.209.62 | 200 OK | 44 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/bonus-cms/jg5PV_YdYioJAU_-6Y2q-61NVnwVkPXm/315x250.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp Hash820c2301c27f8e114d81fccc88c8cbee 247adbb42e4149425c90a98095b859347c016ff1 22c6ceb46195434759afbbe5f799723d4cf658d22d312fb7f194c88782a2cda4
GET /genfiles/bonus-cms/jg5PV_YdYioJAU_-6Y2q-61NVnwVkPXm/315x250.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:57 GMT
content-type: image/webp
content-length: 44068
last-modified: Sat, 13 Jan 2024 19:54:13 GMT
etag: "820c2301c27f8e114d81fccc88c8cbee"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-452719b7673b4a30cd9a19c04e354ab9-27a278a3db62b57a-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-01-14T09:54:27+00:00, 2024-05-07T14:18:39+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/bets-by-telegram.webp | 185.244.209.62 | 200 OK | 22 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/bets-by-telegram.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp Hash39d1dc105345cff4c37199d4ae2857d4 dbeba1282f82a8fbca0045713fee8bf48bd58098 6085511f9d0d73ae4e466fc3392ddad94f271750d945bde6b5abb4143d86d9e9
GET /genfiles/cms/1-285/desktop/bonus/rules/bets-by-telegram.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:57 GMT
content-type: image/webp
content-length: 22154
last-modified: Mon, 15 May 2023 10:48:41 GMT
etag: "39d1dc105345cff4c37199d4ae2857d4"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-d5dae5cc3e2aaab113075c0228f11686-492c0a98ab5665c0-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T07:27:22+00:00, 2024-05-07T14:40:12+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/6383baf4fc61037b3c4990e9b55f947b.json | 178.253.29.51 | 200 OK | 40 kB |
URL GET HTTP/21xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/6383baf4fc61037b3c4990e9b55f947b.json IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hash5964e3e4fd5fa89ee9aee228e1572aa9 a2496d82f9dd777e1095c853e4fe281f33ce131f 6483a840daa604ea63da72f2defeb1cc09e4e4ee09243966f7d7ba49e351e940
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /genfiles/cms/1-285/desktop/media_asset/6383baf4fc61037b3c4990e9b55f947b.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2Fwheel-bet
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2757227m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2757227m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_2757227m_18607c_%22%2C%22pb%22%3A%22fc40969f4a5547868aa12f11866bc762%22%2C%22click_id%22%3A%5B%22Gbjizwcgnzc4SQ1mj2DsfT%22%2C%22Gbjizwcgnzc4SQ1mj2DsfT%22%5D%2C%22site_id%22%3A%22fe58442c%22%2C%22partner_id%22%3A%227f99719f-6df0-4574-8194-8edfe800f8f3%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; platform_type=desktop; auid=sv0dM2Y6RWox/IwhAwkJAg==; window_width=0; SESSION=62a580b9db01b9181375582b577707ff; che_g=bad88088-adde-9a12-b173-ae2d8983d4f3; sh.session.id=c3ec7c3d-3538-4b43-b274-941081661add; application_locale=en; _ga_7V60YW2S5H=GS1.1.1715094895.1.0.1715094895.60.0.0; _ga=GA1.1.1791400071.1715094896
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:56 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Tue, 05 Dec 2023 11:58:07 GMT
etag: W/"5964e3e4fd5fa89ee9aee228e1572aa9"
content-encoding: br
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/631f900db751ade3379a9ff0d7c00b5c.json | 178.253.29.51 | 200 OK | 30 kB |
URL GET HTTP/21xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/631f900db751ade3379a9ff0d7c00b5c.json IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hashdfe0c8d8abf7084df9e624f1f4065e59 6cbd38545e7ff3ee00aca5c80f5eb9847da631b5 e596939ede2be48722c636d78de1ec21e3ab6b65a7d86044ea2cff3fe3e8897f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /genfiles/cms/1-285/desktop/media_asset/631f900db751ade3379a9ff0d7c00b5c.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/bonus/rules
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2757227m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2757227m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_2757227m_18607c_%22%2C%22pb%22%3A%22fc40969f4a5547868aa12f11866bc762%22%2C%22click_id%22%3A%5B%22Gbjizwcgnzc4SQ1mj2DsfT%22%2C%22Gbjizwcgnzc4SQ1mj2DsfT%22%5D%2C%22site_id%22%3A%22fe58442c%22%2C%22partner_id%22%3A%227f99719f-6df0-4574-8194-8edfe800f8f3%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; platform_type=desktop; auid=sv0dM2Y6RWox/IwhAwkJAg==; window_width=0; SESSION=62a580b9db01b9181375582b577707ff; che_g=bad88088-adde-9a12-b173-ae2d8983d4f3; sh.session.id=c3ec7c3d-3538-4b43-b274-941081661add; application_locale=en; _ga_7V60YW2S5H=GS1.1.1715094895.1.0.1715094895.60.0.0; _ga=GA1.1.1791400071.1715094896
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:56 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Fri, 26 Apr 2024 18:28:29 GMT
etag: W/"dfe0c8d8abf7084df9e624f1f4065e59"
content-encoding: br
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/fb98f44e37ba66ce21503d37c8717923.json | 178.253.29.51 | 200 OK | 49 kB |
URL GET HTTP/21xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/fb98f44e37ba66ce21503d37c8717923.json IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hashbecb2e7c22d23ed7b8c378c346c643f1 0b4c891625b0a2b9b528309353d7f614dd6c7b3b d30163973a6fb0b5e99419860a2b5c37a83887cacd08115b71032b1b40220edb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /genfiles/cms/1-285/desktop/media_asset/fb98f44e37ba66ce21503d37c8717923.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/bonus/rules
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2757227m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2757227m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_2757227m_18607c_%22%2C%22pb%22%3A%22fc40969f4a5547868aa12f11866bc762%22%2C%22click_id%22%3A%5B%22Gbjizwcgnzc4SQ1mj2DsfT%22%2C%22Gbjizwcgnzc4SQ1mj2DsfT%22%5D%2C%22site_id%22%3A%22fe58442c%22%2C%22partner_id%22%3A%227f99719f-6df0-4574-8194-8edfe800f8f3%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; platform_type=desktop; auid=sv0dM2Y6RWox/IwhAwkJAg==; window_width=0; SESSION=62a580b9db01b9181375582b577707ff; che_g=bad88088-adde-9a12-b173-ae2d8983d4f3; sh.session.id=c3ec7c3d-3538-4b43-b274-941081661add; application_locale=en; _ga_7V60YW2S5H=GS1.1.1715094895.1.0.1715094895.60.0.0; _ga=GA1.1.1791400071.1715094896
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:56 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Thu, 07 Mar 2024 10:41:59 GMT
etag: W/"becb2e7c22d23ed7b8c378c346c643f1"
content-encoding: br
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/slot-first-deposit.webp | 185.244.209.62 | 200 OK | 9.5 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/slot-first-deposit.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp Hashe74e38a96e2b86b49bce5a4ecdb2e456 8ed3fce32fa8d91d39bd0bb642e3c45516d8a9eb f7ca5371dc68183854f2893aa3d99bba1e080f3b2d6146a99e7561f9b79dbe87
GET /genfiles/cms/1-285/desktop/bonus/rules/slot-first-deposit.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:57 GMT
content-type: image/webp
content-length: 9528
last-modified: Fri, 12 May 2023 09:54:31 GMT
etag: "e74e38a96e2b86b49bce5a4ecdb2e456"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
x-cached-since: 2023-12-18T09:36:29+00:00
traceparent: 00-89f8f4f128be65ed11593a14a7108891-7337100213bee84b-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/bonus-cms/NrYLPexnCMwMSdX6tC-njSau7U0Isq6k/sticker-hunt_2.webp | 185.244.209.62 | 404 Not Found | 118 B |
URL GET HTTP/2v3.traincdn.com/genfiles/bonus-cms/NrYLPexnCMwMSdX6tC-njSau7U0Isq6k/sticker-hunt_2.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hashb58d632409efb03916cfef3229576c55 c2fb66483c899f427b0354d52b080ce8bb6b47c4 b0b0fadb436530e81236a3d97058fc501d732eb24768845c5e97ac8ac3c32176
GET /genfiles/bonus-cms/NrYLPexnCMwMSdX6tC-njSau7U0Isq6k/sticker-hunt_2.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Tue, 07 May 2024 15:14:57 GMT
content-type: text/html; charset=utf-8
content-length: 118
strict-transport-security: max-age=15724800; includeSubDomains
x-id-shield: am3-hw-edge-gc89
traceparent: 00-eb426d77f508023bd2ab88b1616ad74a-a12b8d7762899178-01
x-id: osix-hw-edge-gc4
cache: MISS, MISS
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/become-legend.webp | 185.244.209.62 | 200 OK | 108 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/become-legend.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Size108 kB (107976 bytes) Hash314b18cfe996f7ac145db7d302dcf1b3 cf49cfe63d75c447b4da918bd06d8938584edbfa cd0f72608f9e60537a3a489e47cc2c2718e23837bd24f1dc502d110ccef6bd3c
GET /genfiles/cms/1-285/desktop/bonus/rules/become-legend.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:57 GMT
content-type: image/webp
content-length: 107976
last-modified: Fri, 01 Mar 2024 08:28:39 GMT
etag: "314b18cfe996f7ac145db7d302dcf1b3"
x-time-ng: 0.002
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
x-cached-since: 2024-03-01T11:44:46+00:00
traceparent: 00-036374833de7c97c5690e6e862864659-6cd3b7f05bdce844-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/goalless-football.webp | 185.244.209.62 | 200 OK | 50 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/goalless-football.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash2eb5029e4de53b55ebbbcd6f2bc5f4d9 78e0d7382e7196ef120697bd25c86ce971cf1352 4f46fd0d8f32a4585f0c880fa91cbdfce37bc675c645a2d8e84210baba13440b
GET /genfiles/cms/1-285/desktop/bonus/rules/goalless-football.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:57 GMT
content-type: image/webp
content-length: 50494
last-modified: Wed, 06 Sep 2023 08:29:12 GMT
etag: "2eb5029e4de53b55ebbbcd6f2bc5f4d9"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-b7838b3624cbbf6d14924913cb0f334d-02499045404ea089-01
x-id: osix-hw-edge-gc4
cache: REVALIDATED, REVALIDATED
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/slot-ten-deposit.webp | 185.244.209.62 | 200 OK | 10 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/slot-ten-deposit.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp Hasha55f6bc5288f59157c1f4b0d99200c4f 64b37d821bf692cea5cde5734b3230cecd2b1ae0 0f29e044bfb569e9205e03de27030a08d6b32de2da815a72b059dca1cfea8707
GET /genfiles/cms/1-285/desktop/bonus/rules/slot-ten-deposit.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:57 GMT
content-type: application/octet-stream
content-length: 10366
last-modified: Tue, 11 Apr 2023 17:52:48 GMT
etag: "a55f6bc5288f59157c1f4b0d99200c4f"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
x-cached-since: 2023-12-18T09:03:14+00:00
traceparent: 00-5066881deff213d90fb8863737b338bd-3d79a1cc9203df89-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/1st/1-137.webp | 185.244.209.62 | 404 Not Found | 118 B |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/1st/1-137.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hashb58d632409efb03916cfef3229576c55 c2fb66483c899f427b0354d52b080ce8bb6b47c4 b0b0fadb436530e81236a3d97058fc501d732eb24768845c5e97ac8ac3c32176
GET /genfiles/cms/1-285/desktop/bonus/rules/1st/1-137.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Tue, 07 May 2024 15:14:57 GMT
content-type: text/html; charset=utf-8
content-length: 118
strict-transport-security: max-age=15724800; includeSubDomains
x-id-shield: am3-hw-edge-gc88
traceparent: 00-0575ae106e2300306e68d9ec75479397-fde8d51cf633918f-01
x-id: osix-hw-edge-gc4
cache: MISS, MISS
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/dailytournament.webp | 185.244.209.62 | 200 OK | 41 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/dailytournament.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hasheacf930d797f369ee8a944b514a4fd6d ea83544e05b4e9712fc8a044dc41e4b64dd42d3f 883351a2289a9fc1075ccaea228649d3ec00383ac6f9ec02d553659e4304d604
GET /genfiles/cms/1-285/desktop/bonus/rules/dailytournament.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:57 GMT
content-type: image/webp
content-length: 40640
last-modified: Thu, 13 Apr 2023 11:50:39 GMT
etag: "eacf930d797f369ee8a944b514a4fd6d"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
x-cached-since: 2023-12-18T09:03:14+00:00
traceparent: 00-b1d7f8c4af32b88c7ba54de25b359f6f-279a50de61dd0d29-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/doverie.webp | 185.244.209.62 | 200 OK | 6.0 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/doverie.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp Hash25a2c8bb1250ef2eb614983566886ef4 bb0e43eeee18884437554668b5e1ad56a68e20a4 23852e0d23a0c03d4fd5e5ba37f81083212c85b4c305697ad8b32dd8cef797c1
GET /genfiles/cms/1-285/desktop/bonus/rules/doverie.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:57 GMT
content-type: image/webp
content-length: 6002
last-modified: Tue, 04 Jul 2023 07:20:09 GMT
etag: "25a2c8bb1250ef2eb614983566886ef4"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
x-cached-since: 2023-12-18T09:39:07+00:00
traceparent: 00-52a020053707ecb55cbc26f924ae4d5e-0272e142bdca5aae-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/12d8ee2576692fff036a68507fb52970.json | 178.253.29.51 | 200 OK | 14 kB |
URL GET HTTP/21xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/12d8ee2576692fff036a68507fb52970.json IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hash38f190a4cb1989aed041659da0a372aa eec181f8bddbf93e43c35f7718b3f9dac029bab6 cd2726700d70053e8bc5c7a2c24930598c56856147745eb208722586a17eb6f4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /genfiles/cms/1-285/desktop/media_asset/12d8ee2576692fff036a68507fb52970.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2Fwheel-bet
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2757227m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2757227m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_2757227m_18607c_%22%2C%22pb%22%3A%22fc40969f4a5547868aa12f11866bc762%22%2C%22click_id%22%3A%5B%22Gbjizwcgnzc4SQ1mj2DsfT%22%2C%22Gbjizwcgnzc4SQ1mj2DsfT%22%5D%2C%22site_id%22%3A%22fe58442c%22%2C%22partner_id%22%3A%227f99719f-6df0-4574-8194-8edfe800f8f3%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; platform_type=desktop; auid=sv0dM2Y6RWox/IwhAwkJAg==; window_width=0; SESSION=62a580b9db01b9181375582b577707ff; che_g=bad88088-adde-9a12-b173-ae2d8983d4f3; sh.session.id=c3ec7c3d-3538-4b43-b274-941081661add; application_locale=en; _ga_7V60YW2S5H=GS1.1.1715094895.1.0.1715094895.60.0.0; _ga=GA1.1.1791400071.1715094896
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:56 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Thu, 14 Mar 2024 18:43:34 GMT
etag: W/"38f190a4cb1989aed041659da0a372aa"
content-encoding: br
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.008
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/web-api/api/v3/bonuses/first-deposit | 178.253.29.51 | 200 OK | 27 kB |
URL GET HTTP/21xlite-461430.top/web-api/api/v3/bonuses/first-deposit IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hash6c497f6fefa1ff03d2b3f026ca9ea1b2 67708749c2923ee8fb64f119bfe6601df89cc754 62d6341764aac9fa45a7c7c304e969a0408d60f679d5142d0faa28e178d132c2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /web-api/api/v3/bonuses/first-deposit HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2Fwheel-bet
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2757227m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2757227m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_2757227m_18607c_%22%2C%22pb%22%3A%22fc40969f4a5547868aa12f11866bc762%22%2C%22click_id%22%3A%5B%22Gbjizwcgnzc4SQ1mj2DsfT%22%2C%22Gbjizwcgnzc4SQ1mj2DsfT%22%5D%2C%22site_id%22%3A%22fe58442c%22%2C%22partner_id%22%3A%227f99719f-6df0-4574-8194-8edfe800f8f3%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; platform_type=desktop; auid=sv0dM2Y6RWox/IwhAwkJAg==; window_width=1280; SESSION=62a580b9db01b9181375582b577707ff
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:52 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: br
server-timing: p;dur=40, dt_total;dur=68.523, wf-uht;dur=0.076
traceparent: 00-4b728d0ba7b075f4ee72d259dd1eae37-6eb2d6859038ae12-01
vary: Accept-Encoding
x-dt: 285
x-time-ng: 0.053
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/birthday.webp | 185.244.209.62 | 200 OK | 12 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/birthday.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp Hash9a12fd308fdcacc0adb16d2476e2efe9 fac9675ec0a1041f757f11413fe0c359edd0b141 f7da0fac7df7744f1812cebabe061252bf8e8cb786e066ad76b48f96f1a17b64
GET /genfiles/cms/1-285/desktop/bonus/rules/birthday.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:57 GMT
content-type: image/webp
content-length: 11684
last-modified: Tue, 11 Apr 2023 17:52:19 GMT
etag: "9a12fd308fdcacc0adb16d2476e2efe9"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
x-cached-since: 2023-12-18T09:16:15+00:00
traceparent: 00-a1d56e1ce9239b8388999bd6dc812daf-030f3b7ee5f0f9bb-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/4248ac2021dc04c1d42b10d68aca3b11.json | 178.253.29.51 | 200 OK | 42 kB |
