| 1xlite-461430.top/polyfills.js | 178.253.29.51 | 200 OK | 0 B |
URL GET HTTP/21xlite-461430.top/polyfills.js IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /polyfills.js HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET; postback_watcher=; platform_type=desktop; auid=sv0dM2Y7Yf7BbyWAAwM8Ag==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:03 GMT
content-type: text/javascript; charset=utf-8
content-length: 0
vary: user-agent
cache-control: public, max-age=2678400, s-maxage=2678400
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-time-ng: 0.019
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.026
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/7c3945cb.css | 185.244.209.62 | | 17 kB |
URL v3.traincdn.com/_nuxt/desktop/default/css/7c3945cb.css IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeASCII text, with very long lines (65536), with no line terminators Hash97b6f81b90460841531e21dceae1a3f5 1116d9a217e034d8970ab1455c15e9a4d1420a14 21951b3d64319c4bc411d0b272d08f3f7d951c743b9ee4ef376091d1c24a0401
GET /_nuxt/desktop/default/css/7c3945cb.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:03 GMT
content-type: text/css
content-length: 17201
last-modified: Wed, 08 May 2024 10:16:12 GMT
etag: "663b50ec-4331"
content-encoding: gzip
expires: Thu, 09 May 2024 10:51:18 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-a6e4b1f5cc64737ce5441dee485aff89-b5506c9be7d23b43-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:51:18+00:00, 2024-05-08T10:54:34+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/a4f501bb.css | 185.244.209.62 | 200 OK | 7.4 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/a4f501bb.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (54112), with no line terminators Hash32a89d535782c71f2aee2541afe97325 9ad12cc6ccd6b059073f779e9d91c6c6674e1289 ea1bc845a76d5e0e7738e217f8f0c47ac62ace9bddebba5059499b3451aa6ef8
GET /_nuxt/desktop/default/css/a4f501bb.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:03 GMT
content-type: text/css
content-length: 7418
last-modified: Wed, 08 May 2024 10:16:12 GMT
etag: "663b50ec-1cfa"
content-encoding: gzip
expires: Thu, 09 May 2024 10:53:53 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-f1cf6ed1bc81c93b3c1ae612e16e8afd-786862233517dc12-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:53:53+00:00, 2024-05-08T11:23:24+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Main/Page.Betting.TeamGames-687fd893.js | 185.244.209.62 | 200 OK | 10 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Main/Page.Betting.TeamGames-687fd893.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (40657), with no line terminators Hash9d4610cd8209d67832cf080bf61f5141 8abf1cd6de0691b6fc5c77315ed88f0a4441a3fb da2d895ba8eb08658c949976016308caf3c75c06e604495160523d09d16659f9
GET /_nuxt/desktop/default/vendors/Page.Betting.Main/Page.Betting.TeamGames-687fd893.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 9958
last-modified: Wed, 08 May 2024 10:16:12 GMT
etag: "663b50ec-26e6"
content-encoding: gzip
expires: Thu, 09 May 2024 10:51:18 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-875548be447fe023afe53d716ea2e00a-d62d43a36022d1f4-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:51:18+00:00, 2024-05-08T11:01:36+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main-ed878a1c.js | 185.244.209.62 | 200 OK | 59 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main-ed878a1c.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (64940), with no line terminators Hash5ff13429a94dba4fde01014c1591bdf7 1a06c2223b80f772f239ca9b43afaf9138e9f249 ac879c8f8ae127fc2be4ad3614ce26de5e7caea828b1637ae5cc1eff88be47c7
GET /_nuxt/desktop/default/Page.Betting.Main-ed878a1c.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 58737
last-modified: Wed, 08 May 2024 10:16:12 GMT
etag: "663b50ec-e571"
content-encoding: gzip
expires: Thu, 09 May 2024 10:51:18 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-b01d6c7017a8d22da58653a3892cd90f-be12d4f40b57ec87-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:51:18+00:00, 2024-05-08T11:01:36+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Main/Page.Betting.Main.Asian/registration.Main/user.userRegistration-7740bd53.js | 185.244.209.62 | | 9.2 kB |
URL v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Main/Page.Betting.Main.Asian/registration.Main/user.userRegistration-7740bd53.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (31683), with no line terminators Hash3ca2554a30cd9245966f39206d05ed01 b7e1bc94b6c370bc32a9b57e52dfac27264afdce ff808bc9910f34faee9d25b4d9dcff5c145337ca0211d762b6c58a08f86512b4
GET /_nuxt/desktop/default/vendors/Page.Betting.Main/Page.Betting.Main.Asian/registration.Main/user.userRegistration-7740bd53.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 9211
last-modified: Wed, 08 May 2024 10:16:12 GMT
etag: "663b50ec-23fb"
content-encoding: gzip
expires: Thu, 09 May 2024 10:51:18 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-37596969dd1b869decb79dd8de224779-bbf7b4ac6bdfcd99-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:51:18+00:00, 2024-05-08T10:54:35+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/a7906856.css | 185.244.209.62 | 200 OK | 336 B |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/a7906856.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (1099), with no line terminators Hash6921418ff9395c44037498a4cf17ee66 31879049279e2cb5bc06b249d80d1735ef112b19 e6de221b29f3b4e47505c877067f28565ab5e1b419dc5003aca29c49596e73ab
GET /_nuxt/desktop/default/css/a7906856.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:03 GMT
content-type: text/css
content-length: 336
last-modified: Mon, 06 May 2024 10:23:04 GMT
etag: "6638af88-150"
content-encoding: gzip
expires: Tue, 07 May 2024 12:27:19 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-816237060c6c2fb90fd1a2a5811526c4-26e72e07c425720d-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T12:27:19+00:00, 2024-05-07T13:56:30+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.Homepage/Page.Betting.Main/Page.Betting.Main.Asian/Page.Betting.TeamGames/Page.New/a4ad9f6b-8d3c6808.js | 185.244.209.62 | 200 OK | 4.2 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.Homepage/Page.Betting.Main/Page.Betting.Main.Asian/Page.Betting.TeamGames/Page.New/a4ad9f6b-8d3c6808.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (14590), with no line terminators Hash7399f5efa5d37b59176705a2377c2c45 5c11bebee2318c71972feafcd1a2a90ff47c5634 250ec267f3c9edf72e68005b6a91620725eebcd145c85d2c400dd7361a153ea7
GET /_nuxt/desktop/default/Page.Betting.Asia.Homepage/Page.Betting.Main/Page.Betting.Main.Asian/Page.Betting.TeamGames/Page.New/a4ad9f6b-8d3c6808.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 4204
last-modified: Wed, 08 May 2024 10:16:12 GMT
etag: "663b50ec-106c"
content-encoding: gzip
expires: Thu, 09 May 2024 10:51:18 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-5166816914998fbc9ed8f1a334fafa4c-f14401ed770cd622-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:51:18+00:00, 2024-05-08T11:01:36+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/98ce2926.css | 185.244.209.62 | 200 OK | 1.5 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/98ce2926.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (8509), with no line terminators Hashb0cd3891fe08ec67c50bbdfd9f7e9181 205511f8e55a0498e8129c290759a26ba4a4db31 75c619e9cabd7b2c1939e6837909e12c51fb3e68888ba20d650cb1939f983f6e
GET /_nuxt/desktop/default/css/98ce2926.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:03 GMT
content-type: text/css
content-length: 1491
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-5d3"
content-encoding: gzip
expires: Tue, 07 May 2024 12:27:19 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-6b404911510160a0c343ea4564b939f3-f640c688852cd2ce-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T12:27:19+00:00, 2024-05-07T13:56:30+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main/Page.Betting.Main.BettingLeftAside/Page.Betting.TeamGames/betting.GamesSliderApp/b/e7e00398-cf4815fb.js | 185.244.209.62 | 200 OK | 2.2 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main/Page.Betting.Main.BettingLeftAside/Page.Betting.TeamGames/betting.GamesSliderApp/b/e7e00398-cf4815fb.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (7613), with no line terminators Hasha5c888bdb9f23e6caa2be4ab6b51a122 ab069acde93615e5ccc7be7b574776c3531d7d8d 58ba1711ce4cb98aa516b12ee7777335d514e05000c6b1940c75902692f6f1a1
GET /_nuxt/desktop/default/Page.Betting.Main/Page.Betting.Main.BettingLeftAside/Page.Betting.TeamGames/betting.GamesSliderApp/b/e7e00398-cf4815fb.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 2211
last-modified: Wed, 08 May 2024 10:16:12 GMT
etag: "663b50ec-8a3"
content-encoding: gzip
expires: Thu, 09 May 2024 10:51:18 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-f419f0aae8632ea2dbc78f5574f66ca4-c52f5b660258351e-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:51:18+00:00, 2024-05-08T11:01:36+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside-23276dd1.js | 185.244.209.62 | 200 OK | 18 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside-23276dd1.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65113), with no line terminators Hash95f88aaf23013ee72af96785289d78ad 6b84c0d3300d2e3b282134783be74836ee684f4c 256749431c78a25466e1fc4b433d87efe7315ec0ae78cb94f8b481b33e285d70
GET /_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside-23276dd1.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 17694
last-modified: Wed, 08 May 2024 10:16:12 GMT
etag: "663b50ec-451e"
content-encoding: gzip
expires: Thu, 09 May 2024 10:51:18 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-2ddc770d37d32122310a434d1d145d0f-2f6dff81f7c962c9-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:51:18+00:00, 2024-05-08T11:01:36+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/6cc025d5.css | 185.244.209.62 | | 1.3 kB |
URL v3.traincdn.com/_nuxt/desktop/default/css/6cc025d5.css IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeASCII text, with very long lines (6716), with no line terminators Hashbe35c859b4087d52ff863e02472b7438 acce1097a331dc2ec0669d17db06c679e7c81be6 af7c9af6bda4b329f14b870f4df09e1b11e87d8dba17c30eed496dc5d27dfc1f
GET /_nuxt/desktop/default/css/6cc025d5.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:03 GMT
content-type: text/css
content-length: 1324
last-modified: Mon, 06 May 2024 10:23:04 GMT
etag: "6638af88-52c"
content-encoding: gzip
expires: Tue, 07 May 2024 12:27:19 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-09a19c3bc9bc619357f7071805846a7b-50c35662470afc20-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T12:27:19+00:00, 2024-05-07T13:56:30+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Main.BettingLeftAside-4006d825.js | 185.244.209.62 | | 5.9 kB |
URL v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Main.BettingLeftAside-4006d825.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, ASCII text, with very long lines (21430), with no line terminators Hash77615e478beec6dc548b705fc1c55c2e 2f8dbad1324027ce98da1ea4b56a23c601fe9a1b 17f9731f8dad966c8f89f8814e18699c374deff1666197abf9245d3787a12933
GET /_nuxt/desktop/default/vendors/Page.Betting.Main.BettingLeftAside-4006d825.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 5896
last-modified: Wed, 08 May 2024 10:16:12 GMT
etag: "663b50ec-1708"
content-encoding: gzip
expires: Thu, 09 May 2024 10:51:18 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-5ace24a60b56cde9f03242d1dae13b82-a670d785550ededb-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:51:18+00:00, 2024-05-08T11:01:36+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/version.json | 185.244.209.62 | | 44 B |
URL v3.traincdn.com/version.json IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
Hash0b80561d133a4c31e43457feb7a88098 5a12bbbf740f5dd45ec60c7cd88c20eeed25fd35 5ce84fd81852f0c0801481e412cff8d61a241f7ea7b7ff8082738d9fe23ffd02
GET /version.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:03 GMT
content-type: application/json
content-length: 44
last-modified: Wed, 08 May 2024 10:17:36 GMT
etag: "663b5140-2c"
content-encoding: gzip
expires: Wed, 08 May 2024 10:39:14 GMT
cache-control: max-age=60, max-age=60, s-maxage=60
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-7a297cc2537ad1f29e7b07b0445a8c8c-8026c78acd3c92c7-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:39:01+00:00, 2024-05-08T11:28:36+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingContent-e829f008.js | 185.244.209.62 | | 644 B |
URL v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingContent-e829f008.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, ASCII text, with very long lines (1333), with no line terminators Hash3d1c9a4aa6d6ce7232c9da19626fc107 ee85ed881df1aac90651e4ca11c83f3e4c374445 6822622a53f8498fff12f0381c4dcc8d7d8f5b085983bf99279214f3ac9002c7
GET /_nuxt/desktop/default/Page.Betting.Main.BettingContent-e829f008.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 644
last-modified: Wed, 08 May 2024 10:16:12 GMT
etag: "663b50ec-284"
content-encoding: gzip
expires: Thu, 09 May 2024 10:51:18 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-3d7abdf5782d1f4c51e65db5709f6beb-b663615a19566d89-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:51:18+00:00, 2024-05-08T11:01:36+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside/Page.NewCyber.CyberChamps/Page.NewCyber.CyberDashboard/Page.NewCy/adc1b632-6df26894.js | 185.244.209.62 | 200 OK | 3.5 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside/Page.NewCyber.CyberChamps/Page.NewCyber.CyberDashboard/Page.NewCy/adc1b632-6df26894.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (13913), with no line terminators Hashc5ca2aee7a66364b1976f26d36140247 54ffe1cc763bb1e43f260e4ac2de08578ff48701 b04cf8f174cc6c981df4a2f10e2a3a28ef582f8750f8afd6e6dbb89adad82281
GET /_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside/Page.NewCyber.CyberChamps/Page.NewCyber.CyberDashboard/Page.NewCy/adc1b632-6df26894.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 3536
last-modified: Wed, 08 May 2024 10:16:12 GMT
etag: "663b50ec-dd0"
content-encoding: gzip
expires: Thu, 09 May 2024 10:51:18 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-d69e9b5d635c04f1ae87ffeab1f97afb-fb43658e5a76348b-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:51:18+00:00, 2024-05-08T11:01:36+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Layout.Betting.ExpressDay-ac06930b.js | 185.244.209.62 | | 3.4 kB |
URL v3.traincdn.com/_nuxt/desktop/default/Layout.Betting.ExpressDay-ac06930b.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, ASCII text, with very long lines (10178), with no line terminators Hash742d0033e1d29553c749a1e323073aae dbe09fdca88f47fa291ee1cd110bcaf1b94ae3bb e8a1409bc1664ec9e5a3bb7fc5dcee5b19693e9188d15cc4c4941b0da0ef7797
GET /_nuxt/desktop/default/Layout.Betting.ExpressDay-ac06930b.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 3363
last-modified: Wed, 08 May 2024 10:16:12 GMT
etag: "663b50ec-d23"
content-encoding: gzip
expires: Thu, 09 May 2024 10:51:18 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-b30b990609564d0bf800e74909b5b8be-c8bd3948db4a0541-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:51:18+00:00, 2024-05-08T11:01:36+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/885d64fc.css | 185.244.209.62 | | 332 B |
URL v3.traincdn.com/_nuxt/desktop/default/css/885d64fc.css IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeASCII text, with very long lines (975), with no line terminators Hash31aa50dcbc858f61bf3ed903493b8431 abf67e7f02256d2d5c5e2054b2930aa9b5ece999 18337e3b3c6f57695afaca43e471c075fd711e0485b4e7f1fdc1b6fe4e8703d7
GET /_nuxt/desktop/default/css/885d64fc.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:03 GMT
content-type: text/css
content-length: 332
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-14c"
content-encoding: gzip
expires: Tue, 07 May 2024 12:17:32 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-4d5aa4f42fe0872519449ecff11de43c-4c6edad8d82a3016-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T12:17:32+00:00, 2024-05-07T20:11:24+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside/betting.SportMenuApp-8039cb20.js | 185.244.209.62 | 200 OK | 10 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside/betting.SportMenuApp-8039cb20.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (41616), with no line terminators Hashc0ea345b071f903a7043c7de2988c6a8 bafd23f8bec59dff22183fb4d88b226b80f10c15 b0b31f578ac49eec2681748e5752f00d7fa23634610a96b7457b1906c06f0e63
GET /_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside/betting.SportMenuApp-8039cb20.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 10288
last-modified: Wed, 08 May 2024 10:16:12 GMT
etag: "663b50ec-2830"
content-encoding: gzip
expires: Thu, 09 May 2024 10:51:18 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-8ba77bd191b27c99ca253e94467cc4de-fa1c8eae4256b58b-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:51:18+00:00, 2024-05-08T11:01:36+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/9eb4939a.css | 185.244.209.62 | 200 OK | 2.8 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/9eb4939a.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (20960), with no line terminators Hash6cae6098e169876c305ca92f82fe3cde d27c18f05738795d575c8ce370ed83cf07da0a5a 7095d096e88dd0a09d84d063de1e0eedd406b032150a5af99e796c2ac63bcfe5
GET /_nuxt/desktop/default/css/9eb4939a.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:03 GMT
content-type: text/css
content-length: 2763
last-modified: Mon, 06 May 2024 10:23:04 GMT
etag: "6638af88-acb"
content-encoding: gzip
expires: Tue, 07 May 2024 12:27:19 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-6d668c18fe490581957ba4f919c7b885-8a1f2b07452eb59d-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T12:27:19+00:00, 2024-05-07T13:56:30+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/c3d37cc4.css | 185.244.209.62 | | 194 B |
URL v3.traincdn.com/_nuxt/desktop/default/css/c3d37cc4.css IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeASCII text, with very long lines (395), with no line terminators Hash7f1ee7f9ec47159043591789124ec7cc bb021131214d4b70b327355a5a947b974f2eccbd 4041bafac614e354c03b647dc8d226e140460381c4816a65528e4ba428b0a0ad
GET /_nuxt/desktop/default/css/c3d37cc4.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:03 GMT
content-type: text/css
content-length: 194
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-c2"
content-encoding: gzip
expires: Wed, 08 May 2024 09:23:40 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-147f7ad6174ddbcc8c75a4511794e797-5dcb7e200bbad92c-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T09:23:40+00:00, 2024-05-07T14:34:20+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/ca542d7f.css | 185.244.209.62 | | 3.2 kB |
URL v3.traincdn.com/_nuxt/desktop/default/css/ca542d7f.css IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeASCII text, with very long lines (31339), with no line terminators Hash9e9b190c1ab8126c2576203d5d43ec63 a80ccb6739023605edbd86be13f38a58ff7f4906 c4a28e2bbc67a853613460727d4abba3687be55593a7513a4079ea34579fbb02
GET /_nuxt/desktop/default/css/ca542d7f.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:03 GMT
content-type: text/css
content-length: 3226
last-modified: Wed, 08 May 2024 07:50:49 GMT
etag: "663b2ed9-c9a"
content-encoding: gzip
expires: Thu, 09 May 2024 09:58:02 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-03df9361353d0d6f046bd784b05f6206-d3709735fbee2d32-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T09:58:02+00:00, 2024-05-08T10:43:18+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Layout.SeoModule.Lazy-8edfaabe.js | 185.244.209.62 | 200 OK | 2.5 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/Layout.SeoModule.Lazy-8edfaabe.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (8663), with no line terminators Hash17c159eb9f582ec9da7a4285b37349f0 652f12e3c4cfdad29cff1f06e709f0d18522d8ae 3562960610c72291435591709c1b63b69ad67f4d2462cbf180241330b7486bea
GET /_nuxt/desktop/default/Layout.SeoModule.Lazy-8edfaabe.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 2474
last-modified: Wed, 08 May 2024 10:16:12 GMT
etag: "663b50ec-9aa"
content-encoding: gzip
expires: Thu, 09 May 2024 10:51:18 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-5db6884121819ae6e5051a9030e8b0bd-44e504800684940e-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:51:18+00:00, 2024-05-08T10:54:34+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/85148a0b.css | 185.244.209.62 | 200 OK | 4.0 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/85148a0b.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (32277), with no line terminators Hasheeaf257a8645b90669a2ea93b8fb534e d81289258b7a5c126dd860232760852cc8ad865e 3a170c88ab694ad7552f7a84baa04ddb248c32b7f8ffe16d55dd73685de87aa6
GET /_nuxt/desktop/default/css/85148a0b.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:03 GMT
content-type: text/css
content-length: 3964
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-f7c"
content-encoding: gzip
expires: Tue, 07 May 2024 12:54:58 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-ed822b80a754c3b58b384edf0f5bc061-75999057b63bbf2c-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T12:54:58+00:00, 2024-05-07T13:56:30+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Layout.FooterComponent.Lazy-aed267f1.js | 185.244.209.62 | 200 OK | 7.8 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/Layout.FooterComponent.Lazy-aed267f1.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (28144), with no line terminators Hashf2e1e371620e8835e0949e490cb0d4be 604919082776628a8cae272bf8679519e7e959a6 7854277ca13e6a5b17951bba0718833dec36b7740857483e17487cbec62dcd19
GET /_nuxt/desktop/default/Layout.FooterComponent.Lazy-aed267f1.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 7776
last-modified: Wed, 08 May 2024 10:16:12 GMT
etag: "663b50ec-1e60"
content-encoding: gzip
expires: Thu, 09 May 2024 10:51:18 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-bffd5ba068cebf4eb8ccef905ebbc585-e29ac08697a08f9c-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:51:18+00:00, 2024-05-08T11:00:50+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/Layout.FooterComponent.Lazy-0c6d61ab.js | 185.244.209.62 | | 8.3 kB |
URL v3.traincdn.com/_nuxt/desktop/default/vendors/Layout.FooterComponent.Lazy-0c6d61ab.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, ASCII text, with very long lines (29805), with no line terminators Hashe926766cbb585164e5c23e84b7dcd1f8 197062a6a589948f0b59b654c02030461d26ab73 96ad9027d7d1330c90aef5d6e8366a6773fabe4910d674b28a7a8c9819d279e8
GET /_nuxt/desktop/default/vendors/Layout.FooterComponent.Lazy-0c6d61ab.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 8279
last-modified: Wed, 08 May 2024 10:16:12 GMT
etag: "663b50ec-2057"
content-encoding: gzip
expires: Thu, 09 May 2024 10:51:18 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-72a142cb71e551de049fabf7c8baa3d4-076986a0b4b32264-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:51:18+00:00, 2024-05-08T11:00:50+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/5cfdf959.css | 185.244.209.62 | | 1.1 kB |
URL v3.traincdn.com/_nuxt/desktop/default/css/5cfdf959.css IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeASCII text, with very long lines (4632), with no line terminators Hashf74d8b7e31b6ab236a9577348874385d 87091e6542649037a05fc137fa449b713c85225d b33d72295f1edbfc13da30236c4b811cffe4ba8ef758a515914cd69cf02edbf8
GET /_nuxt/desktop/default/css/5cfdf959.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:03 GMT
content-type: text/css
content-length: 1113
last-modified: Mon, 06 May 2024 10:23:04 GMT
etag: "6638af88-459"
content-encoding: gzip
expires: Wed, 08 May 2024 06:45:39 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-765c4aca129de46c161c604b8df3ee8b-28e4674f6769805a-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T06:45:39+00:00, 2024-05-08T09:29:51+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Layout.FooterComponent.Lazy/Page.Game.Project-799ef317.js | 185.244.209.62 | | 6.2 kB |
URL v3.traincdn.com/_nuxt/desktop/default/Layout.FooterComponent.Lazy/Page.Game.Project-799ef317.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, ASCII text, with very long lines (20015), with no line terminators Hashb9884f137bf9a4b984ed6d6076a5f912 6fa2e191fbe206a33b3ad8a6d47eb53d7c0bf9db 90d4698de2aa1516441fad988859d49ba80624cbedbc23ebd965850469f1cbd1
GET /_nuxt/desktop/default/Layout.FooterComponent.Lazy/Page.Game.Project-799ef317.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 6249
last-modified: Wed, 08 May 2024 10:16:12 GMT
etag: "663b50ec-1869"
content-encoding: gzip
expires: Thu, 09 May 2024 10:51:18 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-01aa1b21c9e97b73e70418eda3cdc10a-b6acea271c404cec-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:51:18+00:00, 2024-05-08T11:00:50+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/site-admin/css_vars/f506188b04c16eaa9c664ed23f7ce58e.css | 185.244.209.62 | | 46 B |
URL v3.traincdn.com/genfiles/site-admin/css_vars/f506188b04c16eaa9c664ed23f7ce58e.css IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeASCII text, with no line terminators Hashf506188b04c16eaa9c664ed23f7ce58e 08d068d7fa5a84beb06ba924a35d84d6bfdab30a b9bfda0e940104e190b19543b94a10d120643bd1516d3ca2d266a0af6c0966e9
GET /genfiles/site-admin/css_vars/f506188b04c16eaa9c664ed23f7ce58e.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:03 GMT
content-type: text/css
content-length: 46
last-modified: Fri, 12 Apr 2024 13:46:52 GMT
etag: "f506188b04c16eaa9c664ed23f7ce58e"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-885a5c521fcab6f4a878d56195a957c7-e31f832e6ae6898d-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-18T12:47:35+00:00, 2024-05-08T11:02:47+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/app-80fd9d0c.js | 185.244.209.62 | | 234 kB |
URL v3.traincdn.com/_nuxt/desktop/default/app-80fd9d0c.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (64966), with no line terminators Size234 kB (233875 bytes) Hasheb4f34c1bf9c9befda1bf247f5e1df5b 334210525b8a7dad9cf37084c56194190961b67f f6dbc277c6f693b6ce346441312122bcfd288f3c93c550e9922ec3ddc128e28e
GET /_nuxt/desktop/default/app-80fd9d0c.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 233875
last-modified: Wed, 08 May 2024 10:16:12 GMT
etag: "663b50ec-39193"
content-encoding: gzip
expires: Thu, 09 May 2024 10:51:18 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-295e44f94cc06753042778bf01b83e45-bbdcc8b612ceff90-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:51:18+00:00, 2024-05-08T10:54:34+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/app-7a457c68.js | 185.244.209.62 | | 267 kB |
URL v3.traincdn.com/_nuxt/desktop/default/vendors/app-7a457c68.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (61101) Size267 kB (267284 bytes) Hashde196c8e650ca4c514b5fbccb5f0fc2d fe73fce013c7cf22d6c01057981a01947484b020 27db5de650dc124db682f1dcd0bc5b018980cd52f3baaf8e4bab2d74fb9e0b5f
GET /_nuxt/desktop/default/vendors/app-7a457c68.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 267284
last-modified: Wed, 08 May 2024 10:16:12 GMT
etag: "663b50ec-41414"
content-encoding: gzip
expires: Thu, 09 May 2024 10:51:18 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-e46210fe32241899c9a0a3cb53aee158-c1be861eaa317a6c-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:51:18+00:00, 2024-05-08T10:54:34+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/runtime-e2ae0378.js | 185.244.209.62 | 200 OK | 15 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/runtime-e2ae0378.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (47215), with no line terminators Hash9d26081d0b3d4583fb993964e34ebc20 7354028aab0bc7bf47ae19a8ad043a5b963ac9b4 9c88d5d68f360228d938c9d263160133a15c53fd5d7989317406b54a662b469d