URL GET HTTP/21xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/4248ac2021dc04c1d42b10d68aca3b11.json IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hash5696ef1b371a34f9ef6d91bde17f66e7 888943f8c4faf3a9f29cf2fd2933cefa6c01b24f ada4a21a08ddf6bb03d39fcf39bb6c5d988f6697479abffc92096a157064b2af
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /genfiles/cms/1-285/desktop/media_asset/4248ac2021dc04c1d42b10d68aca3b11.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2Fwheel-bet
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2757227m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2757227m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_2757227m_18607c_%22%2C%22pb%22%3A%22fc40969f4a5547868aa12f11866bc762%22%2C%22click_id%22%3A%5B%22Gbjizwcgnzc4SQ1mj2DsfT%22%2C%22Gbjizwcgnzc4SQ1mj2DsfT%22%5D%2C%22site_id%22%3A%22fe58442c%22%2C%22partner_id%22%3A%227f99719f-6df0-4574-8194-8edfe800f8f3%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; platform_type=desktop; auid=sv0dM2Y6RWox/IwhAwkJAg==; window_width=0; SESSION=62a580b9db01b9181375582b577707ff; che_g=bad88088-adde-9a12-b173-ae2d8983d4f3; sh.session.id=c3ec7c3d-3538-4b43-b274-941081661add; application_locale=en; _ga_7V60YW2S5H=GS1.1.1715094895.1.0.1715094895.60.0.0; _ga=GA1.1.1791400071.1715094896
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:56 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Thu, 04 Apr 2024 11:33:40 GMT
etag: W/"5696ef1b371a34f9ef6d91bde17f66e7"
content-encoding: br
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/blaugrana-crew.jpg | 185.244.209.62 | 200 OK | 81 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/blaugrana-crew.jpg IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJPEG image data, progressive, precision 8, 315x250, components 3 Hash2e4a71a725650c9f993b9b917f132d98 1a7952a4f522c25f2a561fcdf2b89355c42b7233 c1814e03d303819bfdfc285ace748af199d956ae4e38dcf7472c1779df72545d
GET /genfiles/cms/1-285/desktop/bonus/rules/blaugrana-crew.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:57 GMT
content-type: image/jpeg
content-length: 92498
last-modified: Mon, 02 Oct 2023 07:53:39 GMT
etag: "84abd47f4cf44e9163e19d441d0fb8ad"
x-time-ng: 0.002
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
x-cached-since: 2024-04-15T20:42:36+00:00
traceparent: 00-61863003a1e9aca4731ccdbf7185960e-599552764cf58905-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/formula-one-game.webp | 185.244.209.62 | 200 OK | 26 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/formula-one-game.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp Hash3529a9950536352cadc5022231d76608 2883dfd254a6b2ac531e7749bd0986dd4c26b077 f9b9979b91624cafcb1f44cdf9b1a3926417ca700046a19466a94335ff8090cf
GET /genfiles/cms/1-285/desktop/bonus/rules/formula-one-game.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:57 GMT
content-type: application/octet-stream
content-length: 26188
last-modified: Tue, 11 Apr 2023 17:52:28 GMT
etag: "3529a9950536352cadc5022231d76608"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
x-cached-since: 2023-12-18T09:03:14+00:00
traceparent: 00-48b10dd9210d213014abb69aa2748369-13d74d809e6fa791-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/lucky-friday.webp | 185.244.209.62 | 200 OK | 18 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/lucky-friday.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash63ffabeefd0ba919618dbdfdd971c45a a4d6ad655ed680ca06e1f98509005b795f195885 c621e44eb52b43f859381b83442a80570ae098356ef5d581a77c84a4417a3671
GET /genfiles/cms/1-285/desktop/bonus/rules/lucky-friday.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:57 GMT
content-type: image/webp
content-length: 18098
last-modified: Wed, 10 May 2023 13:36:26 GMT
etag: "63ffabeefd0ba919618dbdfdd971c45a"
x-time-ng: 0.002
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
x-cached-since: 2023-12-18T09:16:17+00:00
traceparent: 00-7263cb5f420ed474804003d40167efed-3b4fdc544b27e435-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/web-api/external-api/promotions/wheel-bet | 178.253.29.51 | | 50 kB |
URL 1xlite-461430.top/web-api/external-api/promotions/wheel-bet IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hash99914b932bd37a50b983c5e7c90ae93b bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /web-api/external-api/promotions/wheel-bet HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/promo-frame/en/promotion/wheel-bet
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2757227m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2757227m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_2757227m_18607c_%22%2C%22pb%22%3A%22fc40969f4a5547868aa12f11866bc762%22%2C%22click_id%22%3A%5B%22Gbjizwcgnzc4SQ1mj2DsfT%22%2C%22Gbjizwcgnzc4SQ1mj2DsfT%22%5D%2C%22site_id%22%3A%22fe58442c%22%2C%22partner_id%22%3A%227f99719f-6df0-4574-8194-8edfe800f8f3%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; platform_type=desktop; auid=sv0dM2Y6RWox/IwhAwkJAg==; window_width=0; SESSION=62a580b9db01b9181375582b577707ff; che_g=bad88088-adde-9a12-b173-ae2d8983d4f3; sh.session.id=c3ec7c3d-3538-4b43-b274-941081661add; application_locale=en; _ga_7V60YW2S5H=GS1.1.1715094895.1.0.1715094895.60.0.0; _ga=GA1.1.1791400071.1715094896
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 403 Forbidden
server: nginx
date: Tue, 07 May 2024 15:14:56 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: br
server-timing: p;dur=31, dt_total;dur=88.003
traceparent: 00-0c4beb90db472d598dabce3922ad0b10-029e2cb6a22713a9-01
vary: Accept-Encoding
x-dt: 285
x-time-ng: 0.071
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/express.webp | 185.244.209.62 | 200 OK | 26 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/express.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp Hash76f4f94caeacb3ea3e799f76517c2e77 e4532a2e775a346d81f16c0964b9bfc8cb679842 ac636f011f118593e402c29660bda51edb682670d22b82ca018d05faf7f1e18d
GET /genfiles/cms/1-285/desktop/bonus/rules/express.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:57 GMT
content-type: image/webp
content-length: 26210
last-modified: Fri, 12 May 2023 08:45:56 GMT
etag: "76f4f94caeacb3ea3e799f76517c2e77"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
x-cached-since: 2023-12-18T09:16:15+00:00
traceparent: 00-9010c570a937bde45eecd1f667809fa9-de000cf5110c937e-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/beatus.webp | 185.244.209.62 | 200 OK | 12 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/beatus.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp Hashbbd5effd93dd90aeb3587a33e4976b44 13b331c36e7b5a6e7eaee9fabeaa89efc668af89 ab5e828e09e0e3598e23d4570ec7c4c0e66573de6edda8a103b24c16df63f1c1
GET /genfiles/cms/1-285/desktop/bonus/rules/beatus.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:57 GMT
content-type: image/webp
content-length: 12142
last-modified: Fri, 30 Jun 2023 07:38:24 GMT
etag: "bbd5effd93dd90aeb3587a33e4976b44"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
x-cached-since: 2023-12-18T09:04:50+00:00
traceparent: 00-1b81b79cb8ddbc8e3e5129d4d12957c9-4951d6384bbe1127-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/hyper-bonus.webp | 185.244.209.62 | 200 OK | 62 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/hyper-bonus.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 315x250, components 3 Hash5aaddf2c56dd3132a3eb40fd514309c6 74dc6650e0bc516bbefbe1da71fb5e0243e69191 5989764a0ab5e33ea4d229993ff2842fc8d9fe15e6a7ab42de32fc326e28b1c2
GET /genfiles/cms/1-285/desktop/bonus/rules/hyper-bonus.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:57 GMT
content-type: application/octet-stream
content-length: 61571
last-modified: Tue, 11 Apr 2023 17:52:34 GMT
etag: "5aaddf2c56dd3132a3eb40fd514309c6"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
x-cached-since: 2023-12-18T09:39:07+00:00
traceparent: 00-2bd8543b2976848458042100fcb34d01-9e2eb20076daa0d6-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/af2e2c975cf016bc339c96b6992e1e47.json | 178.253.29.51 | 200 OK | 18 kB |
URL GET HTTP/21xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/af2e2c975cf016bc339c96b6992e1e47.json IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hashb0a50f5239a6ca38097f89684eae43e4 9610ba54f85b3199d09ccbaf5c3439cff43bf28a 5f96d5a91935d8a7f975d433db80afb8a995edc61ad2d8cbb0161b80dc7aec56
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /genfiles/cms/1-285/desktop/media_asset/af2e2c975cf016bc339c96b6992e1e47.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/bonus/rules
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2757227m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2757227m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_2757227m_18607c_%22%2C%22pb%22%3A%22fc40969f4a5547868aa12f11866bc762%22%2C%22click_id%22%3A%5B%22Gbjizwcgnzc4SQ1mj2DsfT%22%2C%22Gbjizwcgnzc4SQ1mj2DsfT%22%5D%2C%22site_id%22%3A%22fe58442c%22%2C%22partner_id%22%3A%227f99719f-6df0-4574-8194-8edfe800f8f3%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; platform_type=desktop; auid=sv0dM2Y6RWox/IwhAwkJAg==; window_width=0; SESSION=62a580b9db01b9181375582b577707ff; che_g=bad88088-adde-9a12-b173-ae2d8983d4f3; sh.session.id=c3ec7c3d-3538-4b43-b274-941081661add; application_locale=en; _ga_7V60YW2S5H=GS1.1.1715094895.1.0.1715094895.60.0.0; _ga=GA1.1.1791400071.1715094896
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:56 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Fri, 12 May 2023 15:17:16 GMT
etag: W/"b0a50f5239a6ca38097f89684eae43e4"
content-encoding: br
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/7ba58ff9bb84da78ec345b09d297b429.json | 178.253.29.51 | 200 OK | 8.1 kB |
URL GET HTTP/21xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/7ba58ff9bb84da78ec345b09d297b429.json IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hashdad3a9b077bc630619a2f0a6422b65ae 21ed76245ef3e318fe37ac6d145ffebeac627956 8db3ba27ae59a7f93f8dbe2f9a499b4e028717aa6c139eef0b78e1ec09eca758
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /genfiles/cms/1-285/desktop/media_asset/7ba58ff9bb84da78ec345b09d297b429.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/bonus/rules
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2757227m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2757227m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_2757227m_18607c_%22%2C%22pb%22%3A%22fc40969f4a5547868aa12f11866bc762%22%2C%22click_id%22%3A%5B%22Gbjizwcgnzc4SQ1mj2DsfT%22%2C%22Gbjizwcgnzc4SQ1mj2DsfT%22%5D%2C%22site_id%22%3A%22fe58442c%22%2C%22partner_id%22%3A%227f99719f-6df0-4574-8194-8edfe800f8f3%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; platform_type=desktop; auid=sv0dM2Y6RWox/IwhAwkJAg==; window_width=0; SESSION=62a580b9db01b9181375582b577707ff; che_g=bad88088-adde-9a12-b173-ae2d8983d4f3; sh.session.id=c3ec7c3d-3538-4b43-b274-941081661add; application_locale=en; _ga_7V60YW2S5H=GS1.1.1715094895.1.0.1715094895.60.0.0; _ga=GA1.1.1791400071.1715094896
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:56 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Tue, 28 Nov 2023 09:26:45 GMT
etag: W/"dad3a9b077bc630619a2f0a6422b65ae"
content-encoding: br
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/web-api/api/web/v1/config/actualDomain | 178.253.29.51 | 200 OK | 22 kB |
URL GET HTTP/21xlite-461430.top/web-api/api/web/v1/config/actualDomain IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hashe90508cca101d9cb990de4c1ac272162 f2eff8d50f5d46fb966acd5ce6eae0e6928698f5 11d2a39f89bd0f2c2d4bce0007c223e73a00e54ac7423b3eff9ceec40b477e99
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /web-api/api/web/v1/config/actualDomain HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2757227m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2757227m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_2757227m_18607c_%22%2C%22pb%22%3A%22fc40969f4a5547868aa12f11866bc762%22%2C%22click_id%22%3A%5B%22Gbjizwcgnzc4SQ1mj2DsfT%22%2C%22Gbjizwcgnzc4SQ1mj2DsfT%22%5D%2C%22site_id%22%3A%22fe58442c%22%2C%22partner_id%22%3A%227f99719f-6df0-4574-8194-8edfe800f8f3%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; platform_type=desktop; auid=sv0dM2Y6RWox/IwhAwkJAg==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:51 GMT
content-type: application/vnd.api+json
vary: Accept-Encoding
cache-control: no-cache, private
server-timing: p;dur=45, dt_total;dur=47.436, wf-uht;dur=0.059
set-cookie: SESSION=62a580b9db01b9181375582b577707ff; path=/; secure; HttpOnly; SameSite=Lax
ua=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
traceparent: 00-4966bf61c82bc82524dd28e362b42d80-eed3b832d72d1876-01
x-dt: 285
x-time-ng: 0.047
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/tv-bet-jackpot.webp | 185.244.209.62 | 200 OK | 9.1 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/tv-bet-jackpot.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp Hashcf73cf5ee3883706242debc9d5f1c52e e071e466fff51b6bff7edf48405c959865bdbe28 53e6a25ee8451c110b3f96164a7917bb8e6f4dfdcf84ec373eebd5b4dc56d88c
GET /genfiles/cms/1-285/desktop/bonus/rules/tv-bet-jackpot.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:58 GMT
content-type: application/octet-stream
content-length: 9094
last-modified: Tue, 11 Apr 2023 17:52:55 GMT
etag: "cf73cf5ee3883706242debc9d5f1c52e"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
x-cached-since: 2023-12-18T09:39:07+00:00
traceparent: 00-1981f68d1288d8c1c5b231538abb21d6-f17bc9469df8b3f1-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/race.webp | 185.244.209.62 | 200 OK | 20 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/race.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp Hashec7e490ee95bbfcbe0960d591252044e 5436d493fbcf370a21f5c3dde65d24d4fd535e9a 8d40342db2cb8b1792f7833eb91a9f7f29f8ce0a5136b2bb944b7e2d2db69722
GET /genfiles/cms/1-285/desktop/bonus/rules/race.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:58 GMT
content-type: image/webp
content-length: 19644
last-modified: Tue, 04 Jul 2023 07:12:14 GMT
etag: "ec7e490ee95bbfcbe0960d591252044e"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
x-cached-since: 2023-12-18T09:16:17+00:00
traceparent: 00-6103fa3ea6ca741bc76842bbd08cb67d-2dd6b9ff9d7ca8fc-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/promo-store-slider.webp | 185.244.209.62 | 200 OK | 30 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/promo-store-slider.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 945x370, Scaling: [none]x[none], YUV color, decoders should clamp Hashfb26390b4171564fe0781859fcceda24 06a0c7a3a55e3c6b9a8e1e57727b3c669f322679 5463e432bd75c1aae1935b19c9965dbf5723c16b73fb5d8290e97b879d8364a7
GET /genfiles/cms/1-285/desktop/bonus/rules/promo-store-slider.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:58 GMT
content-type: image/webp
content-length: 30198
last-modified: Fri, 12 May 2023 09:22:20 GMT
etag: "fb26390b4171564fe0781859fcceda24"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-cd807288dc324363e69263bc1ae8b55a-4979b5f2c8477644-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-01-22T02:30:36+00:00, 2024-05-07T15:02:02+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/bonus-cms/ie7Y_ckIGzliiirADc5IH2JBA_dlC7eU/945x370.webp | 185.244.209.62 | 200 OK | 80 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/bonus-cms/ie7Y_ckIGzliiirADc5IH2JBA_dlC7eU/945x370.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 945x370, Scaling: [none]x[none], YUV color, decoders should clamp Hash9fa64a2876ca3248eebece61f020bbe3 4137b2e942470d844316b2b98841153004f796c2 85021bd78912bc1a5d3e09bd922698fc3f5e6d94d36124981015dd3ed036fb19
GET /genfiles/bonus-cms/ie7Y_ckIGzliiirADc5IH2JBA_dlC7eU/945x370.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:58 GMT
content-type: image/webp
content-length: 80336
last-modified: Fri, 12 Apr 2024 12:30:59 GMT
etag: "9fa64a2876ca3248eebece61f020bbe3"
x-time-ng: 0.003
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-b5e6236a08b7313b30e9802c71e0c320-6bddda2ecfea956b-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T15:01:25+00:00, 2024-05-07T15:02:44+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/bonus-cms/zefs6LIEfbtUI44nkGmWQKOz9Mf44P65/315x250.webp | 185.244.209.62 | 200 OK | 36 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/bonus-cms/zefs6LIEfbtUI44nkGmWQKOz9Mf44P65/315x250.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp Hash66f74329e9044a43bc6b2888ac7f293b a3c599085cb4fd80dca8fa060bc2bd888017696c 8b45e16513005aa85953e81f86b40a79f94badf081c76b3fc037c5d09993ea31
GET /genfiles/bonus-cms/zefs6LIEfbtUI44nkGmWQKOz9Mf44P65/315x250.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:58 GMT
content-type: image/webp
content-length: 35508
last-modified: Mon, 22 Jan 2024 16:34:45 GMT
etag: "66f74329e9044a43bc6b2888ac7f293b"
x-time-ng: 0.009
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-e2df3826b50cbabfad7deb9b5f38d9a7-87980e1142cb81be-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-10T10:44:06+00:00, 2024-05-07T14:40:11+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/top-bins.webp | 185.244.209.62 | 200 OK | 7.6 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/top-bins.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp Hashd11c77ea0b5452913b78f4119b5dc2a6 51bd74151949ed7bfc8b75c6ff5f06695bdd3501 54b074dd43034216f6d809fd57a81c5ed43a4cee62da841ac1041cc05394cd45
GET /genfiles/cms/1-285/desktop/bonus/rules/top-bins.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:58 GMT
content-type: application/octet-stream
content-length: 7550
last-modified: Tue, 11 Apr 2023 17:52:54 GMT
etag: "d11c77ea0b5452913b78f4119b5dc2a6"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
x-cached-since: 2023-12-18T09:40:49+00:00
traceparent: 00-9c3cae67949f157b16ad837d5345ac92-9ad8ca2b596e56e6-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/toto-free.webp | 185.244.209.62 | 200 OK | 15 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/toto-free.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp Hashd1c9cf33b4078a369a2ec162bbc4ec00 8b3a2ec69ed7f3dc2bc597cd49cc4e149c016930 d1dd361e05319a43656238aeb770d4b179ac281cfcbacc4b1f250517fabb442f
GET /genfiles/cms/1-285/desktop/bonus/rules/toto-free.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:58 GMT
content-type: image/webp
content-length: 15338
last-modified: Thu, 29 Jun 2023 09:22:43 GMT
etag: "d1c9cf33b4078a369a2ec162bbc4ec00"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
x-cached-since: 2023-12-18T09:03:14+00:00
traceparent: 00-c25e29cf57e2a8baae55f5c3cd16ee7e-784fc85a5970b2f4-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/vip-cashback/1-137.webp | 185.244.209.62 | 404 Not Found | 118 B |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/vip-cashback/1-137.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hashb58d632409efb03916cfef3229576c55 c2fb66483c899f427b0354d52b080ce8bb6b47c4 b0b0fadb436530e81236a3d97058fc501d732eb24768845c5e97ac8ac3c32176
GET /genfiles/cms/1-285/desktop/bonus/rules/vip-cashback/1-137.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Tue, 07 May 2024 15:14:58 GMT
content-type: text/html; charset=utf-8
content-length: 118
strict-transport-security: max-age=15724800; includeSubDomains
x-id-shield: am3-hw-edge-gc89
traceparent: 00-a374cd7009b3cf005f3ee982609e8b70-0136fddf346afde1-01
x-id: osix-hw-edge-gc4
cache: MISS, MISS
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-promotions-and-bonuses-static/Desktop/Default/44136fa355b3/entry-9fb03a4e.js | 185.244.209.62 | 200 OK | 302 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/sys-promotions-and-bonuses-static/Desktop/Default/44136fa355b3/entry-9fb03a4e.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Size302 kB (302524 bytes) Hash63b912a52897cffdf74101ddc0ac4844 f2ad926389281327eb0f1830561e89ab175fb3ba de3feb1b6ebca64d79472705b6c0ffd88918297cbc3f3a23b5f2841138de1f0b
GET /sys-static/sys-promotions-and-bonuses-static/Desktop/Default/44136fa355b3/entry-9fb03a4e.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:52 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 07 May 2024 14:08:15 GMT
etag: W/"f7627b055873bfef4cd8d3cdf533d7d0"
x-amz-meta-mtime: 1715090739.548183506
content-encoding: gzip
expires: Wed, 08 May 2024 14:12:27 GMT
cache-control: max-age=86400
x-time-ng: 0.003
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
x-cached-since: 2024-05-07T14:12:27+00:00
traceparent: 00-69e742699a4279e3d56513a541efbf38-8eb3fba0c9a7e85d-01
x-id: osix-hw-edge-gc4
cache: HIT, MISS
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/slot-first-deposit-slider.webp | 185.244.209.62 | 200 OK | 34 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/slot-first-deposit-slider.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 945x370, Scaling: [none]x[none], YUV color, decoders should clamp Hashc5774b63275f0389268a7e327d0f407a 81d2fb09c457cd65e2c215244ac5b281a3e6ce77 1099121afbbe2fb3cba7fbd6dd48e0cb8ffaf9191b02278dae692fbbba2a5f86
GET /genfiles/cms/1-285/desktop/bonus/rules/slot-first-deposit-slider.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:58 GMT
content-type: application/octet-stream
content-length: 34112
last-modified: Tue, 11 Apr 2023 17:52:48 GMT
etag: "c5774b63275f0389268a7e327d0f407a"
x-time-ng: 0.001
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
x-cached-since: 2023-12-18T09:39:12+00:00
traceparent: 00-9206f9ace169fcb0387cb1ba742a4b59-d206723091869945-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/bonus-cms/NrYLPexnCMwMSdX6tC-njSau7U0Isq6k/sticker-hunt_2.jpg | 185.244.209.62 | 200 OK | 35 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/bonus-cms/NrYLPexnCMwMSdX6tC-njSau7U0Isq6k/sticker-hunt_2.jpg IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 315x250, components 3 Hashcd68f37caed4fce440617bbfbdc48ed4 ac29fc750245f98996007a7c3484616e10de90b9 0c6bf43c40794a7173623a812f89b868d62c1818e56d29090738cba910af316e
GET /genfiles/bonus-cms/NrYLPexnCMwMSdX6tC-njSau7U0Isq6k/sticker-hunt_2.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:58 GMT
content-type: image/jpeg
content-length: 35001
last-modified: Thu, 07 Mar 2024 10:30:40 GMT
etag: "cd68f37caed4fce440617bbfbdc48ed4"
x-time-ng: 0.003
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-67de4d98bd81f9357135d73093c97a1a-ff0f5c893c46316e-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-03-07T10:30:51+00:00, 2024-05-07T14:40:20+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/1st.webp | 185.244.209.62 | 200 OK | 11 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/1st.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp Hasha9a36fedcff872396a9f3c7f790713a3 b401c66a5f8b5ab3422964dc1df540bdee8897c8 af610352cfbaf762bac809c78a4cd3c768e412c9bf3a3e2a8f795cded58dc474
GET /genfiles/cms/1-285/desktop/bonus/rules/1st.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:58 GMT
content-type: application/octet-stream
content-length: 10554
last-modified: Tue, 11 Apr 2023 17:52:13 GMT
etag: "a9a36fedcff872396a9f3c7f790713a3"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-3f3fae9c81aba9ddc45de6ed0dabf0b6-883fff38e9b8c142-01
x-id: osix-hw-edge-gc4
cache: REVALIDATED, REVALIDATED
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json | 178.253.29.51 | 200 OK | 23 B |
URL POST HTTP/21xlite-461430.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hashb5b6dbac39c20d39e512ad51201bd76b 77f15e5fca9c22f748a82ffa1a49141792616788 ea2db7eac2f8c62211c64a4328fff5379abd9f0140e7bd0d41467c35038fab9d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/bonus/rules
Content-Type: application/json
X-Lang: en
X-Uuid: 57814f3c-418e-45c1-93b0-eefb613f5be9
Content-Length: 316
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2757227m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2757227m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_2757227m_18607c_%22%2C%22pb%22%3A%22fc40969f4a5547868aa12f11866bc762%22%2C%22click_id%22%3A%5B%22Gbjizwcgnzc4SQ1mj2DsfT%22%2C%22Gbjizwcgnzc4SQ1mj2DsfT%22%5D%2C%22site_id%22%3A%22fe58442c%22%2C%22partner_id%22%3A%227f99719f-6df0-4574-8194-8edfe800f8f3%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; platform_type=desktop; auid=sv0dM2Y6RWox/IwhAwkJAg==; window_width=0; SESSION=62a580b9db01b9181375582b577707ff; che_g=bad88088-adde-9a12-b173-ae2d8983d4f3; sh.session.id=c3ec7c3d-3538-4b43-b274-941081661add; application_locale=en; _ga_7V60YW2S5H=GS1.1.1715094895.1.0.1715094895.60.0.0; _ga=GA1.1.1791400071.1715094896
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:58 GMT
content-type: application/json
content-length: 23
x-time-ng: 0.000
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.008
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/vip-cashback.webp | 185.244.209.62 | 200 OK | 6.2 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/vip-cashback.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp Hashc92bc7216404cb1bc46cad557d04a4b4 3ad6adb66ed52e54ef1d7adffaec4bf03f51d6df f652aafdaab581a7843ca7939067e4bacfb5c09255a6408c76644187470ca00b
GET /genfiles/cms/1-285/desktop/bonus/rules/vip-cashback.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:58 GMT
content-type: application/octet-stream
content-length: 6224
last-modified: Tue, 11 Apr 2023 17:52:56 GMT
etag: "c92bc7216404cb1bc46cad557d04a4b4"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
x-cached-since: 2023-12-18T09:06:08+00:00
traceparent: 00-dd0add73f0fa263c2d9c537b3a9fbe12-ad17a35e9c36c531-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/bonus-cms/zefs6LIEfbtUI44nkGmWQKOz9Mf44P65/945x370_2.webp | 185.244.209.62 | 404 Not Found | 118 B |
URL GET HTTP/2v3.traincdn.com/genfiles/bonus-cms/zefs6LIEfbtUI44nkGmWQKOz9Mf44P65/945x370_2.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hashb58d632409efb03916cfef3229576c55 c2fb66483c899f427b0354d52b080ce8bb6b47c4 b0b0fadb436530e81236a3d97058fc501d732eb24768845c5e97ac8ac3c32176
GET /genfiles/bonus-cms/zefs6LIEfbtUI44nkGmWQKOz9Mf44P65/945x370_2.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Tue, 07 May 2024 15:14:59 GMT
content-type: text/html; charset=utf-8
content-length: 118
strict-transport-security: max-age=15724800; includeSubDomains
x-id-shield: am3-hw-edge-gc88
traceparent: 00-aeab29db49ce1c63779667bf76e3602b-797df463be4cd534-01
x-id: osix-hw-edge-gc4
cache: MISS, MISS
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/bonus-cms/zefs6LIEfbtUI44nkGmWQKOz9Mf44P65/945x370_2.jpg | 185.244.209.62 | 200 OK | 35 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/bonus-cms/zefs6LIEfbtUI44nkGmWQKOz9Mf44P65/945x370_2.jpg IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), default quality", baseline, precision 8, 945x370, components 3 Hash78c87f02eb2b93a8aecfe7683d746f02 8fbacfead73e116de04b6e60ad07235a993729f4 f2bbd2c04d7e8753dbe2fc0dc4db944b7fe0b5d4cf64f77bca765214846e206f
GET /genfiles/bonus-cms/zefs6LIEfbtUI44nkGmWQKOz9Mf44P65/945x370_2.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:59 GMT
content-type: image/jpeg
content-length: 35060
last-modified: Mon, 22 Jan 2024 16:37:04 GMT
etag: "78c87f02eb2b93a8aecfe7683d746f02"
x-time-ng: 0.002
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-63c0bb6410f29d1fe148fdffef8ed8d0-d48bda3720471da4-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-10T10:44:20+00:00, 2024-05-07T14:33:40+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/web-api/session | 178.253.29.51 | 204 No Content | 0 B |
URL GET HTTP/21xlite-461430.top/web-api/session IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /web-api/session HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/bonus/rules
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2757227m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2757227m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_2757227m_18607c_%22%2C%22pb%22%3A%22fc40969f4a5547868aa12f11866bc762%22%2C%22click_id%22%3A%5B%22Gbjizwcgnzc4SQ1mj2DsfT%22%2C%22Gbjizwcgnzc4SQ1mj2DsfT%22%5D%2C%22site_id%22%3A%22fe58442c%22%2C%22partner_id%22%3A%227f99719f-6df0-4574-8194-8edfe800f8f3%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; platform_type=desktop; auid=sv0dM2Y6RWox/IwhAwkJAg==; window_width=0; SESSION=62a580b9db01b9181375582b577707ff; che_g=bad88088-adde-9a12-b173-ae2d8983d4f3; sh.session.id=c3ec7c3d-3538-4b43-b274-941081661add; application_locale=en; _ga_7V60YW2S5H=GS1.1.1715094895.1.0.1715094895.60.0.0; _ga=GA1.1.1791400071.1715094896
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Tue, 07 May 2024 15:15:00 GMT
cache-control: no-cache, private
server-timing: p;dur=13, dt_total;dur=18.112, wf-uht;dur=0.026
traceparent: 00-469aa33ea4b4ef00690189927e8ec949-9d2a44d434fff69a-01
x-dt: 285
x-time-ng: 0.018
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/conversion-f0624fc4.js | 185.244.209.62 | 200 OK | 66 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/vendors/conversion-f0624fc4.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators Hash191ff223860f458112e0be2a63bd9857 850dd681d5b31321f00b8df955a455aa9478e44e 40e1fe6d194776c5fa845dda1dbebda9c2bc3154d8c45793ae74a2e1bf147016
GET /_nuxt/desktop/default/vendors/conversion-f0624fc4.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:15:00 GMT
content-type: application/javascript; charset=utf-8
content-length: 66479
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-103af"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:50 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-007973700ab630ccaf631c63a1649b6b-4656f41f2f2c0cc6-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:50+00:00, 2024-05-07T14:48:16+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2 | 185.244.209.62 | 200 OK | 64 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2 IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 63748, version 1.0 Hash6887b6f24414dbc612dbf42ccdc76b70 8068d3abfbc6cbf35b55919da45b1f4d2d136238 fc5c015fc32518f1ed810fa84ca28941eb9d5a3c81acc8df69a4dbbeedef7b0c
GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:15:01 GMT
content-type: font/woff2
content-length: 63748
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "6887b6f24414dbc612dbf42ccdc76b70"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-288946a1cb45ce9d82d159fd8f4814c5-ae97aef3393d8460-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T07:13:59+00:00, 2024-05-07T15:10:08+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Medium.woff2 | 185.244.209.62 | 200 OK | 65 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Medium.woff2 IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 64732, version 1.0 Hash3ac5d40d1b3966fc5eb09ecca74d9cbf a69f32357765dd321519889aeacba5e9ca893bb0 3310766b8f58538d07abded74a2babe1acbe1a3ee820d5b8c8265da666f4fb0c
GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Medium.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:15:01 GMT
content-type: font/woff2
content-length: 64732
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "3ac5d40d1b3966fc5eb09ecca74d9cbf"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-7498d6dafba8a63d7de5862a1da7b425-0e16baa204a26478-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T07:56:30+00:00, 2024-05-07T14:43:55+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2 | 185.244.209.62 | 200 OK | 64 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2 IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 63920, version 1.0 Hasha65527fcb58f66a7cfbc0e6b160538b4 45d260e7fa343401b5bb0df982a014f53e2d253b fb13c3a1cbac60649b76f7d7f85c1645d35ac69b85ce5f4eb0692505ecc2cd45
GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:15:01 GMT
content-type: font/woff2
content-length: 63920
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "a65527fcb58f66a7cfbc0e6b160538b4"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-d40f0b325b2150bd024f5b63ace759a5-7b7bd85751135fd8-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T07:54:39+00:00, 2024-05-07T14:34:41+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/hd-api/external/api/web/v1/j/31ek699d0m0l7j05c8e238f5112e58047e0e2b5b09c7e2f1f986 | 178.253.29.51 | 200 OK | 516 B |
URL POST HTTP/21xlite-461430.top/hd-api/external/api/web/v1/j/31ek699d0m0l7j05c8e238f5112e58047e0e2b5b09c7e2f1f986 IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hash1c18c7f5c9de90e11a720632befcd8f7 e3a997cadea25cadda1b73ff2f8434a4970bdb9d 8b7011421b4ce4acb58100df4a48839a8adc620b5b016d8ee4d015c9e6437fcc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /hd-api/external/api/web/v1/j/31ek699d0m0l7j05c8e238f5112e58047e0e2b5b09c7e2f1f986 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/bonus/rules
X-Requested-With: XMLHttpRequest
Content-Type: application/json
Content-Length: 105916
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2757227m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2757227m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_2757227m_18607c_%22%2C%22pb%22%3A%22fc40969f4a5547868aa12f11866bc762%22%2C%22click_id%22%3A%5B%22Gbjizwcgnzc4SQ1mj2DsfT%22%2C%22Gbjizwcgnzc4SQ1mj2DsfT%22%5D%2C%22site_id%22%3A%22fe58442c%22%2C%22partner_id%22%3A%227f99719f-6df0-4574-8194-8edfe800f8f3%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; platform_type=desktop; auid=sv0dM2Y6RWox/IwhAwkJAg==; window_width=0; SESSION=62a580b9db01b9181375582b577707ff; che_g=bad88088-adde-9a12-b173-ae2d8983d4f3; sh.session.id=c3ec7c3d-3538-4b43-b274-941081661add; application_locale=en; _ga_7V60YW2S5H=GS1.1.1715094895.1.0.1715094895.60.0.0; _ga=GA1.1.1791400071.1715094896
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:15:02 GMT
content-type: application/json
content-length: 516
content-encoding: gzip
traceparent: 00-2ec7d5d252218671e6a5684e31ae7141-100ccc46c9bf6529-01
vary: Accept-Encoding
x-dt: 285
x-request-guid: a9685688445f3ca759c9fe5ff7ef82fe
x-time-ng: 0.048