GET /_nuxt/desktop/default/runtime-e2ae0378.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 14754
last-modified: Wed, 08 May 2024 10:16:12 GMT
etag: "663b50ec-39a2"
content-encoding: gzip
expires: Thu, 09 May 2024 10:51:18 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-b63b9778e42d25e24475b919962f7ea0-1e55b61654f592fa-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:51:18+00:00, 2024-05-08T10:54:34+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/75bcd414.css | 185.244.209.62 | | 2.3 kB |
URL v3.traincdn.com/_nuxt/desktop/default/css/75bcd414.css IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeASCII text, with very long lines (9958), with no line terminators Hash76a1e3dd8e25bf9a48bdd896de779d20 38c3643e25808d1f3ab167273201eac8c113c088 aa36f7a0cd4e7059cfef75dda25cd20e0bd1fbbe3d10a4ed0697cb937f009273
GET /_nuxt/desktop/default/css/75bcd414.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:04 GMT
content-type: text/css
content-length: 2277
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-8e5"
content-encoding: gzip
expires: Tue, 07 May 2024 11:27:59 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-69e603b378e53f587b7ebb61bbc9130d-8c6fa833bb228737-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T11:27:59+00:00, 2024-05-07T12:10:05+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/commons/app-e695e102.js | 185.244.209.62 | | 47 kB |
URL v3.traincdn.com/_nuxt/desktop/default/commons/app-e695e102.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, ASCII text, with very long lines (65476) Hash414c44a4caf31196b27b1c5c11628879 2536bdd8d54c6f619dc0a200015d9a7b95c08f90 07a1a14bccef15bc4e72f798aa8ae3c18decb59c7ad601832305f8180d3d3b54
GET /_nuxt/desktop/default/commons/app-e695e102.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:04 GMT
content-type: application/javascript; charset=utf-8
content-length: 46806
last-modified: Wed, 08 May 2024 10:16:12 GMT
etag: "663b50ec-b6d6"
content-encoding: gzip
expires: Thu, 09 May 2024 10:51:18 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-6afaae7baac0fe0986c25d6b3ab3e346-3baacf08eda05c7f-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:51:18+00:00, 2024-05-08T10:54:34+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2 | 185.244.209.62 | 200 OK | 64 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2 IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 63748, version 1.0 Hash6887b6f24414dbc612dbf42ccdc76b70 8068d3abfbc6cbf35b55919da45b1f4d2d136238 fc5c015fc32518f1ed810fa84ca28941eb9d5a3c81acc8df69a4dbbeedef7b0c
GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:04 GMT
content-type: font/woff2
content-length: 63748
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "6887b6f24414dbc612dbf42ccdc76b70"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-0b47ee52636a9fcaf10277ba18868b7a-7983fc1286b2b6c1-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T07:13:59+00:00, 2024-05-08T11:28:47+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Medium.woff2 | 185.244.209.62 | 200 OK | 65 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Medium.woff2 IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 64732, version 1.0 Hash3ac5d40d1b3966fc5eb09ecca74d9cbf a69f32357765dd321519889aeacba5e9ca893bb0 3310766b8f58538d07abded74a2babe1acbe1a3ee820d5b8c8265da666f4fb0c
GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Medium.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:04 GMT
content-type: font/woff2
content-length: 64732
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "3ac5d40d1b3966fc5eb09ecca74d9cbf"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-f4995e91d1119275ccaf99af5a135cc6-8f54ec9d5904c0cc-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T07:56:30+00:00, 2024-05-08T10:58:02+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2 | 185.244.209.62 | | 64 kB |
URL v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2 IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeWeb Open Font Format (Version 2), TrueType, length 63920, version 1.0 Hasha65527fcb58f66a7cfbc0e6b160538b4 45d260e7fa343401b5bb0df982a014f53e2d253b fb13c3a1cbac60649b76f7d7f85c1645d35ac69b85ce5f4eb0692505ecc2cd45
GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:04 GMT
content-type: font/woff2
content-length: 63920
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "a65527fcb58f66a7cfbc0e6b160538b4"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-8243de82737609d5188b61a930068885-14189c8095acaf06-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T07:54:39+00:00, 2024-05-08T10:47:40+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/check-ob.js | 185.244.209.62 | | 187 B |
URL v3.traincdn.com/_nuxt/check-ob.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, ASCII text Hashced67278c38d1ce1297c121af69fff8a df6e1531fd84d956263b04254e6f94f5356623f4 2958134c3c00f7c6320858dd66e454c2856e4842821d3523c4cc5e44e1ec8616
GET /_nuxt/check-ob.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:04 GMT
content-type: application/javascript; charset=utf-8
content-length: 187
last-modified: Mon, 06 May 2024 10:23:37 GMT
etag: "6638afa9-bb"
content-encoding: gzip
expires: Tue, 07 May 2024 12:56:18 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-ec1f36f19ed4728af57a6b86d2d81214-dbd93c73ec3cb4f5-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T12:56:18+00:00, 2024-05-07T11:36:39+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/1da51baa342984a84ca1ac8dd900998b.png | 185.244.209.62 | | 653 B |
URL v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/1da51baa342984a84ca1ac8dd900998b.png IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typePNG image data, 32 x 32, 8-bit colormap, non-interlaced Hashe6f0766cbd95db33da44e7a9140648f2 5f196b1bfe8c3f92bd2ebcd67124e72e81ae6aaf c0399d478788d5d483f104a2e8cb7c32f41cb40e9df0c22e831b2bfa2db63ec0
GET /genfiles/cms/1-285/desktop/media_asset/1da51baa342984a84ca1ac8dd900998b.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:04 GMT
content-type: image/png
content-length: 653
last-modified: Tue, 25 Apr 2023 13:43:56 GMT
etag: "e6f0766cbd95db33da44e7a9140648f2"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-b6ebd7ef673ca0d9dec72d65de8fb1d0-9dbd21f274cf8c88-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T07:12:59+00:00, 2024-05-08T11:23:24+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/f5105820.css | 185.244.209.62 | | 194 B |
URL v3.traincdn.com/_nuxt/desktop/default/css/f5105820.css IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeASCII text, with very long lines (395), with no line terminators Hash2818ab9c6ece35261fbf658165189623 f01f8175a7a89449a1dad5f2a7df06c5866c10af b4f0b619b6f6ece6589df376a16eae022b084640348887d3c557e20a37207583
GET /_nuxt/desktop/default/css/f5105820.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:05 GMT
content-type: text/css
content-length: 194
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-c2"
content-encoding: gzip
expires: Wed, 08 May 2024 09:24:14 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-07fd87ceaf464116ce6a607eadbc9756-1fde8e0a54e92006-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T09:24:14+00:00, 2024-05-07T17:58:36+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.BettingContent-0ade32fe.js | 185.244.209.62 | | 634 B |
URL v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.BettingContent-0ade32fe.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, ASCII text, with very long lines (1235), with no line terminators Hash9b4c5178b31779a0981ed2c9776a53c7 9235df453636bc042a2a1ae0f4c515056c5c5a90 8cb9638fcdeffac9470295235a3064097fb9b59e73b95ec8102c6bb663d980d8
GET /_nuxt/desktop/default/Page.Betting.Asia.BettingContent-0ade32fe.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:05 GMT
content-type: application/javascript; charset=utf-8
content-length: 634
last-modified: Wed, 08 May 2024 10:16:12 GMT
etag: "663b50ec-27a"
content-encoding: gzip
expires: Thu, 09 May 2024 10:51:31 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-dd74028b26f8891f5dea5c46ad0a9e3c-e814604792a32f92-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:51:31+00:00, 2024-05-08T11:01:37+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.BettingLeftAside/Page.Betting.Main.Asian/betting.CentralMenuApp/betting.SportsMenuCompact-7f844954.js | 185.244.209.62 | 200 OK | 4.2 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.BettingLeftAside/Page.Betting.Main.Asian/betting.CentralMenuApp/betting.SportsMenuCompact-7f844954.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (14574), with no line terminators Hashd33ee67d9f23dd62c456193b4e764eb9 f6d942295c97dfa39f4a924d0256969ccbed9c62 1e80290f86bdfedcb79a9f94f3eb27f309047d2bd580d874822aaaeac3675e71
GET /_nuxt/desktop/default/Page.Betting.Asia.BettingLeftAside/Page.Betting.Main.Asian/betting.CentralMenuApp/betting.SportsMenuCompact-7f844954.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:05 GMT
content-type: application/javascript; charset=utf-8
content-length: 4193
last-modified: Wed, 08 May 2024 10:16:12 GMT
etag: "663b50ec-1061"
content-encoding: gzip
expires: Thu, 09 May 2024 10:51:33 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-c4fd020eb770eb534d45db9b06291913-875a6cf9497be4f7-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:51:33+00:00, 2024-05-08T11:01:37+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/2a37879e.css | 185.244.209.62 | | 1.3 kB |
URL v3.traincdn.com/_nuxt/desktop/default/css/2a37879e.css IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeASCII text, with very long lines (6872), with no line terminators Hash7727cc93d85a2459297f9b1237fc6a92 f37f7a3ec3d30df2513a38dd2c67fefaf038edec e4559060670fd8cf92ad4e830ae9237d2bbc735470f4597ad5d943388d9248d2
GET /_nuxt/desktop/default/css/2a37879e.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:05 GMT
content-type: text/css
content-length: 1331
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-533"
content-encoding: gzip
expires: Tue, 07 May 2024 12:28:13 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-6d8c993b3f8a7209c2917869e78bc67b-81c86c5cffe718a4-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T12:28:13+00:00, 2024-05-07T15:18:59+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.BettingLeftAside-e9231dc8.js | 185.244.209.62 | | 11 kB |
URL v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.BettingLeftAside-e9231dc8.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (40117), with no line terminators Hash0644769b808fa59af4beda42788b2e66 266dd9b95b442a01759242a55a117d083cbac67d 7f2a8da86462ef570ba1c5abe327880bcea5ec510160ea6f590a066e1a5bc6ce
GET /_nuxt/desktop/default/Page.Betting.Asia.BettingLeftAside-e9231dc8.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:05 GMT
content-type: application/javascript; charset=utf-8
content-length: 10688
last-modified: Wed, 08 May 2024 10:16:12 GMT
etag: "663b50ec-29c0"
content-encoding: gzip
expires: Thu, 09 May 2024 10:51:34 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-eb582ea6d09a61833950c71e05296510-6d45b309be1f9fb6-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:51:34+00:00, 2024-05-08T11:01:37+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/GameProvider/Page.Betting.Asia.Homepage/Page.Betting.MultiLive/Page.CricketWorldCupPage/Page/17c2374e-70c9070a.js | 185.244.209.62 | 200 OK | 37 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/vendors/GameProvider/Page.Betting.Asia.Homepage/Page.Betting.MultiLive/Page.CricketWorldCupPage/Page/17c2374e-70c9070a.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65461) Hash0708c03dd81cfcc30a6eb12e8d5a7192 91064268dc5ef484b6b8e073cde872c21b3a0fd1 4bb58dc9b93318e295ad055e8b4b1fce9eab0fddad1c4f72ff791283bb834ea0
GET /_nuxt/desktop/default/vendors/GameProvider/Page.Betting.Asia.Homepage/Page.Betting.MultiLive/Page.CricketWorldCupPage/Page/17c2374e-70c9070a.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:05 GMT
content-type: application/javascript; charset=utf-8
content-length: 37176
last-modified: Wed, 08 May 2024 10:16:12 GMT
etag: "663b50ec-9138"
content-encoding: gzip
expires: Thu, 09 May 2024 10:51:34 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-3c1e6dbe8b18748a683f58c7cb39d89b-1649039a68e39c64-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:51:34+00:00, 2024-05-08T11:01:37+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Asia.Homepage-36c334d6.js | 185.244.209.62 | 200 OK | 10 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Asia.Homepage-36c334d6.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (36639), with no line terminators Hash67d8ed132b1ddc0c303fd8f75f32b471 cc7d93fb03efb29743c787d310d0f0350740ca94 7221c0785ae9cc81866e4a8b7638fbeef6df772b59a60ec529e5db68a2c62117
GET /_nuxt/desktop/default/vendors/Page.Betting.Asia.Homepage-36c334d6.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:05 GMT
content-type: application/javascript; charset=utf-8
content-length: 10104
last-modified: Wed, 08 May 2024 10:16:12 GMT
etag: "663b50ec-2778"
content-encoding: gzip
expires: Thu, 09 May 2024 10:51:34 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-e9158b1dbe3dd7a204488b2120a5d6e2-17d6eff11cc06e32-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:51:34+00:00, 2024-05-08T11:01:37+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.Homepage/Page.NewCyber.Cyber/Page.NewCyber.CyberApp/Page.NewCyber.CyberChamp/Page./8c362243-3476a987.js | 185.244.209.62 | 200 OK | 5.6 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.Homepage/Page.NewCyber.Cyber/Page.NewCyber.CyberApp/Page.NewCyber.CyberChamp/Page./8c362243-3476a987.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (19536), with no line terminators Hash18d38aff5018dad1262fc227a68b5ec8 fe50b32177073c7724e8031febe4e3feef6e5f95 266f384d74ee49340d4cb0647e2bdb7c767409d7bf8cc35442a453bcf08bb8df
GET /_nuxt/desktop/default/Page.Betting.Asia.Homepage/Page.NewCyber.Cyber/Page.NewCyber.CyberApp/Page.NewCyber.CyberChamp/Page./8c362243-3476a987.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:05 GMT
content-type: application/javascript; charset=utf-8
content-length: 5573
last-modified: Wed, 08 May 2024 10:16:12 GMT
etag: "663b50ec-15c5"
content-encoding: gzip
expires: Thu, 09 May 2024 10:51:33 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-25b6b6090fe670c103ff5ab132be19a4-7f7a706324c5d56e-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:51:33+00:00, 2024-05-08T11:01:37+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/a1bf72f5.css | 185.244.209.62 | | 6.7 kB |
URL v3.traincdn.com/_nuxt/desktop/default/css/a1bf72f5.css IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeASCII text, with very long lines (53183), with no line terminators Hash4501125cd5c80c2b8acf7af843956d66 b24a3be842323cc3d17a708ff48bb84dcb652041 ec51d38db21ace66a188f18b6ae3b5a76254c28f379aaa6499bf2c79626b8820
GET /_nuxt/desktop/default/css/a1bf72f5.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:05 GMT
content-type: text/css
content-length: 6677
last-modified: Wed, 08 May 2024 10:16:12 GMT
etag: "663b50ec-1a15"
content-encoding: gzip
expires: Thu, 09 May 2024 10:51:33 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-224b508fe3d3e130b33a5f63d5f94d8b-82e4f3dec82a29f0-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:51:33+00:00, 2024-05-08T11:01:37+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.Homepage-3636738c.js | 185.244.209.62 | | 33 kB |
URL v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.Homepage-3636738c.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (64912), with no line terminators Hash1f7da36659a544fba17a29cffa971076 5c97a256ee06a1f642721e924aaf92fc6e8012f7 7283f446334be010ae677213a0b827a2e993e298bf023a85e87577edd2216c2d
GET /_nuxt/desktop/default/Page.Betting.Asia.Homepage-3636738c.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:05 GMT
content-type: application/javascript; charset=utf-8
content-length: 33094
last-modified: Wed, 08 May 2024 10:16:12 GMT
etag: "663b50ec-8146"
content-encoding: gzip
expires: Thu, 09 May 2024 10:51:33 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-6f76ccfa35206e6d37a42e186550a090-639fc5387af002ff-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:51:33+00:00, 2024-05-08T11:01:37+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/f72f2b10.css | 185.244.209.62 | 200 OK | 4.8 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/f72f2b10.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (38649), with no line terminators Hash8ab5f1e804e2a4565dea164054ff0907 7ee2bea2c9dcb6424f707c35588a316a249270fa ce3424802faaac382a0efe23fbc285123fae95d0461ecf26e4881e1907acd9ec
GET /_nuxt/desktop/default/css/f72f2b10.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:05 GMT
content-type: text/css
content-length: 4780
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-12ac"
content-encoding: gzip
expires: Tue, 07 May 2024 12:28:13 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-2acef331d05ec5b4495f40ec6b01aadf-c015ee111721fe31-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T12:28:13+00:00, 2024-05-07T15:19:00+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.Asian-56ecd176.js | 185.244.209.62 | | 29 kB |
URL v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.Asian-56ecd176.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (64788), with no line terminators Hash07244b6ad35d8802c10a1c5fd37712be 1b41f323c8cf0006dffb57939104bf1da14b9f6b 78be75ea68fee2170ba434351d695ad2be458c1cf6a819a96e1fd932c4b2c8a1
GET /_nuxt/desktop/default/Page.Betting.Main.Asian-56ecd176.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:05 GMT
content-type: application/javascript; charset=utf-8
content-length: 29394
last-modified: Wed, 08 May 2024 10:16:12 GMT
etag: "663b50ec-72d2"
content-encoding: gzip
expires: Thu, 09 May 2024 10:51:34 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-cfb7699c003051370ce32df9d19b2a53-273b9b64164c777d-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:51:34+00:00, 2024-05-08T11:01:37+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.v-tooltip-7105a632.js | 185.244.209.62 | 200 OK | 22 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.v-tooltip-7105a632.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65476) Hash4df28096a23760aa74cf3b1982ae9476 1b99d6f0622b9da8e46e85df6a0b116a8c1a9943 14e6c442824a6a4230ad98dc5046540ea35f1e7ad21b65b927495df4a54aa715
GET /_nuxt/desktop/default/vendors/plugins.v-tooltip-7105a632.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:05 GMT
content-type: application/javascript; charset=utf-8
content-length: 21899
last-modified: Wed, 08 May 2024 10:16:12 GMT
etag: "663b50ec-558b"
content-encoding: gzip
expires: Thu, 09 May 2024 10:51:25 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-e9cbf822aa604fed191495b8df653d95-2011a39538497725-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:51:25+00:00, 2024-05-08T10:54:35+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.vue-notification-99e14113.js | 185.244.209.62 | 200 OK | 4.6 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.vue-notification-99e14113.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (12527), with no line terminators Hash8113ecbe1d6d4c8904ce977109730f08 70cd411e85297f2d6dcccffba8f633e3c609ca5f 1349cb7987b5ebae2dc20a5ad955120b8983b0059549cd7f3b0db5dbf1c89ce5
GET /_nuxt/desktop/default/vendors/plugins.vue-notification-99e14113.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:05 GMT
content-type: application/javascript; charset=utf-8
content-length: 4556
last-modified: Wed, 08 May 2024 10:16:12 GMT
etag: "663b50ec-11cc"
content-encoding: gzip
expires: Thu, 09 May 2024 10:51:25 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-9b68f49d8e7cda858604ad19f907ee47-53e73cd906252937-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:51:25+00:00, 2024-05-08T10:54:35+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/e5c0e314.css | 185.244.209.62 | | 953 B |
URL v3.traincdn.com/_nuxt/desktop/default/css/e5c0e314.css IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeASCII text, with very long lines (3352), with no line terminators Hash748da80084597d87b4ff5e98b017b07b db6ad2ec24bfcbe751a23061d935403e1163f471 4eaf4071f43aaa0243a4c6948131b7a3e03fe6ab1f4228da38e8588c15e01f24
GET /_nuxt/desktop/default/css/e5c0e314.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:05 GMT
content-type: text/css
content-length: 953
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-3b9"
content-encoding: gzip
expires: Tue, 07 May 2024 11:05:11 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-91ed6d3622e38d76eb712002034dc0af-75abe4e7ec5ce9c0-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T11:05:10+00:00, 2024-05-07T15:29:39+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.vue-js-modal-2e14a47d.js | 185.244.209.62 | 200 OK | 8.1 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.vue-js-modal-2e14a47d.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (26717), with no line terminators Hash5e555ad28a7c695afb377a8855610652 8f195d8ff18e3e2d1105587315d8d3102650bf3a b90b7ba895ec988a0b72b9fd21ccc3d8e1d1cc4035f57fc47be6fb00e32caacc
GET /_nuxt/desktop/default/vendors/plugins.vue-js-modal-2e14a47d.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:05 GMT
content-type: application/javascript; charset=utf-8
content-length: 8055
last-modified: Wed, 08 May 2024 10:16:12 GMT
etag: "663b50ec-1f77"
content-encoding: gzip
expires: Thu, 09 May 2024 10:51:25 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-443bb8640c98d8f99862cd087a0bb1d7-5cb9cadad87dddb0-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:51:25+00:00, 2024-05-08T10:54:35+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/date-fns-locale-21-4919f2b6.js | 185.244.209.62 | | 2.1 kB |
URL v3.traincdn.com/_nuxt/desktop/default/date-fns-locale-21-4919f2b6.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, ASCII text, with very long lines (6960), with no line terminators Hash426b4077094d2bf6f0f1feab6aaaaa40 b6ac46785f2225c76aaf65d152456765df824887 864bc0a49b9b457b62b65a8902f9f07305e5010d46df4cc5416dfb8b028c2c09
GET /_nuxt/desktop/default/date-fns-locale-21-4919f2b6.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:05 GMT
content-type: application/javascript; charset=utf-8
content-length: 2121
last-modified: Wed, 08 May 2024 10:16:12 GMT
etag: "663b50ec-849"
content-encoding: gzip
expires: Thu, 09 May 2024 10:51:25 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-2912ce15446644d26ca1042154419a0b-abcd953a47cb82d0-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:51:25+00:00, 2024-05-08T10:58:37+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/DC-fcb3e9b4.js | 185.244.209.62 | | 999 B |
URL v3.traincdn.com/_nuxt/desktop/default/DC-fcb3e9b4.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, ASCII text, with very long lines (2336), with no line terminators Hash55a903571af1a626a07aa8e6a5d83e1e 744db188996ec7ada8c219355d471d2ed347a9a2 ebd3f27093e1a541034d9c46a308f1273e0480bbeaaccf70f638e95f663c95e6
GET /_nuxt/desktop/default/DC-fcb3e9b4.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:05 GMT
content-type: application/javascript; charset=utf-8
content-length: 999
last-modified: Wed, 08 May 2024 10:16:12 GMT
etag: "663b50ec-3e7"
content-encoding: gzip
expires: Thu, 09 May 2024 10:51:25 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-63ebffe1cb996dbd8511732367ae4290-50d6f93d871fa90a-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:51:25+00:00, 2024-05-08T10:54:35+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/seo-module-api/api/public/v1/analytics-counters?url=https:%2F%2F1xlite-461430.top&projectId=285 | 178.253.29.51 | 200 OK | 141 B |
URL GET HTTP/21xlite-461430.top/seo-module-api/api/public/v1/analytics-counters?url=https:%2F%2F1xlite-461430.top&projectId=285 IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hashbd9be2fa89d26e9e6f1b2e08ffcd0ed6 90eae25ee792254c7ca97e98c5782078f9bdc37f c11510c5556799ec6bf918684e80903d08cf6237d3c4f94d32a8ebf35d067a1d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /seo-module-api/api/public/v1/analytics-counters?url=https:%2F%2F1xlite-461430.top&projectId=285 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET; postback_watcher=; platform_type=desktop; auid=sv0dM2Y7Yf7BbyWAAwM8Ag==; SESSION=75bb5152e29b8089ef1d8c32275dd0df; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:05 GMT
content-type: application/json
content-length: 141
cache-control: max-age=1200, must-revalidate, public, s-maxage=1800, stale-if-error=86400, stale-while-revalidate=300
x-content-digest: enebf83560af95b198ca2d2caf127b1151
age: 364
x-request-id: f48ea5e46ba7315ee2b066abb12ad450
x-request-guid: f48ea5e46ba7315ee2b066abb12ad450
x-time-ng: 0.003
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: p;dur=1.9099712371826, wf-uht;dur=0.011
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Betting.Core-f89d33f6.js | 185.244.209.62 | 200 OK | 1.6 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/Betting.Core-f89d33f6.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (2508), with no line terminators Hasha961fc2d8c225c0cc2dc814175a9d9e4 9293a62e3d0f4ab392dfef6f7f7172cb9889a724 a33381e13222f9cb4ab741177e3ad9ed83e3eca14864fac385a8fc4440ff2d90
GET /_nuxt/desktop/default/Betting.Core-f89d33f6.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:05 GMT
content-type: application/javascript; charset=utf-8
content-length: 1645
last-modified: Wed, 08 May 2024 10:16:12 GMT
etag: "663b50ec-66d"
content-encoding: gzip
expires: Thu, 09 May 2024 10:51:25 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-44190b14ccef824d3c1f834b44acee70-05c1c4988429f264-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:51:25+00:00, 2024-05-08T10:54:35+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/consultant.supHelperV2-c7b965b1.js | 185.244.209.62 | 200 OK | 1.5 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/consultant.supHelperV2-c7b965b1.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (3230), with no line terminators Hash5233ff069edca79a361c0b2b198b55cc ba4364baebab13117998653f970a92b8ee07f900 c738fe5d4a58cfa5164ec13724b158a0021645987ebb534e1a230895b48b2e56
GET /_nuxt/desktop/default/consultant.supHelperV2-c7b965b1.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:05 GMT
content-type: application/javascript; charset=utf-8
content-length: 1451
last-modified: Wed, 08 May 2024 10:16:12 GMT
etag: "663b50ec-5ab"
content-encoding: gzip
expires: Thu, 09 May 2024 10:51:25 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-8bb15774bc4d5df6e1776cc6015bc8b5-0f884d292013c953-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:51:25+00:00, 2024-05-08T10:54:35+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/version.json?timestamp=1715167745815 | 178.253.29.51 | 200 OK | 44 B |
URL GET HTTP/21xlite-461430.top/version.json?timestamp=1715167745815 IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hash0b80561d133a4c31e43457feb7a88098 5a12bbbf740f5dd45ec60c7cd88c20eeed25fd35 5ce84fd81852f0c0801481e412cff8d61a241f7ea7b7ff8082738d9fe23ffd02
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /version.json?timestamp=1715167745815 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET; postback_watcher=; platform_type=desktop; auid=sv0dM2Y7Yf7BbyWAAwM8Ag==; SESSION=75bb5152e29b8089ef1d8c32275dd0df; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:05 GMT
content-type: application/json
content-length: 44
last-modified: Wed, 08 May 2024 10:17:36 GMT
vary: Accept-Encoding
etag: "663b5140-2c"
content-encoding: gzip
expires: Wed, 08 May 2024 11:30:05 GMT
access-control-allow-origin: *
cache-control: max-age=60, max-age=60, s-maxage=60
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.046
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/ioc.dependencies.18-45d015a5.js | 185.244.209.62 | | 1.3 kB |
URL v3.traincdn.com/_nuxt/desktop/default/ioc.dependencies.18-45d015a5.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (3073), with no line terminators Hashd480de5fb5e98ac782b0bd0f059e76f0 4c835740fa9f633deed7fba057d32b6d9ada360a d283c64ddc00ff6250739d80df5c2dbc126fedd3731ee5fa1611d70a27b4d6d0
GET /_nuxt/desktop/default/ioc.dependencies.18-45d015a5.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:06 GMT
content-type: application/javascript; charset=utf-8
content-length: 1321
last-modified: Wed, 08 May 2024 10:16:12 GMT
etag: "663b50ec-529"
content-encoding: gzip
expires: Thu, 09 May 2024 10:51:45 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-0784d92abbc2bc420acf1b31a8721edb-6a7c2fa31f3595c1-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:51:45+00:00, 2024-05-08T11:01:38+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Cyber.Game/Page.NewCyber.CyberApp/Page.NewCyber.CyberChamps/Page.NewCyber.CyberDashboar/ff3e75d4-95a46df4.js | 185.244.209.62 | | 7.4 kB |
URL v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Cyber.Game/Page.NewCyber.CyberApp/Page.NewCyber.CyberChamps/Page.NewCyber.CyberDashboar/ff3e75d4-95a46df4.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (32231), with no line terminators Hashf044c79cdd766337de9617cef4fef708 e09d93c3c6e5c605672e36ea0ae6ba3c71b0f4ff abbf8ee5d929d76e03e4d3b8bc13d82fdc5688908e45a8217740b3c7a0c593eb
GET /_nuxt/desktop/default/vendors/Page.Cyber.Game/Page.NewCyber.CyberApp/Page.NewCyber.CyberChamps/Page.NewCyber.CyberDashboar/ff3e75d4-95a46df4.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:06 GMT
content-type: application/javascript; charset=utf-8
content-length: 7382
last-modified: Wed, 08 May 2024 10:16:12 GMT
etag: "663b50ec-1cd6"
content-encoding: gzip
expires: Thu, 09 May 2024 10:51:27 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-15260163a98295cec7e50cce37dc828f-0e26fcd895847182-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:51:27+00:00, 2024-05-08T10:54:36+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/betting.SportMenuApp-6b906b26.js | 185.244.209.62 | | 7.7 kB |
URL v3.traincdn.com/_nuxt/desktop/default/vendors/betting.SportMenuApp-6b906b26.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, ASCII text, with very long lines (31338), with no line terminators Hash7462c3ce706e3a0439d52dfd83b79f18 7fcb3c23faccec9e4ef977d403cd600ed9d47159 28be8165dfece6660276495ac167ab5161021d9f7b2159e7929e76f1a64f0a16
GET /_nuxt/desktop/default/vendors/betting.SportMenuApp-6b906b26.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:06 GMT
content-type: application/javascript; charset=utf-8
content-length: 7710
last-modified: Wed, 08 May 2024 10:16:12 GMT
etag: "663b50ec-1e1e"
content-encoding: gzip
expires: Thu, 09 May 2024 10:51:45 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-2dd4fb2d612754b7e655f8b175b2e1c1-021fe889e7668c70-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:51:45+00:00, 2024-05-08T11:01:39+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/ad481252.css | 185.244.209.62 | | 3.0 kB |
URL v3.traincdn.com/_nuxt/desktop/default/css/ad481252.css IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeASCII text, with very long lines (22886), with no line terminators Hashf1e1bb557e1155bf9c70751dec445176 013c5224a1bbbf0d6603f25e31863aa90f279b40 7aa1af5184d161c5f279c0da3199cef2dfc0aac5e90cce3e880f1f89401a0a15
GET /_nuxt/desktop/default/css/ad481252.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:06 GMT
content-type: text/css
content-length: 3006
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-bbe"
content-encoding: gzip
expires: Tue, 07 May 2024 12:29:01 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-6a3011fda629cd54d8e42a6d782708a0-28a9f7530df87f7e-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T12:29:01+00:00, 2024-05-07T17:01:18+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/betting.SportMenuApp-43e47582.js | 185.244.209.62 | | 25 kB |
URL v3.traincdn.com/_nuxt/desktop/default/betting.SportMenuApp-43e47582.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65483), with no line terminators Hashe64e6103ea1b8ab52c93a9786ac2cd6b 02fad318aa11a5b8124e4edf9b2e506020c7904d fa69a8cd98ac6ed2944e28e57a4b151bf76457a430d39e48b60194f901dae4da
GET /_nuxt/desktop/default/betting.SportMenuApp-43e47582.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:06 GMT
content-type: application/javascript; charset=utf-8
content-length: 24936
last-modified: Wed, 08 May 2024 10:16:12 GMT
etag: "663b50ec-6168"
content-encoding: gzip
expires: Thu, 09 May 2024 10:51:45 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-aecdb26bb9f0b31f85d929dc50c59cbf-e1a9586c533a9c8a-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:51:45+00:00, 2024-05-08T11:01:39+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/betting.HomeSliderComponent-81e2f8d7.js | 185.244.209.62 | | 7.4 kB |
URL v3.traincdn.com/_nuxt/desktop/default/vendors/betting.HomeSliderComponent-81e2f8d7.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, ASCII text, with very long lines (27479), with no line terminators Hash0b17cf75462948eeaaf7ece70cd5fba2 aebbba96a756cf09ce6a16de9e70c683b5de001d 32c6603817e972bf1aee9f736061fe43218fd74789ae76cb4cf7383176e65229
GET /_nuxt/desktop/default/vendors/betting.HomeSliderComponent-81e2f8d7.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:06 GMT
content-type: application/javascript; charset=utf-8
content-length: 7381
last-modified: Wed, 08 May 2024 10:16:12 GMT
etag: "663b50ec-1cd5"
content-encoding: gzip
expires: Thu, 09 May 2024 10:51:45 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-8f3c0843555d0000f106e0391e3da126-b91cf000d5ffd647-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:51:45+00:00, 2024-05-08T11:09:05+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/85022173.css | 185.244.209.62 | | 1.7 kB |
URL v3.traincdn.com/_nuxt/desktop/default/css/85022173.css IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeASCII text, with very long lines (9757), with no line terminators Hashd9ff2bf37891da2be05d7fd5442113f5 419f63a7b47f983139a1cdc040707ab4b90bc255 05d90d1e2368c45cf52f0796d76035b98b8ab02ff57d218005ddffbfc20963c5
GET /_nuxt/desktop/default/css/85022173.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:06 GMT
content-type: text/css
content-length: 1731
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-6c3"
content-encoding: gzip
expires: Tue, 07 May 2024 12:55:22 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-689019da349868f8c1d11901af2ba16b-dd27b798d18ebf42-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T12:55:22+00:00, 2024-05-07T17:01:18+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/betting.HomeSliderComponent-8f216f08.js | 185.244.209.62 | | 7.6 kB |
URL v3.traincdn.com/_nuxt/desktop/default/betting.HomeSliderComponent-8f216f08.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, ASCII text, with very long lines (24523), with no line terminators Hasha84c24326d41c0aa0f3fb493e4bfc856 1aaaa001532b4d7589f6e0879455f6c78699c52e 296f8cc8788197eb5fd295ca003429fe2db6093eb6388c003447a5de6f31b53e
GET /_nuxt/desktop/default/betting.HomeSliderComponent-8f216f08.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:06 GMT
content-type: application/javascript; charset=utf-8
content-length: 7592
last-modified: Wed, 08 May 2024 10:16:12 GMT
etag: "663b50ec-1da8"
content-encoding: gzip
expires: Thu, 09 May 2024 10:51:46 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-3c8afe241da64690f7d4121826b35130-5ac6979b6553f7c6-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:51:46+00:00, 2024-05-08T11:09:05+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/a05707a0.css | 185.244.209.62 | 200 OK | 1.3 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/a05707a0.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (6442), with no line terminators Hash2b7cd76d45868e18a22be501f214c7c2 e2799c9711adb4b6b850f39a90d3b074878e2c62 81499263837bef8f4f0ea4015d21a7895e9a51ede856b8b40d9b2240c99fe7c9
GET /_nuxt/desktop/default/css/a05707a0.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:06 GMT
content-type: text/css
content-length: 1308
last-modified: Wed, 08 May 2024 10:16:12 GMT
etag: "663b50ec-51c"
content-encoding: gzip
expires: Thu, 09 May 2024 10:51:45 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-62ee41c134e698e9102aa04d1dbc2772-4c2ad5fdb9857042-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:51:45+00:00, 2024-05-08T11:01:39+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/betting.CentralMenuApp-96d6b2c1.js | 185.244.209.62 | | 19 kB |
URL v3.traincdn.com/_nuxt/desktop/default/betting.CentralMenuApp-96d6b2c1.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65283), with no line terminators Hash0fcfe75628cf7cd25fa643bfefbf5940 2d7d246eb52fbc3a2420db7a8bfa1d54e5b480fd bbb5b77e24844a594d4084e394bfa0348081335c28a3a4d172ac5ff83cdabcea
GET /_nuxt/desktop/default/betting.CentralMenuApp-96d6b2c1.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:06 GMT
content-type: application/javascript; charset=utf-8
content-length: 18951
last-modified: Wed, 08 May 2024 10:16:12 GMT
etag: "663b50ec-4a07"
content-encoding: gzip
expires: Thu, 09 May 2024 10:51:46 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-4b361c5cbd5c2f947245bef872973475-ea52cc9e043aa965-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:51:46+00:00, 2024-05-08T11:01:39+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/526e44d9.css | 185.244.209.62 | 200 OK | 459 B |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/526e44d9.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (1526), with no line terminators Hash97fdf5b6e7dfddf6ab251e984133b2c3 bb552fe685c52c34e0ed91e4dfaa9df2675ad086 92fcdb73c544b1f2befe78685340fd3371e920187a2232f8e4bffd73985d40e3
GET /_nuxt/desktop/default/css/526e44d9.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:06 GMT
content-type: text/css
content-length: 459
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-1cb"
content-encoding: gzip
expires: Tue, 07 May 2024 11:05:30 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-d118939468d8a5e715d3af9c1b536283-1ea432fe5c34a5bb-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T11:05:30+00:00, 2024-05-07T15:46:31+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/betting.media-49c46e45.js | 185.244.209.62 | | 17 kB |
URL v3.traincdn.com/_nuxt/desktop/default/vendors/betting.media-49c46e45.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (41022), with NEL line terminators Hash732bde6d360cd7be7ce9ce10044202ba c4fdecf84f6261b354240750525cb9d2a8d87d09 d46270d03f72eb032f9e205e2eedecdf65838a9f474b356b127474f73b66d347
GET /_nuxt/desktop/default/vendors/betting.media-49c46e45.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:06 GMT
content-type: application/javascript; charset=utf-8
content-length: 16832
last-modified: Wed, 08 May 2024 10:16:12 GMT
etag: "663b50ec-41c0"
content-encoding: gzip
expires: Thu, 09 May 2024 10:51:26 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-4195c02d479a27715b59396e977e4086-bd592390e29003d7-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:51:26+00:00, 2024-05-08T10:54:35+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/ff267c5c.css | 185.244.209.62 | 200 OK | 1.5 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/ff267c5c.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (7000), with no line terminators Hashf379bc6f4b94f34d96f6fe51159bee63 f4c0d4dbef1e1e734e84e05d75e4ff950d06eb60 b2a5bd6495250a19500dd5a6ca62f045c8b70226a668dc63ef40c78883bdae11
GET /_nuxt/desktop/default/css/ff267c5c.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:06 GMT
content-type: text/css
content-length: 1486
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-5ce"
content-encoding: gzip
expires: Tue, 07 May 2024 14:34:32 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-3e7af0ef15daa07e504a6ebe94430e50-1ad4b7832ddef4bc-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:34:32+00:00, 2024-05-07T17:11:07+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/betting.media-29872be3.js | 185.244.209.62 | | 4.7 kB |
URL v3.traincdn.com/_nuxt/desktop/default/betting.media-29872be3.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, ASCII text, with very long lines (16761), with no line terminators Hashf2263fc2e9f9bff4572f3b1c24a80ab2 efe1b2479e2f34dbe912d9e588759b2787bbc3b9 38444c18d8c24549cc13b2de3a055976ec8f3f238e022739f0b6aef8fa74db9b
GET /_nuxt/desktop/default/betting.media-29872be3.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:06 GMT
content-type: application/javascript; charset=utf-8
content-length: 4727
last-modified: Wed, 08 May 2024 10:16:12 GMT
etag: "663b50ec-1277"
content-encoding: gzip
expires: Thu, 09 May 2024 10:51:27 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-06c491a7e4e0b06201e11d8e0fb32130-1227bab8d5d0df1c-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:51:27+00:00, 2024-05-08T10:54:35+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/6a3b01d318b759a5d8cbcd76fd908037.json | 178.253.29.51 | | 655 B |
URL 1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/6a3b01d318b759a5d8cbcd76fd908037.json IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hasheec4805fe0f6e17d5ade92a382f5b068 ca6a26fe8ea31e66c0bef88c4e7f489dce9f9a4b b50904054641c30b6b4ee7ed4290b52022825f2e9e9e3a4a060b8ecddf28c898
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /genfiles/cms/1-285/desktop/media_asset/6a3b01d318b759a5d8cbcd76fd908037.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET; postback_watcher=; platform_type=desktop; auid=sv0dM2Y7Yf7BbyWAAwM8Ag==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:05 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Wed, 28 Feb 2024 21:42:45 GMT
etag: W/"eec4805fe0f6e17d5ade92a382f5b068"
content-encoding: br
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.008
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/session-api/sessions/user | 178.253.29.51 | 200 OK | 16 B |
URL GET HTTP/21xlite-461430.top/session-api/sessions/user IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hash646b2e82b65602d35f7aa6283c387e3a b163a70c5df8e4b0861a23a04f8a6f78393747f4 b68bf12405ee2cb5b76764df21dbc2df0953ddff4072ddc5281d1aab05e8c4ab
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /session-api/sessions/user HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET; platform_type=desktop; auid=sv0dM2Y7Yf7BbyWAAwM8Ag==; SESSION=75bb5152e29b8089ef1d8c32275dd0df; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:06 GMT
content-type: application/json
content-length: 16
cache-control: no-cache, private
x-time-ng: 0.006
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: p;dur=1.154899597168, wf-uht;dur=0.014
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/web-api/api/v3/bonuses/first-deposit | 178.253.29.51 | 200 OK | 320 B |
URL GET HTTP/21xlite-461430.top/web-api/api/v3/bonuses/first-deposit IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hash6c497f6fefa1ff03d2b3f026ca9ea1b2 67708749c2923ee8fb64f119bfe6601df89cc754 62d6341764aac9fa45a7c7c304e969a0408d60f679d5142d0faa28e178d132c2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /web-api/api/v3/bonuses/first-deposit HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET; platform_type=desktop; auid=sv0dM2Y7Yf7BbyWAAwM8Ag==; SESSION=75bb5152e29b8089ef1d8c32275dd0df; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:06 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: br
server-timing: p;dur=38, dt_total;dur=39.734, wf-uht;dur=0.052
traceparent: 00-169235ace2eb8a08418930c33e18a735-93c8eaa0835431db-01
vary: Accept-Encoding
x-dt: 285
x-time-ng: 0.039
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/Auth.Forms/RegistrationWidgetApp/components/userControl.auth_form_extended/registration.Main/da7322db-3f250b35.js | 185.244.209.62 | | 8.5 kB |
URL v3.traincdn.com/_nuxt/desktop/default/vendors/Auth.Forms/RegistrationWidgetApp/components/userControl.auth_form_extended/registration.Main/da7322db-3f250b35.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, ASCII text, with very long lines (25972) Hash6d75d9fb64764579504c00ce537f6ff1 5661eb661bdef0a6a8bdd029ba5b7b9eb050e15e bf2a87bf4b4484a7ff05c40e1b4c94a316800dedb9445359cda5e43efa825d9f
GET /_nuxt/desktop/default/vendors/Auth.Forms/RegistrationWidgetApp/components/userControl.auth_form_extended/registration.Main/da7322db-3f250b35.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:06 GMT
content-type: application/javascript; charset=utf-8
content-length: 8522
last-modified: Wed, 08 May 2024 10:16:12 GMT
etag: "663b50ec-214a"
content-encoding: gzip
expires: Thu, 09 May 2024 10:51:26 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-90f3af250c88acf0265d8fdfbd2934b9-8e23fef1594d01ae-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:51:26+00:00, 2024-05-08T10:54:35+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/25e24e18.css | 185.244.209.62 | | 1.5 kB |
URL v3.traincdn.com/_nuxt/desktop/default/css/25e24e18.css IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeASCII text, with very long lines (6262), with no line terminators Hash09f1bd90913ad83743065cc13ee3e0c6 0f1d49d4ddfccf474d882839c1ac901a8c1d91e6 b0222e16baaccc20a1143166da7715bbab586f1d8d8bebf26f91e98738a55a92
GET /_nuxt/desktop/default/css/25e24e18.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:06 GMT
content-type: text/css
content-length: 1505
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-5e1"
content-encoding: gzip
expires: Tue, 07 May 2024 12:28:59 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-25623cf5910785756478d92d38181f47-028e61464fd5d065-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T12:28:59+00:00, 2024-05-07T16:33:54+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/bff-api/event-logo/v2/suitable.json?lang=en | 178.253.29.51 | | 2 B |
URL 1xlite-461430.top/bff-api/event-logo/v2/suitable.json?lang=en IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hashd751713988987e9331980363e24189ce 97d170e1550eee4afc0af065b78cda302a97674c 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /bff-api/event-logo/v2/suitable.json?lang=en HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET; platform_type=desktop; auid=sv0dM2Y7Yf7BbyWAAwM8Ag==; SESSION=75bb5152e29b8089ef1d8c32275dd0df; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:06 GMT
content-type: application/json
content-length: 2
cache-control: no-cache, private
server-timing: bff;dur=12.91, dt_total;dur=64.981, wf-uht;dur=0.073
traceparent: 00-14af159efdfff292286ebcb6d14a64bd-858136aba0cf2129-01
x-dt: 285
x-time-ng: 0.065
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/RegistrationWidgetApp-244fe993.js | 185.244.209.62 | | 21 kB |
URL v3.traincdn.com/_nuxt/desktop/default/vendors/RegistrationWidgetApp-244fe993.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash355ce5bc5ad3ce4d9f2f42f33af33a73 3cb3452330b81cf844be98de00fd4c54717c7cf8 0a79ccdbc986e060b53a249945fd32b5a2b892bfcae6cf9ff7dac154ad05d380
GET /_nuxt/desktop/default/vendors/RegistrationWidgetApp-244fe993.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:06 GMT
content-type: application/javascript; charset=utf-8
content-length: 20768
last-modified: Wed, 08 May 2024 10:16:12 GMT
etag: "663b50ec-5120"
content-encoding: gzip
expires: Thu, 09 May 2024 10:51:46 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-a5f705397265c52100a63430c9f68879-7470bb4a85645d5d-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:51:46+00:00, 2024-05-08T11:23:46+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/betting.coupon2-6e433cdf.js | 185.244.209.62 | | 578 B |
URL v3.traincdn.com/_nuxt/desktop/default/betting.coupon2-6e433cdf.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, ASCII text, with very long lines (1003), with no line terminators Hashb9a05e5aa1c5b98c055f94570bbf4ad2 24bf68bdbe24f5b82fddbb934ad2ead865d4705e 7f6ac8faf0ffe76890d0518f7470d54e20a8b8dc92dcb433645a46aa2ccfca11
GET /_nuxt/desktop/default/betting.coupon2-6e433cdf.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:06 GMT
content-type: application/javascript; charset=utf-8
content-length: 578
last-modified: Wed, 08 May 2024 10:16:12 GMT
etag: "663b50ec-242"
content-encoding: gzip
expires: Thu, 09 May 2024 10:51:46 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-bdf7df475ca6b77c19b6f26a2947da4c-5ead6bd02ae3d992-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:51:46+00:00, 2024-05-08T11:01:39+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/service-api/LiveFeed/WebGetTopChampsZip?lng=en&gr=285&country=137 | 178.253.29.51 | | 342 B |
URL 1xlite-461430.top/service-api/LiveFeed/WebGetTopChampsZip?lng=en&gr=285&country=137 IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hash971f38b1a28cdeafc87a89656bbed138 cbab2f05e1792435d31828d82addbaf5389d1b35 e55e4be35f054c5d77e7046e4ee296bc9eca5a6441ac03d5ce9ce2b68fefa8bf
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/WebGetTopChampsZip?lng=en&gr=285&country=137 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET; platform_type=desktop; auid=sv0dM2Y7Yf7BbyWAAwM8Ag==; SESSION=75bb5152e29b8089ef1d8c32275dd0df; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:06 GMT
content-type: application/json; charset=utf-8
content-length: 342
cache-control: no-cache
content-encoding: br
last-modified: Wed, 08 May 2024 11:29:06 GMT
vary: Accept-Encoding
x-time-ng: 0.005
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.012
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/service-api/LiveFeed/GetTopGamesStatZip?lng=en&antisports=66 | 178.253.29.51 | | 2.3 kB |
URL 1xlite-461430.top/service-api/LiveFeed/GetTopGamesStatZip?lng=en&antisports=66 IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hash119665d1edf731a6d6569cd9501832ad 0c26641633645124fc812c3bdf5dec619b4714fe 0653805d641214aa948852010f4dea5b8328aa99f0bed0b9b323f531d336f3db
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/GetTopGamesStatZip?lng=en&antisports=66 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET; platform_type=desktop; auid=sv0dM2Y7Yf7BbyWAAwM8Ag==; SESSION=75bb5152e29b8089ef1d8c32275dd0df; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:06 GMT
content-type: application/json; charset=utf-8
content-length: 2348
cache-control: public, max-age=5
content-encoding: br
last-modified: Wed, 08 May 2024 11:29:06 GMT
vary: Accept-Encoding
x-time-ng: 0.005
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.013
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/genfiles/cms/desktop/contact/86f18367ce2829388dcdabccb99b1740.svg | 178.253.29.51 | | 263 B |
URL 1xlite-461430.top/genfiles/cms/desktop/contact/86f18367ce2829388dcdabccb99b1740.svg IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
File typeSVG Scalable Vector Graphics image Hash28e2c161800b61b985a163f5c492ae51 8845ea940210b4ccb195cca855a598e6aaa58ed0 77c93c24e4eb0f8815a7526d405818c9a38ba6e4317f1fee588fffbc00cb17de
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /genfiles/cms/desktop/contact/86f18367ce2829388dcdabccb99b1740.svg HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET; platform_type=desktop; auid=sv0dM2Y7Yf7BbyWAAwM8Ag==; SESSION=75bb5152e29b8089ef1d8c32275dd0df; window_width=1280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:07 GMT
content-type: image/svg+xml
content-length: 263
last-modified: Fri, 23 Feb 2024 10:01:24 GMT
etag: "28e2c161800b61b985a163f5c492ae51"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/genfiles/cms/desktop/contact/dbc1950bbcc8e27b5dbec1f42635e8d0.svg | 178.253.29.51 | | 296 B |
URL 1xlite-461430.top/genfiles/cms/desktop/contact/dbc1950bbcc8e27b5dbec1f42635e8d0.svg IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
File typeSVG Scalable Vector Graphics image Hashb1bf63d00887bb0354e9d89c7d790a01 2d64ab25c9afff682abd6732f62ba62a197e972b a6a4fbbd99a0a82de03f05da827ccd9d019574bf3450727530403c2b5ce92df0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /genfiles/cms/desktop/contact/dbc1950bbcc8e27b5dbec1f42635e8d0.svg HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET; platform_type=desktop; auid=sv0dM2Y7Yf7BbyWAAwM8Ag==; SESSION=75bb5152e29b8089ef1d8c32275dd0df; window_width=1280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:07 GMT
content-type: image/svg+xml
content-length: 296
last-modified: Fri, 23 Feb 2024 10:03:47 GMT
etag: "b1bf63d00887bb0354e9d89c7d790a01"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/genfiles/cms/desktop/contact/6726b16cfb4e516989153ce398d4a0e4.svg | 178.253.29.51 | 200 OK | 506 B |
URL GET HTTP/21xlite-461430.top/genfiles/cms/desktop/contact/6726b16cfb4e516989153ce398d4a0e4.svg IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
File typeSVG Scalable Vector Graphics image Hash9c340eae608db0c25657b4a73d769afe 988fbf333a2e9290211cd9e6b7c98c59719012b0 b92e969acd8a1e0f9cfd1f84080ca5ccb8cb49b105299434c275a8813faf841e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /genfiles/cms/desktop/contact/6726b16cfb4e516989153ce398d4a0e4.svg HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET; platform_type=desktop; auid=sv0dM2Y7Yf7BbyWAAwM8Ag==; SESSION=75bb5152e29b8089ef1d8c32275dd0df; window_width=1280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:07 GMT
content-type: image/svg+xml
content-length: 506
last-modified: Fri, 23 Feb 2024 10:03:36 GMT
etag: "9c340eae608db0c25657b4a73d769afe"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/DownloadAppWidgetAnalytics-e553050a.js | 185.244.209.62 | 200 OK | 366 B |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/DownloadAppWidgetAnalytics-e553050a.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (416), with no line terminators Hash5a59e1a877dfffd934287be20d74fb8f bd4f023b5d180689555d1185a1167a825549781d 2b2960e941dd6a85aebdfc7cefa2b4352fa3c462de8ade94656a97e1336f3aaf
GET /_nuxt/desktop/default/DownloadAppWidgetAnalytics-e553050a.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:07 GMT
content-type: application/javascript; charset=utf-8
content-length: 366
last-modified: Wed, 08 May 2024 10:16:12 GMT
etag: "663b50ec-16e"
content-encoding: gzip
expires: Thu, 09 May 2024 10:51:47 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-a89f2723435e5a1dbc2053c6378c0c37-bcf540d474c45aa7-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:51:47+00:00, 2024-05-08T11:01:39+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-icons/1.0.334/285/common.svg | 185.244.209.62 | 200 OK | 114 kB |
URL GET HTTP/2v3.traincdn.com/sys-icons/1.0.334/285/common.svg IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Size114 kB (113960 bytes) Hasha4baa2c65e88f3ab7dcb3dd78f68cc11 47852c8b8e8ed2efc85a15b77e8c87948e3e9a70 1f3db60af7f521ed839a74922db76106ea87e6c03f9cb6d387763cdaa47f1b15
GET /sys-icons/1.0.334/285/common.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:06 GMT
content-type: image/svg+xml
last-modified: Tue, 16 Apr 2024 12:55:56 GMT
etag: W/"7bf3e9e7d79beac942f5e7748a3af2e6"
x-amz-meta-mtime: 1713272153.420902787
content-encoding: gzip
expires: Thu, 09 May 2024 10:51:26 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-e4ec9f6881cd1b90f31205c62b182349-fa158e4cafe3b9ee-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:51:26+00:00, 2024-05-08T10:54:35+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/checker/redirect/stat/run/ | 178.253.29.51 | 200 OK | 14 B |
URL GET HTTP/21xlite-461430.top/checker/redirect/stat/run/ IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hash2de0d0acfd684235f066bd0ec0c9e3df 68d0cb64805a42d7e40f43e8e198986b43dd6b69 9682f312f23e078bb135f23ea5a178b178e75c02d33672f20044d18c6d258928
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /checker/redirect/stat/run/ HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET; platform_type=desktop; auid=sv0dM2Y7Yf7BbyWAAwM8Ag==; SESSION=75bb5152e29b8089ef1d8c32275dd0df; window_width=1280; _glhf=1715185523; che_g=3f2954ac-c676-fb8c-77a5-3c12a6bd9725
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:07 GMT
content-type: application/json
content-length: 14
x-time-ng: 0.001
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.069
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/web-api/external-api/config/getVideoAccessConfig | 178.253.29.51 | | 8.4 kB |