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=54.775, wf-uht;dur=0.079
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/analytics-a8ae3276.js | 185.244.209.62 | 200 OK | 2.4 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/analytics-a8ae3276.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (6444), with no line terminators Hash60f915b0daad3af04303726381897e81 133c20a7f58c18758483c23f595d5a4f22ba9371 320b5a7d25c926dc55eb7a53f4348bf7c34bd7f5bc6ad3bcd1d16029239dc3a1
GET /_nuxt/desktop/default/analytics-a8ae3276.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:15:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 2434
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-982"
content-encoding: gzip
expires: Wed, 08 May 2024 08:41:52 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-f4c33adb9cf51d0a821da7f728eb36ef-d7b23860a996a1b2-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T08:41:52+00:00, 2024-05-07T09:24:02+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-7JGWL9SV66 | 142.250.74.168 | 200 OK | 106 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=G-7JGWL9SV66 IP142.250.74.168:443
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (10899) Size106 kB (105892 bytes) Hashcdc9852669497e6e92fd3952117a8f3f 00be7ac46b6d68913042157a53e62c965b0342da a84e8207cac36c7d76e0c8bad0697f3338ea33d5f246ddb39faad530ac860ceb
GET /gtag/js?id=G-7JGWL9SV66 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 07 May 2024 15:15:03 GMT
expires: Tue, 07 May 2024 15:15:03 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 105892
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.googletagmanager.com/gtm.js?id=GTM-KFGPRJ2V | 142.250.74.168 | 200 OK | 64 kB |
URL GET HTTP/3www.googletagmanager.com/gtm.js?id=GTM-KFGPRJ2V IP142.250.74.168:443
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (1822) Hash1a560d94c098eeaaa284da14588fdc86 f873b01aab951a84d8b5f37392d90a1e368893a8 d953102aa6771f74b978464eb5ea2d639001ee8f6b0480413e31abcdc091ca5f
GET /gtm.js?id=GTM-KFGPRJ2V HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 07 May 2024 15:15:03 GMT
expires: Tue, 07 May 2024 15:15:03 GMT
cache-control: private, max-age=900
last-modified: Tue, 07 May 2024 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 64448
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| radar.cedexis.com/1/23802/radar.js | 45.54.49.5 | 302 Moved Temporarily | 154 B |
URL GET HTTP/1.1radar.cedexis.com/1/23802/radar.js IP45.54.49.5:443 ASN#63911 NetActuate, Inc
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerDigiCert Inc Subjectradar.cedexis.com Fingerprint33:58:79:8E:87:A5:C3:05:CA:E2:82:50:61:CF:72:83:BD:64:80:C1 ValidityFri, 29 Mar 2024 00:00:00 GMT - Fri, 28 Mar 2025 23:59:59 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hashcfbeaf604823f038b8b46f0ac862b98c 7b9eb1dac48e74fa5f418bc456cb410f88b81d98 20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /1/23802/radar.js HTTP/1.1
Host: radar.cedexis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 07 May 2024 15:15:03 GMT
Content-Type: text/html
Content-Length: 154
Connection: keep-alive
Location: /1707728419/stub.js
Expires: Tue, 07 May 2024 15:25:03 GMT
Cache-Control: max-age=600
Vary: User-Agent,DNT
|
|
| www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7JGWL9SV66&cid=1791400071.1715094896>m=45je4510v897130004za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=1103963482 | 142.250.74.163 | 200 OK | 42 B |
URL GET HTTP/3www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7JGWL9SV66&cid=1791400071.1715094896>m=45je4510v897130004za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=1103963482 IP142.250.74.163:443
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerGoogle Trust Services LLC Subject*.google.no Fingerprint7D:68:6D:B1:32:34:52:51:20:C9:53:FF:B9:B7:8F:7E:05:F9:F5:97 ValidityTue, 16 Apr 2024 04:31:00 GMT - Tue, 09 Jul 2024 04:30:59 GMT
File typeGIF image data, version 89a, 1 x 1 Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7JGWL9SV66&cid=1791400071.1715094896>m=45je4510v897130004za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=1103963482 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 07 May 2024 15:15:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/1st/1-137-slider.webp | 185.244.209.62 | 404 Not Found | 118 B |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/1st/1-137-slider.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hashb58d632409efb03916cfef3229576c55 c2fb66483c899f427b0354d52b080ce8bb6b47c4 b0b0fadb436530e81236a3d97058fc501d732eb24768845c5e97ac8ac3c32176
GET /genfiles/cms/1-285/desktop/bonus/rules/1st/1-137-slider.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Tue, 07 May 2024 15:15:03 GMT
content-type: text/html; charset=utf-8
content-length: 118
strict-transport-security: max-age=15724800; includeSubDomains
x-id-shield: am3-hw-edge-gc89
traceparent: 00-9e8974445adb8aebb03368926a0050f3-8d21624ff045f894-01
x-id: osix-hw-edge-gc4
cache: MISS, MISS
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/1st-slider.webp | 185.244.209.62 | 200 OK | 18 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/1st-slider.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 945x370, Scaling: [none]x[none], YUV color, decoders should clamp Hasha4b243f76ff572881d54d6d590fb7cdf dd97d6d98143012e8adecef2a7fad511f7b6c453 ea844aab8b34dab774ad139535dbdd01f9c3886736e241d34bc2088409ab1f10
GET /genfiles/cms/1-285/desktop/bonus/rules/1st-slider.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:15:03 GMT
content-type: application/octet-stream
content-length: 18056
last-modified: Tue, 11 Apr 2023 17:52:13 GMT
etag: "a4b243f76ff572881d54d6d590fb7cdf"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
x-cached-since: 2023-12-18T09:34:29+00:00
traceparent: 00-86d61dfd292a4fefdf8ba5d4d516be60-4c3472541afa5be2-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| radar.cedexis.com/1707728419/stub.js | 45.54.49.5 | 200 OK | 271 B |
URL GET HTTP/1.1radar.cedexis.com/1707728419/stub.js IP45.54.49.5:443 ASN#63911 NetActuate, Inc
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerDigiCert Inc Subjectradar.cedexis.com Fingerprint33:58:79:8E:87:A5:C3:05:CA:E2:82:50:61:CF:72:83:BD:64:80:C1 ValidityFri, 29 Mar 2024 00:00:00 GMT - Fri, 28 Mar 2025 23:59:59 GMT
File typeJavaScript source, ASCII text Hash82dec77fd0353c7c71ce053b8601387e fbbca95419e1d0c042e0a5fdf10f380aca66188c 39f2b7b0fa78d37d0c84d2d6618bd635d86fd683d9bcdd5729850cb2a62522f7
GET /1707728419/stub.js HTTP/1.1
Host: radar.cedexis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 May 2024 15:15:03 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 12 Feb 2024 09:51:01 GMT
Vary: Accept-Encoding
ETag: W/"65c9ea05-186"
Expires: Tue, 21 May 2024 15:15:03 GMT
Cache-Control: max-age=1209600, public
Content-Encoding: gzip
|
|
| region1.analytics.google.com/g/collect?v=2&tid=G-7JGWL9SV66>m=45je4510v897130004za200&_p=1715094903037&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1791400071.1715094896&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1715094903&sct=1&seg=0&dl=https%3A%2F%2F1xlite-461430.top%2Fen%2Fbonus%2Frules&dt=1xBet%20bonus%20%E1%90%89%20All%201xBet%20bonuses%20%E1%90%89%201xlite-461430.top&en=page_view&_fv=1&_ss=1&_ee=1&ep.optimize_id=GTM-5R4MT54&tfd=15191 | 216.239.34.36 | 204 No Content | 0 B |
URL POST HTTP/3region1.analytics.google.com/g/collect?v=2&tid=G-7JGWL9SV66>m=45je4510v897130004za200&_p=1715094903037&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1791400071.1715094896&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1715094903&sct=1&seg=0&dl=https%3A%2F%2F1xlite-461430.top%2Fen%2Fbonus%2Frules&dt=1xBet%20bonus%20%E1%90%89%20All%201xBet%20bonuses%20%E1%90%89%201xlite-461430.top&en=page_view&_fv=1&_ss=1&_ee=1&ep.optimize_id=GTM-5R4MT54&tfd=15191 IP216.239.34.36:443
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-7JGWL9SV66>m=45je4510v897130004za200&_p=1715094903037&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1791400071.1715094896&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1715094903&sct=1&seg=0&dl=https%3A%2F%2F1xlite-461430.top%2Fen%2Fbonus%2Frules&dt=1xBet%20bonus%20%E1%90%89%20All%201xBet%20bonuses%20%E1%90%89%201xlite-461430.top&en=page_view&_fv=1&_ss=1&_ee=1&ep.optimize_id=GTM-5R4MT54&tfd=15191 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/3 204 No Content
access-control-allow-origin: https://1xlite-461430.top
date: Tue, 07 May 2024 15:15:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| 1xlite-461430.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json | 178.253.29.51 | 200 OK | 23 B |
URL POST HTTP/21xlite-461430.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hashddd5964c8e54c716306bcb17b88ef411 8d4168a86bce350b18ec288d226bc5ad4adc0d94 5c620cdc93c8fda16f95d0e9000a1021ede5d1e862aa5eef0f6eba904470a55d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/bonus/rules
Content-Type: application/json
X-Lang: en
X-Uuid: 57814f3c-418e-45c1-93b0-eefb613f5be9
Content-Length: 99
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2757227m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2757227m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_2757227m_18607c_%22%2C%22pb%22%3A%22fc40969f4a5547868aa12f11866bc762%22%2C%22click_id%22%3A%5B%22Gbjizwcgnzc4SQ1mj2DsfT%22%2C%22Gbjizwcgnzc4SQ1mj2DsfT%22%5D%2C%22site_id%22%3A%22fe58442c%22%2C%22partner_id%22%3A%227f99719f-6df0-4574-8194-8edfe800f8f3%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; platform_type=desktop; auid=sv0dM2Y6RWox/IwhAwkJAg==; window_width=0; SESSION=62a580b9db01b9181375582b577707ff; che_g=bad88088-adde-9a12-b173-ae2d8983d4f3; sh.session.id=c3ec7c3d-3538-4b43-b274-941081661add; application_locale=en; _ga_7V60YW2S5H=GS1.1.1715094895.1.0.1715094895.60.0.0; _ga=GA1.1.1791400071.1715094896; _ga_7JGWL9SV66=GS1.1.1715094903.1.0.1715094903.60.0.0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:15:04 GMT
content-type: application/json
content-length: 23
x-time-ng: 0.001
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.008
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/slot-ten-deposit-slider.webp | 185.244.209.62 | 200 OK | 29 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/slot-ten-deposit-slider.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 945x370, Scaling: [none]x[none], YUV color, decoders should clamp Hash69e08eb4707e2b55f7a4b0d61b671acd ec908bf196e04dc6300a6eafe0a7f8154eaf134f a35c75862eabf6ecb98f298f765eedaa830e221cea1b1a3e2b1c5bc55dc9ef67
GET /genfiles/cms/1-285/desktop/bonus/rules/slot-ten-deposit-slider.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:15:13 GMT
content-type: application/octet-stream
content-length: 29294
last-modified: Tue, 11 Apr 2023 17:52:48 GMT
etag: "69e08eb4707e2b55f7a4b0d61b671acd"
x-time-ng: 0.002
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
x-cached-since: 2024-03-11T07:36:41+00:00
traceparent: 00-305961f342e898cdea64fadaba0ff9da-c0129e6077e0e59a-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/vip-cashback/1-137-slider.webp | 185.244.209.62 | | 118 B |
URL v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/vip-cashback/1-137-slider.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hashb58d632409efb03916cfef3229576c55 c2fb66483c899f427b0354d52b080ce8bb6b47c4 b0b0fadb436530e81236a3d97058fc501d732eb24768845c5e97ac8ac3c32176
GET /genfiles/cms/1-285/desktop/bonus/rules/vip-cashback/1-137-slider.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Tue, 07 May 2024 15:15:18 GMT
content-type: text/html; charset=utf-8
content-length: 118
strict-transport-security: max-age=15724800; includeSubDomains
x-id-shield: am3-hw-edge-gc88
traceparent: 00-86ddd41f66ffe2cc606bf7fe33938647-9d5a512d9b2823a7-01
x-id: osix-hw-edge-gc4
cache: MISS, MISS
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/vip-cashback-slider.webp | 185.244.209.62 | | 28 kB |
URL v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/vip-cashback-slider.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 945x370, Scaling: [none]x[none], YUV color, decoders should clamp Hash45c57f7771b900c3670a51cb5f9773d2 a469f3c4c67920f704bce50ea306987a8b8b521a 6100f06f06c236c8448c2dbe60c7c457c871ef6608798ed43519ac767e484c22
GET /genfiles/cms/1-285/desktop/bonus/rules/vip-cashback-slider.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:15:18 GMT
content-type: application/octet-stream
content-length: 27944
last-modified: Tue, 11 Apr 2023 17:52:56 GMT
etag: "45c57f7771b900c3670a51cb5f9773d2"
x-time-ng: 0.001
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
x-cached-since: 2024-05-05T08:35:34+00:00
traceparent: 00-9a8ce86786e539f14f088797070f6e64-af4a48142ba43d63-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/bff-api/config/contacts.json?type=2&lang=en | 178.253.29.51 | 200 OK | 3.8 kB |
URL GET HTTP/21xlite-461430.top/bff-api/config/contacts.json?type=2&lang=en IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (4380), with no line terminators Hash35b15ddc8b3ddba2cdb3bfc72981faf5 4a827b334a2c3d01ebda12287e001ff2342b1ed8 b73cc38f83e92cafd70e238deb6face9210af5603208057dd1a2077fdec6b3cc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /bff-api/config/contacts.json?type=2&lang=en HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2Fwheel-bet
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2757227m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2757227m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_2757227m_18607c_%22%2C%22pb%22%3A%22fc40969f4a5547868aa12f11866bc762%22%2C%22click_id%22%3A%5B%22Gbjizwcgnzc4SQ1mj2DsfT%22%2C%22Gbjizwcgnzc4SQ1mj2DsfT%22%5D%2C%22site_id%22%3A%22fe58442c%22%2C%22partner_id%22%3A%227f99719f-6df0-4574-8194-8edfe800f8f3%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; platform_type=desktop; auid=sv0dM2Y6RWox/IwhAwkJAg==; window_width=1280; SESSION=62a580b9db01b9181375582b577707ff
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:52 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: br
server-timing: bff;dur=7.15, dt_total;dur=16.923, wf-uht;dur=0.025
traceparent: 00-a6be22437a01649477f763f18d3656dc-63ca7a2cdae25023-01
vary: Accept-Encoding
x-dt: 285
x-time-ng: 0.016
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/dailytournament.jpg | 0.0.0.0 | | 0 B |
URL GET v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/dailytournament.jpg IP0.0.0.0:0
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /genfiles/cms/1-285/desktop/bonus/rules/dailytournament.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/formula-one-game.jpg | 0.0.0.0 | | 0 B |
URL GET v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/formula-one-game.jpg IP0.0.0.0:0
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /genfiles/cms/1-285/desktop/bonus/rules/formula-one-game.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/beatus.jpg | 0.0.0.0 | | 0 B |
URL GET v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/beatus.jpg IP0.0.0.0:0
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /genfiles/cms/1-285/desktop/bonus/rules/beatus.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| 1xlite-461430.top/hd-api/external/api/web/v1/converslon/load | 178.253.29.51 | 200 OK | 32 kB |
URL GET HTTP/21xlite-461430.top/hd-api/external/api/web/v1/converslon/load IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hash92900c18dbdb4e0c594c23e648467f2d f633be838429a32a8a11c230c8f51c577a5da505 469dbbeabbf7327e0a788b38ab30224aa930da7d8bce9b896cbf3a8bbf28af89
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /hd-api/external/api/web/v1/converslon/load HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/bonus/rules
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2757227m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2757227m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_2757227m_18607c_%22%2C%22pb%22%3A%22fc40969f4a5547868aa12f11866bc762%22%2C%22click_id%22%3A%5B%22Gbjizwcgnzc4SQ1mj2DsfT%22%2C%22Gbjizwcgnzc4SQ1mj2DsfT%22%5D%2C%22site_id%22%3A%22fe58442c%22%2C%22partner_id%22%3A%227f99719f-6df0-4574-8194-8edfe800f8f3%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; platform_type=desktop; auid=sv0dM2Y6RWox/IwhAwkJAg==; window_width=0; SESSION=62a580b9db01b9181375582b577707ff; che_g=bad88088-adde-9a12-b173-ae2d8983d4f3; sh.session.id=c3ec7c3d-3538-4b43-b274-941081661add; application_locale=en; _ga_7V60YW2S5H=GS1.1.1715094895.1.0.1715094895.60.0.0; _ga=GA1.1.1791400071.1715094896
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:15:00 GMT
content-type: application/json
content-encoding: gzip
traceparent: 00-ed62f8dc529a80cfbecc4ca5f71529aa-7d9e4a181f40f805-01
vary: Accept-Encoding
x-dt: 285
x-request-guid: b7250de63542da62a2180a65ebacaf13
x-time-ng: 0.029
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=32.640, wf-uht;dur=0.041