URL 1xlite-461430.top/web-api/external-api/config/getVideoAccessConfig IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hashcb0bc8eedc642fc591c0eef57e6c67e5 6c62aeececef0a5ff474bb21bf569ad8d48f6bd0 c57136f602923fc19534e58f7da5a483616d80031222372e19a29fd6f22b0a0e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /web-api/external-api/config/getVideoAccessConfig HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET; platform_type=desktop; auid=sv0dM2Y7Yf7BbyWAAwM8Ag==; SESSION=75bb5152e29b8089ef1d8c32275dd0df; window_width=1280; _glhf=1715185523; che_g=3f2954ac-c676-fb8c-77a5-3c12a6bd9725
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:07 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: br
server-timing: p;dur=19, dt_total;dur=68.593, wf-uht;dur=0.111
traceparent: 00-d00ed29a1c3ee646167f138404f6297d-c2d2395a7df5312c-01
vary: Accept-Encoding
x-dt: 285
x-time-ng: 0.052
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/0e3e1e8d.css | 185.244.209.62 | 200 OK | 1.2 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/0e3e1e8d.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (5638), with no line terminators Hashbe85f100312ee4f9396b6e89cbcb0fef 3934783d38d182ddcaccfdedbbe4fb65c266864c 06a9b859f60f7872c7beaa8286d3c1f45708dd0e1dee20f4c0d55c8719cc2983
GET /_nuxt/desktop/default/css/0e3e1e8d.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:07 GMT
content-type: text/css
content-length: 1193
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-4a9"
content-encoding: gzip
expires: Tue, 07 May 2024 12:28:47 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-1f3594ace82f1a839ec22d20874aa7d0-faed77c9caddfb72-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T12:28:47+00:00, 2024-05-07T15:29:48+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/paysystems/information/systems?lang=en&ref_id=1&geo=NO | 178.253.29.51 | | 5.9 kB |
URL 1xlite-461430.top/paysystems/information/systems?lang=en&ref_id=1&geo=NO IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hashaee63810865584efd27e3f66255d91e4 48b9fef15af63624ba080deda09f3128c37d5184 b459b7d05d7be8a18cde669ed20dd8335e1b3b668a1d7b8c5b56a6f49d1e15fe
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /paysystems/information/systems?lang=en&ref_id=1&geo=NO HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET; platform_type=desktop; auid=sv0dM2Y7Yf7BbyWAAwM8Ag==; SESSION=75bb5152e29b8089ef1d8c32275dd0df; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:07 GMT
content-type: application/json
cache-control: max-age=0, must-revalidate, private
content-encoding: br
expires: Wed, 08 May 2024 11:29:07 GMT
set-cookie: application_locale=en; expires=Fri, 07 Jun 2024 11:29:07 GMT; Max-Age=2592000; path=/; secure; samesite=lax
traceparent: 00-34591961dbaaaf539f6a1a8e29bc774b-3f67201be271f66a-01
vary: Accept-Encoding
x-dt: 285
x-time-ng: 0.195, 0.205
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=206.060, wf-uht;dur=0.214
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/227975.webp | 185.244.209.62 | | 742 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/227975.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hash3e79a21f85c7b0f1b7cfeba9e07e2169 c6e7b0636dbd13ca68e54c446549de2f5a88b9b4 3c228e745b03641724a38561fcb6bffc03d886c021adf0e34298f1c1378d84e4
GET /resized/size16/sfiles/logo_teams/227975.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:07 GMT
content-type: image/webp
content-length: 742
cache-control: max-age=94608000
content-disposition: inline; filename="227975.webp"
content-security-policy: script-src 'none'
expires: Thu, 06 May 2027 22:50:38 GMT
x-request-id: 132f6969cb44c491dd69d09140fcd2d0
x-time-ng: 0.050
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-d9a5f85f552185ffa48887c90f32a267-98e21c5cea3e1f99-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T22:50:38+00:00, 2024-05-08T10:10:54+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/45099.webp | 185.244.209.62 | | 688 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/45099.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hashbee21dcac41f4efbd555046591a6eb74 530d3c390d898074e611903b88bb9f7d6e7093ec da2edc822e7c4c3272f98b8e79792166532aac8cc371fcaa5e438deb7ba5a3f7
GET /resized/size16/sfiles/logo_teams/45099.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:07 GMT
content-type: image/webp
content-length: 688
cache-control: max-age=94608000
content-disposition: inline; filename="45099.webp"
content-security-policy: script-src 'none'
expires: Sat, 08 May 2027 10:03:53 GMT
x-request-id: 7dcc2b5de7a603e230f06171ddcfd31d
x-time-ng: 0.044
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-289cda9b56efc72b53eefacca15d9519-0ac8bbc278600ed6-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:03:53+00:00, 2024-05-08T10:10:54+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| widget.suphelper.top/injector.js | 104.18.39.72 | 200 OK | 73 kB |
URL GET HTTP/2widget.suphelper.top/injector.js IP104.18.39.72:443
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerGoogle Trust Services LLC Subjectsuphelper.top Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36 ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT
File typegzip compressed data, from Unix Hashd4be38bb12cfde054605fb02f90386f2 c82914162fa11664c8fa6ebf62db310aca6c5d8a dc7ca15082a416d8b2c6fea9efa3be7021e1a7dd9ab38320f01dc6f40b8e1b03
GET /injector.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 11:29:07 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=14400
last-modified: Thu, 02 May 2024 07:01:48 GMT
etag: W/"32e7a-18f381bf77a"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
expires: Wed, 08 May 2024 15:29:07 GMT
server: cloudflare
cf-ray: 88091c347af7b512-OSL
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/985488bba6e0734ce470deb983db8fda.webp | 185.244.209.62 | | 784 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/985488bba6e0734ce470deb983db8fda.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hash91e9dbe1764a35f2659d3fec33d8d83c 5d4e3775aea4f18db6c4b444f0725e6894a96a3b 419db0492006f468baec139018045442519b7440d773cd101caedf5204a57f1b
GET /resized/size16/sfiles/logo_teams/985488bba6e0734ce470deb983db8fda.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:07 GMT
content-type: image/webp
content-length: 784
cache-control: max-age=94608000
content-disposition: inline; filename="985488bba6e0734ce470deb983db8fda.webp"
content-security-policy: script-src 'none'
expires: Fri, 07 May 2027 15:12:24 GMT
x-request-id: c2554accbaf4a40e3e73e9819f5a44e0
x-time-ng: 0.037
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-ad1b6185bf5f194187d7711c6f919132-191818098526c4cd-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T15:12:24+00:00, 2024-05-08T09:57:13+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/184059dc317a18e5217c5ac0bd065d50.webp | 185.244.209.62 | 200 OK | 744 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/184059dc317a18e5217c5ac0bd065d50.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash7246e869a92d1a9a9247e8368da3110e d17bfc549ba4f514bd96a80c6c490b2fdcf01757 4257637b6862036b7c261872f0af415e05503f58dbd2f9fbcd7c84e33eec668e
GET /resized/size16/sfiles/logo_teams/184059dc317a18e5217c5ac0bd065d50.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:07 GMT
content-type: image/webp
content-length: 744
cache-control: max-age=94608000
content-disposition: inline; filename="184059dc317a18e5217c5ac0bd065d50.webp"
content-security-policy: script-src 'none'
expires: Fri, 07 May 2027 15:12:24 GMT
x-request-id: da1fb84b0b993139f75702d60b7064a7
x-time-ng: 0.077
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-fb7edf48b66a29f19c0aec8c6c958a77-95a26058c591fcca-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T15:12:24+00:00, 2024-05-08T09:57:13+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/28056ffc4189080c3ce0654833b53a5b.webp | 185.244.209.62 | | 774 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/28056ffc4189080c3ce0654833b53a5b.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hash27416aace549a6be27b593d461f39a7b fc8eff8ef0ea345904628ed3be4aafd77641abeb a761a447093aa6c676b0fb8abee29279c38c74caef62d3e325f6624d4240e8a7
GET /resized/size16/sfiles/logo_teams/28056ffc4189080c3ce0654833b53a5b.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:08 GMT
content-type: image/webp
content-length: 774
cache-control: max-age=94608000
content-disposition: inline; filename="28056ffc4189080c3ce0654833b53a5b.webp"
content-security-policy: script-src 'none'
expires: Fri, 07 May 2027 15:46:05 GMT
x-request-id: d1915f729433089b59951295868a3b85
x-time-ng: 0.040
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-9fcfdefe85de3507efa60731469d6d60-7ec3bf28c404b61a-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T15:46:05+00:00, 2024-05-08T10:58:22+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/2f5de1bb7d1901dc66fc419f6d858eee.webp | 185.244.209.62 | | 772 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/2f5de1bb7d1901dc66fc419f6d858eee.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hash2d27b896f65785522e9d846302a6609c 8d54232c6228ef9f8d7f283a2639b8521f6ed927 87286d0dda51c16ee37f2cdae51fdceb783631083c3bd2ac9d9c1facb1e8a150
GET /resized/size16/sfiles/logo_teams/2f5de1bb7d1901dc66fc419f6d858eee.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:08 GMT
content-type: image/webp
content-length: 772
cache-control: max-age=94608000
content-disposition: inline; filename="2f5de1bb7d1901dc66fc419f6d858eee.webp"
content-security-policy: script-src 'none'
expires: Fri, 07 May 2027 15:46:05 GMT
x-request-id: e5e54d20bf5f6f97d1df8f119e2e3447
x-time-ng: 0.091
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-15b368926aa11d78d691428d6f176696-56d9216ab0fde5b3-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T15:46:05+00:00, 2024-05-08T10:58:22+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/a447b8129d95347ea9104d9ba0c5b870.webp | 185.244.209.62 | | 770 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/a447b8129d95347ea9104d9ba0c5b870.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hash649e050515e3d46142e36d8fb5ae1f80 819bb8e3790140c5b84c40bca189129f0d8aaff9 8ae12962bf42f11552498c7bc7f171d08d6d9f08e2889d8dd3a24d2e5b818005
GET /resized/size16/sfiles/logo_teams/a447b8129d95347ea9104d9ba0c5b870.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:08 GMT
content-type: image/webp
content-length: 770
cache-control: max-age=94608000
content-disposition: inline; filename="a447b8129d95347ea9104d9ba0c5b870.webp"
content-security-policy: script-src 'none'
expires: Fri, 07 May 2027 15:46:05 GMT
x-request-id: a1e0b63c9a8fdc197240dad204136511
x-time-ng: 0.050
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-af83ec8f07aee6acf83d5d9733e3f37f-86c78b86c0a97226-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T15:46:05+00:00, 2024-05-08T10:55:55+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/51687714fb0ed494da6bee88cc94b833.webp | 185.244.209.62 | | 786 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/51687714fb0ed494da6bee88cc94b833.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hash01de8f2646db64a700bf90f288834768 21a159e730912799ccc817f25b734666434a5a03 e72748b0ceb1d94e877fe2cc9d89ada10e01e265ea689b4e6d5f6496cc513619
GET /resized/size16/sfiles/logo_teams/51687714fb0ed494da6bee88cc94b833.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:08 GMT
content-type: image/webp
content-length: 786
cache-control: max-age=94608000
content-disposition: inline; filename="51687714fb0ed494da6bee88cc94b833.webp"
content-security-policy: script-src 'none'
expires: Fri, 07 May 2027 15:46:05 GMT
x-request-id: 249dd146a15e0bd75840d29db25fb91d
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-3572eea4b95f8daf9db357645eb988a2-3567203cbe3552fc-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T15:46:05+00:00, 2024-05-08T10:55:55+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/ebc20318c8e76a842f03fa207ca36c0d.webp | 185.244.209.62 | | 800 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/ebc20318c8e76a842f03fa207ca36c0d.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hash532acd9768eba6b1b87f2678422325f4 559d920540fdfbf58341ab806117b8021ad07fdc 242c8f0654fe42812e52596d214e2478873ec947a15a999f4e1c500512022ae3
GET /resized/size16/sfiles/logo_teams/ebc20318c8e76a842f03fa207ca36c0d.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:08 GMT
content-type: image/webp
content-length: 800
cache-control: max-age=94608000
content-disposition: inline; filename="ebc20318c8e76a842f03fa207ca36c0d.webp"
content-security-policy: script-src 'none'
expires: Fri, 07 May 2027 15:12:24 GMT
x-request-id: fb88c791865eac8f8a3b67fee1af2eed
x-time-ng: 0.055
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-60fdff5e0f5d6c7e61b2664250263241-fb87e4b66eb72e66-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T15:12:24+00:00, 2024-05-08T10:55:47+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/9ebba2bb055dfea7e7d939a9d3ddad82.webp | 185.244.209.62 | | 706 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/9ebba2bb055dfea7e7d939a9d3ddad82.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hash6b6d6badf1245b325c119ef880028db7 662a2fb184d2d6f445c342c8e92ebe4b0bf60682 5efd301a4e0c298accf56833fbf2788a7557be98f817a36ecd768edc29832729
GET /resized/size16/sfiles/logo_teams/9ebba2bb055dfea7e7d939a9d3ddad82.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:08 GMT
content-type: image/webp
content-length: 706
cache-control: max-age=94608000
content-disposition: inline; filename="9ebba2bb055dfea7e7d939a9d3ddad82.webp"
content-security-policy: script-src 'none'
expires: Fri, 07 May 2027 15:12:24 GMT
x-request-id: ad26860610497a738215e8e443a882d8
x-time-ng: 0.043
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-12ba08b62b30c964060e4b02e652235e-eacddbcb3d6096e5-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T15:12:24+00:00, 2024-05-08T10:55:47+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/6748c47ecd385b67fcb2be0bce27d14f.webp | 185.244.209.62 | | 744 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/6748c47ecd385b67fcb2be0bce27d14f.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hashc65a6fcd7eee9252f62522935890cef6 d5e66d48b5f4c1ef2d9fef56625458742387b607 59b53739138c0f7d95a3dc48cd9a62ec33146058d5a330a3a7db52d5cd0feee9
GET /resized/size16/sfiles/logo_teams/6748c47ecd385b67fcb2be0bce27d14f.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:08 GMT
content-type: image/webp
content-length: 744
cache-control: max-age=94608000
content-disposition: inline; filename="6748c47ecd385b67fcb2be0bce27d14f.webp"
content-security-policy: script-src 'none'
expires: Thu, 06 May 2027 14:51:54 GMT
x-request-id: 874435c7013e9fae97d6900438c66368
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-0edc4be0a75d321042257b42b3a1f428-67908aa505d00fa0-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:51:54+00:00, 2024-05-06T17:12:41+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/634a8f396427a320e008954a4deee110.webp | 185.244.209.62 | | 704 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/634a8f396427a320e008954a4deee110.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hashb2c60e010daeb5022c73cedac802abee af27f4131245113d7e224e43e174954d11cef454 6dc2e9083cffceb4e1fcf53760a85065e86b5d4d2a955ba4d80e6f9a6295a0d5
GET /resized/size16/sfiles/logo_teams/634a8f396427a320e008954a4deee110.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:08 GMT
content-type: image/webp
content-length: 704
cache-control: max-age=94608000
content-disposition: inline; filename="634a8f396427a320e008954a4deee110.webp"
content-security-policy: script-src 'none'
expires: Fri, 30 Apr 2027 19:30:30 GMT
x-request-id: e01c5210ef879f3f0d791c32d1bdd056
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-21fe1e0e85b1034ebe79e22874a4f190-bebeb5e42d73e325-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-30T19:30:30+00:00, 2024-05-06T17:12:41+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/cbecbe9010dbd3fec99029877299477b.webp | 185.244.209.62 | 200 OK | 762 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/cbecbe9010dbd3fec99029877299477b.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash29a5934375877652ba303cbfe1f7f4b8 acfb1d648bd6115fb455edeb01b8c1ce3379ca19 658c11b1154460565bbf58ecc2622735ede8a10f48be54cb86bbb0f4ca7dd96a
GET /resized/size16/sfiles/logo_teams/cbecbe9010dbd3fec99029877299477b.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:08 GMT
content-type: image/webp
content-length: 762
cache-control: max-age=94608000
content-disposition: inline; filename="cbecbe9010dbd3fec99029877299477b.webp"
content-security-policy: script-src 'none'
expires: Wed, 05 May 2027 13:12:59 GMT
x-request-id: 8e8267d642b65508ad6502a9398481f1
x-time-ng: 0.046
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-65db30e76a8518e4c1c794476b9c3ee5-951292d3a72f86e3-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-05T13:12:59+00:00, 2024-05-06T17:12:41+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/0e69bf8bebac4adedd1f144be6a538f0.webp | 185.244.209.62 | | 750 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/0e69bf8bebac4adedd1f144be6a538f0.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hash4f0ae46a6a0cbf6a6e97472fd360efdc 9c9e60b6f431a982a8d6d82eac42bc52cac6c525 c26fcbf7429ee373b50a0b544d7aaff2f0258701e51d7c7c4b38bed8bfee8cc6
GET /resized/size16/sfiles/logo_teams/0e69bf8bebac4adedd1f144be6a538f0.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:08 GMT
content-type: image/webp
content-length: 750
cache-control: max-age=94608000
content-disposition: inline; filename="0e69bf8bebac4adedd1f144be6a538f0.webp"
content-security-policy: script-src 'none'
expires: Mon, 03 May 2027 09:23:43 GMT
x-request-id: c8e65915da54fb15ce85d1cd611688c6
x-time-ng: 0.041
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-ff61106c0db9b7efc9536c2f15c7ff61-95f209020d8a41bc-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-03T09:23:43+00:00, 2024-05-06T17:12:41+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/213669.webp | 185.244.209.62 | | 594 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/213669.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hash4b280a723b3899348f9f38a7d4312e6a 6997a59e77d1666cea937ef05ba278ddb09c3617 e70085d3168d93d87bb5a02afa21b042fdb29aba1d5807024f17eee246a8f41c
GET /resized/size16/sfiles/logo_teams/213669.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:08 GMT
content-type: image/webp
content-length: 594
cache-control: max-age=94608000
content-disposition: inline; filename="213669.webp"
content-security-policy: script-src 'none'
expires: Sat, 01 May 2027 19:17:58 GMT
x-request-id: 7d1487b0a4235815625d90fc99a14c35
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-6dd9b7e5565044d4e7a27dce45e231e0-758f8d1719bc127e-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-01T19:17:58+00:00, 2024-05-06T17:12:41+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/68b8104db45616d6826e752b8d929961.webp | 185.244.209.62 | 200 OK | 642 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/68b8104db45616d6826e752b8d929961.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash169473500278bb6488425119cf054791 177c1509f2c797617223f1512caad44f15ce8d2b c05accdf58478e88884561d94b4728b210e3a36ba5ce2d6ba07925b4fb5a99ac
GET /resized/size16/sfiles/logo_teams/68b8104db45616d6826e752b8d929961.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:08 GMT
content-type: image/webp
content-length: 642
cache-control: max-age=94608000
content-disposition: inline; filename="68b8104db45616d6826e752b8d929961.webp"
content-security-policy: script-src 'none'
expires: Mon, 03 May 2027 13:09:07 GMT
x-request-id: 35c34122da52402bd68e06030b7511a7
x-time-ng: 0.098
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-b93f3bbe4f992b104477ee5f982712e6-6b597143a04002cd-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-03T13:09:07+00:00, 2024-05-06T17:12:41+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/b06450eb6b309d9eaee382578cae741b.webp | 185.244.209.62 | 200 OK | 668 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/b06450eb6b309d9eaee382578cae741b.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash2cba814a708e0ebfe80ba4588350d92f af79365e08c75063017834f2e498e2ac7397ac6f af67d0ffbf735c99f59ea94369eabd6c20c9d29b1009818d5a29baacd18b9c81
GET /resized/size16/sfiles/logo_teams/b06450eb6b309d9eaee382578cae741b.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:08 GMT
content-type: image/webp
content-length: 668
cache-control: max-age=94608000
content-disposition: inline; filename="b06450eb6b309d9eaee382578cae741b.webp"
content-security-policy: script-src 'none'
expires: Sun, 02 May 2027 12:06:57 GMT
x-request-id: eb6c610f70d2035466051ddc3334d310
x-time-ng: 0.060
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-8d830c92cea51483fd73980944cb4d57-8e91f6ee2b633200-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-02T12:06:57+00:00, 2024-05-07T21:10:44+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/d849689ff446994f65ca59a3e711eb29.webp | 185.244.209.62 | 200 OK | 672 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/d849689ff446994f65ca59a3e711eb29.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash80a6bb44b082bcfd5a3ca6e153e6d09c 0d48d724e1445c781166ca6b05cf68590a33e999 fef488ab9eb28ffeb114d6d35a62fced8e1b5190de54ff18186ba64e8b8f6f4f
GET /resized/size16/sfiles/logo_teams/d849689ff446994f65ca59a3e711eb29.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:08 GMT
content-type: image/webp
content-length: 672
cache-control: max-age=94608000
content-disposition: inline; filename="d849689ff446994f65ca59a3e711eb29.webp"
content-security-policy: script-src 'none'
expires: Tue, 04 May 2027 13:58:52 GMT
x-request-id: 694feefb0ed747672ea9c5996381a742
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-9fa7e6efb087abb70862ef7f0966d219-ff39f06380ffbfa9-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-04T13:58:52+00:00, 2024-05-05T21:06:40+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/8ed3d1936b4ecb47369fb3839b9bd7a8.webp | 185.244.209.62 | 200 OK | 586 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/8ed3d1936b4ecb47369fb3839b9bd7a8.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash798057535dd5f5f53d1a1bccb739a253 6c1aa61b76db894a801ecc5958ab2319ecda7581 054e179d97d649e8d2891061f7c3739069b73f13101b3eb5dc0214e6e31a01e4
GET /resized/size16/sfiles/logo_teams/8ed3d1936b4ecb47369fb3839b9bd7a8.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:08 GMT
content-type: image/webp
content-length: 586
cache-control: max-age=94608000
content-disposition: inline; filename="8ed3d1936b4ecb47369fb3839b9bd7a8.webp"
content-security-policy: script-src 'none'
expires: Tue, 04 May 2027 21:55:13 GMT
x-request-id: db4c10d5801f999b73cd304d2f6ac59c
x-time-ng: 0.041
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-750ea3c704433ddb7e0934e914ab5248-adc4c7aba5e8724b-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-04T21:55:13+00:00, 2024-05-06T17:24:47+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/c0ddfb34fab21a579f1cf76b555dcbdd.webp | 185.244.209.62 | | 700 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/c0ddfb34fab21a579f1cf76b555dcbdd.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hash0e537511abdb046f771d3965beec9e04 94b2ba1dd7f9cd096cab21864ec05f4cd3ac32c6 aa81f7ac89fad85159d12719877e9d38c7046f938a9dbd90244cc17917e8c868
GET /resized/size16/sfiles/logo_teams/c0ddfb34fab21a579f1cf76b555dcbdd.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:08 GMT
content-type: image/webp
content-length: 700
cache-control: max-age=94608000
content-disposition: inline; filename="c0ddfb34fab21a579f1cf76b555dcbdd.webp"
content-security-policy: script-src 'none'
expires: Tue, 04 May 2027 17:29:13 GMT
x-request-id: 5ba84854f64af753cef2a10332e999e1
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-72611b18a24e236ebe7bfc33230c012a-f7d5241088ea3e4b-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-04T17:29:13+00:00, 2024-05-06T17:24:47+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true | 178.253.29.51 | 200 OK | 14 kB |
URL GET HTTP/21xlite-461430.top/service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hash7d2352341d5a469d15de3e47ae3295f9 feac7f9cc3a33a6f1b1c9c4fc2a33b1a45470e45 f4f46aef021c0045870bf2be128fcf51d821dfa842ee471d61038afb044c60bd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET; platform_type=desktop; auid=sv0dM2Y7Yf7BbyWAAwM8Ag==; SESSION=75bb5152e29b8089ef1d8c32275dd0df; window_width=1280; _glhf=1715185523; che_g=3f2954ac-c676-fb8c-77a5-3c12a6bd9725; application_locale=en
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:08 GMT
content-type: application/json; charset=utf-8
content-length: 13883
cache-control: public, max-age=5
content-encoding: br
last-modified: Wed, 08 May 2024 11:29:08 GMT
vary: Accept-Encoding
x-time-ng: 0.025
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.033
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/betting.SportsMenuCompact-c2bb372a.js | 185.244.209.62 | 200 OK | 2.3 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/betting.SportsMenuCompact-c2bb372a.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (7751), with no line terminators Hashd1c3350409fced81d3bdaa120774e126 b1d363217e08b0c554387b7ec8e55ca81d1b26e6 ae5f5f10dae7227a4979a2a6288d9078fabd7e3c3907f426f5614d2d84b7c45d
GET /_nuxt/desktop/default/betting.SportsMenuCompact-c2bb372a.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:09 GMT
content-type: application/javascript; charset=utf-8
content-length: 2285
last-modified: Wed, 08 May 2024 10:16:12 GMT
etag: "663b50ec-8ed"
content-encoding: gzip
expires: Thu, 09 May 2024 10:51:55 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-67d38ea260c310b2388124f6cf2ec6c2-720c9b3146e0e2e2-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:51:55+00:00, 2024-05-08T11:23:47+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/ff09be90.css | 185.244.209.62 | | 705 B |
URL v3.traincdn.com/_nuxt/desktop/default/css/ff09be90.css IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeASCII text, with very long lines (4705), with no line terminators Hash2b6cccff5325f6e14ccd6ec354319cd6 f4ec05fc468d3daddec1a3d825c29a55ce4b2050 a153e31a0350b58aad71597632348e14c954738845b58f05ca04b8212dbaca38
GET /_nuxt/desktop/default/css/ff09be90.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:09 GMT
content-type: text/css
content-length: 705
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-2c1"
content-encoding: gzip
expires: Tue, 07 May 2024 14:41:31 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-5d55d816298eec0e884952bf98462954-184c7dbcca0ec4b4-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:41:31+00:00, 2024-05-08T06:59:39+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true | 178.253.29.51 | 200 OK | 2.8 kB |
URL GET HTTP/21xlite-461430.top/service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hashd666a3b9fe401044f0e70616e9eb6009 200cb68437594807ce02de34b91ec038f172eaf6 0a2b78b300cff60529cafeaadb6f17ac829bea8d79c7e905247c45e5419215ca
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET; platform_type=desktop; auid=sv0dM2Y7Yf7BbyWAAwM8Ag==; SESSION=75bb5152e29b8089ef1d8c32275dd0df; window_width=1280; _glhf=1715185523; che_g=3f2954ac-c676-fb8c-77a5-3c12a6bd9725; application_locale=en
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:09 GMT
content-type: application/json; charset=utf-8
content-length: 2840
cache-control: public, max-age=5
content-encoding: br
last-modified: Wed, 08 May 2024 11:29:09 GMT
vary: Accept-Encoding
x-time-ng: 0.013
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.020
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sfiles/games-images/game-previews/190x102/games-no-faceless.webp | 185.244.209.62 | 200 OK | 6.9 kB |
URL GET HTTP/2v3.traincdn.com/sfiles/games-images/game-previews/190x102/games-no-faceless.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 380x204, Scaling: [none]x[none], YUV color, decoders should clamp Hashb7304b532dca88cc708b1c81edf7e051 d9ca9db864badb40bcab6d846ba7110413a339d3 324b9021e7fa1a227b418f5b0707e174d86aa20decea945eab3cea41aac8d2ca
GET /sfiles/games-images/game-previews/190x102/games-no-faceless.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:09 GMT
content-type: application/octet-stream
content-length: 6884
last-modified: Thu, 31 Aug 2023 08:11:01 GMT
etag: "b7304b532dca88cc708b1c81edf7e051"
x-amz-meta-origin-date-iso8601: 2023-08-31T08:04:10.000Z
expires: Tue, 14 Nov 2023 18:21:42 GMT
cache-control: max-age=86400, public
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-55a892f2e6a4262ea481e97236474e44-c1fc9391b057b209-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-17T18:59:15+00:00, 2024-05-08T08:07:14+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sfiles/games-images/game-previews/190x102/game-58.webp | 185.244.209.62 | 200 OK | 8.9 kB |
URL GET HTTP/2v3.traincdn.com/sfiles/games-images/game-previews/190x102/game-58.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 380x204, Scaling: [none]x[none], YUV color, decoders should clamp Hash7a49dad906575c61dd636edbe1201479 d4bf0fbfadca8c6d3a7ec8f3d34d08fced98a21d 0e0cd085244f6272acfa6794d90e32685fa203973e85c62fa96f02cddf7172c6
GET /sfiles/games-images/game-previews/190x102/game-58.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:09 GMT
content-type: application/octet-stream
content-length: 8880
last-modified: Thu, 31 Aug 2023 08:11:00 GMT
etag: "7a49dad906575c61dd636edbe1201479"
x-amz-meta-origin-date-iso8601: 2023-08-31T08:03:42.000Z
expires: Tue, 14 Nov 2023 18:21:44 GMT
cache-control: max-age=86400, public
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-e69959a16158ad410a4dc8c963dbc8f2-48ed1dc6379b5c0a-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-17T19:17:28+00:00, 2024-05-08T08:07:14+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sfiles/games-images/game-previews/190x102/game-371.webp | 185.244.209.62 | | 6.2 kB |
URL v3.traincdn.com/sfiles/games-images/game-previews/190x102/game-371.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 380x204, Scaling: [none]x[none], YUV color, decoders should clamp Hash64ff358fd3a82358542d29d53649dd85 0a15b0731a9468fe49e3b512febe91d951ef6156 a9ae35f930c0bf59e407a0c082347049ae11738d330df4e32f4b2b1129d1470c
GET /sfiles/games-images/game-previews/190x102/game-371.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:09 GMT
content-type: application/octet-stream
content-length: 6158
last-modified: Thu, 31 Aug 2023 08:10:58 GMT
etag: "64ff358fd3a82358542d29d53649dd85"
x-amz-meta-origin-date-iso8601: 2023-08-31T08:04:04.000Z
expires: Tue, 14 Nov 2023 18:22:10 GMT
cache-control: max-age=86400, public
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-adc9bcc1823159fe619eb828aa0a054e-f61875fa87bf4625-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-17T19:17:28+00:00, 2024-05-08T08:07:14+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sfiles/games-images/game-previews/190x102/game-249.webp | 185.244.209.62 | | 20 kB |
URL v3.traincdn.com/sfiles/games-images/game-previews/190x102/game-249.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 380x204, Scaling: [none]x[none], YUV color, decoders should clamp Hash2c02d34e261b48da9db2682ad433c5e8 e6b9618ac0040910f755a6f24dcb2f5500bb9aca d8db064ea1623849ccee86b27bdb7825aa0dc452293576de352f9269af60ecfe
GET /sfiles/games-images/game-previews/190x102/game-249.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:09 GMT
content-type: application/octet-stream
content-length: 19770
last-modified: Thu, 31 Aug 2023 08:10:56 GMT
etag: "2c02d34e261b48da9db2682ad433c5e8"
x-amz-meta-origin-date-iso8601: 2023-08-31T08:04:00.000Z
expires: Tue, 14 Nov 2023 18:22:10 GMT
cache-control: max-age=86400, public
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-cf1813e4fcb5c82bef408ff6ddd202f5-3db8fded39422258-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-17T19:17:28+00:00, 2024-05-08T08:07:14+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sfiles/games-images/game-previews/190x102/game-69.webp | 185.244.209.62 | 200 OK | 4.3 kB |
URL GET HTTP/2v3.traincdn.com/sfiles/games-images/game-previews/190x102/game-69.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 380x204, Scaling: [none]x[none], YUV color, decoders should clamp Hash8c2b80027d3818f6bc91227418589ee6 c6d3c4595860bd3d685e4ddea5d4610a6f642a9b cec387d33e94b8222d71031dbda50143a7ea2e1470d2c96c9e147aa4c4a43960
GET /sfiles/games-images/game-previews/190x102/game-69.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:09 GMT
content-type: application/octet-stream
content-length: 4256
last-modified: Thu, 31 Aug 2023 08:11:01 GMT
etag: "8c2b80027d3818f6bc91227418589ee6"
x-amz-meta-origin-date-iso8601: 2023-08-31T08:03:42.000Z
expires: Tue, 14 Nov 2023 18:22:10 GMT
cache-control: max-age=86400, public
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-5792651e9a5434f6bd512d5208e0ba48-501a6d3b0f1d69a8-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-17T19:23:21+00:00, 2024-05-07T12:30:21+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/service-api/LineFeed/GetGameZip?id=528030908&lng=en&GroupEvents=true&countevents=50&grMode=4&marketType=1 | 178.253.29.51 | 200 OK | 1.3 kB |
URL GET HTTP/21xlite-461430.top/service-api/LineFeed/GetGameZip?id=528030908&lng=en&GroupEvents=true&countevents=50&grMode=4&marketType=1 IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hashb329572f0e7d6dd71b7935413ccbe3bb 875e367554414af3a68639d286e13c54854b8e48 7b65274e8fd904df54f027df6e98b255182f174658cf30759e7a7676b097b5a5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LineFeed/GetGameZip?id=528030908&lng=en&GroupEvents=true&countevents=50&grMode=4&marketType=1 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET; platform_type=desktop; auid=sv0dM2Y7Yf7BbyWAAwM8Ag==; SESSION=75bb5152e29b8089ef1d8c32275dd0df; window_width=1280; _glhf=1715185523; che_g=3f2954ac-c676-fb8c-77a5-3c12a6bd9725; application_locale=en; sh.session.id=1184b48b-8c28-48ce-a06d-1956db3095c1; ggru=139
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:10 GMT
content-type: application/json; charset=utf-8
content-length: 1323
cache-control: public, max-age=5
content-encoding: br
last-modified: Wed, 08 May 2024 11:29:10 GMT
vary: Accept-Encoding
x-time-ng: 0.011
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.018
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/web-api/default/img/icons/pixels2.svg?v=1715167749 | 178.253.29.51 | | 40 kB |
URL 1xlite-461430.top/web-api/default/img/icons/pixels2.svg?v=1715167749 IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
File typePNG image data, 1 x 1, 8-bit/color RGB, non-interlaced Hash9108af9a305b5ecfe8f0934350dd4ec4 d284b357db304381a237e7f070dca1b261fc48a2 85c53d4046ec88d746368c52747cd0bd0a2a8bd319b4d293cc1807cd6b56dc65
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /web-api/default/img/icons/pixels2.svg?v=1715167749 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET; platform_type=desktop; auid=sv0dM2Y7Yf7BbyWAAwM8Ag==; SESSION=75bb5152e29b8089ef1d8c32275dd0df; window_width=1280; _glhf=1715185523; che_g=3f2954ac-c676-fb8c-77a5-3c12a6bd9725; application_locale=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:09 GMT
content-type: image/png
cache-control: no-cache, private
server-timing: p;dur=14, dt_total;dur=21.558, wf-uht;dur=0.030
traceparent: 00-16c8ab5081312d3eab5fb4dd6ebd4e03-6ff807522274d705-01
x-dt: 285
x-time-ng: 0.017
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| widget.suphelper.top/services/widget/v2/most-required?projectId=5b61b42ffdf00b25dc78f342&credentials=%7B%22$type%22:%22GuestCredentials%22,%22id%22:%221184b48b-8c28-48ce-a06d-1956db3095c1%22%7D | 104.18.39.72 | | 9.8 kB |
URL widget.suphelper.top/services/widget/v2/most-required?projectId=5b61b42ffdf00b25dc78f342&credentials=%7B%22$type%22:%22GuestCredentials%22,%22id%22:%221184b48b-8c28-48ce-a06d-1956db3095c1%22%7D IP104.18.39.72:0
CertificateIssuerGoogle Trust Services LLC Subjectsuphelper.top Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36 ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT
File typegzip compressed data, from Unix Hash34e6951c845f9f31fc6d00e1c71b6e24 694f69ce394a804e5039b5c924d5c79f1bfe5559 c9147965da01ed1a734f84e20abdea69a4d17f28556c0a710106e881eccc711a
GET /services/widget/v2/most-required?projectId=5b61b42ffdf00b25dc78f342&credentials=%7B%22$type%22:%22GuestCredentials%22,%22id%22:%221184b48b-8c28-48ce-a06d-1956db3095c1%22%7D HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 11:29:11 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 88091c4e9befb512-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size14/sfiles/logo_teams/d5ce8e9c8195163d5482bc5d410d339b.webp | 185.244.209.62 | | 762 B |
URL v3.traincdn.com/resized/size14/sfiles/logo_teams/d5ce8e9c8195163d5482bc5d410d339b.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hash9d6b03368e725e54a95d201611056789 47edc29385639eccf05387218438f9f85aa0b6c3 f024f7a74697344eed118a8ac109b05c44d9a371c910aff6de2cbce3a46ada4f
GET /resized/size14/sfiles/logo_teams/d5ce8e9c8195163d5482bc5d410d339b.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:12 GMT
content-type: image/webp
content-length: 762
cache-control: max-age=94608000
content-disposition: inline; filename="d5ce8e9c8195163d5482bc5d410d339b.webp"
content-security-policy: script-src 'none'
expires: Thu, 06 May 2027 23:08:37 GMT
x-request-id: d6e8d6a53aac689001795398cdb77bbb
x-time-ng: 0.072
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-8e21deb59f68f655e533d056457edb58-e5d9c37e0fa9b647-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T23:08:37+00:00, 2024-05-08T08:18:41+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size14/sfiles/logo_teams/4c2fef5fba760e596ea82ed56e5dc94f.webp | 185.244.209.62 | 200 OK | 732 B |
URL GET HTTP/2v3.traincdn.com/resized/size14/sfiles/logo_teams/4c2fef5fba760e596ea82ed56e5dc94f.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashfb977d97931f63c574e33d8fe455d662 f43abf8b05cf207c4f8dc9568eb0fea9acd08903 ce7ce2b0aff48c3f5d2bc3c917455e9739cc42a75de1e2a2a90579d578c87d59
GET /resized/size14/sfiles/logo_teams/4c2fef5fba760e596ea82ed56e5dc94f.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:12 GMT
content-type: image/webp
content-length: 732
cache-control: max-age=94608000
content-disposition: inline; filename="4c2fef5fba760e596ea82ed56e5dc94f.webp"
content-security-policy: script-src 'none'
expires: Thu, 06 May 2027 23:08:37 GMT
x-request-id: fb817b9acf299c193818435b1baff516
x-time-ng: 0.064
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-baccbe3e4cba2c36a43469577b87bd21-62207ef2fc3c691f-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T23:08:37+00:00, 2024-05-08T08:18:41+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/web-api/api/web/v1/config/actualDomain | 178.253.29.51 | | 169 kB |
URL 1xlite-461430.top/web-api/api/web/v1/config/actualDomain IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Size169 kB (168628 bytes) Hashe90508cca101d9cb990de4c1ac272162 f2eff8d50f5d46fb966acd5ce6eae0e6928698f5 11d2a39f89bd0f2c2d4bce0007c223e73a00e54ac7423b3eff9ceec40b477e99
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /web-api/api/web/v1/config/actualDomain HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET; postback_watcher=; platform_type=desktop; auid=sv0dM2Y7Yf7BbyWAAwM8Ag==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:05 GMT
content-type: application/vnd.api+json
vary: Accept-Encoding
cache-control: no-cache, private
server-timing: p;dur=52, dt_total;dur=53.752, wf-uht;dur=0.064
set-cookie: SESSION=75bb5152e29b8089ef1d8c32275dd0df; path=/; secure; HttpOnly; SameSite=Lax
ua=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
traceparent: 00-7f4472af6b79ba8f56b8fc664c3c2205-2217705a51e74fef-01
x-dt: 285
x-time-ng: 0.053
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| widget.suphelper.top/_next/static/chunks/pages/_app-9c47c295eecaa68a.js | 104.18.39.72 | 200 OK | 281 kB |
URL GET HTTP/2widget.suphelper.top/_next/static/chunks/pages/_app-9c47c295eecaa68a.js IP104.18.39.72:443
Requested byhttps://widget.suphelper.top/ CertificateIssuerGoogle Trust Services LLC Subjectsuphelper.top Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36 ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT
File typegzip compressed data, from Unix Size281 kB (280895 bytes) Hash796281d404915c4537e07d59e0bd48e5 fc27ecdf66b7791e5242e94b9a1740486f48f015 3f4672dfbf7e1ce55e85e8df6a1a4c12e567ee75a9c8f1917890800cd91d5950
GET /_next/static/chunks/pages/_app-9c47c295eecaa68a.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 11:29:09 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Thu, 02 May 2024 07:01:48 GMT
etag: W/"f8027-18f381bf92a"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 534099
expires: Thu, 08 May 2025 11:29:09 GMT
server: cloudflare
cf-ray: 88091c43dec9b512-OSL
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/196bbf26a1e9c87d8930c734b9c40489.webp | 185.244.209.62 | 200 OK | 702 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/196bbf26a1e9c87d8930c734b9c40489.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash19a25991d57f8947d8b62b83dbd03ea2 142f7408d30090d780bdd2b797a52b41c851c49c 494109a57f3c6c7dad66de5e2bd304b8a056680169345b11b8f7192e6f8ff718
GET /resized/size16/sfiles/logo_teams/196bbf26a1e9c87d8930c734b9c40489.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:13 GMT
content-type: image/webp
content-length: 702
cache-control: max-age=94608000
content-disposition: inline; filename="196bbf26a1e9c87d8930c734b9c40489.webp"
content-security-policy: script-src 'none'
expires: Wed, 05 May 2027 08:52:57 GMT
x-request-id: df94f68ee516adb6c55ef47551a4e7cf
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-c909089c9fc6de5da8173420996a0ecb-b7db6537a66c33e0-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-05T08:52:57+00:00, 2024-05-06T00:58:19+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/7700.webp | 185.244.209.62 | | 584 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/7700.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hash3a6ec77e2056e5d3842bad87f3bc03ff 6872ee77021b0106421486fc69a612f5964ac9cf 4997ca8dd5058d5c84205b368bfb82401332f843b594032a4aea622ddaee5c8d
GET /resized/size16/sfiles/logo_teams/7700.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:13 GMT
content-type: image/webp
content-length: 584
cache-control: max-age=94608000
content-disposition: inline; filename="7700.webp"
content-security-policy: script-src 'none'
expires: Fri, 07 May 2027 07:56:39 GMT
x-request-id: 8a0fa1e621566b5e1af4ba98fa82b1e1
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-fd7efedc82bc1781b3c0880b36483813-3bf9cca974b35a0d-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T07:56:39+00:00, 2024-05-07T09:02:12+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/betstemplates/bets_model_short_en_0.json | 185.244.209.62 | | 44 kB |
URL v3.traincdn.com/genfiles/cms/betstemplates/bets_model_short_en_0.json IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typegzip compressed data, max speed, from Unix Hash0c23192790987f7565b39feec78eadd5 e4b8f5da3a2eed263f4e1e93a917708c54be7912 6ba4706d9a5354c60c70232fc71d6038c4a60e59d81a749ff5ad5f737a2e9da0
GET /genfiles/cms/betstemplates/bets_model_short_en_0.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:12 GMT
content-type: application/json
last-modified: Thu, 02 May 2024 09:18:51 GMT
etag: W/"d3e39abc76f19e176765d21ac9e70c5c"
content-encoding: gzip
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-9686d425d06106de4aa69444d6bcb769-079c947bb995b1a8-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-02T10:49:13+00:00, 2024-05-08T11:02:17+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/shared-assets/__shared_chunk_M4D4AAJL.js | 185.244.209.62 | 200 OK | 48 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/shared-assets/__shared_chunk_M4D4AAJL.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Hash9811003d8fd49ca011c77f16493d1601 107e2902703ba862ab3f15b39e66f5dcb96978aa 1642fb1967c508732b7bbc58c21250c5839159f0e6412d4032b0202ad5a68ee1
GET /sys-static/shared-assets/__shared_chunk_M4D4AAJL.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:12 GMT
content-type: text/javascript; charset=utf-8
last-modified: Mon, 06 May 2024 13:05:33 GMT
etag: W/"51ddc52774f4e5bd6a6f1c22e9d19674"
x-amz-meta-mtime: 1715000580.87646382
content-encoding: gzip
expires: Wed, 08 May 2024 12:42:07 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-8e8c747e98d11c6e5543eda58f2c46f6-0bd0748fb7abd498-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T12:42:07+00:00, 2024-05-07T12:51:04+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/41c27c51cb3a7155a9b6d8a101e4e0d8.webp | 185.244.209.62 | | 648 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/41c27c51cb3a7155a9b6d8a101e4e0d8.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hash86c46fc947383c68f3516282b24b13aa eda11e8c34f5fd6d123e37eb4841c82d6bd40ad3 113fe3c57dedf0b941c38a0cc46fd5cf032a411463d05860f14c61a6ab2aa508
GET /resized/size16/sfiles/logo_teams/41c27c51cb3a7155a9b6d8a101e4e0d8.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:13 GMT
content-type: image/webp
content-length: 648
cache-control: max-age=94608000
content-disposition: inline; filename="41c27c51cb3a7155a9b6d8a101e4e0d8.webp"
content-security-policy: script-src 'none'
expires: Fri, 07 May 2027 23:16:44 GMT
x-request-id: bd524379058e347b4f7fadee36d4e10f
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-95793a6f0ed0816509c7e0560094af74-2a797a31d10440b3-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T23:16:44+00:00, 2024-05-08T07:13:54+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| widget.suphelper.top/_next/static/chunks/0c294a17-329dda05de2a378d.js | 104.18.39.72 | | 2.3 kB |
URL widget.suphelper.top/_next/static/chunks/0c294a17-329dda05de2a378d.js IP104.18.39.72:0
CertificateIssuerGoogle Trust Services LLC Subjectsuphelper.top Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36 ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT
File typegzip compressed data, from Unix Hash4394167819e3c1768cf85b59efce9a2a 667088461d4363ae808178738de7f0e1c3fa7b39 bb576abbdb4856f02d3367919a850ce1502cc24c715ae18490e9d3b0ddfc31d3
GET /_next/static/chunks/0c294a17-329dda05de2a378d.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 11:29:09 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Wed, 17 Jan 2024 06:19:55 GMT
etag: W/"2925-18d161388b8"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 669675
expires: Thu, 08 May 2025 11:29:09 GMT
server: cloudflare
cf-ray: 88091c43eed7b512-OSL
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/cf7816bb4c83f58506c8d9c50baee4f0.webp | 185.244.209.62 | | 760 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/cf7816bb4c83f58506c8d9c50baee4f0.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hash60e2acda94fecd34e51aaaf7df403ce4 d3b78a2787fadb97743f98d4f32be1254dc629cb b0aa9a52e5d1fe1c63149726370d7f37fe7cbf1dd07db3ae07a4c89ec0665457
GET /resized/size16/sfiles/logo_teams/cf7816bb4c83f58506c8d9c50baee4f0.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:13 GMT
content-type: image/webp
content-length: 760
cache-control: max-age=94608000
content-disposition: inline; filename="cf7816bb4c83f58506c8d9c50baee4f0.webp"
content-security-policy: script-src 'none'
expires: Sat, 08 May 2027 10:53:16 GMT
x-request-id: 5043eb06ac1340d409ded9fa7ea7cdf0
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-2e0342a758076a487bbafeffc885b45d-ea0223d5bc6ec38a-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:53:16+00:00, 2024-05-08T10:53:19+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/shared-assets/__shared_localforage_PLMWICWN.js | 185.244.209.62 | 200 OK | 12 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/shared-assets/__shared_localforage_PLMWICWN.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Hashcf6d39cdf860b35603fced7f9e536249 e90f2a16a1eb6a60f08f0c12bf6b18e7e84f2f7e 7f816afb7eda419ca0a9f46fb23974d8163ba6fb65a5b8851a870215eff1ccae
GET /sys-static/shared-assets/__shared_localforage_PLMWICWN.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:12 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 07 May 2024 09:11:40 GMT
etag: W/"dfa127e93d125d4f6c566203eaf225f2"
x-amz-meta-mtime: 1715072814.257664589
content-encoding: gzip
expires: Wed, 08 May 2024 15:18:12 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-23221b7c7d32215736a98a827a57073d-12b6bd45e3e24800-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T15:18:12+00:00, 2024-05-07T16:01:01+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/d5ce8e9c8195163d5482bc5d410d339b.webp | 185.244.209.62 | 200 OK | 790 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/d5ce8e9c8195163d5482bc5d410d339b.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hasha4ef1f6ef0f93dcf542168b32b8a759c ccc06543a78d1c8bef9efc41dacb727c70c01979 a712a65fc881e7de50d7c52d1522c21d9cc447c87e62fe86dae2d4a33771cf7c
GET /resized/size16/sfiles/logo_teams/d5ce8e9c8195163d5482bc5d410d339b.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:13 GMT
content-type: image/webp
content-length: 790
cache-control: max-age=94608000
content-disposition: inline; filename="d5ce8e9c8195163d5482bc5d410d339b.webp"
content-security-policy: script-src 'none'
expires: Thu, 06 May 2027 23:08:29 GMT
x-request-id: bf5962e93b8dcbbda5cfc980d4551bd4
x-time-ng: 0.044
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-226c1fed3e1983f21c6a24d94e56d223-0f02d434bc3474a1-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T23:08:29+00:00, 2024-05-07T08:47:29+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/shared-assets/__shared_popper_js_MO5RLEN3.js | 185.244.209.62 | 200 OK | 9.2 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/shared-assets/__shared_popper_js_MO5RLEN3.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Hashf05338deb404fa7c4d604f286957a32f 7f53805b65ceaf56a0119d37143dc553aad8fa72 269e9ce4bd4317ecba1e62ed7eb83f5cd7250253a1a0bb155c910f37dc74049f
GET /sys-static/shared-assets/__shared_popper_js_MO5RLEN3.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:12 GMT
content-type: text/javascript; charset=utf-8
last-modified: Mon, 06 May 2024 14:40:26 GMT
etag: W/"598d5481ac96b9bf8013b0eb1413b8e5"
x-amz-meta-mtime: 1715006282.054749806
content-encoding: gzip
expires: Tue, 07 May 2024 15:32:23 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-a939fed514746b80ce5c766407bd39f8-0a8b3a743c16e9e7-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T15:32:23+00:00, 2024-05-07T12:56:57+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sfiles/logo-champ/edda3e1315e9cff9c80fd176f315e5ad.webp | 185.244.209.62 | 200 OK | 1.9 kB |
URL GET HTTP/2v3.traincdn.com/sfiles/logo-champ/edda3e1315e9cff9c80fd176f315e5ad.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash9735a7fc47de4c3ed66e92c7a93c994f cc1af9f3285aa6ff0ade91f34ddbc182ae652d4e 25505041f5f9c540255de99cde94d5fe1fd9aed66e1af2e22153d4a26b06e0f8
GET /sfiles/logo-champ/edda3e1315e9cff9c80fd176f315e5ad.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:13 GMT
content-type: image/webp
content-length: 1852
last-modified: Sat, 05 Aug 2023 05:42:59 GMT
etag: "9735a7fc47de4c3ed66e92c7a93c994f"
cache-control: public, max-age=86400, public
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-6ff93d189425c5a7a018d9be6aa5f5ac-4144d2c38a89a22a-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T01:01:02+00:00, 2024-05-08T06:38:03+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/44203.webp | 185.244.209.62 | | 808 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/44203.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hash2634fcccd66340e3167dffe6d5a7ace3 d524169cc6d92040247435963241ef4b68c23328 2e848e45e2e1d8a3fd09843ba3228367df9194f41a0aca35e2beb4e8f3945e42
GET /resized/size16/sfiles/logo_teams/44203.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:13 GMT
content-type: image/webp
content-length: 808
cache-control: max-age=94608000
content-disposition: inline; filename="44203.webp"
content-security-policy: script-src 'none'
expires: Sat, 08 May 2027 11:25:56 GMT
x-request-id: cf3d6189134722b32ce16ae69990edb1
x-time-ng: 0.030
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-36d6ec3338ec127d94e10c806e0ed2ad-e21c685015b55b88-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T11:25:56+00:00, 2024-05-08T11:25:57+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/83bc963c6c697e4cfd2cc83160911e2d.webp | 185.244.209.62 | | 846 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/83bc963c6c697e4cfd2cc83160911e2d.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hash8ce4fe319b9e214eb46c0d1a4ba5cec4 b985d8747e445397ed973d9cb0dc193ec31a7b61 7a08fad546714533a7cf5fa584fe6b7793ebeaf41ec60a2b19106c2f788c2736
GET /resized/size16/sfiles/logo_teams/83bc963c6c697e4cfd2cc83160911e2d.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:13 GMT
content-type: image/webp
content-length: 846
cache-control: max-age=94608000
content-disposition: inline; filename="83bc963c6c697e4cfd2cc83160911e2d.webp"
content-security-policy: script-src 'none'
expires: Sat, 08 May 2027 11:25:56 GMT
x-request-id: d102b73bfa65bee3d3a681cd00e928e6
x-time-ng: 0.027
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-9b1987965e3c97051327616c740010b8-6733630efeaa98ad-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T11:25:56+00:00, 2024-05-08T11:25:57+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/342239.webp | 185.244.209.62 | 200 OK | 780 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/342239.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashc236bf6fc52a0582119c4faa070fe322 6da11699e105df6b09e2be54e80ba30a57d00932 c34f7829af108861355d7ae966f0e6c22b58fcb9cfeac9c3500625b796f28999
GET /resized/size16/sfiles/logo_teams/342239.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:13 GMT
content-type: image/webp
content-length: 780
cache-control: max-age=94608000
content-disposition: inline; filename="342239.webp"
content-security-policy: script-src 'none'
expires: Sat, 08 May 2027 10:55:10 GMT
x-request-id: f0d408fc6dc98ed024e4a97c60ba2b50
x-time-ng: 0.053
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-1013278178f3915aef842cad7cc4d044-4d3ff6856b3c2405-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:55:10+00:00, 2024-05-08T10:55:15+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/0100985e9db69885def7dba88a923d76.webp | 185.244.209.62 | 200 OK | 790 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/0100985e9db69885def7dba88a923d76.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash6d798552f7ef2d89501d07351708e5a0 4fd0f802dd3d172b044d79d6b0e35d95888a0ee1 59bd9ad9ea3fb46a0d269c1961cc5c936fc374bcc7288d9a13f5f42581935986
GET /resized/size16/sfiles/logo_teams/0100985e9db69885def7dba88a923d76.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:13 GMT
content-type: image/webp
content-length: 790
cache-control: max-age=94608000
content-disposition: inline; filename="0100985e9db69885def7dba88a923d76.webp"
content-security-policy: script-src 'none'
expires: Sat, 08 May 2027 10:55:10 GMT
x-request-id: 4cc154bf47728fdee8ed2172de7a0e44
x-time-ng: 0.039
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-e58bf2348983f36cb78daf37c26a808c-a7a4c62b6bdd7b0c-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:55:10+00:00, 2024-05-08T10:55:15+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/8b70996be2929c8e1318dab9180069ae.webp | 185.244.209.62 | 200 OK | 694 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/8b70996be2929c8e1318dab9180069ae.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashe787ec1e862444e882a3450fa872b8dc 5c011383027e28ca5eba3d274d6de2fd170c6116 4a7bb99f436ef4b90c29923adc882f2ae1dfa73c689af72b5186f162ed5ac754
GET /resized/size16/sfiles/logo_teams/8b70996be2929c8e1318dab9180069ae.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:13 GMT
content-type: image/webp
content-length: 694
cache-control: max-age=94608000
content-disposition: inline; filename="8b70996be2929c8e1318dab9180069ae.webp"
content-security-policy: script-src 'none'
expires: Thu, 06 May 2027 02:39:12 GMT
x-request-id: 909373f073710a884b598e18d077306c