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/shared-assets/__shared_localforage_PLMWICWN.js | 185.244.209.62 | 200 OK | 30 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/shared-assets/__shared_localforage_PLMWICWN.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (30255) Hashdfa127e93d125d4f6c566203eaf225f2 32c1fd89c4eeed7ac2a942582b3786659b15cd43 cf5077d1cff62ce76807408ebc2203563b7a221ddf1cf38339c6d54289bff390
GET /sys-static/shared-assets/__shared_localforage_PLMWICWN.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:53 GMT
content-type: text/javascript; charset=utf-8
last-modified: Mon, 06 May 2024 14:40:26 GMT
etag: W/"dfa127e93d125d4f6c566203eaf225f2"
x-amz-meta-mtime: 1715006282.054749806
content-encoding: gzip
expires: Tue, 07 May 2024 15:18:11 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-b6a0298c65693c8fb9eaff158cdf6953-07a41ecfd49d5771-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T15:18:11+00:00, 2024-05-06T16:00:49+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/bonus-cms/rlZ6zENhNy4DpXsJufiOH-vpS1bzc_oS/in-pursuit-of-scudetto.jpg | 0.0.0.0 | | 0 B |
URL GET v3.traincdn.com/genfiles/bonus-cms/rlZ6zENhNy4DpXsJufiOH-vpS1bzc_oS/in-pursuit-of-scudetto.jpg IP0.0.0.0:0
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /genfiles/bonus-cms/rlZ6zENhNy4DpXsJufiOH-vpS1bzc_oS/in-pursuit-of-scudetto.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| 1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/a01e05cae2f5087d31e3dd580b8c1ce3.json | 178.253.29.51 | 200 OK | 14 kB |
URL GET HTTP/21xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/a01e05cae2f5087d31e3dd580b8c1ce3.json IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hash5f6393bd6febc268d33cb235c7eec194 819eb4409582bcea038e527fd5859dde2d13e0e7 9ae42c0a8d88add1a2d54faab5d819c619cb2a2a1eec7595fe1029a91449efb0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /genfiles/cms/1-285/desktop/media_asset/a01e05cae2f5087d31e3dd580b8c1ce3.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/bonus/rules
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2757227m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2757227m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_2757227m_18607c_%22%2C%22pb%22%3A%22fc40969f4a5547868aa12f11866bc762%22%2C%22click_id%22%3A%5B%22Gbjizwcgnzc4SQ1mj2DsfT%22%2C%22Gbjizwcgnzc4SQ1mj2DsfT%22%5D%2C%22site_id%22%3A%22fe58442c%22%2C%22partner_id%22%3A%227f99719f-6df0-4574-8194-8edfe800f8f3%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; platform_type=desktop; auid=sv0dM2Y6RWox/IwhAwkJAg==; window_width=0; SESSION=62a580b9db01b9181375582b577707ff; che_g=bad88088-adde-9a12-b173-ae2d8983d4f3; sh.session.id=c3ec7c3d-3538-4b43-b274-941081661add; application_locale=en; _ga_7V60YW2S5H=GS1.1.1715094895.1.0.1715094895.60.0.0; _ga=GA1.1.1791400071.1715094896
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:56 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Tue, 14 Nov 2023 06:21:55 GMT
etag: W/"5f6393bd6febc268d33cb235c7eec194"
content-encoding: br
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/version.json?timestamp=1715094891927 | 178.253.29.51 | 200 OK | 11 B |
URL GET HTTP/21xlite-461430.top/version.json?timestamp=1715094891927 IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hashf575c6accd47babd26e6c16664af0c10 f8eda90f61739ebcda34788a6208aad7b9b24635 0bfb1f6345c1dd1cb52bb32f983cba77fa6a993c7eb4d66ddbf41b08df7f74e6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /version.json?timestamp=1715094891927 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2757227m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2757227m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_2757227m_18607c_%22%2C%22pb%22%3A%22fc40969f4a5547868aa12f11866bc762%22%2C%22click_id%22%3A%5B%22Gbjizwcgnzc4SQ1mj2DsfT%22%2C%22Gbjizwcgnzc4SQ1mj2DsfT%22%5D%2C%22site_id%22%3A%22fe58442c%22%2C%22partner_id%22%3A%227f99719f-6df0-4574-8194-8edfe800f8f3%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; platform_type=desktop; auid=sv0dM2Y6RWox/IwhAwkJAg==; window_width=1920; SESSION=62a580b9db01b9181375582b577707ff
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:51 GMT
content-type: application/json
content-length: 44
last-modified: Mon, 06 May 2024 10:24:15 GMT
vary: Accept-Encoding
etag: "6638afcf-2c"
content-encoding: gzip
expires: Tue, 07 May 2024 15:15:51 GMT
access-control-allow-origin: *
cache-control: max-age=60, max-age=60, s-maxage=60
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.009
X-Firefox-Spdy: h2
|
|
| widget.suphelper.top/_next/static/chunks/webpack-fb94d2f19425a3e3.js | 172.64.148.184 | 200 OK | 3.8 kB |
URL GET HTTP/2widget.suphelper.top/_next/static/chunks/webpack-fb94d2f19425a3e3.js IP172.64.148.184:443
Requested byhttps://widget.suphelper.top/ CertificateIssuerGoogle Trust Services LLC Subjectsuphelper.top Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36 ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT
File typeJavaScript source, ASCII text, with very long lines (3855), with no line terminators Hash7288e202ab8e4cf1b7f60eed709e0986 c10effeb29bf129a7c81688b9f3a7d5485272e87 56e695b4675b50d55a92f006109771a67da822050f5ae03fd2ad02c1a9565b58
GET /_next/static/chunks/webpack-fb94d2f19425a3e3.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 15:14:53 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://file-hosting-api-stage.kube.prod.cons.lan https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Thu, 09 Nov 2023 06:03:45 GMT
etag: W/"ed0-18bb2adf0eb"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 592538
expires: Wed, 07 May 2025 15:14:53 GMT
server: cloudflare
cf-ray: 8802298b4ff456bb-OSL
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/loss20.jpg | 0.0.0.0 | | 0 B |
URL GET v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/loss20.jpg IP0.0.0.0:0
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /genfiles/cms/1-285/desktop/bonus/rules/loss20.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| widget.suphelper.top/_next/static/chunks/pages/_app-9c47c295eecaa68a.js | 172.64.148.184 | 200 OK | 1.0 MB |
URL GET HTTP/2widget.suphelper.top/_next/static/chunks/pages/_app-9c47c295eecaa68a.js IP172.64.148.184:443
Requested byhttps://widget.suphelper.top/ CertificateIssuerGoogle Trust Services LLC Subjectsuphelper.top Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36 ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size1.0 MB (1015847 bytes) Hash5997e7f54cf2aebf463f16902ccbc7fc 659b9677d6196eabd63ce0feb5f4466accb72df7 08d0ab3696a84b16c7cc5306bf6d83dd27f99a2ce221ed337bf09dec8ebf95db
GET /_next/static/chunks/pages/_app-9c47c295eecaa68a.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 15:14:53 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Thu, 02 May 2024 07:01:48 GMT
etag: W/"f8027-18f381bf92a"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 461243
expires: Wed, 07 May 2025 15:14:53 GMT
server: cloudflare
cf-ray: 8802298b4ffe56bb-OSL
X-Firefox-Spdy: h2
|
|
| widget.suphelper.top/_next/static/f385e6db/_middlewareManifest.js | 172.64.148.184 | 200 OK | 92 B |
URL GET HTTP/2widget.suphelper.top/_next/static/f385e6db/_middlewareManifest.js IP172.64.148.184:443
Requested byhttps://widget.suphelper.top/ CertificateIssuerGoogle Trust Services LLC Subjectsuphelper.top Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36 ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT
File typeASCII text, with no line terminators Hash7c3f7e060745668041278118c0bb3d6d e639f56695b3cc30d78dce7a0084aa8299a1311a de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a
GET /_next/static/f385e6db/_middlewareManifest.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 15:14:53 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Thu, 02 May 2024 07:01:48 GMT
etag: W/"5c-18f381bf92a"
vary: Accept-Encoding
cf-cache-status: HIT
age: 461243
expires: Wed, 07 May 2025 15:14:53 GMT
server: cloudflare
cf-ray: 8802298b682356bb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/e781b67ba2558128946fd2f9d870ffcb.json | 178.253.29.51 | 200 OK | 12 kB |
URL GET HTTP/21xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/e781b67ba2558128946fd2f9d870ffcb.json IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hash9e5da15e44d6b6bab0cfc7c07ba9495d 4a67254b45112089d0833028de0c9c81acb930a3 0d51ae7eaa1511001f9b8b562a49d1b55d177a655f26035364485f02d5384af9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /genfiles/cms/1-285/desktop/media_asset/e781b67ba2558128946fd2f9d870ffcb.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/bonus/rules
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2757227m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2757227m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_2757227m_18607c_%22%2C%22pb%22%3A%22fc40969f4a5547868aa12f11866bc762%22%2C%22click_id%22%3A%5B%22Gbjizwcgnzc4SQ1mj2DsfT%22%2C%22Gbjizwcgnzc4SQ1mj2DsfT%22%5D%2C%22site_id%22%3A%22fe58442c%22%2C%22partner_id%22%3A%227f99719f-6df0-4574-8194-8edfe800f8f3%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; platform_type=desktop; auid=sv0dM2Y6RWox/IwhAwkJAg==; window_width=0; SESSION=62a580b9db01b9181375582b577707ff; che_g=bad88088-adde-9a12-b173-ae2d8983d4f3; sh.session.id=c3ec7c3d-3538-4b43-b274-941081661add; application_locale=en; _ga_7V60YW2S5H=GS1.1.1715094895.1.0.1715094895.60.0.0; _ga=GA1.1.1791400071.1715094896
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:56 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Sat, 20 Apr 2024 09:17:16 GMT
etag: W/"9e5da15e44d6b6bab0cfc7c07ba9495d"
content-encoding: br
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/bff-api/config/all.json?lang=en | 178.253.29.51 | 200 OK | 124 kB |
URL GET HTTP/21xlite-461430.top/bff-api/config/all.json?lang=en IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Size124 kB (123498 bytes) Hashb8dcdf58e5c1baa273343d036b7770ba f482235c789d73d8fc2e902ba6425102ea29f9ba 0b43eb0e6e03055c3ba4dd1336841d78fe577d0e5cbc11cd990772538907823f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /bff-api/config/all.json?lang=en HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2Fwheel-bet
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
x-geoip2-country-code: ru
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2757227m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2757227m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_2757227m_18607c_%22%2C%22pb%22%3A%22fc40969f4a5547868aa12f11866bc762%22%2C%22click_id%22%3A%5B%22Gbjizwcgnzc4SQ1mj2DsfT%22%2C%22Gbjizwcgnzc4SQ1mj2DsfT%22%5D%2C%22site_id%22%3A%22fe58442c%22%2C%22partner_id%22%3A%227f99719f-6df0-4574-8194-8edfe800f8f3%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; platform_type=desktop; auid=sv0dM2Y6RWox/IwhAwkJAg==; window_width=1280; SESSION=62a580b9db01b9181375582b577707ff; che_g=bad88088-adde-9a12-b173-ae2d8983d4f3; sh.session.id=c3ec7c3d-3538-4b43-b274-941081661add; application_locale=en
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:53 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: br
server-timing: bff;dur=3.79, dt_total;dur=38.217, wf-uht;dur=0.057
traceparent: 00-f60a42457ebaa2a9e079a88841557d47-ad5a5c70f92dc1de-01
vary: Accept-Encoding
x-cache-expire: 596
x-cache-hit: 1
x-dt: 285
x-time-ng: 0.016
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/promo-no-risk-bet.jpg | 0.0.0.0 | | 0 B |
URL GET v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/promo-no-risk-bet.jpg IP0.0.0.0:0
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /genfiles/cms/1-285/desktop/bonus/rules/promo-no-risk-bet.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| v3.traincdn.com/genfiles/bonus-cms/Jru2M7Onwk3E236hEq83sDUnan9VRt2a/super-prize-wheel.jpg | 0.0.0.0 | | 0 B |
URL GET v3.traincdn.com/genfiles/bonus-cms/Jru2M7Onwk3E236hEq83sDUnan9VRt2a/super-prize-wheel.jpg IP0.0.0.0:0
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /genfiles/bonus-cms/Jru2M7Onwk3E236hEq83sDUnan9VRt2a/super-prize-wheel.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| v3.traincdn.com/genfiles/bonus-cms/-F4AhdYV5GYOYbffoLsZVIKLXOg1ysIL/candyworks.webp | 185.244.209.62 | 200 OK | 48 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/bonus-cms/-F4AhdYV5GYOYbffoLsZVIKLXOg1ysIL/candyworks.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp Hasha0339a106d8746d304f69e1b730d2b13 3f2b1c54fda62bd6acad6c8e818ca9b0a242ca4c 0f595c354ed2f9e32665d208359fdc786b20358164171744db96644051e49f4d
GET /genfiles/bonus-cms/-F4AhdYV5GYOYbffoLsZVIKLXOg1ysIL/candyworks.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:57 GMT
content-type: image/webp
content-length: 48058
last-modified: Tue, 28 Nov 2023 14:15:19 GMT
etag: "a0339a106d8746d304f69e1b730d2b13"
x-time-ng: 0.003
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-b6b30603c5c893e1a64ffaee1c8d542e-182bb92ce21d863d-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-22T09:03:01+00:00, 2024-05-07T14:49:17+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/shared-assets/__shared_chunk_M4D4AAJL.js | 185.244.209.62 | 200 OK | 101 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/shared-assets/__shared_chunk_M4D4AAJL.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (35828) Size101 kB (100701 bytes) Hash51ddc52774f4e5bd6a6f1c22e9d19674 374c2fbb2b68ad9c28898dfe60da3fd828ccf7c4 642e66ee14ca90b6ff8f91fbfdce400c6834a037dee18a60a72922ea727bb442
GET /sys-static/shared-assets/__shared_chunk_M4D4AAJL.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:53 GMT
content-type: text/javascript; charset=utf-8
last-modified: Mon, 06 May 2024 13:05:33 GMT
etag: W/"51ddc52774f4e5bd6a6f1c22e9d19674"
x-amz-meta-mtime: 1715000580.87646382
content-encoding: gzip
expires: Wed, 08 May 2024 12:42:07 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-7c00d2d7db5e427fe8ba7588b439b7e7-656ad8bf064ff881-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T12:42:07+00:00, 2024-05-07T12:51:04+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| widget.suphelper.top/_next/static/chunks/main-fa1d3b21fd97b583.js | 172.64.148.184 | 200 OK | 108 kB |
URL GET HTTP/2widget.suphelper.top/_next/static/chunks/main-fa1d3b21fd97b583.js IP172.64.148.184:443
Requested byhttps://widget.suphelper.top/ CertificateIssuerGoogle Trust Services LLC Subjectsuphelper.top Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36 ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size108 kB (107844 bytes) Hash83680ce862de40c43fc92e04b1ad0a3d 67eb6762545f4e1fee446794f4738d0f0577b6b4 e70f39978f08895aef6849daf891af65bff03e476eb9b1384dfb36cd4ac9fe75
GET /_next/static/chunks/main-fa1d3b21fd97b583.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 15:14:53 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://file-hosting-api-stage.kube.prod.cons.lan https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Thu, 09 Nov 2023 06:03:45 GMT
etag: W/"1a544-18bb2adf0eb"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 586978
expires: Wed, 07 May 2025 15:14:53 GMT
server: cloudflare
cf-ray: 8802298b4ffc56bb-OSL
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/lucky-friday.jpg | 0.0.0.0 | | 0 B |
URL GET v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/lucky-friday.jpg IP0.0.0.0:0
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /genfiles/cms/1-285/desktop/bonus/rules/lucky-friday.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| widget.suphelper.top/ | 172.64.148.184 | 200 OK | 496 kB |
IP172.64.148.184:443
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerGoogle Trust Services LLC Subjectsuphelper.top Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36 ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT
Size496 kB (496420 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 15:14:53 GMT
content-type: text/html; charset=utf-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=60, stale-while-revalidate=30
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8802298a2e1156bb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-icons/1.0.328/285/logos.svg | 185.244.209.62 | 200 OK | 43 kB |
URL GET HTTP/2v3.traincdn.com/sys-icons/1.0.328/285/logos.svg IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hashc45fb3adb3e47bdbd03c88fc4c4309aa 9ce991739a2879970ba12baf56108c8fcdefefb1 61d5aead50750c6e8a7bfde801abbf6f4ab75e387fdcc748ec6784e219e4d727
GET /sys-icons/1.0.328/285/logos.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:52 GMT
content-type: image/svg+xml
last-modified: Mon, 15 Apr 2024 07:13:32 GMT
etag: W/"c45fb3adb3e47bdbd03c88fc4c4309aa"
x-amz-meta-mtime: 1713165210.217888091
content-encoding: gzip
expires: Tue, 23 Apr 2024 10:38:05 GMT
cache-control: max-age=86400
x-time-ng: 0.003
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-33cbaad2875415defd40de1c191d2c9c-ec7a80ce90e6f99a-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-22T10:38:05+00:00, 2024-05-07T12:12:51+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/multiply2.jpg | 0.0.0.0 | | 0 B |
URL GET v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/multiply2.jpg IP0.0.0.0:0