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-54f12bc0bb600ae9f1a320ff747b04a8-d4e3295509868c2f-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T02:39:12+00:00, 2024-05-06T17:24:47+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/e1758487e87ced2c361c5ffa4c9a95ce.webp | 185.244.209.62 | 200 OK | 736 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/e1758487e87ced2c361c5ffa4c9a95ce.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashc18db3e7249ed67813218375049466d5 f41679ef10f6a9bfb5f79b6655899110fc44b4cf 474198d51a6ab58f52b784ce06631e3b0f86f0507eafb22dbfad090687ddd5de
GET /resized/size16/sfiles/logo_teams/e1758487e87ced2c361c5ffa4c9a95ce.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:13 GMT
content-type: image/webp
content-length: 736
cache-control: max-age=94608000
content-disposition: inline; filename="e1758487e87ced2c361c5ffa4c9a95ce.webp"
content-security-policy: script-src 'none'
expires: Mon, 26 Apr 2027 01:42:51 GMT
x-request-id: 3832064e1f44d85c74f2c027c0819bcc
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-6fd18f2f007820fc224cca7c919f3438-f34ce45230b9ab5d-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-26T01:42:51+00:00, 2024-05-06T17:24:47+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/827399.webp | 185.244.209.62 | 200 OK | 600 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/827399.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashd55651b1fc3976c7e9b429427b7dbecf fbb2885974d2ef65f5e98a0a196d10ad74b02f0a 4a3ae800f54c9f080ef38c356eb0b1c4e63d51699e5be8719ac32f8037c7dd01
GET /resized/size16/sfiles/logo_teams/827399.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:13 GMT
content-type: image/webp
content-length: 600
cache-control: max-age=94608000
content-disposition: inline; filename="827399.webp"
content-security-policy: script-src 'none'
expires: Wed, 28 Apr 2027 23:34:43 GMT
x-request-id: e572968bc6b0f57aa978deab58a4cb36
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-f222cee8a9ea5c3d9155f21ddcde6aa8-743fefbd217aa89f-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-28T23:34:43+00:00, 2024-05-06T15:43:29+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/406306fb89b6505b129d03d2b9b3bc81.webp | 185.244.209.62 | 200 OK | 564 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/406306fb89b6505b129d03d2b9b3bc81.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash11a9cc4fe3cb529f1c7bb458becafcf6 46d94dba4fb6fd0d5e1210ef09b81a265ac197f5 c25d17982c2e3d7fddb67c9304eef019e3f6c2f1488f10ec43ec73ba32d12ce4
GET /resized/size16/sfiles/logo_teams/406306fb89b6505b129d03d2b9b3bc81.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:13 GMT
content-type: image/webp
content-length: 564
cache-control: max-age=94608000
content-disposition: inline; filename="406306fb89b6505b129d03d2b9b3bc81.webp"
content-security-policy: script-src 'none'
expires: Thu, 06 May 2027 14:42:13 GMT
x-request-id: 94cf03601e2abb7e43e6c8fe24234ccd
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-22544f26b596bdc8c6f0e99f610349f7-dde774d2ddb14458-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:42:13+00:00, 2024-05-06T15:43:29+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/943ea001815129bb12bb5ffc849fc5ff.webp | 185.244.209.62 | | 768 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/943ea001815129bb12bb5ffc849fc5ff.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hash8e2cd1afde4c676b2b12fbaa3d632f0b 849f4db4cbcff8e03f1c22652d0ebc1ab9782564 81f2a0b371f518e5ac1e28c4e8e3a883e7e9dfd1a1f22a779b9e7347cae749ae
GET /resized/size16/sfiles/logo_teams/943ea001815129bb12bb5ffc849fc5ff.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:13 GMT
content-type: image/webp
content-length: 768
cache-control: max-age=94608000
content-disposition: inline; filename="943ea001815129bb12bb5ffc849fc5ff.webp"
content-security-policy: script-src 'none'
expires: Tue, 04 May 2027 04:08:25 GMT
x-request-id: 2289ec25a5da7ed76bc4638b55792264
x-time-ng: 0.059
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-3ad9dde179d6497c713433ba2515aca3-30629d9d39d928e5-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-04T04:08:25+00:00, 2024-05-07T21:01:18+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/552728512b12a6de4c9b95c2eecbd4df.webp | 185.244.209.62 | | 594 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/552728512b12a6de4c9b95c2eecbd4df.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hashc268049cb8c39d286ef0669c40963faa 75c1c7c8230d41e73fbe4a70d4b19e56e53fb6e3 1c1ed27f81d714787075bcdc0e9a3f846515c14aade36b267fcabdebf63dbcee
GET /resized/size16/sfiles/logo_teams/552728512b12a6de4c9b95c2eecbd4df.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:13 GMT
content-type: image/webp
content-length: 594
cache-control: max-age=94608000
content-disposition: inline; filename="552728512b12a6de4c9b95c2eecbd4df.webp"
content-security-policy: script-src 'none'
expires: Sun, 25 Apr 2027 16:50:28 GMT
x-request-id: c76652afd8902e83ef4e8367af27fdcc
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-71083514112dc1d79da2d080b681285f-a8f53f346383162d-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T16:50:28+00:00, 2024-05-06T16:08:08+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/e5eb737e.css | 185.244.209.62 | | 1.1 kB |
URL v3.traincdn.com/_nuxt/desktop/default/css/e5eb737e.css IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeASCII text, with very long lines (5171), with no line terminators Hash5d231bea9b7df6bc1e9e74e3c0a231e1 2ef607f0c766fff1b4b1e90a2d98e7094c81721e c43fd428fe6e9d25ddf385a1cf03891194126ebf9e83d086af655272e815445b
GET /_nuxt/desktop/default/css/e5eb737e.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:14 GMT
content-type: text/css
content-length: 1050
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-41a"
content-encoding: gzip
expires: Wed, 08 May 2024 08:09:31 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-94006dc4c5bad3f36aa5aeb174f1f96c-61519e4b4b8de25a-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T08:09:31+00:00, 2024-05-07T12:50:10+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/shared-assets/__shared_sweetalert2_X3CQ7PJQ.js | 185.244.209.62 | | 30 kB |
URL v3.traincdn.com/sys-static/shared-assets/__shared_sweetalert2_X3CQ7PJQ.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, ASCII text, with very long lines (32238) Hash99feb681ee2726e51ee9a187bb69efed 8b4a1f3c15a72ab2325a38ecbbd8c7144a1e1bd2 d24bdb5265c18925c074790afad8391dd7ff422a12dd23b2d34e835698ba1013
GET /sys-static/shared-assets/__shared_sweetalert2_X3CQ7PJQ.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:12 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 07 May 2024 09:11:40 GMT
etag: W/"138de5d55ee831195dd90bbf5c557926"
x-amz-meta-mtime: 1715072814.261664647
content-encoding: gzip
expires: Wed, 08 May 2024 15:18:14 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-bc5363a219079f067d4ad6e56d5fce12-9ad6b7475c175c64-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T15:18:14+00:00, 2024-05-07T15:56:16+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-icons/1.0.334/285/country.svg | 185.244.209.62 | | 73 kB |
URL v3.traincdn.com/sys-icons/1.0.334/285/country.svg IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typegzip compressed data, max speed, from Unix Hash1c6f2396853f6494f713d6e6e3ecb4d6 a17c07dd920088ddfd698afa9c1ba93ed0ed2eb1 b864cb7b23c56b140b6106debe87f379749795e80e053daa0b33fcf34217c02f
GET /sys-icons/1.0.334/285/country.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:13 GMT
content-type: image/svg+xml
last-modified: Tue, 16 Apr 2024 12:55:56 GMT
etag: W/"60caf0d666af828706b3d83c428a31e4"
x-amz-meta-mtime: 1713272153.420902787
content-encoding: gzip
expires: Thu, 09 May 2024 10:51:28 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-0c4a8c2bfa082194eb5db18a1164a6b9-4b85a96b0bdb2401-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:51:28+00:00, 2024-05-08T10:54:37+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/web-api/mobile | 178.253.29.51 | 200 OK | 4.5 kB |
URL POST HTTP/21xlite-461430.top/web-api/mobile IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hashcd82003fa7000d09ebe08cd2ed06cff5 e324056afa0910e32e4a321403b35ef3bd735092 8d6f73bc0cfd207d3549191e9c0fb669e6f4dbdb0816a9c2e6ef84f29cf340a8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /web-api/mobile HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET
content-type: application/json
x-requested-with: XMLHttpRequest
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET; platform_type=desktop; auid=sv0dM2Y7Yf7BbyWAAwM8Ag==; SESSION=75bb5152e29b8089ef1d8c32275dd0df; window_width=1280; _glhf=1715185523; che_g=3f2954ac-c676-fb8c-77a5-3c12a6bd9725; application_locale=en; sh.session.id=1184b48b-8c28-48ce-a06d-1956db3095c1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:09 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: br
server-timing: p;dur=19, dt_total;dur=32.428, wf-uht;dur=0.040
traceparent: 00-e1c236a6e14b82a8cfc716c5013dde1f-c154c6324ce10647-01
vary: Accept-Encoding
x-dt: 285
x-time-ng: 0.024
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/entry-5a8fe517.js | 185.244.209.62 | 200 OK | 704 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/entry-5a8fe517.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size704 kB (704049 bytes) Hash0d38c5af85509fb3a865ab3c5282960e f10bff67e5ea54c17e10a77eefdc6cb90277eac6 9e78a3542fd9db999e5b298a799b089f672903cbb23a0fe556a468eabdd214cd
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/entry-5a8fe517.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:11 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 08 May 2024 10:11:59 GMT
etag: W/"0d38c5af85509fb3a865ab3c5282960e"
x-amz-meta-mtime: 1715162852.716948018
content-encoding: gzip
expires: Thu, 09 May 2024 10:43:24 GMT
cache-control: max-age=86400
x-time-ng: 0.003
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-1e244ba60e4ce4436af044aa3a37b6dd-e8e7963e741f7a12-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:43:24+00:00, 2024-05-08T10:48:37+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/3016f30da818.js | 185.244.209.62 | 200 OK | 504 B |
URL GET HTTP/2v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/3016f30da818.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJava source, ASCII text, with very long lines (503) Hashe3d07e6f66159328ab36432621f76bb1 a6904f34c980d0670c78ca33d3af1d42c9f80332 3165b04b3f1b881e9ce209f0a2ccee985c00ed98db43e9cb6af5d530438b7d1b
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/3016f30da818.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:15 GMT
content-type: text/javascript; charset=utf-8
content-length: 504
last-modified: Wed, 08 May 2024 10:11:58 GMT
etag: "e3d07e6f66159328ab36432621f76bb1"
x-amz-meta-mtime: 1715162852.704948141
expires: Thu, 09 May 2024 10:43:25 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-b2ac6e09bd2a836d92c9be5b26485990-a4251d243b8bfea3-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:43:25+00:00, 2024-05-08T11:09:30+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/fba16e275a7f.css | 185.244.209.62 | | 1.8 kB |
URL v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/fba16e275a7f.css IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typegzip compressed data, max speed, from Unix Hash7bea7c5df0a56fb2de9fd14779fbd572 8754b2efddcc9e2a526efcd590f6d12b452df85a e702dcb4a79ae91bf320d7121215350359d8407dd6ef2644597db2ba6cd7a8c0
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/fba16e275a7f.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:15 GMT
content-type: text/css; charset=utf-8
last-modified: Wed, 08 May 2024 10:11:59 GMT
etag: W/"09cc238307fce08863e8f51282885df9"
x-amz-meta-mtime: 1715162852.720947977
content-encoding: gzip
expires: Thu, 09 May 2024 10:43:41 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-fe8d978e2bca4dd6c4aeed2ae3a21303-5ae761a1f6f20e80-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:43:41+00:00, 2024-05-08T10:48:40+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| widget.suphelper.top/_next/static/chunks/663-81a4add2f1c95639.js | 104.18.39.72 | 200 OK | 108 kB |
URL GET HTTP/2widget.suphelper.top/_next/static/chunks/663-81a4add2f1c95639.js IP104.18.39.72:443
Requested byhttps://widget.suphelper.top/ CertificateIssuerGoogle Trust Services LLC Subjectsuphelper.top Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36 ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT
File typegzip compressed data, from Unix Size108 kB (108518 bytes) Hashecad524200df622cf240eab03f77d056 b9d27fe0e163699f7f479e05e86cfdde656fde68 3f2c50775cb22d398bc8fbefc5c940a8258189f3e838e335267c4c46519fe023
GET /_next/static/chunks/663-81a4add2f1c95639.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 11:29:09 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Thu, 28 Mar 2024 06:56:31 GMT
etag: W/"5b0da-18e83d890e3"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 669675
expires: Thu, 08 May 2025 11:29:09 GMT
server: cloudflare
cf-ray: 88091c43eedab512-OSL
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/web-api/registration | 178.253.29.51 | 200 OK | 8.2 kB |
URL POST HTTP/21xlite-461430.top/web-api/registration IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hashceea7fd7e6148fd9dc744fc633e1d416 494d9ec66e794c953a589aee249e25f6d24bfaa0 3e421090d52ac8e0ec38a9f4295b85469b8dc3edbadc39f16aa0bc26c158c285
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /web-api/registration HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET
content-type: application/json
x-requested-with: XMLHttpRequest
Content-Length: 17
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET; platform_type=desktop; auid=sv0dM2Y7Yf7BbyWAAwM8Ag==; SESSION=75bb5152e29b8089ef1d8c32275dd0df; window_width=1280; _glhf=1715185523; che_g=3f2954ac-c676-fb8c-77a5-3c12a6bd9725; application_locale=en; sh.session.id=1184b48b-8c28-48ce-a06d-1956db3095c1; ggru=139
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:11 GMT
content-type: application/vnd.api+json
vary: Accept-Encoding
cache-control: no-cache, private
server-timing: p;dur=32, dt_total;dur=33.641, wf-uht;dur=0.045
traceparent: 00-08d4b1128febc09db71dbf14edb011fb-81ba069ace60a395-01
x-dt: 285
x-time-ng: 0.033
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/726083f27efa.js | 185.244.209.62 | 200 OK | 597 B |
URL GET HTTP/2v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/726083f27efa.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJava source, ASCII text, with very long lines (596) Hash76880f7538a0be62d4fc0f9e55db36aa 73f78086fe9d1875b8e289fc3c8e22ecaec4dacb 0491db56d6c0b9c1ecabeafcffcb6d1151d847f9145dd643d4a7f6408faee096
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/726083f27efa.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:15 GMT
content-type: text/javascript; charset=utf-8
content-length: 597
last-modified: Wed, 08 May 2024 10:11:58 GMT
etag: "76880f7538a0be62d4fc0f9e55db36aa"
x-amz-meta-mtime: 1715162852.7089481
expires: Thu, 09 May 2024 10:43:41 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-0803fbd891233082af43059a5bf69f56-9f267a10f53206bc-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:43:41+00:00, 2024-05-08T10:48:40+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/618b749155d0.js | 185.244.209.62 | | 481 B |
URL v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/618b749155d0.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJava source, ASCII text, with very long lines (480) Hash9abbe64ff2b544f35594e17905e4594c a7896739e9768216888018d2c4aec7c102e4d4a9 9f8032c080e2f3906f0c068bf43ef41084d6064f5df8be76b339fa87f7ad17eb
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/618b749155d0.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:15 GMT
content-type: text/javascript; charset=utf-8
content-length: 481
last-modified: Wed, 08 May 2024 10:11:58 GMT
etag: "9abbe64ff2b544f35594e17905e4594c"
x-amz-meta-mtime: 1715162852.7089481
expires: Thu, 09 May 2024 10:43:41 GMT
cache-control: max-age=86400
x-time-ng: 0.001
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-e70f80a136ee02fa7b02d326f3e526cb-6e3547afc3e2d635-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:43:41+00:00, 2024-05-08T10:48:40+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| widget.suphelper.top/_next/static/chunks/7413e8b9-8adee4b5b5407a55.js | 104.18.39.72 | 200 OK | 30 kB |
URL GET HTTP/2widget.suphelper.top/_next/static/chunks/7413e8b9-8adee4b5b5407a55.js IP104.18.39.72:443
Requested byhttps://widget.suphelper.top/ CertificateIssuerGoogle Trust Services LLC Subjectsuphelper.top Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36 ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT
File typegzip compressed data, from Unix Hashe4c360f9c577b38fccebb2d3888e7e4c c0f9aae41dc2a7f44490cf1988ba30af7e841493 90d692483668e17c502a716e46ce78b90800970b3e90ecc9ad44a0fc906573ad
GET /_next/static/chunks/7413e8b9-8adee4b5b5407a55.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 11:29:09 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Mon, 22 Jan 2024 07:49:06 GMT
etag: W/"12fe9-18d3024f9c4"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 665394
expires: Thu, 08 May 2025 11:29:09 GMT
server: cloudflare
cf-ray: 88091c43eed3b512-OSL
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/conversion-4d6c8249.js | 185.244.209.62 | | 66 kB |
URL v3.traincdn.com/_nuxt/desktop/default/vendors/conversion-4d6c8249.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators Hashaef3e7e835a99d3035bcd15797cfe9a8 5de336165d341c0601724e9c1051555ad1823207 25e9709b1b46caed0b4303d82fc1ed87763c84d661878f0a9e247c6e8a7c92ef
GET /_nuxt/desktop/default/vendors/conversion-4d6c8249.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:15 GMT
content-type: application/javascript; charset=utf-8
content-length: 66478
last-modified: Wed, 08 May 2024 10:16:12 GMT
etag: "663b50ec-103ae"
content-encoding: gzip
expires: Thu, 09 May 2024 10:51:45 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-1c1e76fdbd14377ae0dcab30520b1dc0-4f9c8669cc004cb7-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:51:45+00:00, 2024-05-08T10:54:43+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| widget.suphelper.top/ | 104.18.39.72 | | 201 kB |
IP104.18.39.72:0
CertificateIssuerGoogle Trust Services LLC Subjectsuphelper.top Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36 ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT
File typegzip compressed data, from Unix Size201 kB (201391 bytes) Hash603ed32f9bcd619232cd21aef7be03a4 de0a5305cdb549d7ecd1fec99b378953e69ac3fe 243d036b01303ddcc8b79761d96515baa396401271fce8071848671001b43f24
GET / HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 11:29:09 GMT
content-type: text/html; charset=utf-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=60, stale-while-revalidate=30
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 88091c428d47b512-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/banner/1ef232ab28e984c65ad109ade8b650ed.jpg | 185.244.209.62 | | 33 kB |
URL v3.traincdn.com/genfiles/cms/1/desktop/banner/1ef232ab28e984c65ad109ade8b650ed.jpg IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1380x248, components 3 Hash590bf4dea9eca01477197273e697a2f2 48626617ea6e7e6dc8d78421d4bbe4775dab89c6 36c0fc192afc11c3ebd5d841732212db3903757fd382cbfdbbddbf74ddb4a1d5
GET /genfiles/cms/1/desktop/banner/1ef232ab28e984c65ad109ade8b650ed.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:15 GMT
content-type: image/jpeg
content-length: 32867
last-modified: Fri, 26 Apr 2024 11:44:33 GMT
etag: "590bf4dea9eca01477197273e697a2f2"
x-time-ng: 0.027
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-7af9d78011cab19ca8c6a5e63b04508f-ec690863a38f01b7-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-26T12:46:26+00:00, 2024-05-08T11:09:13+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/banner/d94c9b1508a286d270c77946ff0972fa.webp | 185.244.209.62 | | 15 kB |
URL v3.traincdn.com/genfiles/cms/1/desktop/banner/d94c9b1508a286d270c77946ff0972fa.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1380x248, Scaling: [none]x[none], YUV color, decoders should clamp Hash2ccdf625b855ce93bc9b56a671accd6e bc8f3a791f6251b714bafad614d15c477ba428e4 c5012a832581da604a5c57e8f822008f749fe484c6d24127ca91232af71169cd
GET /genfiles/cms/1/desktop/banner/d94c9b1508a286d270c77946ff0972fa.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:15 GMT
content-type: image/webp
content-length: 14610
last-modified: Thu, 08 Jun 2023 09:20:03 GMT
etag: "2ccdf625b855ce93bc9b56a671accd6e"
x-time-ng: 0.002
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-a9ccca5b2ae5e7ed3c231eb869c075e2-cc23b68cc482f09a-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-02-27T14:22:50+00:00, 2024-05-08T10:37:35+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/banner/1ef232ab28e984c65ad109ade8b650ed.webp | 185.244.209.62 | 200 OK | 16 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1/desktop/banner/1ef232ab28e984c65ad109ade8b650ed.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1380x248, Scaling: [none]x[none], YUV color, decoders should clamp Hash99937fec94322155d99465451e84e5f4 0549b153f8e34c242f71817a038f7ebad37d27be d35bc328538e182310574b3ff1d58134efedc49c9f3dbb43ec6df65fed624f33
GET /genfiles/cms/1/desktop/banner/1ef232ab28e984c65ad109ade8b650ed.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:15 GMT
content-type: image/webp
content-length: 15874
last-modified: Fri, 26 Apr 2024 11:44:53 GMT
etag: "99937fec94322155d99465451e84e5f4"
x-time-ng: 0.002
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-ca233a88eb15b05487db076ad92705b7-8c988d91489cc520-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-26T11:45:30+00:00, 2024-05-08T10:37:35+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/3083a20a3f73c30fce38710d7ada9cbb.svg | 185.244.209.62 | | 29 kB |
URL v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/3083a20a3f73c30fce38710d7ada9cbb.svg IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typegzip compressed data, max speed, from Unix Hash05198a2fa68cdd36180738d2f62ad0db f3b3dbdb853ff970d28a00adfdaccf92d1565261 b35655020e1abffaf27737aaa652c1d7aac170c25ed16a216f3621b32a33c8cf
GET /genfiles/cms/1-285/desktop/media_asset/3083a20a3f73c30fce38710d7ada9cbb.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:09 GMT
content-type: image/svg+xml
last-modified: Wed, 19 Apr 2023 11:51:30 GMT
etag: W/"3ae81b002dca46d3b732ce3e03ae35c6"
content-encoding: gzip
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-ef11c5630b38f3bcddfaa0989d606b42-e934cb20ec6763a9-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T08:36:11+00:00, 2024-05-08T10:37:34+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/banner/37725dd3160e2621f084de11d4417228.png | 185.244.209.62 | | 231 kB |
URL v3.traincdn.com/genfiles/cms/1/desktop/banner/37725dd3160e2621f084de11d4417228.png IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typePNG image data, 1380 x 248, 8-bit/color RGBA, non-interlaced Size231 kB (231413 bytes) Hash5f92240dea2753875e3104a6704f93e6 41d042b4876f18001842a761d05ad4a0575ca7f4 2d51f316311a3977d1dcee31a3332f720f72a842d8924ea4b8f014a23ca859b7
GET /genfiles/cms/1/desktop/banner/37725dd3160e2621f084de11d4417228.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:15 GMT
content-type: image/png
content-length: 231413
last-modified: Wed, 21 Jun 2023 09:54:48 GMT
etag: "5f92240dea2753875e3104a6704f93e6"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-0e801c69174b9416181434220bb6dc83-ad0084ef7117961d-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-30T12:28:11+00:00, 2024-05-08T11:09:13+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size24/sfiles/logo_teams/1996.webp | 185.244.209.62 | | 1.4 kB |
URL v3.traincdn.com/resized/size24/sfiles/logo_teams/1996.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hash886a20096e1c4869d510740a41df5812 7a9a79a4ca6251afba1a3910efeb6bca4a425ee6 3b8952ad0299b2b7039e1dc767edeaa840348e71ae43b3805badd8a6fb2a4598
GET /resized/size24/sfiles/logo_teams/1996.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:15 GMT
content-type: image/webp
content-length: 1392
cache-control: max-age=94608000
content-disposition: inline; filename="1996.webp"
content-security-policy: script-src 'none'
expires: Sat, 08 May 2027 11:19:47 GMT
x-request-id: cd48375ed13b2fcc5782e27042338191
x-time-ng: 0.067
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
x-cached-since: 2024-05-08T11:19:47+00:00
traceparent: 00-7a3a71b786f6101500b5737e09de02fb-6815f2ac6a13c7d7-01
x-id: osix-hw-edge-gc4
cache: HIT, MISS
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size24/sfiles/logo_teams/08a25897e35d75d7261a8095b9599aad.webp | 185.244.209.62 | | 1.2 kB |
URL v3.traincdn.com/resized/size24/sfiles/logo_teams/08a25897e35d75d7261a8095b9599aad.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hashe63abc1e41178a97d4197c51567e25c8 2093338e3a4804d8c80fafd7720537056d9d0bea 0c2de26224b4b34463e0e2c5c8f38d60edf6fbf7d97a568671892edc96be354e
GET /resized/size24/sfiles/logo_teams/08a25897e35d75d7261a8095b9599aad.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:15 GMT
content-type: image/webp
content-length: 1220
cache-control: max-age=94608000
content-disposition: inline; filename="08a25897e35d75d7261a8095b9599aad.webp"
content-security-policy: script-src 'none'
expires: Sat, 08 May 2027 11:19:47 GMT
x-request-id: 5ed651ab54561c418f16ac8f894afb00
x-time-ng: 0.049
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
x-cached-since: 2024-05-08T11:19:47+00:00
traceparent: 00-b3664fbf74721dd650648824844a4f67-72467ab5a0aec5d5-01
x-id: osix-hw-edge-gc4
cache: HIT, MISS
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size24/sfiles/logo_teams/65e3e972954419765c3ce21698edf6cb.webp | 185.244.209.62 | | 1.2 kB |
URL v3.traincdn.com/resized/size24/sfiles/logo_teams/65e3e972954419765c3ce21698edf6cb.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hash49db5443e120a9653d4ee999dc9686df 57bc47853935972be400e9c1acc85b314bb161d0 d8fcbb9d7583b0932233a931a67a727a86e117defb0269cdbd59a9d91e45d5ca
GET /resized/size24/sfiles/logo_teams/65e3e972954419765c3ce21698edf6cb.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:15 GMT
content-type: image/webp
content-length: 1196
cache-control: max-age=94608000
content-disposition: inline; filename="65e3e972954419765c3ce21698edf6cb.webp"
content-security-policy: script-src 'none'
expires: Wed, 05 May 2027 12:37:08 GMT
x-request-id: a4c1423183e5856b35fd59765a3567e5
x-time-ng: 0.040
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-fac8afc7c8ad9bfcbc6491947fddb0b0-bf469f4d9a4d1ae8-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-05T12:37:08+00:00, 2024-05-07T14:44:43+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size24/sfiles/logo_teams/f5db46d24aea0f9d3d07d0be290981ee.webp | 185.244.209.62 | | 1.1 kB |
URL v3.traincdn.com/resized/size24/sfiles/logo_teams/f5db46d24aea0f9d3d07d0be290981ee.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hashfb306a4723886210af5f76099eeb4556 910fc4fb3c4d9407d1c536e7fadbcc85bd922880 2d60f98a12a00aaa589404f2ace0152c5dc649da9fe43b68e26d01b9f8c41319
GET /resized/size24/sfiles/logo_teams/f5db46d24aea0f9d3d07d0be290981ee.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:15 GMT
content-type: image/webp
content-length: 1056
cache-control: max-age=94608000
content-disposition: inline; filename="f5db46d24aea0f9d3d07d0be290981ee.webp"
content-security-policy: script-src 'none'
expires: Thu, 06 May 2027 03:17:14 GMT
x-request-id: f7ed644b24c1d3a82d5dc585f4496e90
x-time-ng: 0.036
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-0aceec0ba28eb1a07a99e702b8dd60a7-c7295ded31bbbf3c-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T03:17:14+00:00, 2024-05-07T14:44:43+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| widget.suphelper.top/_next/static/chunks/webpack-fb94d2f19425a3e3.js | 104.18.39.72 | | 11 kB |
URL widget.suphelper.top/_next/static/chunks/webpack-fb94d2f19425a3e3.js IP104.18.39.72:0
CertificateIssuerGoogle Trust Services LLC Subjectsuphelper.top Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36 ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT