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /genfiles/cms/1-285/desktop/bonus/rules/multiply2.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/doverie.jpg | 0.0.0.0 | | 0 B |
URL GET v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/doverie.jpg IP0.0.0.0:0
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /genfiles/cms/1-285/desktop/bonus/rules/doverie.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| v3.traincdn.com/genfiles/bonus-cms/LFICyFaKYJ6xVbTBwk-hRRtuo8QrCKg1/lucky-day.webp | 185.244.209.62 | 200 OK | 30 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/bonus-cms/LFICyFaKYJ6xVbTBwk-hRRtuo8QrCKg1/lucky-day.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp Hash127f60172cf16911bf168a7fb61c7ccf 5224ba0a241715cf352c7ea5d2b54d9343cd5877 2c7adb7ce984529f91331d5f8c4d4709471b455e8275d9f8f0fcea7a1b641ee7
GET /genfiles/bonus-cms/LFICyFaKYJ6xVbTBwk-hRRtuo8QrCKg1/lucky-day.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:57 GMT
content-type: image/webp
content-length: 30120
last-modified: Thu, 04 Apr 2024 12:21:49 GMT
etag: "127f60172cf16911bf168a7fb61c7ccf"
x-time-ng: 0.002
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-97d00321f3612ae14c6a04897bbd1483-c06543e1a20bdf69-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-15T09:12:58+00:00, 2024-05-07T15:02:45+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/4e38cdf2b5d77aba4fb2630db5d13097.json | 178.253.29.51 | 200 OK | 14 kB |
URL GET HTTP/21xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/4e38cdf2b5d77aba4fb2630db5d13097.json IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hash00016d59394dbec5ec0fb1cc7cc87f70 ac61517dc4d77edd46e06aa66dca8b47e21fc64a d8a350d41a5611bf32b7c03888b7bd9921eb2b016760c22d95fd5f6cb0c2e8ec
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /genfiles/cms/1-285/desktop/media_asset/4e38cdf2b5d77aba4fb2630db5d13097.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2Fwheel-bet
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2757227m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2757227m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_2757227m_18607c_%22%2C%22pb%22%3A%22fc40969f4a5547868aa12f11866bc762%22%2C%22click_id%22%3A%5B%22Gbjizwcgnzc4SQ1mj2DsfT%22%2C%22Gbjizwcgnzc4SQ1mj2DsfT%22%5D%2C%22site_id%22%3A%22fe58442c%22%2C%22partner_id%22%3A%227f99719f-6df0-4574-8194-8edfe800f8f3%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; platform_type=desktop; auid=sv0dM2Y6RWox/IwhAwkJAg==; window_width=0; SESSION=62a580b9db01b9181375582b577707ff; che_g=bad88088-adde-9a12-b173-ae2d8983d4f3; sh.session.id=c3ec7c3d-3538-4b43-b274-941081661add; application_locale=en; _ga_7V60YW2S5H=GS1.1.1715094895.1.0.1715094895.60.0.0; _ga=GA1.1.1791400071.1715094896
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:56 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Mon, 25 Mar 2024 15:12:10 GMT
etag: W/"00016d59394dbec5ec0fb1cc7cc87f70"
content-encoding: br
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.009
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/b588fb81207704b9bc3e220b71966696.json | 178.253.29.51 | 200 OK | 36 kB |
URL GET HTTP/21xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/b588fb81207704b9bc3e220b71966696.json IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hash82be680bc6bd32b65cef0e3bda368678 5f5ac335405d9c792b43b6aee8d5ab64ac42e5ba 12800d3ad8e368dc1541e334f8f6f669549da16f62b4dae2ebb9929bd88322c7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /genfiles/cms/1-285/desktop/media_asset/b588fb81207704b9bc3e220b71966696.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/bonus/rules
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2757227m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2757227m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_2757227m_18607c_%22%2C%22pb%22%3A%22fc40969f4a5547868aa12f11866bc762%22%2C%22click_id%22%3A%5B%22Gbjizwcgnzc4SQ1mj2DsfT%22%2C%22Gbjizwcgnzc4SQ1mj2DsfT%22%5D%2C%22site_id%22%3A%22fe58442c%22%2C%22partner_id%22%3A%227f99719f-6df0-4574-8194-8edfe800f8f3%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; platform_type=desktop; auid=sv0dM2Y6RWox/IwhAwkJAg==; window_width=0; SESSION=62a580b9db01b9181375582b577707ff; che_g=bad88088-adde-9a12-b173-ae2d8983d4f3; sh.session.id=c3ec7c3d-3538-4b43-b274-941081661add; application_locale=en; _ga_7V60YW2S5H=GS1.1.1715094895.1.0.1715094895.60.0.0; _ga=GA1.1.1791400071.1715094896
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:56 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Mon, 30 Oct 2023 14:20:28 GMT
etag: W/"82be680bc6bd32b65cef0e3bda368678"
content-encoding: br
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/hyper-bonus.jpg | 0.0.0.0 | | 0 B |
URL GET v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/hyper-bonus.jpg IP0.0.0.0:0
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /genfiles/cms/1-285/desktop/bonus/rules/hyper-bonus.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| 1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/6a3b01d318b759a5d8cbcd76fd908037.json | 178.253.29.51 | 200 OK | 2.1 kB |
URL GET HTTP/21xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/6a3b01d318b759a5d8cbcd76fd908037.json IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
File typeASCII text, with very long lines (2345), with no line terminators Hashf28a40d30a99fab8a5ccced08db52f77 063e77333797a10e097679a1e4d17269fc6d3b6b a46ea2afe2103a473c90b17137f840e29d578a74d191daac521d45e9d3cf1d6c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /genfiles/cms/1-285/desktop/media_asset/6a3b01d318b759a5d8cbcd76fd908037.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2757227m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2757227m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_2757227m_18607c_%22%2C%22pb%22%3A%22fc40969f4a5547868aa12f11866bc762%22%2C%22click_id%22%3A%5B%22Gbjizwcgnzc4SQ1mj2DsfT%22%2C%22Gbjizwcgnzc4SQ1mj2DsfT%22%5D%2C%22site_id%22%3A%22fe58442c%22%2C%22partner_id%22%3A%227f99719f-6df0-4574-8194-8edfe800f8f3%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; platform_type=desktop; auid=sv0dM2Y6RWox/IwhAwkJAg==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:51 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Wed, 28 Feb 2024 21:42:45 GMT
etag: W/"eec4805fe0f6e17d5ade92a382f5b068"
content-encoding: br
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/d2dc12263f6f8823abe288bb1ce1a420.json | 178.253.29.51 | 200 OK | 10 kB |
URL GET HTTP/21xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/d2dc12263f6f8823abe288bb1ce1a420.json IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hashee702cdbc65faf50843762bd9534a1aa 5c78ac8aa3155597543f63349686b02926eecd36 ec388b1801623dbd0e1f497cb6a898425222ea538c039b2a8dafc7720cceea28
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /genfiles/cms/1-285/desktop/media_asset/d2dc12263f6f8823abe288bb1ce1a420.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2Fwheel-bet
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2757227m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2757227m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_2757227m_18607c_%22%2C%22pb%22%3A%22fc40969f4a5547868aa12f11866bc762%22%2C%22click_id%22%3A%5B%22Gbjizwcgnzc4SQ1mj2DsfT%22%2C%22Gbjizwcgnzc4SQ1mj2DsfT%22%5D%2C%22site_id%22%3A%22fe58442c%22%2C%22partner_id%22%3A%227f99719f-6df0-4574-8194-8edfe800f8f3%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; platform_type=desktop; auid=sv0dM2Y6RWox/IwhAwkJAg==; window_width=0; SESSION=62a580b9db01b9181375582b577707ff; che_g=bad88088-adde-9a12-b173-ae2d8983d4f3; sh.session.id=c3ec7c3d-3538-4b43-b274-941081661add; application_locale=en; _ga_7V60YW2S5H=GS1.1.1715094895.1.0.1715094895.60.0.0; _ga=GA1.1.1791400071.1715094896
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:56 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Fri, 02 Feb 2024 09:29:23 GMT
etag: W/"ee702cdbc65faf50843762bd9534a1aa"
content-encoding: br
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-icons/1.0.328/285/common.svg | 185.244.209.62 | 200 OK | 147 kB |
URL GET HTTP/2v3.traincdn.com/sys-icons/1.0.328/285/common.svg IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Size147 kB (146981 bytes) Hash7bf3e9e7d79beac942f5e7748a3af2e6 7c6896ef647506806f2cdbe998d8c9eb845a1754 663e2fc5004af9c6c1969fc5827d7ffdbfeec8d4753efd831208cb179f0a488f
GET /sys-icons/1.0.328/285/common.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:52 GMT
content-type: image/svg+xml
last-modified: Mon, 15 Apr 2024 07:13:32 GMT
etag: W/"7bf3e9e7d79beac942f5e7748a3af2e6"
x-amz-meta-mtime: 1713165210.217888091
content-encoding: gzip
expires: Tue, 23 Apr 2024 10:38:01 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-c27aa865b83ded4f67466c826423f9b1-61021ce7cdf1a1e2-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-22T10:38:01+00:00, 2024-05-07T12:12:51+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/vip-cashback/1-137.jpg | 0.0.0.0 | | 0 B |
URL GET v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/vip-cashback/1-137.jpg IP0.0.0.0:0
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /genfiles/cms/1-285/desktop/bonus/rules/vip-cashback/1-137.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| v3.traincdn.com/genfiles/bonus-cms/-F4AhdYV5GYOYbffoLsZVIKLXOg1ysIL/candyworks.png | 0.0.0.0 | | 0 B |
URL GET v3.traincdn.com/genfiles/bonus-cms/-F4AhdYV5GYOYbffoLsZVIKLXOg1ysIL/candyworks.png IP0.0.0.0:0
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /genfiles/bonus-cms/-F4AhdYV5GYOYbffoLsZVIKLXOg1ysIL/candyworks.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/multiply2.webp | 185.244.209.62 | 200 OK | 7.6 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/multiply2.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp Hash1d8bed36881f95d202cadc9e59f6feac 2e02cd8b9fed8a23983e3fae937046ab3bbf024d 75a1bf27b18d5a283419875af020e3b2f435aba02f1b510b76b2f76f6932c23c
GET /genfiles/cms/1-285/desktop/bonus/rules/multiply2.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:57 GMT
content-type: image/webp
content-length: 7566
last-modified: Tue, 11 Apr 2023 17:52:41 GMT
etag: "1d8bed36881f95d202cadc9e59f6feac"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
x-cached-since: 2023-12-18T09:16:15+00:00
traceparent: 00-681a031a91659b8431692c270b4f0573-880324f438a66feb-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/slot-first-deposit-slider.jpg | 0.0.0.0 | | 0 B |
URL GET v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/slot-first-deposit-slider.jpg IP0.0.0.0:0
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /genfiles/cms/1-285/desktop/bonus/rules/slot-first-deposit-slider.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| v3.traincdn.com/sfiles/games-images/game-animations/game-316-animation.svg | 185.244.209.62 | 200 OK | 13 kB |
URL GET HTTP/2v3.traincdn.com/sfiles/games-images/game-animations/game-316-animation.svg IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash0db44d13e7a50cd2da8dd47ff024f1cd 719bb6c0f3bd8ebabc6c3f53606affb21fd9a4b7 92690d6a77132101517ef7ee09173a4629fd85ba10a6a25033ba80f7967e8fe7
GET /sfiles/games-images/game-animations/game-316-animation.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:53 GMT
content-type: image/svg+xml
last-modified: Tue, 16 Jan 2024 08:41:20 GMT
etag: W/"0db44d13e7a50cd2da8dd47ff024f1cd"
x-amz-meta-origin-date-iso8601: 2024-01-12T15:48:06.000Z
expires: Tue, 07 May 2024 00:00:59 GMT
cache-control: max-age=86400, public
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-34caf9daa865fb2e9eb828339b4331fe-08ed6224a7470592-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T00:00:59+00:00, 2024-05-07T00:43:06+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| widget.suphelper.top/_next/static/chunks/1743016e-d00d67a74426f155.js | 172.64.148.184 | 200 OK | 481 kB |
URL GET HTTP/2widget.suphelper.top/_next/static/chunks/1743016e-d00d67a74426f155.js IP172.64.148.184:443
Requested byhttps://widget.suphelper.top/ CertificateIssuerGoogle Trust Services LLC Subjectsuphelper.top Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36 ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size481 kB (480579 bytes) Hash46260bb46d51262abee818c0c3bcf1c6 fe3be222aec74704fad1fa2559788b1fa287094a 20700e65659e04d422580d9c792ba811b7b76de4ec1b3163c284af83bd5a7d6c
GET /_next/static/chunks/1743016e-d00d67a74426f155.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 15:14:53 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Wed, 17 Jan 2024 06:19:55 GMT
etag: W/"75543-18d161388b8"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 586978
expires: Wed, 07 May 2025 15:14:53 GMT
server: cloudflare
cf-ray: 8802298b580356bb-OSL
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/toto-free.jpg | 0.0.0.0 | | 0 B |
URL GET v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/toto-free.jpg IP0.0.0.0:0
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /genfiles/cms/1-285/desktop/bonus/rules/toto-free.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/1st/1-137.jpg | 0.0.0.0 | | 0 B |
URL GET v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/1st/1-137.jpg IP0.0.0.0:0
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /genfiles/cms/1-285/desktop/bonus/rules/1st/1-137.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| 1xlite-461430.top/promo-frame/en/promotion/wheel-bet | 178.253.29.51 | 200 OK | 4.7 kB |
URL GET HTTP/21xlite-461430.top/promo-frame/en/promotion/wheel-bet IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
File typeHTML document, ASCII text, with very long lines (4846), with no line terminators Hash02b0a642db63883f4f12ce2f429f694d 91ffc91b3f03f7456ad5d901417463ca7ecf9c94 0131865f2a81e4581a4842625c79305cc68e1abf0748ab1843e4e506ede9ed88
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /promo-frame/en/promotion/wheel-bet HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions/wheel-bet
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2757227m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2757227m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_2757227m_18607c_%22%2C%22pb%22%3A%22fc40969f4a5547868aa12f11866bc762%22%2C%22click_id%22%3A%5B%22Gbjizwcgnzc4SQ1mj2DsfT%22%2C%22Gbjizwcgnzc4SQ1mj2DsfT%22%5D%2C%22site_id%22%3A%22fe58442c%22%2C%22partner_id%22%3A%227f99719f-6df0-4574-8194-8edfe800f8f3%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; platform_type=desktop; auid=sv0dM2Y6RWox/IwhAwkJAg==; window_width=1280; SESSION=62a580b9db01b9181375582b577707ff; che_g=bad88088-adde-9a12-b173-ae2d8983d4f3; sh.session.id=c3ec7c3d-3538-4b43-b274-941081661add; application_locale=en
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:53 GMT
content-type: text/html; charset=utf-8
accept-ranges: none
content-encoding: gzip
etag: "124c-AFMTvOPx+3DqSCjrWono8hERRQM"
server-timing: total;dur=0;desc="Nuxt Server Time", dt_total;dur=2.038, dt_total;dur=4.122, wf-uht;dur=0.012
traceparent: 00-4f811188babd2c5b8ea0c318b20e789b-e566ab210f191721-01, 00-4f811188babd2c5b8ea0c318b20e789b-e566ab210f191721-01
vary: Accept-Encoding
x-dt: 285, 285
x-time-ng: 0.002, 0.004
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/express.jpg | 0.0.0.0 | | 0 B |
URL GET v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/express.jpg IP0.0.0.0:0
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /genfiles/cms/1-285/desktop/bonus/rules/express.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| 1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/aecbb538226cb01dc9a85286edcff171.json | 178.253.29.51 | 200 OK | 182 B |
URL GET HTTP/21xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/aecbb538226cb01dc9a85286edcff171.json IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
File typeASCII text, with no line terminators Hash1354132df8a5034bcda597127952730c def2db205153babd3de7ea018e4189613aa8ddf6 c7cf9d8f1480c29d3f88a61151a62980f07c279eca2e94748f2d2dd1fa3a5c42
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /genfiles/cms/1-285/desktop/media_asset/aecbb538226cb01dc9a85286edcff171.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/bonus/rules
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2757227m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2757227m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_2757227m_18607c_%22%2C%22pb%22%3A%22fc40969f4a5547868aa12f11866bc762%22%2C%22click_id%22%3A%5B%22Gbjizwcgnzc4SQ1mj2DsfT%22%2C%22Gbjizwcgnzc4SQ1mj2DsfT%22%5D%2C%22site_id%22%3A%22fe58442c%22%2C%22partner_id%22%3A%227f99719f-6df0-4574-8194-8edfe800f8f3%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; platform_type=desktop; auid=sv0dM2Y6RWox/IwhAwkJAg==; window_width=0; SESSION=62a580b9db01b9181375582b577707ff; che_g=bad88088-adde-9a12-b173-ae2d8983d4f3; sh.session.id=c3ec7c3d-3538-4b43-b274-941081661add; application_locale=en; _ga_7V60YW2S5H=GS1.1.1715094895.1.0.1715094895.60.0.0; _ga=GA1.1.1791400071.1715094896
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:56 GMT
content-type: application/json
content-length: 182
last-modified: Tue, 11 Apr 2023 17:53:40 GMT
etag: "e4c69ca8e3916987138c95a26642f53a"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/loss20.webp | 185.244.209.62 | 200 OK | 27 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/loss20.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp Hash0380f55e7529165ae4d1a7711a856e71 62fe2f40e9e20f52c357e54ee693c76bde7f9687 bd318ab4b3134965f5cdc86b6b7b1ef2fd107b2e8607d20a9fbbbf26c9336d89
GET /genfiles/cms/1-285/desktop/bonus/rules/loss20.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:57 GMT
content-type: image/webp
content-length: 27102
last-modified: Tue, 16 May 2023 09:12:24 GMT
etag: "0380f55e7529165ae4d1a7711a856e71"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
x-cached-since: 2023-12-18T09:16:15+00:00
traceparent: 00-ca3d4710bb6444426b69c88ad7707984-6e82c5f03db2b2d1-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| widget.suphelper.top/_next/static/f385e6db/_ssgManifest.js | 172.64.148.184 | 200 OK | 77 B |
URL GET HTTP/2widget.suphelper.top/_next/static/f385e6db/_ssgManifest.js IP172.64.148.184:443
Requested byhttps://widget.suphelper.top/ CertificateIssuerGoogle Trust Services LLC Subjectsuphelper.top Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36 ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT
File typeASCII text, with no line terminators Hashb6652df95db52feb4daf4eca35380933 65451d110137761b318c82d9071c042db80c4036 6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
GET /_next/static/f385e6db/_ssgManifest.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 15:14:53 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Thu, 02 May 2024 07:01:48 GMT
etag: W/"4d-18f381bf92a"
vary: Accept-Encoding
cf-cache-status: HIT
age: 461243
expires: Wed, 07 May 2025 15:14:53 GMT
server: cloudflare
cf-ray: 8802298b581e56bb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/race.jpg | 0.0.0.0 | | 0 B |
URL GET v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/race.jpg IP0.0.0.0:0
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /genfiles/cms/1-285/desktop/bonus/rules/race.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| 1xlite-461430.top/bonus-api/category?currency=NOK&language=en | 178.253.29.51 | 200 OK | 387 B |
URL GET HTTP/21xlite-461430.top/bonus-api/category?currency=NOK&language=en IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (449), with no line terminators Hash4e672680a259a504f146d269489a910c d7d888f3483174b8dbde246bdf830635cccd8acc eefcd963fe16a139c22b0eb41ce903a76d395d33d735081869ae8aef2f721899
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /bonus-api/category?currency=NOK&language=en HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/bonus/rules
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2757227m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2757227m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_2757227m_18607c_%22%2C%22pb%22%3A%22fc40969f4a5547868aa12f11866bc762%22%2C%22click_id%22%3A%5B%22Gbjizwcgnzc4SQ1mj2DsfT%22%2C%22Gbjizwcgnzc4SQ1mj2DsfT%22%5D%2C%22site_id%22%3A%22fe58442c%22%2C%22partner_id%22%3A%227f99719f-6df0-4574-8194-8edfe800f8f3%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; platform_type=desktop; auid=sv0dM2Y6RWox/IwhAwkJAg==; window_width=0; SESSION=62a580b9db01b9181375582b577707ff; che_g=bad88088-adde-9a12-b173-ae2d8983d4f3; sh.session.id=c3ec7c3d-3538-4b43-b274-941081661add; application_locale=en; _ga_7V60YW2S5H=GS1.1.1715094895.1.0.1715094895.60.0.0; _ga=GA1.1.1791400071.1715094896
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:56 GMT
content-type: application/json
content-length: 387
cache-control: no-cache, private
server-timing: p;dur=123.42190742493, dt_total;dur=153.959, wf-uht;dur=0.162
traceparent: 00-a2e2c97b8bdb0e370ecff789b09b84ea-a687ab5a89ccb7f4-01
x-dt: 285
x-request-id: 243a2e0c97d91b6f5664503576410abf
x-time-ng: 0.132
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| widget.suphelper.top/_next/static/chunks/framework-49f1e091cbf6b261.js | 172.64.148.184 | 200 OK | 141 kB |
URL GET HTTP/2widget.suphelper.top/_next/static/chunks/framework-49f1e091cbf6b261.js IP172.64.148.184:443
Requested byhttps://widget.suphelper.top/ CertificateIssuerGoogle Trust Services LLC Subjectsuphelper.top Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36 ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size141 kB (140949 bytes) Hash896d1930437c1ab92b8a359c1d6fdaae 71e0e23d1af9722f356eb5d1c497d100ec8b0f7a 8c508636d885890bfb5c56bcd6dad1b8b64c498781d351b588a8de7f686774d4
GET /_next/static/chunks/framework-49f1e091cbf6b261.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 15:14:53 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Mon, 11 Mar 2024 06:37:37 GMT
etag: W/"22695-18e2c3b24d9"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 592538
expires: Wed, 07 May 2025 15:14:53 GMT
server: cloudflare
cf-ray: 8802298b4ff956bb-OSL
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/bonus-cms/rlZ6zENhNy4DpXsJufiOH-vpS1bzc_oS/in-pursuit-of-scudetto.webp | 185.244.209.62 | 200 OK | 38 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/bonus-cms/rlZ6zENhNy4DpXsJufiOH-vpS1bzc_oS/in-pursuit-of-scudetto.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp Hash1d495d767fa8c94066d188431eb797e0 940bc07d4ac6fc836661b6e3d0860509de648b3b e6aff9ac6666aeef484341c417a21fcddc49f9488af30b03a20af0d1a722eb94
GET /genfiles/bonus-cms/rlZ6zENhNy4DpXsJufiOH-vpS1bzc_oS/in-pursuit-of-scudetto.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:57 GMT
content-type: image/webp
content-length: 38184
last-modified: Wed, 10 Jan 2024 05:53:56 GMT
etag: "1d495d767fa8c94066d188431eb797e0"
x-time-ng: 0.002
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-10b79c66a48a2e9659d922f25d39a3ab-cf14fa6c5d90a2b0-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-01-16T11:30:17+00:00, 2024-05-07T14:33:37+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| widget.suphelper.top/_next/static/chunks/pages/index-ed7cd77912c6e3a9.js | 172.64.148.184 | 200 OK | 107 kB |
URL GET HTTP/2widget.suphelper.top/_next/static/chunks/pages/index-ed7cd77912c6e3a9.js IP172.64.148.184:443
Requested byhttps://widget.suphelper.top/ CertificateIssuerGoogle Trust Services LLC Subjectsuphelper.top Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36 ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size107 kB (107186 bytes) Hashd0a7ecc59065580118a9ea8880c58962 21573546ac5011592094ef6aea0696ccdeb2164d e1b09efa81ca44cda394e366b64fbf2b3f0725eab9ad24782839cbb8f66842b5
GET /_next/static/chunks/pages/index-ed7cd77912c6e3a9.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 15:14:53 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Wed, 24 Apr 2024 22:20:24 GMT
etag: W/"1a2b2-18f12321a97"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 596819
expires: Wed, 07 May 2025 15:14:53 GMT
server: cloudflare
cf-ray: 8802298b581456bb-OSL
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/bonus-cms/LFICyFaKYJ6xVbTBwk-hRRtuo8QrCKg1/lucky-day.jpg | 0.0.0.0 | | 0 B |
URL GET v3.traincdn.com/genfiles/bonus-cms/LFICyFaKYJ6xVbTBwk-hRRtuo8QrCKg1/lucky-day.jpg IP0.0.0.0:0
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /genfiles/bonus-cms/LFICyFaKYJ6xVbTBwk-hRRtuo8QrCKg1/lucky-day.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/esportsera.jpg | 0.0.0.0 | | 0 B |
URL GET v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/esportsera.jpg IP0.0.0.0:0
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /genfiles/cms/1-285/desktop/bonus/rules/esportsera.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/champions-season.webp | 185.244.209.62 | 200 OK | 12 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/champions-season.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashbf8cbebb37d6522d39bbb5d6c5d736bf 7dc6cdccb164a0b098f2d9d1f137818f5f38241a 84fd6d05039b9501f02f89baada0ade73918cbc8a65cf09eac1ad95bbccc27ca
GET /genfiles/cms/1-285/desktop/bonus/rules/champions-season.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:57 GMT
content-type: image/webp
content-length: 11908
last-modified: Wed, 06 Sep 2023 12:28:01 GMT
etag: "bf8cbebb37d6522d39bbb5d6c5d736bf"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
x-cached-since: 2023-12-18T09:03:14+00:00
traceparent: 00-9fdcb7aeab4b5b1e71456ec59591cac9-71fc94f0bde99b6a-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/bonus-cms/ie7Y_ckIGzliiirADc5IH2JBA_dlC7eU/315x250.webp | 185.244.209.62 | 200 OK | 30 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/bonus-cms/ie7Y_ckIGzliiirADc5IH2JBA_dlC7eU/315x250.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp Hash905dd1d3172673fc22a835b1cf858948 61c67b62dfcbacb5bd6698d0c2bb154cf7405615 36db7919d6f4f2770823e140becedb8d983a4b0ce1048e0c12cd2557bf668e8c
GET /genfiles/bonus-cms/ie7Y_ckIGzliiirADc5IH2JBA_dlC7eU/315x250.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:57 GMT
content-type: image/webp
content-length: 29872
last-modified: Fri, 12 Apr 2024 12:30:49 GMT
etag: "905dd1d3172673fc22a835b1cf858948"
x-time-ng: 0.003
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-d1342202652da076c203119bb1abf4f8-a4ba16558344d0d6-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T15:01:22+00:00, 2024-05-07T15:02:03+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/promo-no-risk-bet.webp | 185.244.209.62 | 200 OK | 50 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/promo-no-risk-bet.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash61884a79292df9a69ea556b9adbdb453 a925df3d537f64ded7c93d6d46719f6933eedaba 6f949e72638072f5014d3710883383047f95344febff58dbe5a6dc47c753d5ff
GET /genfiles/cms/1-285/desktop/bonus/rules/promo-no-risk-bet.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:57 GMT
content-type: image/webp
content-length: 49656
last-modified: Tue, 11 Apr 2023 17:52:46 GMT
etag: "61884a79292df9a69ea556b9adbdb453"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
x-cached-since: 2023-12-18T09:16:15+00:00
traceparent: 00-cab8e7c1ea99052f980786f263cd62d3-052c07ed4d5a22ed-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/9ca5a248842d90707684710c016ea5d2.json | 178.253.29.51 | 200 OK | 8.1 kB |
URL GET HTTP/21xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/9ca5a248842d90707684710c016ea5d2.json IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
File typeASCII text, with very long lines (8926), with no line terminators Hash33a8d84b65be76b07b379586ce0f30f4 d3c3a3a7c188444d7c25961a62149b97f9de1725 8cbf747c3e3ffa25baee745930d5855d78ec027e3e0c6e0bc69bfde8bc16aeaa
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /genfiles/cms/1-285/desktop/media_asset/9ca5a248842d90707684710c016ea5d2.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/bonus/rules
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2757227m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2757227m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_2757227m_18607c_%22%2C%22pb%22%3A%22fc40969f4a5547868aa12f11866bc762%22%2C%22click_id%22%3A%5B%22Gbjizwcgnzc4SQ1mj2DsfT%22%2C%22Gbjizwcgnzc4SQ1mj2DsfT%22%5D%2C%22site_id%22%3A%22fe58442c%22%2C%22partner_id%22%3A%227f99719f-6df0-4574-8194-8edfe800f8f3%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; platform_type=desktop; auid=sv0dM2Y6RWox/IwhAwkJAg==; window_width=0; SESSION=62a580b9db01b9181375582b577707ff; che_g=bad88088-adde-9a12-b173-ae2d8983d4f3; sh.session.id=c3ec7c3d-3538-4b43-b274-941081661add; application_locale=en; _ga_7V60YW2S5H=GS1.1.1715094895.1.0.1715094895.60.0.0; _ga=GA1.1.1791400071.1715094896
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:56 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Wed, 13 Dec 2023 14:46:07 GMT
etag: W/"a60fb63e7c35ba8cdb1d0851ff960b1b"
content-encoding: br
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/bonus-cms/ie7Y_ckIGzliiirADc5IH2JBA_dlC7eU/315x250.jpg | 185.244.209.62 | 200 OK | 14 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/bonus-cms/ie7Y_ckIGzliiirADc5IH2JBA_dlC7eU/315x250.jpg IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), default quality", baseline, precision 8, 315x250, components 3 Hash1b537371544b421d93fecd7788ac461e 5f1a37846aadd99c3086bdfd63b2f5267b7aca6f aa51e52117c2a3313c1cb703b8b9f81a1d30cf287e4721bf29184bc17bb8aa0f
GET /genfiles/bonus-cms/ie7Y_ckIGzliiirADc5IH2JBA_dlC7eU/315x250.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:57 GMT
content-type: image/jpeg
content-length: 13813
last-modified: Fri, 12 Apr 2024 12:30:49 GMT
etag: "1b537371544b421d93fecd7788ac461e"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-7b074665051f10eed23e91db74758f18-6f56190f1dbcaebd-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T15:01:29+00:00, 2024-05-07T14:48:49+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/shared-assets/__shared_vue_deps_OVKZGHR6.js | 185.244.209.62 | 200 OK | 81 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/shared-assets/__shared_vue_deps_OVKZGHR6.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sys-static/shared-assets/__shared_vue_deps_OVKZGHR6.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:53 GMT
content-type: text/javascript; charset=utf-8
last-modified: Mon, 06 May 2024 13:05:33 GMT
etag: W/"67267513246705d46a0bb83e1f8efd2a"
x-amz-meta-mtime: 1715000580.880463816
content-encoding: gzip
expires: Wed, 08 May 2024 12:42:07 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-9d33939b9eef4dfab08f8a005af9e0d0-34bcd4c69b8a1f8c-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T12:42:07+00:00, 2024-05-07T12:51:04+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/tv-bet-jackpot.jpg | 0.0.0.0 | | 0 B |
URL GET v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/tv-bet-jackpot.jpg IP0.0.0.0:0
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /genfiles/cms/1-285/desktop/bonus/rules/tv-bet-jackpot.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| widget.suphelper.top/_next/static/chunks/7413e8b9-8adee4b5b5407a55.js | 172.64.148.184 | 200 OK | 78 kB |
URL GET HTTP/2widget.suphelper.top/_next/static/chunks/7413e8b9-8adee4b5b5407a55.js IP172.64.148.184:443
Requested byhttps://widget.suphelper.top/ CertificateIssuerGoogle Trust Services LLC Subjectsuphelper.top Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36 ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hashdc6852529f28802d37affa5953d07260 4edd220fe8df4b009a1775ebe57f19d40999659f 4aefb18221e4fb46818b0f52302b7c7717e45701e26990726cce645d8c80ed84
GET /_next/static/chunks/7413e8b9-8adee4b5b5407a55.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 15:14:53 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Mon, 22 Jan 2024 07:49:06 GMT
etag: W/"12fe9-18d3024f9c4"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 592538
expires: Wed, 07 May 2025 15:14:53 GMT
server: cloudflare
cf-ray: 8802298b580756bb-OSL
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/goalless-football.jpg | 0.0.0.0 | | 0 B |
URL GET v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/goalless-football.jpg IP0.0.0.0:0
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /genfiles/cms/1-285/desktop/bonus/rules/goalless-football.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/blaugrana-crew.webp | 185.244.209.62 | 200 OK | 16 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/blaugrana-crew.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp Hash8842d3a0770dc1fa54e2eb4283de9291 5ddc91173e4cf4609f607bac9936a845ffe727f1 15abd87aa7b3db6da681f7912a472c23de1a259e889738db3b1df24c4d2707a3
GET /genfiles/cms/1-285/desktop/bonus/rules/blaugrana-crew.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:57 GMT
content-type: image/webp
content-length: 16192
last-modified: Mon, 02 Oct 2023 07:53:39 GMT
etag: "8842d3a0770dc1fa54e2eb4283de9291"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
x-cached-since: 2023-12-18T09:03:14+00:00
traceparent: 00-175c282e04db404a20ce746773122b9f-65fe6e8616607e78-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/top-bins.jpg | 0.0.0.0 | | 0 B |
URL GET v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/top-bins.jpg IP0.0.0.0:0
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /genfiles/cms/1-285/desktop/bonus/rules/top-bins.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/7c43e6fa10d0665cf556d13ff2a1906d.svg | 185.244.209.62 | 200 OK | 1.2 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/7c43e6fa10d0665cf556d13ff2a1906d.svg IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hasha436db0af736498349f0127d8e7fab1e b07e2c449cf16ddb052ce40d881db13a0c890b9b 93261a519c1cea62e2c934496d5e0cbd1cbc8f65b4961811316e55d9e7c96ede
GET /genfiles/cms/1-285/desktop/media_asset/7c43e6fa10d0665cf556d13ff2a1906d.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:50 GMT