File typegzip compressed data, from Unix Hashb7663ccaf14d585de53146ee21c8b622 9ea2e5f514f9343d525fa85ba23266ee8003f98b 14fb81b8b750f3fbeda56a3c00672722865d1eb358cf33c255bb3e6f132cc92a
GET /_next/static/chunks/webpack-fb94d2f19425a3e3.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 11:29:09 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://file-hosting-api-stage.kube.prod.cons.lan https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Thu, 09 Nov 2023 06:03:45 GMT
etag: W/"ed0-18bb2adf0eb"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 665394
expires: Thu, 08 May 2025 11:29:09 GMT
server: cloudflare
cf-ray: 88091c43cebdb512-OSL
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/banner/37725dd3160e2621f084de11d4417228.webp | 185.244.209.62 | | 18 kB |
URL v3.traincdn.com/genfiles/cms/1/desktop/banner/37725dd3160e2621f084de11d4417228.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1380x248, Scaling: [none]x[none], YUV color, decoders should clamp Hashb7e3857cdc8cbde71f63af81a61f5cfb deeb62ea6e9b702bb9e3f395483c3c00445adcf8 786e67817e82780aaeb0d2bca1e57e06fff5ae9fa89b2747b1af57913886e25f
GET /genfiles/cms/1/desktop/banner/37725dd3160e2621f084de11d4417228.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:15 GMT
content-type: image/webp
content-length: 17490
last-modified: Wed, 21 Jun 2023 09:54:55 GMT
etag: "b7e3857cdc8cbde71f63af81a61f5cfb"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-c534729f7f1e628e7145ad4e04ee8e4c-d9b5949eb834221f-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-02-27T15:26:35+00:00, 2024-05-08T10:37:35+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/260/desktop/banner/ef11271d6cef34c1fdb99b2ddff4bdb1.webp | 185.244.209.62 | | 14 kB |
URL v3.traincdn.com/genfiles/cms/260/desktop/banner/ef11271d6cef34c1fdb99b2ddff4bdb1.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1380x248, Scaling: [none]x[none], YUV color, decoders should clamp Hash317ab8a5b92752fd051ac254b8366dcb 3c30f1345378eaf9833e470a1b7c050d6ccf8b48 4ced6a24abe27da06f568a4d837f11b21462458779d624bd6916163b189222f9
GET /genfiles/cms/260/desktop/banner/ef11271d6cef34c1fdb99b2ddff4bdb1.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:15 GMT
content-type: image/webp
content-length: 13702
last-modified: Thu, 02 May 2024 12:00:34 GMT
etag: "317ab8a5b92752fd051ac254b8366dcb"
x-time-ng: 0.003
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-ecb9a70348ab29426b0d687900319199-58f3c48f08ef2eae-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T14:40:55+00:00, 2024-05-08T10:37:35+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/3af2cf3bddb3.js | 185.244.209.62 | 200 OK | 3.6 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/3af2cf3bddb3.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Hashea11de2ad3cd8420a2a7ba6e029be54b 0f2591435580443b725cfc1398d592a9e27bf6ef 05b9e0c3411afeeac9dba92afc0996494c1405001c7cbbec1285c494bfe54150
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/3af2cf3bddb3.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:15 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 08 May 2024 10:11:58 GMT
etag: W/"602495277c0ee0ced5c29a01596c0e58"
x-amz-meta-mtime: 1715162852.704948141
content-encoding: gzip
expires: Thu, 09 May 2024 10:43:41 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-8abdca1b055cd3f41b3df9ed8961b2e7-7ddfe2998b92725a-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:43:41+00:00, 2024-05-08T10:48:40+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/327334405031.js | 185.244.209.62 | | 424 B |
URL v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/327334405031.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJava source, ASCII text, with very long lines (423) Hash31bd7da0b4c3a29a840d1befac27cf8b ab07ed137a23fe5b743ec0589f6c5c0da7b85258 9a60e8a389d3cd93b0014468deb14c1921ade7deec0c8559a4682a09c3f6f25f
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/327334405031.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:16 GMT
content-type: text/javascript; charset=utf-8
content-length: 424
last-modified: Wed, 08 May 2024 10:11:58 GMT
etag: "31bd7da0b4c3a29a840d1befac27cf8b"
x-amz-meta-mtime: 1715162852.704948141
expires: Thu, 09 May 2024 10:43:41 GMT
cache-control: max-age=86400
x-time-ng: 0.001
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-591cd6c12dd138a189a825c787181a93-1f73efebc7c76ec3-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:43:41+00:00, 2024-05-08T10:48:40+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/web-api/api/v3/bonuses/welcome-bonuses | 178.253.29.51 | 200 OK | 726 B |
URL GET HTTP/21xlite-461430.top/web-api/api/v3/bonuses/welcome-bonuses IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hash3b95c708633bddc9e7e22d49dad5fc0f a8df6625dbc748880d5d8c7848cf596f3745b87c e23bcc0d393deacc52f246838faf46a23d0bf4cfe70079980e20a4d0a2a80e53
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /web-api/api/v3/bonuses/welcome-bonuses HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET; platform_type=desktop; auid=sv0dM2Y7Yf7BbyWAAwM8Ag==; SESSION=75bb5152e29b8089ef1d8c32275dd0df; window_width=1280; _glhf=1715185523; che_g=3f2954ac-c676-fb8c-77a5-3c12a6bd9725; application_locale=en
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:09 GMT
content-type: application/vnd.api+json
vary: Accept-Encoding
cache-control: no-cache, private
server-timing: p;dur=21, dt_total;dur=42.111, wf-uht;dur=0.053
traceparent: 00-0b7df18a36a7fc4c14400e571d761e53-15363db94f2149a8-01
x-dt: 285
x-time-ng: 0.037
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/4f769aae21a0.js | 185.244.209.62 | | 435 B |
URL v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/4f769aae21a0.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJava source, ASCII text, with very long lines (434) Hash9161fb5b91a09b3026d143479dc567a6 c1fe731351fb1447e76ef38def2d2f869b025007 9a4b211be9ec541c8fbdf213a2ae7b270afdd22674f74ad12b9aec0a5ff6b278
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/4f769aae21a0.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:16 GMT
content-type: text/javascript; charset=utf-8
content-length: 435
last-modified: Wed, 08 May 2024 10:11:58 GMT
etag: "9161fb5b91a09b3026d143479dc567a6"
x-amz-meta-mtime: 1715162852.704948141
expires: Thu, 09 May 2024 10:43:41 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-48d03f6d8aa582580bb0dee687115ab6-5b86641c395e0a46-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:43:41+00:00, 2024-05-08T10:48:40+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/c65c754d498ddb25accb3498c1e7540b.png | 185.244.209.62 | | 5.2 kB |
URL v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/c65c754d498ddb25accb3498c1e7540b.png IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typePNG image data, 514 x 514, 8-bit colormap, non-interlaced Hashb9a636eef54b2844b571fe7de49184a7 bf653690790ced40eb3189da075a275d951d1607 001bfcdd52b658d46543a1aec889d35b73b3909b47097cc011b95e96fc9e3743
GET /genfiles/cms/1-285/desktop/media_asset/c65c754d498ddb25accb3498c1e7540b.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:17 GMT
content-type: image/png
content-length: 5202
last-modified: Wed, 28 Feb 2024 07:52:20 GMT
etag: "b9a636eef54b2844b571fe7de49184a7"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-38eaf25864bf9b6d5060c0deeef3a920-8e27c94570a4565c-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-03T07:12:40+00:00, 2024-05-08T10:54:36+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2 | 185.244.209.62 | 200 OK | 64 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2 IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 63748, version 1.0 Hash6887b6f24414dbc612dbf42ccdc76b70 8068d3abfbc6cbf35b55919da45b1f4d2d136238 fc5c015fc32518f1ed810fa84ca28941eb9d5a3c81acc8df69a4dbbeedef7b0c
GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:17 GMT
content-type: font/woff2
content-length: 63748
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "6887b6f24414dbc612dbf42ccdc76b70"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-da53f208d66c62b633095e60eccc35a0-1a483aba8f6e9d9c-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T07:13:59+00:00, 2024-05-08T11:28:47+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/9f8e0e38189c.js | 185.244.209.62 | | 66 kB |
URL v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/9f8e0e38189c.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typegzip compressed data, max speed, from Unix Hash86c00db643c926313ed49f4585bbf8f7 8e5c58c00030e92efe28012a93fc7aad2619a033 ab691d8100025a5677d374e76d7b7eb96a3a803f1b7ca567545b870fcc9227a9
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/9f8e0e38189c.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:15 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 08 May 2024 10:11:59 GMT
etag: W/"fd9612103f2362b8086939d1c920d9ed"
x-amz-meta-mtime: 1715162852.71294806
content-encoding: gzip
expires: Thu, 09 May 2024 10:43:41 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-8022444d4d1a236553baf35bba4373f8-3062f25878833663-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:43:41+00:00, 2024-05-08T10:48:40+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/38023f75e90b.js | 185.244.209.62 | 200 OK | 65 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/38023f75e90b.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Hash099da0fcbc45f292edb1afc0177c0888 3a3a9cb4d6e23c2eb3821fbcc355b173021a3d72 800ad282c6b259391b6584d0ef1cb3cc7461797c6f5ef96fa2557d0fabfaf2ec
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/38023f75e90b.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:16 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 08 May 2024 10:11:58 GMT
etag: W/"8a7d471cf2bc2319c80b135e841a4440"
x-amz-meta-mtime: 1715162852.704948141
content-encoding: gzip
expires: Thu, 09 May 2024 10:43:31 GMT
cache-control: max-age=86400
x-time-ng: 0.001
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-7775dcf60fe419f57d3c82879c9bfa3c-5fa0f9c315550a15-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:43:31+00:00, 2024-05-08T10:48:40+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/bfff49986d7a.css | 185.244.209.62 | 200 OK | 16 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/bfff49986d7a.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Hash1fa6f9e7e6235296be75c75469e843b6 907170bbbf0f66770683214a74d1b24be11554ba 20bf476df151a2ebedfb7cb0a8f90163355ea1fece2d76e6e32bfd5c81ba4302
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/bfff49986d7a.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:15 GMT
content-type: text/css; charset=utf-8
last-modified: Wed, 08 May 2024 10:11:59 GMT
etag: W/"fd42a3c47441635be644d6248b61feb9"
x-amz-meta-mtime: 1715162852.71294806
content-encoding: gzip
expires: Thu, 09 May 2024 10:43:41 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-45605bcacd1dae69c5d6d095ad3d34a0-765c209dbe6b493b-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:43:41+00:00, 2024-05-08T10:48:40+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/3ac53cf87dd2.js | 185.244.209.62 | 200 OK | 64 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/3ac53cf87dd2.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Hash7d8be64afd4e53071172abfd58d7951b cbd04e57929450897b7b9e9d861a516d1703307d 8f103d343995f87490ced028e65595ad23b14b2e024534a758c23aa51092a54b
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/3ac53cf87dd2.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:16 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 08 May 2024 10:11:58 GMT
etag: W/"06871b10d5141bfeb987b72a580ec66a"
x-amz-meta-mtime: 1715162852.704948141
content-encoding: gzip
expires: Thu, 09 May 2024 10:43:41 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-e0212298e7499a35cdc0dc30643557fe-93bc4d0af2545775-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:43:41+00:00, 2024-05-08T10:48:40+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Medium.woff2 | 185.244.209.62 | 200 OK | 65 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Medium.woff2 IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 64732, version 1.0 Hash3ac5d40d1b3966fc5eb09ecca74d9cbf a69f32357765dd321519889aeacba5e9ca893bb0 3310766b8f58538d07abded74a2babe1acbe1a3ee820d5b8c8265da666f4fb0c
GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Medium.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:19 GMT
content-type: font/woff2
content-length: 64732
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "3ac5d40d1b3966fc5eb09ecca74d9cbf"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-cc605ed390a29d6f6713a5ed77c1fdf8-4be7064619bb4c58-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T07:56:30+00:00, 2024-05-08T10:58:02+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json | 178.253.29.51 | 200 OK | 23 B |
URL POST HTTP/21xlite-461430.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hash1a3a3a33b7f297927a5b3eb5c94ee166 29355be127ab95019efc7b94298a811ddc5e07a9 2c5728e24e270c48f574cc839b62dc3b6724466b24b4b5e4519c28bbecff49c7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET
Content-Type: application/json
X-Lang: en
X-Uuid: df85e028-1256-42ee-bb08-ef41986dbee1
Content-Length: 99
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET; platform_type=desktop; auid=sv0dM2Y7Yf7BbyWAAwM8Ag==; SESSION=75bb5152e29b8089ef1d8c32275dd0df; window_width=1280; _glhf=1715185523; che_g=3f2954ac-c676-fb8c-77a5-3c12a6bd9725; application_locale=en; sh.session.id=1184b48b-8c28-48ce-a06d-1956db3095c1; ggru=139
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:19 GMT
content-type: application/json
content-length: 23
x-time-ng: 0.001
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.008
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2 | 185.244.209.62 | | 64 kB |
URL v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2 IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeWeb Open Font Format (Version 2), TrueType, length 63920, version 1.0 Hasha65527fcb58f66a7cfbc0e6b160538b4 45d260e7fa343401b5bb0df982a014f53e2d253b fb13c3a1cbac60649b76f7d7f85c1645d35ac69b85ce5f4eb0692505ecc2cd45
GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:19 GMT
content-type: font/woff2
content-length: 63920
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "a65527fcb58f66a7cfbc0e6b160538b4"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-95b584fceddb15bd19eae6e46d7c9588-810af21a655435c8-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T07:54:39+00:00, 2024-05-08T10:47:40+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/7774130ac645.css | 185.244.209.62 | | 14 kB |
URL v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/7774130ac645.css IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeASCII text, with very long lines (65536), with no line terminators Hashb252fb43f76f6b1af8356ac5899939a0 0dbb7bd733a57edfac12ebcf006ea9b2d9d80dfc fd780429794dcff86f62eab9c352d88d8fef73506f16bc34ddf0aae6894352a8
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/7774130ac645.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:15 GMT
content-type: text/css; charset=utf-8
last-modified: Wed, 08 May 2024 10:11:58 GMT
etag: W/"72d7956858a098291f07282500a246ed"
x-amz-meta-mtime: 1715162852.7089481
content-encoding: gzip
expires: Thu, 09 May 2024 10:43:41 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-100d7fed2eb4d2d546b82e4e2558ec98-f6f783195c9f254f-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:43:41+00:00, 2024-05-08T10:48:40+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/service-api/LiveFeed/WebGetTopChampsZip?lng=en&gr=285&country=137 | 178.253.29.51 | | 342 B |
URL 1xlite-461430.top/service-api/LiveFeed/WebGetTopChampsZip?lng=en&gr=285&country=137 IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hash971f38b1a28cdeafc87a89656bbed138 cbab2f05e1792435d31828d82addbaf5389d1b35 e55e4be35f054c5d77e7046e4ee296bc9eca5a6441ac03d5ce9ce2b68fefa8bf
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/WebGetTopChampsZip?lng=en&gr=285&country=137 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET; platform_type=desktop; auid=sv0dM2Y7Yf7BbyWAAwM8Ag==; SESSION=75bb5152e29b8089ef1d8c32275dd0df; window_width=1280; _glhf=1715185523; che_g=3f2954ac-c676-fb8c-77a5-3c12a6bd9725; application_locale=en; sh.session.id=1184b48b-8c28-48ce-a06d-1956db3095c1; ggru=139
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:20 GMT
content-type: application/json; charset=utf-8
content-length: 342
cache-control: no-cache
content-encoding: br
last-modified: Wed, 08 May 2024 11:29:20 GMT
vary: Accept-Encoding
x-time-ng: 0.007
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.016
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/002d7fda3d62.css | 185.244.209.62 | | 50 kB |
URL v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/002d7fda3d62.css IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typegzip compressed data, max speed, from Unix Hash300ab44f5ee9e8343134e6a2f6cdb396 ad82c676a97b6fb6681c7d4bdc360b6bb9c910bd 24608701e29156e419afac084da24e706b72b9da6d6279ac47d12702ccad47c2
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/002d7fda3d62.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:10 GMT
content-type: text/css; charset=utf-8
last-modified: Wed, 08 May 2024 10:11:58 GMT
etag: W/"294f3a633bf92f7b6f9141c2b31b4bf6"
x-amz-meta-mtime: 1715162852.700948182
content-encoding: gzip
expires: Thu, 09 May 2024 10:43:23 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-6a6055e80f66f32466f61729dbfab29c-9d2028c35c0b2a29-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:43:23+00:00, 2024-05-08T10:48:37+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-7JGWL9SV66 | 142.250.74.168 | | 106 kB |
URL www.googletagmanager.com/gtag/js?id=G-7JGWL9SV66 IP142.250.74.168:0
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (10899) Size106 kB (105833 bytes) Hashdf38768e2bdc579d4ffb09c6fe092fec 0344355fec7273503a9d6e1eed76c01410c1123f 0cd8df79d5fd308d3178dd9c069d70044cdf7290fd0b099e47f6fbb302d40cf9
GET /gtag/js?id=G-7JGWL9SV66 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 08 May 2024 11:29:20 GMT
expires: Wed, 08 May 2024 11:29:20 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 105833
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtm.js?id=GTM-KFGPRJ2V | 142.250.74.168 | | 64 kB |
URL www.googletagmanager.com/gtm.js?id=GTM-KFGPRJ2V IP142.250.74.168:0
File typeJavaScript source, ASCII text, with very long lines (1822) Hash06b6d77f026d0d0137c5ec9a5cec3444 afefaa630700291e9b7a9302165f861802505550 281426d65e15fda3000489e8d673fd0f4f6f9e6778e9983f7d13faf2f09e03ff
GET /gtm.js?id=GTM-KFGPRJ2V HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 08 May 2024 11:29:20 GMT
expires: Wed, 08 May 2024 11:29:20 GMT
cache-control: private, max-age=900
last-modified: Wed, 08 May 2024 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 64334
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/hd-api/external/api/web/v1/j/3b0i865k5j755k5876f361ebbf7dee57bc79def0cadb7a1e31a1 | 178.253.29.51 | | 515 B |
URL 1xlite-461430.top/hd-api/external/api/web/v1/j/3b0i865k5j755k5876f361ebbf7dee57bc79def0cadb7a1e31a1 IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hashc9f9a521da56575eb7227bf4c8c0a331 1f921db6f2aa0a5991c2014b8c1a93af9149f0a3 5aee26cc93b42d84805586f0b9f0e6ebdd1b3d3bbde5672f18e5033a9b85ac89
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /hd-api/external/api/web/v1/j/3b0i865k5j755k5876f361ebbf7dee57bc79def0cadb7a1e31a1 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET
X-Requested-With: XMLHttpRequest
Content-Type: application/json
Content-Length: 105936
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET; platform_type=desktop; auid=sv0dM2Y7Yf7BbyWAAwM8Ag==; SESSION=75bb5152e29b8089ef1d8c32275dd0df; window_width=1280; _glhf=1715185523; che_g=3f2954ac-c676-fb8c-77a5-3c12a6bd9725; application_locale=en; sh.session.id=1184b48b-8c28-48ce-a06d-1956db3095c1; ggru=139
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:21 GMT
content-type: application/json
content-length: 515
content-encoding: gzip
traceparent: 00-1563ff84a36f39611fe0f50bbc7870de-f77082c1c0c6716a-01
vary: Accept-Encoding
x-dt: 285
x-request-guid: 2c5d127b5dc268eb9c3958264147ebf7
x-time-ng: 0.019
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=27.847, wf-uht;dur=0.050
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/service-api/LineFeed/GetGameZip?id=528030908&lng=en&GroupEvents=true&countevents=50&grMode=4&marketType=1 | 178.253.29.51 | 200 OK | 1.3 kB |
URL GET HTTP/21xlite-461430.top/service-api/LineFeed/GetGameZip?id=528030908&lng=en&GroupEvents=true&countevents=50&grMode=4&marketType=1 IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hash788dac669a1c170aa800b1aba86f0c48 99f877833d713280d0fa22de11d5ec38b386b5c4 2f6b97aac412a7cae112b19ba6a716c3afb7504949cf95352421669c2040cf6c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LineFeed/GetGameZip?id=528030908&lng=en&GroupEvents=true&countevents=50&grMode=4&marketType=1 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET; platform_type=desktop; auid=sv0dM2Y7Yf7BbyWAAwM8Ag==; SESSION=75bb5152e29b8089ef1d8c32275dd0df; window_width=1280; _glhf=1715185523; che_g=3f2954ac-c676-fb8c-77a5-3c12a6bd9725; application_locale=en; sh.session.id=1184b48b-8c28-48ce-a06d-1956db3095c1; ggru=139
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:21 GMT
content-type: application/json; charset=utf-8
content-length: 1323
cache-control: public, max-age=5
content-encoding: br
last-modified: Wed, 08 May 2024 11:29:21 GMT
vary: Accept-Encoding
x-time-ng: 0.032
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.042
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/472977fdf26e.js | 185.244.209.62 | 200 OK | 3.5 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/472977fdf26e.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Hashb2df961b0ad753f5e6ee74f592c936df dcfe9292dc05c73f27c3b7ea34a1d3ca866706b2 114a3eb37aaca8d60fd8f1f652ad494bc1d382426279f09ab8f88da6590398e4
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/472977fdf26e.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:16 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 08 May 2024 10:11:58 GMT
etag: W/"2f5436be87ea646c3521311f827e6c73"
x-amz-meta-mtime: 1715162852.704948141
content-encoding: gzip
expires: Thu, 09 May 2024 10:43:30 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-3a7281cd9b33226d8c3d22d021e9d928-6a70751cd7e81624-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:43:30+00:00, 2024-05-08T10:48:40+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| radar.cedexis.com/1/23802/radar.js | 45.54.49.5 | 302 Moved Temporarily | 154 B |
URL GET HTTP/1.1radar.cedexis.com/1/23802/radar.js IP45.54.49.5:443 ASN#63911 NetActuate, Inc
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerDigiCert Inc Subjectradar.cedexis.com Fingerprint33:58:79:8E:87:A5:C3:05:CA:E2:82:50:61:CF:72:83:BD:64:80:C1 ValidityFri, 29 Mar 2024 00:00:00 GMT - Fri, 28 Mar 2025 23:59:59 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hashcfbeaf604823f038b8b46f0ac862b98c 7b9eb1dac48e74fa5f418bc456cb410f88b81d98 20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /1/23802/radar.js HTTP/1.1
Host: radar.cedexis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Wed, 08 May 2024 11:29:21 GMT
Content-Type: text/html
Content-Length: 154
Connection: keep-alive
Location: /1707728419/stub.js
Expires: Wed, 08 May 2024 11:39:21 GMT
Cache-Control: max-age=600
Vary: User-Agent,DNT
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/40295f87c48b.js | 185.244.209.62 | | 1.8 kB |
URL v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/40295f87c48b.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typegzip compressed data, max speed, from Unix Hashd70f867358f64b319fd73effe8e924d5 0ec17af31b5b58a0965dcf3191af2ed22a7d2680 7ee91095f41a2df0dc9a750d8b76d989a86ccc6aa313ac9846490b252853cbb9
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/40295f87c48b.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:16 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 08 May 2024 10:11:58 GMT
etag: W/"04021329a63deda1db56e389799543a2"
x-amz-meta-mtime: 1715162852.704948141
content-encoding: gzip
expires: Thu, 09 May 2024 10:43:41 GMT
cache-control: max-age=86400
x-time-ng: 0.001
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-980dfe2a0c246a02294c5ed8479e8471-0e72870cdc5dc46a-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:43:41+00:00, 2024-05-08T10:48:40+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/service-api/LineFeed/GetGameZip?id=528450883&lng=en&GroupEvents=true&countevents=50&grMode=4&marketType=1 | 178.253.29.51 | | 1.6 kB |
URL 1xlite-461430.top/service-api/LineFeed/GetGameZip?id=528450883&lng=en&GroupEvents=true&countevents=50&grMode=4&marketType=1 IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hash5e84c8a0ecbe54251c6bb8d5a700e377 f98a263c4189e3e9ebdfd0816de68058d52f481c 3b1f78b5d3b1efc55abf89ce36f6fd8a0046be548b34844bb6b7123e6afd7b89
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LineFeed/GetGameZip?id=528450883&lng=en&GroupEvents=true&countevents=50&grMode=4&marketType=1 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiVVNBSnB6RW4wTXQ1WHN6alNyR0ptK3ZWWm9nL2FIUkU4aDQ3cC8yeERpUm5obCtRVVFmZTFUWDB1WmVmVnYwUXZERUZRRGVuNGpHVVNya05RSk1qMzBIUHVaY0NMaUNCUnF5SHNkSzJDRUI2ZzN0UHliL3BWSHlTazgvU1BXZk1hTWRVU1J4MGs4bzVJbjM5cWcyUUtLaVNMU3lPWnpyVGE3bjFocGVZYUpJak9tRnpjWnE1Q00wU3BIenM3aWVNVEx0SWtVa0JNdVVSdVpVMWtueWp3RjNZOGdVQ3ZPSGRRM3ZOVVRtcFArcHpENHVqOVZ5UVZNQVUwM0hQLzBHYjBiNmpMcUYyUys5Z0xoeFRPRVFLVDJFT3pLUFVSaWx5SFVmeEZhd3g4NmVuIiwiZXhwIjoxNzE1MTgyMTYxLCJpYXQiOjE3MTUxNjc3NjF9.F5dki2OxYKDstLm-OC8y22idzoYPqHwTlWQXGV2KkoaMLFOKRY2UCDntW0uO-AYm12i2_YqPrPnhtllP9iOVgw
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET; platform_type=desktop; auid=sv0dM2Y7Yf7BbyWAAwM8Ag==; SESSION=75bb5152e29b8089ef1d8c32275dd0df; window_width=1280; _glhf=1715185523; che_g=3f2954ac-c676-fb8c-77a5-3c12a6bd9725; application_locale=en; sh.session.id=1184b48b-8c28-48ce-a06d-1956db3095c1; ggru=139; _ga_7JGWL9SV66=GS1.1.1715167761.1.0.1715167761.60.0.0; _ga=GA1.1.1162292481.1715167761
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:21 GMT
content-type: application/json; charset=utf-8
content-length: 1555
cache-control: public, max-age=5
content-encoding: br
last-modified: Wed, 08 May 2024 11:29:21 GMT
vary: Accept-Encoding
x-time-ng: 0.012
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.020
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/banner/ee94ef73444d56fe0d0234bd1e83acf9.png | 185.244.209.62 | | 234 kB |
URL GET v3.traincdn.com/genfiles/cms/1/desktop/banner/ee94ef73444d56fe0d0234bd1e83acf9.png IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typePNG image data, 1380 x 248, 8-bit/color RGB, non-interlaced Size234 kB (234183 bytes) Hash29cbfc647b35d624dbb21a2480adcf74 2af51a37649fc6d91e331954244ae02fa39e4012 1c004afe245526de4788b8cbd4773d431ae624ec5902b5b81c6de6696893f5ec
GET /genfiles/cms/1/desktop/banner/ee94ef73444d56fe0d0234bd1e83acf9.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:21 GMT
content-type: image/png
content-length: 234183
last-modified: Tue, 07 May 2024 10:14:00 GMT
etag: "29cbfc647b35d624dbb21a2480adcf74"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-602b9484051bed7db18616af67c342a1-6b3bd24830cfbe2b-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T11:20:16+00:00, 2024-05-08T11:29:15+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/service-api/LineFeed/GetSportsShortZip?lng=en&country=137&virtualSports=true&gr=285&groupChamps=true | 178.253.29.51 | | 2.1 kB |