content-type: image/svg+xml
last-modified: Tue, 02 May 2023 10:06:49 GMT
etag: W/"7cca3986f7a5c4c164144ff11df71073"
content-encoding: gzip
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-b9cbc7a7966600dd1a8e49d3bb90dc97-4c673b4806c8f01e-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-01-11T08:32:05+00:00, 2024-05-07T14:44:40+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/champions-season.jpg | 0.0.0.0 | | 0 B |
URL GET v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/champions-season.jpg IP0.0.0.0:0
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /genfiles/cms/1-285/desktop/bonus/rules/champions-season.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| 1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/56fc6e674daa655b283b3497c88a92cb.json | 178.253.29.51 | 200 OK | 10 kB |
URL GET HTTP/21xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/56fc6e674daa655b283b3497c88a92cb.json IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hashe5e68fdba731c76ec0a416e7799cf4f9 b8b3233ff91489cdd2ad056073cfd625bd4715a5 a7221bf33f5f39552a192e8357d466bd30b0530bddc89aad0d35de565a26b6df
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /genfiles/cms/1-285/desktop/media_asset/56fc6e674daa655b283b3497c88a92cb.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2Fwheel-bet
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2757227m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2757227m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_2757227m_18607c_%22%2C%22pb%22%3A%22fc40969f4a5547868aa12f11866bc762%22%2C%22click_id%22%3A%5B%22Gbjizwcgnzc4SQ1mj2DsfT%22%2C%22Gbjizwcgnzc4SQ1mj2DsfT%22%5D%2C%22site_id%22%3A%22fe58442c%22%2C%22partner_id%22%3A%227f99719f-6df0-4574-8194-8edfe800f8f3%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; platform_type=desktop; auid=sv0dM2Y6RWox/IwhAwkJAg==; window_width=0; SESSION=62a580b9db01b9181375582b577707ff; che_g=bad88088-adde-9a12-b173-ae2d8983d4f3; sh.session.id=c3ec7c3d-3538-4b43-b274-941081661add; application_locale=en; _ga_7V60YW2S5H=GS1.1.1715094895.1.0.1715094895.60.0.0; _ga=GA1.1.1791400071.1715094896
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:56 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Tue, 11 Apr 2023 17:53:23 GMT
etag: W/"e5e68fdba731c76ec0a416e7799cf4f9"
content-encoding: br
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.008
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet | 178.253.29.51 | 200 OK | 826 kB |
URL User Request GET HTTP/21xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Size826 kB (825549 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:50 GMT
content-type: text/html; charset=utf-8
content-encoding: br
server-timing: total;dur=1525;desc="Nuxt Server Time", dt_total;dur=1589.063, wf-uht;dur=1.609
set-cookie: lng=en; Path=/
cookies_agree_type=3; Path=/
tzo=2; Path=/
is12h=0; Path=/
referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2757227m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; Path=/; Expires=Sat, 06 Jul 2024 15:14:49 GMT
reflinkid=d_2757227m_18607c_; Path=/; Expires=Tue, 07 May 2024 16:14:49 GMT
postback_watcher=%7B%22tag%22%3A%22d_2757227m_18607c_%22%2C%22pb%22%3A%22fc40969f4a5547868aa12f11866bc762%22%2C%22click_id%22%3A%5B%22Gbjizwcgnzc4SQ1mj2DsfT%22%2C%22Gbjizwcgnzc4SQ1mj2DsfT%22%5D%2C%22site_id%22%3A%22fe58442c%22%2C%22partner_id%22%3A%227f99719f-6df0-4574-8194-8edfe800f8f3%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; Path=/; Expires=Thu, 06 Jun 2024 15:14:49 GMT
platform_type=desktop; Path=/; Expires=Fri, 10 May 2024 15:14:50 GMT; Secure; SameSite=None; Partitioned
auid=sv0dM2Y6RWox/IwhAwkJAg==; path=/; secure; httponly; samesite=lax
traceparent: 00-640849adf0077bdde9de68e934f5eee4-3cbb1542e5a21b01-01
vary: Accept-Encoding
x-dt: 285
x-frame-options: SAMEORIGIN
x-time-ng: 1.563
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/percentage.jpg | 0.0.0.0 | | 0 B |
URL GET v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/percentage.jpg IP0.0.0.0:0
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /genfiles/cms/1-285/desktop/bonus/rules/percentage.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| widget.suphelper.top/services/widget/v2/most-required?projectId=5b61b42ffdf00b25dc78f342&credentials=%7B%22$type%22:%22GuestCredentials%22,%22id%22:%22c3ec7c3d-3538-4b43-b274-941081661add%22%7D | 172.64.148.184 | 200 OK | 24 B |
URL GET HTTP/2widget.suphelper.top/services/widget/v2/most-required?projectId=5b61b42ffdf00b25dc78f342&credentials=%7B%22$type%22:%22GuestCredentials%22,%22id%22:%22c3ec7c3d-3538-4b43-b274-941081661add%22%7D IP172.64.148.184:443
Requested byhttps://widget.suphelper.top/ CertificateIssuerGoogle Trust Services LLC Subjectsuphelper.top Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36 ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hashd6bacfff68d40ad2744454c2506cc0f9 85f1f094d174fd4d78bd382c7948b95e9db93215 cd0483a083f6c73e9cd006ee073b875188c49f4025f771ecbcb795d40ac980ed
GET /services/widget/v2/most-required?projectId=5b61b42ffdf00b25dc78f342&credentials=%7B%22$type%22:%22GuestCredentials%22,%22id%22:%22c3ec7c3d-3538-4b43-b274-941081661add%22%7D HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 15:14:53 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8802298eee5356bb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/bonus-cms/Jru2M7Onwk3E236hEq83sDUnan9VRt2a/super-prize-wheel.webp | 185.244.209.62 | 200 OK | 41 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/bonus-cms/Jru2M7Onwk3E236hEq83sDUnan9VRt2a/super-prize-wheel.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 320x250, Scaling: [none]x[none], YUV color, decoders should clamp Hashdb450552e670bbdad66544b69eb363d9 3cd2f0307c9b7bea0b94cd9337a5cdcf6e396250 dd7368b9f4913ae02e5d49cda2d67a56197e3a92537486470d93de634be5273d
GET /genfiles/bonus-cms/Jru2M7Onwk3E236hEq83sDUnan9VRt2a/super-prize-wheel.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:57 GMT
content-type: image/webp
content-length: 41040
last-modified: Mon, 26 Feb 2024 09:18:12 GMT
etag: "db450552e670bbdad66544b69eb363d9"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
x-cached-since: 2024-02-26T11:22:28+00:00
traceparent: 00-dadad8bf8e903c59690e45cf15e17a7a-480baf060d99fe0d-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/percentage.webp | 185.244.209.62 | 200 OK | 12 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/percentage.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 320x250, Scaling: [none]x[none], YUV color, decoders should clamp Hash23cdbdab7f6c29d23a3ae864fa3f3d4e 043bafd75f65788716a5be5856ec40299e0ec346 61c7198b963bf41030704724217c3faa3fe4450d7786b18af8782daf6e5dcafc
GET /genfiles/cms/1-285/desktop/bonus/rules/percentage.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:57 GMT
content-type: image/webp
content-length: 11590
last-modified: Thu, 22 Feb 2024 07:23:11 GMT
etag: "23cdbdab7f6c29d23a3ae864fa3f3d4e"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
x-cached-since: 2024-02-22T09:05:18+00:00
traceparent: 00-5b2937b050588083ed16e9ccf5a300e8-5318f107e3f700e7-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/shared-assets/__shared_chunk_Y7BFQXXC.js | 185.244.209.62 | 200 OK | 1.0 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/shared-assets/__shared_chunk_Y7BFQXXC.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (1036), with no line terminators Hash305de1535e3f2a45efa2f1dd096f496e 9fd79178b39d8a196f9f3640758cc5285f5914fd 9b0fc84933536e9c4ca4b8013f656f393c6073e746901340133cbc11059aec46
GET /sys-static/shared-assets/__shared_chunk_Y7BFQXXC.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:53 GMT
content-type: text/javascript; charset=utf-8
last-modified: Mon, 06 May 2024 14:40:26 GMT
etag: W/"8fecd56fc5520134f3c39b17431fe0c2"
x-amz-meta-mtime: 1715006282.054749806
content-encoding: gzip
expires: Tue, 07 May 2024 15:18:04 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-06219ebcd9c8ab1ea9ee9907ef1784e7-6aff324d6bd07038-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T15:18:04+00:00, 2024-05-06T15:57:12+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/esportsera.webp | 185.244.209.62 | 200 OK | 22 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/esportsera.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp Hashce497bea4e8d6d98f39094d022ae36b6 412a148e5089893045cb686d35f78ad4f6c0d340 a4fd9bbb5a9e00896e0a9a07090f92797034fbba93193605f498f96ab04d1f28
GET /genfiles/cms/1-285/desktop/bonus/rules/esportsera.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:57 GMT
content-type: image/webp
content-length: 21674
last-modified: Mon, 24 Jul 2023 13:02:29 GMT
etag: "ce497bea4e8d6d98f39094d022ae36b6"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
x-cached-since: 2023-12-18T09:03:14+00:00
traceparent: 00-507699aa4d94b13c255a22ed0878e6f0-9990bdab173069b8-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-ui/3.2.3/Desktop/Default/client.css | 185.244.209.62 | 200 OK | 1.0 MB |
URL GET HTTP/2v3.traincdn.com/sys-ui/3.2.3/Desktop/Default/client.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
Size1.0 MB (1048668 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sys-ui/3.2.3/Desktop/Default/client.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:50 GMT
content-type: text/css; charset=utf-8
last-modified: Fri, 19 Apr 2024 10:53:25 GMT
etag: W/"64d292a033c097211f9f4c21ffbcb2b0"
x-amz-meta-mtime: 1713523729.13591556
content-encoding: gzip
expires: Wed, 24 Apr 2024 12:54:48 GMT
cache-control: max-age=86400
x-time-ng: 0.003
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
x-cached-since: 2024-04-23T12:54:48+00:00
traceparent: 00-622da2761453fbf58ac6d99294c29ca0-cecac8311646b8e5-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/335c890fd105e47c6a63cd5ca164e8ba.json | 178.253.29.51 | 200 OK | 2.6 kB |
URL GET HTTP/21xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/335c890fd105e47c6a63cd5ca164e8ba.json IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
File typeASCII text, with very long lines (2854), with no line terminators Hashecacc4d3ca1ba475ef20875ff4225f06 528aa5b0070cfcd78034449c40533e51278cba2a 328065b0030c77de9cafba92ec86d89b32ca55f32a3a251cdb7687f1f44c4859
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /genfiles/cms/1-285/desktop/media_asset/335c890fd105e47c6a63cd5ca164e8ba.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/bonus/rules
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2757227m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2757227m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_2757227m_18607c_%22%2C%22pb%22%3A%22fc40969f4a5547868aa12f11866bc762%22%2C%22click_id%22%3A%5B%22Gbjizwcgnzc4SQ1mj2DsfT%22%2C%22Gbjizwcgnzc4SQ1mj2DsfT%22%5D%2C%22site_id%22%3A%22fe58442c%22%2C%22partner_id%22%3A%227f99719f-6df0-4574-8194-8edfe800f8f3%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; platform_type=desktop; auid=sv0dM2Y6RWox/IwhAwkJAg==; window_width=0; SESSION=62a580b9db01b9181375582b577707ff; che_g=bad88088-adde-9a12-b173-ae2d8983d4f3; sh.session.id=c3ec7c3d-3538-4b43-b274-941081661add; application_locale=en; _ga_7V60YW2S5H=GS1.1.1715094895.1.0.1715094895.60.0.0; _ga=GA1.1.1791400071.1715094896
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:56 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Fri, 26 Apr 2024 14:59:39 GMT
etag: W/"269ccea9c3f07d37d497b4911e5d6e0b"
content-encoding: br
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/seo-module-api/api/v1/visual?group_id=285&ref_id=1&url=https:%2F%2F1xlite-461430.top%2Fen%2Fbonus%2Frules&geo=no&language=en&domain=1xlite-461430.top&timezone=2&stream=bonus§ion=rules&ref[id]=1&project[id]=285 | 178.253.29.51 | 200 OK | 158 B |
URL GET HTTP/21xlite-461430.top/seo-module-api/api/v1/visual?group_id=285&ref_id=1&url=https:%2F%2F1xlite-461430.top%2Fen%2Fbonus%2Frules&geo=no&language=en&domain=1xlite-461430.top&timezone=2&stream=bonus§ion=rules&ref[id]=1&project[id]=285 IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hashd0d24f12d4e0d7893bab366bae7fc14f ceea27c49e8832d7c60ca9c5dc1a8a13dbac7856 4ae8de056bd128351f429c944c32e82e06dad1acfcd68291e4e46edbec7a9753
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /seo-module-api/api/v1/visual?group_id=285&ref_id=1&url=https:%2F%2F1xlite-461430.top%2Fen%2Fbonus%2Frules&geo=no&language=en&domain=1xlite-461430.top&timezone=2&stream=bonus§ion=rules&ref[id]=1&project[id]=285 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/bonus/rules
content-type: application/json
x-requested-with: XMLHttpRequest
x-geoip2-country-code: ru
sub-request-id: f640eb1ed5494d5ca993dc2ebfb646d9
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2757227m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2757227m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_2757227m_18607c_%22%2C%22pb%22%3A%22fc40969f4a5547868aa12f11866bc762%22%2C%22click_id%22%3A%5B%22Gbjizwcgnzc4SQ1mj2DsfT%22%2C%22Gbjizwcgnzc4SQ1mj2DsfT%22%5D%2C%22site_id%22%3A%22fe58442c%22%2C%22partner_id%22%3A%227f99719f-6df0-4574-8194-8edfe800f8f3%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; platform_type=desktop; auid=sv0dM2Y6RWox/IwhAwkJAg==; window_width=0; SESSION=62a580b9db01b9181375582b577707ff; che_g=bad88088-adde-9a12-b173-ae2d8983d4f3; sh.session.id=c3ec7c3d-3538-4b43-b274-941081661add; application_locale=en; _ga_7V60YW2S5H=GS1.1.1715094895.1.0.1715094895.60.0.0; _ga=GA1.1.1791400071.1715094896
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:57 GMT
content-type: application/json
content-length: 158
cache-control: max-age=1200, must-revalidate, public, s-maxage=1800, stale-if-error=86400, stale-while-revalidate=300
x-content-digest: en4e8fbe83e6eb6d0657a8f11b2e3dbb9a
age: 0
x-request-id: 9a13dcb1aeb7affb478d72976788e69c
x-request-guid: 9a13dcb1aeb7affb478d72976788e69c
x-time-ng: 0.015
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: p;dur=13.489961624146, wf-uht;dur=0.023
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/slot-first-deposit.jpg | 185.244.209.62 | 200 OK | 0 B |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/slot-first-deposit.jpg IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /genfiles/cms/1-285/desktop/bonus/rules/slot-first-deposit.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:57 GMT
content-type: image/jpg
content-length: 45630
last-modified: Tue, 11 Apr 2023 17:52:48 GMT
etag: "bcd6f81e0f43cbcff60824bb657a8a78"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
x-cached-since: 2024-04-15T20:42:36+00:00
traceparent: 00-1b040a0fcafea74895d31a71b5502d20-38f6f1013395ffc3-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/birthday.jpg | 0.0.0.0 | | 0 B |
URL GET v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/birthday.jpg IP0.0.0.0:0
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /genfiles/cms/1-285/desktop/bonus/rules/birthday.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| 1xlite-461430.top/paysystems/information/systems?lang=en&ref_id=1&geo=NO | 178.253.29.51 | 200 OK | 27 kB |
URL GET HTTP/21xlite-461430.top/paysystems/information/systems?lang=en&ref_id=1&geo=NO IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2fwheel-bet CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hashb37f7c2a19f7e14b5b834ec5532af277 473d039dc440744109c049a49da67a08e7157cbe 269006ae20bef66e40b26843e6e400dab00f45c297ea9a50ce467a2b9d3694bb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /paysystems/information/systems?lang=en&ref_id=1&geo=NO HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/promotions/wheel-bet?tag=d_2757227m_18607c_&pb=fc40969f4a5547868aa12f11866bc762&click_id=Gbjizwcgnzc4SQ1mj2DsfT&click_id=Gbjizwcgnzc4SQ1mj2DsfT&site_id=fe58442c&partner_id=7f99719f-6df0-4574-8194-8edfe800f8f3&r=promotions%2Fwheel-bet
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2757227m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2757227m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_2757227m_18607c_%22%2C%22pb%22%3A%22fc40969f4a5547868aa12f11866bc762%22%2C%22click_id%22%3A%5B%22Gbjizwcgnzc4SQ1mj2DsfT%22%2C%22Gbjizwcgnzc4SQ1mj2DsfT%22%5D%2C%22site_id%22%3A%22fe58442c%22%2C%22partner_id%22%3A%227f99719f-6df0-4574-8194-8edfe800f8f3%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; platform_type=desktop; auid=sv0dM2Y6RWox/IwhAwkJAg==; window_width=1280; SESSION=62a580b9db01b9181375582b577707ff
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 15:14:53 GMT
content-type: application/json
cache-control: max-age=0, must-revalidate, private
content-encoding: br
expires: Tue, 07 May 2024 15:14:53 GMT
set-cookie: application_locale=en; expires=Thu, 06 Jun 2024 15:14:53 GMT; Max-Age=2592000; path=/; secure; samesite=lax
traceparent: 00-f51e51fa45c386e2e508ff52d59b19a7-f9e56928cc53a067-01
vary: Accept-Encoding
x-dt: 285
x-time-ng: 0.266, 0.278
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=278.556, wf-uht;dur=0.287
X-Firefox-Spdy: h2
|
|