URL 1xlite-461430.top/service-api/LineFeed/GetSportsShortZip?lng=en&country=137&virtualSports=true&gr=285&groupChamps=true IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hasha59b7319a56a59786b4fbdb27accd309 56ed8efb0647408e3b82a6a81549ec1bb704a36d e94326153e65ce0144569a3ee8ff428fd0e50d2ed290cb2485c6b425d894b05c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LineFeed/GetSportsShortZip?lng=en&country=137&virtualSports=true&gr=285&groupChamps=true HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiVVNBSnB6RW4wTXQ1WHN6alNyR0ptK3ZWWm9nL2FIUkU4aDQ3cC8yeERpUm5obCtRVVFmZTFUWDB1WmVmVnYwUXZERUZRRGVuNGpHVVNya05RSk1qMzBIUHVaY0NMaUNCUnF5SHNkSzJDRUI2ZzN0UHliL3BWSHlTazgvU1BXZk1hTWRVU1J4MGs4bzVJbjM5cWcyUUtLaVNMU3lPWnpyVGE3bjFocGVZYUpJak9tRnpjWnE1Q00wU3BIenM3aWVNVEx0SWtVa0JNdVVSdVpVMWtueWp3RjNZOGdVQ3ZPSGRRM3ZOVVRtcFArcHpENHVqOVZ5UVZNQVUwM0hQLzBHYjBiNmpMcUYyUys5Z0xoeFRPRVFLVDJFT3pLUFVSaWx5SFVmeEZhd3g4NmVuIiwiZXhwIjoxNzE1MTgyMTYxLCJpYXQiOjE3MTUxNjc3NjF9.F5dki2OxYKDstLm-OC8y22idzoYPqHwTlWQXGV2KkoaMLFOKRY2UCDntW0uO-AYm12i2_YqPrPnhtllP9iOVgw
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET; platform_type=desktop; auid=sv0dM2Y7Yf7BbyWAAwM8Ag==; SESSION=75bb5152e29b8089ef1d8c32275dd0df; window_width=1280; _glhf=1715185523; che_g=3f2954ac-c676-fb8c-77a5-3c12a6bd9725; application_locale=en; sh.session.id=1184b48b-8c28-48ce-a06d-1956db3095c1; ggru=139; _ga_7JGWL9SV66=GS1.1.1715167761.1.0.1715167761.60.0.0; _ga=GA1.1.1162292481.1715167761
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:21 GMT
content-type: application/json; charset=utf-8
content-length: 2069
cache-control: public, max-age=5
content-encoding: br
last-modified: Wed, 08 May 2024 11:29:21 GMT
vary: Accept-Encoding
x-time-ng: 0.100
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.108
X-Firefox-Spdy: h2
|
|
| radar.cedexis.com/1707728419/stub.js | 45.54.49.5 | 200 OK | 271 B |
URL GET HTTP/1.1radar.cedexis.com/1707728419/stub.js IP45.54.49.5:443 ASN#63911 NetActuate, Inc
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerDigiCert Inc Subjectradar.cedexis.com Fingerprint33:58:79:8E:87:A5:C3:05:CA:E2:82:50:61:CF:72:83:BD:64:80:C1 ValidityFri, 29 Mar 2024 00:00:00 GMT - Fri, 28 Mar 2025 23:59:59 GMT
File typeJavaScript source, ASCII text Hash82dec77fd0353c7c71ce053b8601387e fbbca95419e1d0c042e0a5fdf10f380aca66188c 39f2b7b0fa78d37d0c84d2d6618bd635d86fd683d9bcdd5729850cb2a62522f7
GET /1707728419/stub.js HTTP/1.1
Host: radar.cedexis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 May 2024 11:29:21 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 12 Feb 2024 09:51:01 GMT
Vary: Accept-Encoding
ETag: W/"65c9ea05-186"
Expires: Wed, 22 May 2024 11:29:21 GMT
Cache-Control: max-age=1209600, public
Content-Encoding: gzip
|
|
| region1.analytics.google.com/g/collect?v=2&tid=G-7JGWL9SV66>m=45je4510v897130004za200&_p=1715167760808&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1162292481.1715167761&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_s=1&sid=1715167761&sct=1&seg=0&dl=https%3A%2F%2F1xlite-461430.top%2Fen%3Ftag%3Dd_2897299m_97c_PU_KZ_PA_SB_MB_1XBET&dt=1xBet%20%E1%90%89%20Online%20sports%20betting%20%E1%90%89%201xBet%20online%20bookmaker%20log%20in%20%E1%90%89%201xlite-461430.top&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.optimize_id=GTM-5R4MT54&tfd=19842 | 216.239.34.36 | | 0 B |
URL region1.analytics.google.com/g/collect?v=2&tid=G-7JGWL9SV66>m=45je4510v897130004za200&_p=1715167760808&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1162292481.1715167761&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_s=1&sid=1715167761&sct=1&seg=0&dl=https%3A%2F%2F1xlite-461430.top%2Fen%3Ftag%3Dd_2897299m_97c_PU_KZ_PA_SB_MB_1XBET&dt=1xBet%20%E1%90%89%20Online%20sports%20betting%20%E1%90%89%201xBet%20online%20bookmaker%20log%20in%20%E1%90%89%201xlite-461430.top&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.optimize_id=GTM-5R4MT54&tfd=19842 IP216.239.34.36:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-7JGWL9SV66>m=45je4510v897130004za200&_p=1715167760808&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1162292481.1715167761&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_s=1&sid=1715167761&sct=1&seg=0&dl=https%3A%2F%2F1xlite-461430.top%2Fen%3Ftag%3Dd_2897299m_97c_PU_KZ_PA_SB_MB_1XBET&dt=1xBet%20%E1%90%89%20Online%20sports%20betting%20%E1%90%89%201xBet%20online%20bookmaker%20log%20in%20%E1%90%89%201xlite-461430.top&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.optimize_id=GTM-5R4MT54&tfd=19842 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://1xlite-461430.top
date: Wed, 08 May 2024 11:29:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/service-api/LiveFeed/GetTopGamesStatZip?lng=en&antisports=66 | 178.253.29.51 | | 2.4 kB |
URL 1xlite-461430.top/service-api/LiveFeed/GetTopGamesStatZip?lng=en&antisports=66 IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hashf7de37a32ab6af2bb58736bcf1c1a423 c4ea608eb61b53f15b9fff9c532402372b17b00d 5b92656aa07f9d7777c7422a2427ad6f068e9fcf473e10cb9527ed4833ca5059
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/GetTopGamesStatZip?lng=en&antisports=66 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiVVNBSnB6RW4wTXQ1WHN6alNyR0ptK3ZWWm9nL2FIUkU4aDQ3cC8yeERpUm5obCtRVVFmZTFUWDB1WmVmVnYwUXZERUZRRGVuNGpHVVNya05RSk1qMzBIUHVaY0NMaUNCUnF5SHNkSzJDRUI2ZzN0UHliL3BWSHlTazgvU1BXZk1hTWRVU1J4MGs4bzVJbjM5cWcyUUtLaVNMU3lPWnpyVGE3bjFocGVZYUpJak9tRnpjWnE1Q00wU3BIenM3aWVNVEx0SWtVa0JNdVVSdVpVMWtueWp3RjNZOGdVQ3ZPSGRRM3ZOVVRtcFArcHpENHVqOVZ5UVZNQVUwM0hQLzBHYjBiNmpMcUYyUys5Z0xoeFRPRVFLVDJFT3pLUFVSaWx5SFVmeEZhd3g4NmVuIiwiZXhwIjoxNzE1MTgyMTYxLCJpYXQiOjE3MTUxNjc3NjF9.F5dki2OxYKDstLm-OC8y22idzoYPqHwTlWQXGV2KkoaMLFOKRY2UCDntW0uO-AYm12i2_YqPrPnhtllP9iOVgw
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET; platform_type=desktop; auid=sv0dM2Y7Yf7BbyWAAwM8Ag==; SESSION=75bb5152e29b8089ef1d8c32275dd0df; window_width=1280; _glhf=1715185523; che_g=3f2954ac-c676-fb8c-77a5-3c12a6bd9725; application_locale=en; sh.session.id=1184b48b-8c28-48ce-a06d-1956db3095c1; ggru=139; _ga_7JGWL9SV66=GS1.1.1715167761.1.0.1715167761.60.0.0; _ga=GA1.1.1162292481.1715167761
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:22 GMT
content-type: application/json; charset=utf-8
content-length: 2363
cache-control: public, max-age=5
content-encoding: br
last-modified: Wed, 08 May 2024 11:29:22 GMT
vary: Accept-Encoding
x-time-ng: 0.011
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.020
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true | 178.253.29.51 | 200 OK | 14 kB |
URL GET HTTP/21xlite-461430.top/service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hashbd89cb03031a5a05e99dd853500a545d 1579131b2eba0a901e5f66bfd97bd51a2e3edb4c bb0be4366f1031532710904df67f58245f262014fceac8b8ca0decb6c522a852
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiVVNBSnB6RW4wTXQ1WHN6alNyR0ptK3ZWWm9nL2FIUkU4aDQ3cC8yeERpUm5obCtRVVFmZTFUWDB1WmVmVnYwUXZERUZRRGVuNGpHVVNya05RSk1qMzBIUHVaY0NMaUNCUnF5SHNkSzJDRUI2ZzN0UHliL3BWSHlTazgvU1BXZk1hTWRVU1J4MGs4bzVJbjM5cWcyUUtLaVNMU3lPWnpyVGE3bjFocGVZYUpJak9tRnpjWnE1Q00wU3BIenM3aWVNVEx0SWtVa0JNdVVSdVpVMWtueWp3RjNZOGdVQ3ZPSGRRM3ZOVVRtcFArcHpENHVqOVZ5UVZNQVUwM0hQLzBHYjBiNmpMcUYyUys5Z0xoeFRPRVFLVDJFT3pLUFVSaWx5SFVmeEZhd3g4NmVuIiwiZXhwIjoxNzE1MTgyMTYxLCJpYXQiOjE3MTUxNjc3NjF9.F5dki2OxYKDstLm-OC8y22idzoYPqHwTlWQXGV2KkoaMLFOKRY2UCDntW0uO-AYm12i2_YqPrPnhtllP9iOVgw
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET; platform_type=desktop; auid=sv0dM2Y7Yf7BbyWAAwM8Ag==; SESSION=75bb5152e29b8089ef1d8c32275dd0df; window_width=1280; _glhf=1715185523; che_g=3f2954ac-c676-fb8c-77a5-3c12a6bd9725; application_locale=en; sh.session.id=1184b48b-8c28-48ce-a06d-1956db3095c1; ggru=139; _ga_7JGWL9SV66=GS1.1.1715167761.1.0.1715167761.60.0.0; _ga=GA1.1.1162292481.1715167761
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:25 GMT
content-type: application/json; charset=utf-8
content-length: 13912
cache-control: public, max-age=5
content-encoding: br
last-modified: Wed, 08 May 2024 11:29:25 GMT
vary: Accept-Encoding
x-time-ng: 0.026
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.036
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/service-api/LineFeed/GetGameZip?id=528915807&lng=en&GroupEvents=true&countevents=50&grMode=4&marketType=1 | 178.253.29.51 | 200 OK | 4.2 kB |
URL GET HTTP/21xlite-461430.top/service-api/LineFeed/GetGameZip?id=528915807&lng=en&GroupEvents=true&countevents=50&grMode=4&marketType=1 IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hashb41af37d48f46bf54249d2a0e32e0726 de3e1a25616b9eaead78876a13846a015fb5304b 3baef6cf721ada20e043df3731e836eda3860839480b5444997bff017b0cb268
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LineFeed/GetGameZip?id=528915807&lng=en&GroupEvents=true&countevents=50&grMode=4&marketType=1 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiVVNBSnB6RW4wTXQ1WHN6alNyR0ptK3ZWWm9nL2FIUkU4aDQ3cC8yeERpUm5obCtRVVFmZTFUWDB1WmVmVnYwUXZERUZRRGVuNGpHVVNya05RSk1qMzBIUHVaY0NMaUNCUnF5SHNkSzJDRUI2ZzN0UHliL3BWSHlTazgvU1BXZk1hTWRVU1J4MGs4bzVJbjM5cWcyUUtLaVNMU3lPWnpyVGE3bjFocGVZYUpJak9tRnpjWnE1Q00wU3BIenM3aWVNVEx0SWtVa0JNdVVSdVpVMWtueWp3RjNZOGdVQ3ZPSGRRM3ZOVVRtcFArcHpENHVqOVZ5UVZNQVUwM0hQLzBHYjBiNmpMcUYyUys5Z0xoeFRPRVFLVDJFT3pLUFVSaWx5SFVmeEZhd3g4NmVuIiwiZXhwIjoxNzE1MTgyMTYxLCJpYXQiOjE3MTUxNjc3NjF9.F5dki2OxYKDstLm-OC8y22idzoYPqHwTlWQXGV2KkoaMLFOKRY2UCDntW0uO-AYm12i2_YqPrPnhtllP9iOVgw
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET; platform_type=desktop; auid=sv0dM2Y7Yf7BbyWAAwM8Ag==; SESSION=75bb5152e29b8089ef1d8c32275dd0df; window_width=1280; _glhf=1715185523; che_g=3f2954ac-c676-fb8c-77a5-3c12a6bd9725; application_locale=en; sh.session.id=1184b48b-8c28-48ce-a06d-1956db3095c1; ggru=139; _ga_7JGWL9SV66=GS1.1.1715167761.1.0.1715167761.60.0.0; _ga=GA1.1.1162292481.1715167761
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:21 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=5
last-modified: Wed, 08 May 2024 11:29:21 GMT
x-time-ng: 0.040
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.048
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/260/desktop/banner/ef11271d6cef34c1fdb99b2ddff4bdb1.jpg | 185.244.209.62 | | 28 kB |
URL v3.traincdn.com/genfiles/cms/260/desktop/banner/ef11271d6cef34c1fdb99b2ddff4bdb1.jpg IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1380x248, components 3 Hash92e7a5868a7de2dcfa53b65bbdb98923 a26cfb8240552c368422ea594211d80e2a8aac06 e192736750fa781f44c9af7064b09b5c1acd09a46405315ed61cfe1a50fa5256
GET /genfiles/cms/260/desktop/banner/ef11271d6cef34c1fdb99b2ddff4bdb1.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:26 GMT
content-type: image/jpeg
content-length: 27999
last-modified: Thu, 02 May 2024 12:00:34 GMT
etag: "92e7a5868a7de2dcfa53b65bbdb98923"
x-time-ng: 0.002
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-2f325fd183f0543d8ace5faacb0d9ae5-ecf998ee5010e453-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T14:41:09+00:00, 2024-05-08T11:09:13+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/service-api/LineFeed/GetGameZip?id=528030908&lng=en&GroupEvents=true&countevents=50&grMode=4&marketType=1 | 178.253.29.51 | 200 OK | 1.3 kB |
URL GET HTTP/21xlite-461430.top/service-api/LineFeed/GetGameZip?id=528030908&lng=en&GroupEvents=true&countevents=50&grMode=4&marketType=1 IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hash9916782316766af14b3171c82d9b9338 41babb9646669d9bf7b683c80583d675970f06d6 859b736ff9df87115f604abe70d51495c2821221e8ea772342cfe0f59a445d87
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LineFeed/GetGameZip?id=528030908&lng=en&GroupEvents=true&countevents=50&grMode=4&marketType=1 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiVVNBSnB6RW4wTXQ1WHN6alNyR0ptK3ZWWm9nL2FIUkU4aDQ3cC8yeERpUm5obCtRVVFmZTFUWDB1WmVmVnYwUXZERUZRRGVuNGpHVVNya05RSk1qMzBIUHVaY0NMaUNCUnF5SHNkSzJDRUI2ZzN0UHliL3BWSHlTazgvU1BXZk1hTWRVU1J4MGs4bzVJbjM5cWcyUUtLaVNMU3lPWnpyVGE3bjFocGVZYUpJak9tRnpjWnE1Q00wU3BIenM3aWVNVEx0SWtVa0JNdVVSdVpVMWtueWp3RjNZOGdVQ3ZPSGRRM3ZOVVRtcFArcHpENHVqOVZ5UVZNQVUwM0hQLzBHYjBiNmpMcUYyUys5Z0xoeFRPRVFLVDJFT3pLUFVSaWx5SFVmeEZhd3g4NmVuIiwiZXhwIjoxNzE1MTgyMTYxLCJpYXQiOjE3MTUxNjc3NjF9.F5dki2OxYKDstLm-OC8y22idzoYPqHwTlWQXGV2KkoaMLFOKRY2UCDntW0uO-AYm12i2_YqPrPnhtllP9iOVgw
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET; platform_type=desktop; auid=sv0dM2Y7Yf7BbyWAAwM8Ag==; SESSION=75bb5152e29b8089ef1d8c32275dd0df; window_width=1280; _glhf=1715185523; che_g=3f2954ac-c676-fb8c-77a5-3c12a6bd9725; application_locale=en; sh.session.id=1184b48b-8c28-48ce-a06d-1956db3095c1; ggru=139; _ga_7JGWL9SV66=GS1.1.1715167761.1.0.1715167761.60.0.0; _ga=GA1.1.1162292481.1715167761
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:27 GMT
content-type: application/json; charset=utf-8
content-length: 1323
cache-control: public, max-age=5
content-encoding: br
last-modified: Wed, 08 May 2024 11:29:27 GMT
vary: Accept-Encoding
x-time-ng: 0.010
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.017
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/service-api/LineFeed/GetGameZip?id=528450883&lng=en&GroupEvents=true&countevents=50&grMode=4&marketType=1 | 178.253.29.51 | | 1.6 kB |
URL 1xlite-461430.top/service-api/LineFeed/GetGameZip?id=528450883&lng=en&GroupEvents=true&countevents=50&grMode=4&marketType=1 IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hash2e065f310e18a5fc661d7bbec0bdafae 4af7f398cfac4b08274c5eb0f4194673b3a2d178 de37b01be0c84bd72a05aa9914c4b9fb45c7210986447c59e9ee3ada20a257e3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LineFeed/GetGameZip?id=528450883&lng=en&GroupEvents=true&countevents=50&grMode=4&marketType=1 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiVVNBSnB6RW4wTXQ1WHN6alNyR0ptK3ZWWm9nL2FIUkU4aDQ3cC8yeERpUm5obCtRVVFmZTFUWDB1WmVmVnYwUXZERUZRRGVuNGpHVVNya05RSk1qMzBIUHVaY0NMaUNCUnF5SHNkSzJDRUI2ZzN0UHliL3BWSHlTazgvU1BXZk1hTWRVU1J4MGs4bzVJbjM5cWcyUUtLaVNMU3lPWnpyVGE3bjFocGVZYUpJak9tRnpjWnE1Q00wU3BIenM3aWVNVEx0SWtVa0JNdVVSdVpVMWtueWp3RjNZOGdVQ3ZPSGRRM3ZOVVRtcFArcHpENHVqOVZ5UVZNQVUwM0hQLzBHYjBiNmpMcUYyUys5Z0xoeFRPRVFLVDJFT3pLUFVSaWx5SFVmeEZhd3g4NmVuIiwiZXhwIjoxNzE1MTgyMTYxLCJpYXQiOjE3MTUxNjc3NjF9.F5dki2OxYKDstLm-OC8y22idzoYPqHwTlWQXGV2KkoaMLFOKRY2UCDntW0uO-AYm12i2_YqPrPnhtllP9iOVgw
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET; platform_type=desktop; auid=sv0dM2Y7Yf7BbyWAAwM8Ag==; SESSION=75bb5152e29b8089ef1d8c32275dd0df; window_width=1280; _glhf=1715185523; che_g=3f2954ac-c676-fb8c-77a5-3c12a6bd9725; application_locale=en; sh.session.id=1184b48b-8c28-48ce-a06d-1956db3095c1; ggru=139; _ga_7JGWL9SV66=GS1.1.1715167761.1.0.1715167761.60.0.0; _ga=GA1.1.1162292481.1715167761
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:27 GMT
content-type: application/json; charset=utf-8
content-length: 1556
cache-control: public, max-age=5
content-encoding: br
last-modified: Wed, 08 May 2024 11:29:27 GMT
vary: Accept-Encoding
x-time-ng: 0.014
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.022
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/service-api/LineFeed/GetGameZip?id=528915807&lng=en&GroupEvents=true&countevents=50&grMode=4&marketType=1 | 178.253.29.51 | 200 OK | 2.0 kB |
URL GET HTTP/21xlite-461430.top/service-api/LineFeed/GetGameZip?id=528915807&lng=en&GroupEvents=true&countevents=50&grMode=4&marketType=1 IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hashbc7f7e46c89943c31f0df8c749f0d442 e87cdd5b6bbe8a8d9889a05cb9785ede9a9bf753 b887c7078caf25c7fc6dc0394b57b38ea68e2d0574cb719938b5cef587ed0b97
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LineFeed/GetGameZip?id=528915807&lng=en&GroupEvents=true&countevents=50&grMode=4&marketType=1 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiVVNBSnB6RW4wTXQ1WHN6alNyR0ptK3ZWWm9nL2FIUkU4aDQ3cC8yeERpUm5obCtRVVFmZTFUWDB1WmVmVnYwUXZERUZRRGVuNGpHVVNya05RSk1qMzBIUHVaY0NMaUNCUnF5SHNkSzJDRUI2ZzN0UHliL3BWSHlTazgvU1BXZk1hTWRVU1J4MGs4bzVJbjM5cWcyUUtLaVNMU3lPWnpyVGE3bjFocGVZYUpJak9tRnpjWnE1Q00wU3BIenM3aWVNVEx0SWtVa0JNdVVSdVpVMWtueWp3RjNZOGdVQ3ZPSGRRM3ZOVVRtcFArcHpENHVqOVZ5UVZNQVUwM0hQLzBHYjBiNmpMcUYyUys5Z0xoeFRPRVFLVDJFT3pLUFVSaWx5SFVmeEZhd3g4NmVuIiwiZXhwIjoxNzE1MTgyMTYxLCJpYXQiOjE3MTUxNjc3NjF9.F5dki2OxYKDstLm-OC8y22idzoYPqHwTlWQXGV2KkoaMLFOKRY2UCDntW0uO-AYm12i2_YqPrPnhtllP9iOVgw
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET; platform_type=desktop; auid=sv0dM2Y7Yf7BbyWAAwM8Ag==; SESSION=75bb5152e29b8089ef1d8c32275dd0df; window_width=1280; _glhf=1715185523; che_g=3f2954ac-c676-fb8c-77a5-3c12a6bd9725; application_locale=en; sh.session.id=1184b48b-8c28-48ce-a06d-1956db3095c1; ggru=139; _ga_7JGWL9SV66=GS1.1.1715167761.1.0.1715167761.60.0.0; _ga=GA1.1.1162292481.1715167761
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:27 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=5
last-modified: Wed, 08 May 2024 11:29:27 GMT
x-time-ng: 0.027
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.035
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/web-api/external-api/v3/banners?project_id=285&country_code=NO&language=en&platform=2§ion=6&is_auth=false&limit=100 | 178.253.29.51 | | 3.8 kB |
URL 1xlite-461430.top/web-api/external-api/v3/banners?project_id=285&country_code=NO&language=en&platform=2§ion=6&is_auth=false&limit=100 IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hasheaa2f5c3db3e7de74a21ae4020cf2432 b281f515b3bf6e53a470a3497469e4dfb469358e 6601115576fd1d37165ec956c7f22bd8e8e8efff99a9e4dfebbc75bfac703a47
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /web-api/external-api/v3/banners?project_id=285&country_code=NO&language=en&platform=2§ion=6&is_auth=false&limit=100 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiVVNBSnB6RW4wTXQ1WHN6alNyR0ptK3ZWWm9nL2FIUkU4aDQ3cC8yeERpUm5obCtRVVFmZTFUWDB1WmVmVnYwUXZERUZRRGVuNGpHVVNya05RSk1qMzBIUHVaY0NMaUNCUnF5SHNkSzJDRUI2ZzN0UHliL3BWSHlTazgvU1BXZk1hTWRVU1J4MGs4bzVJbjM5cWcyUUtLaVNMU3lPWnpyVGE3bjFocGVZYUpJak9tRnpjWnE1Q00wU3BIenM3aWVNVEx0SWtVa0JNdVVSdVpVMWtueWp3RjNZOGdVQ3ZPSGRRM3ZOVVRtcFArcHpENHVqOVZ5UVZNQVUwM0hQLzBHYjBiNmpMcUYyUys5Z0xoeFRPRVFLVDJFT3pLUFVSaWx5SFVmeEZhd3g4NmVuIiwiZXhwIjoxNzE1MTgyMTYxLCJpYXQiOjE3MTUxNjc3NjF9.F5dki2OxYKDstLm-OC8y22idzoYPqHwTlWQXGV2KkoaMLFOKRY2UCDntW0uO-AYm12i2_YqPrPnhtllP9iOVgw
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET; platform_type=desktop; auid=sv0dM2Y7Yf7BbyWAAwM8Ag==; SESSION=75bb5152e29b8089ef1d8c32275dd0df; window_width=1280; _glhf=1715185523; che_g=3f2954ac-c676-fb8c-77a5-3c12a6bd9725; application_locale=en; sh.session.id=1184b48b-8c28-48ce-a06d-1956db3095c1; ggru=139; _ga_7JGWL9SV66=GS1.1.1715167761.1.0.1715167761.60.0.0; _ga=GA1.1.1162292481.1715167761
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:27 GMT
content-type: application/vnd.api+json
vary: Accept-Encoding
cache-control: no-cache, private
server-timing: p;dur=39, dt_total;dur=262.259, wf-uht;dur=0.274
traceparent: 00-af7b80dacf4e7d39fb4b1b88e7c0c40f-409d538fb788642e-01
x-dt: 285
x-time-ng: 0.260
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| classify-client.services.mozilla.com/api/v1/classify_client/ | 34.98.75.36 | | 64 B |
URL classify-client.services.mozilla.com/api/v1/classify_client/ IP34.98.75.36:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
Hash39c6b5a18de33cdfe921776a455c7708 c48968895dc7e43fa84dfe00ba431986d7ea859a 1b72c08b2e905bf7b8b1245df5bebfe702e7674720d45a82d4e8a4c6f7fa1c62
GET /api/v1/classify_client/ HTTP/1.1
Host: classify-client.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:29 GMT
content-type: application/json
content-length: 64
cache-control: max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true | 178.253.29.51 | 200 OK | 14 kB |
URL GET HTTP/21xlite-461430.top/service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hash825ef87a6daedfce15f72c44601bf911 58d56ab8b3c8d3383f08934c607bf6c44a6b7fd8 65fd41cc9f5bc95c05c055cd5b2f1d3ea818d49381eaa5e65d67086aed7447c1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiVVNBSnB6RW4wTXQ1WHN6alNyR0ptK3ZWWm9nL2FIUkU4aDQ3cC8yeERpUm5obCtRVVFmZTFUWDB1WmVmVnYwUXZERUZRRGVuNGpHVVNya05RSk1qMzBIUHVaY0NMaUNCUnF5SHNkSzJDRUI2ZzN0UHliL3BWSHlTazgvU1BXZk1hTWRVU1J4MGs4bzVJbjM5cWcyUUtLaVNMU3lPWnpyVGE3bjFocGVZYUpJak9tRnpjWnE1Q00wU3BIenM3aWVNVEx0SWtVa0JNdVVSdVpVMWtueWp3RjNZOGdVQ3ZPSGRRM3ZOVVRtcFArcHpENHVqOVZ5UVZNQVUwM0hQLzBHYjBiNmpMcUYyUys5Z0xoeFRPRVFLVDJFT3pLUFVSaWx5SFVmeEZhd3g4NmVuIiwiZXhwIjoxNzE1MTgyMTYxLCJpYXQiOjE3MTUxNjc3NjF9.F5dki2OxYKDstLm-OC8y22idzoYPqHwTlWQXGV2KkoaMLFOKRY2UCDntW0uO-AYm12i2_YqPrPnhtllP9iOVgw
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET; platform_type=desktop; auid=sv0dM2Y7Yf7BbyWAAwM8Ag==; SESSION=75bb5152e29b8089ef1d8c32275dd0df; window_width=1280; _glhf=1715185523; che_g=3f2954ac-c676-fb8c-77a5-3c12a6bd9725; application_locale=en; sh.session.id=1184b48b-8c28-48ce-a06d-1956db3095c1; ggru=139; _ga_7JGWL9SV66=GS1.1.1715167761.1.0.1715167761.60.0.0; _ga=GA1.1.1162292481.1715167761
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:31 GMT
content-type: application/json; charset=utf-8
content-length: 13918
cache-control: public, max-age=5
content-encoding: br
last-modified: Wed, 08 May 2024 11:29:31 GMT
vary: Accept-Encoding
x-time-ng: 0.015
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.031
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/service-api/LiveFeed/WebGetTopChampsZip?lng=en&gr=285&country=137 | 178.253.29.51 | | 342 B |
URL 1xlite-461430.top/service-api/LiveFeed/WebGetTopChampsZip?lng=en&gr=285&country=137 IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hash971f38b1a28cdeafc87a89656bbed138 cbab2f05e1792435d31828d82addbaf5389d1b35 e55e4be35f054c5d77e7046e4ee296bc9eca5a6441ac03d5ce9ce2b68fefa8bf
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/WebGetTopChampsZip?lng=en&gr=285&country=137 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiVVNBSnB6RW4wTXQ1WHN6alNyR0ptK3ZWWm9nL2FIUkU4aDQ3cC8yeERpUm5obCtRVVFmZTFUWDB1WmVmVnYwUXZERUZRRGVuNGpHVVNya05RSk1qMzBIUHVaY0NMaUNCUnF5SHNkSzJDRUI2ZzN0UHliL3BWSHlTazgvU1BXZk1hTWRVU1J4MGs4bzVJbjM5cWcyUUtLaVNMU3lPWnpyVGE3bjFocGVZYUpJak9tRnpjWnE1Q00wU3BIenM3aWVNVEx0SWtVa0JNdVVSdVpVMWtueWp3RjNZOGdVQ3ZPSGRRM3ZOVVRtcFArcHpENHVqOVZ5UVZNQVUwM0hQLzBHYjBiNmpMcUYyUys5Z0xoeFRPRVFLVDJFT3pLUFVSaWx5SFVmeEZhd3g4NmVuIiwiZXhwIjoxNzE1MTgyMTYxLCJpYXQiOjE3MTUxNjc3NjF9.F5dki2OxYKDstLm-OC8y22idzoYPqHwTlWQXGV2KkoaMLFOKRY2UCDntW0uO-AYm12i2_YqPrPnhtllP9iOVgw
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET; platform_type=desktop; auid=sv0dM2Y7Yf7BbyWAAwM8Ag==; SESSION=75bb5152e29b8089ef1d8c32275dd0df; window_width=1280; _glhf=1715185523; che_g=3f2954ac-c676-fb8c-77a5-3c12a6bd9725; application_locale=en; sh.session.id=1184b48b-8c28-48ce-a06d-1956db3095c1; ggru=139; _ga_7JGWL9SV66=GS1.1.1715167761.1.0.1715167761.60.0.0; _ga=GA1.1.1162292481.1715167761
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:31 GMT
content-type: application/json; charset=utf-8
content-length: 342
cache-control: no-cache
content-encoding: br
last-modified: Wed, 08 May 2024 11:29:31 GMT
vary: Accept-Encoding
x-time-ng: 0.004
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.041
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true | 178.253.29.51 | 200 OK | 2.8 kB |
URL GET HTTP/21xlite-461430.top/service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hash895d7a12f8d9e3b5becabb370b866aff 36de08574407bb10b083dbffd13c0afa2450f1cc 7c58c2ef9d1c6576ea1cd018e1150b96e7f76392eb4d5ef269a3d47ddd93b703
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiVVNBSnB6RW4wTXQ1WHN6alNyR0ptK3ZWWm9nL2FIUkU4aDQ3cC8yeERpUm5obCtRVVFmZTFUWDB1WmVmVnYwUXZERUZRRGVuNGpHVVNya05RSk1qMzBIUHVaY0NMaUNCUnF5SHNkSzJDRUI2ZzN0UHliL3BWSHlTazgvU1BXZk1hTWRVU1J4MGs4bzVJbjM5cWcyUUtLaVNMU3lPWnpyVGE3bjFocGVZYUpJak9tRnpjWnE1Q00wU3BIenM3aWVNVEx0SWtVa0JNdVVSdVpVMWtueWp3RjNZOGdVQ3ZPSGRRM3ZOVVRtcFArcHpENHVqOVZ5UVZNQVUwM0hQLzBHYjBiNmpMcUYyUys5Z0xoeFRPRVFLVDJFT3pLUFVSaWx5SFVmeEZhd3g4NmVuIiwiZXhwIjoxNzE1MTgyMTYxLCJpYXQiOjE3MTUxNjc3NjF9.F5dki2OxYKDstLm-OC8y22idzoYPqHwTlWQXGV2KkoaMLFOKRY2UCDntW0uO-AYm12i2_YqPrPnhtllP9iOVgw
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET; platform_type=desktop; auid=sv0dM2Y7Yf7BbyWAAwM8Ag==; SESSION=75bb5152e29b8089ef1d8c32275dd0df; window_width=1280; _glhf=1715185523; che_g=3f2954ac-c676-fb8c-77a5-3c12a6bd9725; application_locale=en; sh.session.id=1184b48b-8c28-48ce-a06d-1956db3095c1; ggru=139; _ga_7JGWL9SV66=GS1.1.1715167761.1.0.1715167761.60.0.0; _ga=GA1.1.1162292481.1715167761
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:31 GMT
content-type: application/json; charset=utf-8
content-length: 2823
cache-control: public, max-age=5
content-encoding: br
last-modified: Wed, 08 May 2024 11:29:31 GMT
vary: Accept-Encoding
x-time-ng: 0.013
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.020
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/banner/43b37bcd63883963ab5ca6707fd4ca45.jpg | 185.244.209.62 | | 17 kB |
URL v3.traincdn.com/genfiles/cms/1/desktop/banner/43b37bcd63883963ab5ca6707fd4ca45.jpg IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1380x248, components 3 Hashebce475967e6d85db5bdbde23e85eff7 496e2c75b549fe82d3f6dfbb3976096e0cae2ae7 6a1892ac412355576c6427f173d8b26757bdf0c8ec3aa149b6d1cfbc97408b9f
GET /genfiles/cms/1/desktop/banner/43b37bcd63883963ab5ca6707fd4ca45.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:31 GMT
content-type: image/jpeg
content-length: 16730
last-modified: Mon, 06 May 2024 09:11:06 GMT
etag: "ebce475967e6d85db5bdbde23e85eff7"
x-time-ng: 0.002
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-ffeb10af024df797cfcffa4af70d579e-d77c8bbe8fe8a6b6-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T14:51:53+00:00, 2024-05-08T11:09:13+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size24/sfiles/logo_teams/1705962ffbc1e568500d02753d414082.webp | 185.244.209.62 | | 1.1 kB |
URL v3.traincdn.com/resized/size24/sfiles/logo_teams/1705962ffbc1e568500d02753d414082.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hash6bd1a4bfa55aad56422400c489942897 17b4372b5ac8430ca744684686cea67969a15cfe 9f4ff586f0724b113f76a8bb64339eedabfc637511a2529e7194248d0554da4c
GET /resized/size24/sfiles/logo_teams/1705962ffbc1e568500d02753d414082.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:31 GMT
content-type: image/webp
content-length: 1094
cache-control: max-age=94608000
content-disposition: inline; filename="1705962ffbc1e568500d02753d414082.webp"
content-security-policy: script-src 'none'
expires: Fri, 07 May 2027 14:51:53 GMT
x-request-id: 1092693db696d60f31712e8ba12deb0c
x-time-ng: 0.062
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-bc7498ee4409e99ec31a8f33a4f6c417-388a9375b5b0f33b-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T14:51:53+00:00, 2024-05-07T14:54:46+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size24/sfiles/logo_teams/167095.webp | 185.244.209.62 | | 1.1 kB |
URL v3.traincdn.com/resized/size24/sfiles/logo_teams/167095.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hash3d0ce9ce8b6dec70e6e0f31effa9f219 018de590437492f15fc3647997bfbaa759f16da9 f4395f007bd01851a93ccf6842c69c3f4cc1c39e4d5c3b71c881c674e85cccc8
GET /resized/size24/sfiles/logo_teams/167095.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:31 GMT
content-type: image/webp
content-length: 1142
cache-control: max-age=94608000
content-disposition: inline; filename="167095.webp"
content-security-policy: script-src 'none'
expires: Fri, 07 May 2027 14:51:53 GMT
x-request-id: e27ef69f33230d500def92477b09e641
x-time-ng: 0.067
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-8a74043c9cefb3d0a58643dcaa1a5179-c1ea7e313af407fb-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T14:51:53+00:00, 2024-05-07T14:54:46+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/banner/43b37bcd63883963ab5ca6707fd4ca45.webp | 185.244.209.62 | | 8.8 kB |
URL v3.traincdn.com/genfiles/cms/1/desktop/banner/43b37bcd63883963ab5ca6707fd4ca45.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1380x248, Scaling: [none]x[none], YUV color, decoders should clamp Hashf7820c059ddb01f4b4e68e42a5e460a1 195804c0235c39f4262f97fe2761100319ed9595 cf0d38ba0dc4de44a0fc90d2592209998ac959644b187014ec028a4c0fddd3ab
GET /genfiles/cms/1/desktop/banner/43b37bcd63883963ab5ca6707fd4ca45.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:31 GMT
content-type: image/webp
content-length: 8798
last-modified: Mon, 06 May 2024 09:11:30 GMT
etag: "f7820c059ddb01f4b4e68e42a5e460a1"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-b108841bfd3cedafc0c94df361f97d15-2872f121d645bd74-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T14:50:36+00:00, 2024-05-08T10:37:35+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/service-api/LiveFeed/GetTopGamesStatZip?lng=en&antisports=66 | 178.253.29.51 | | 2.4 kB |
URL 1xlite-461430.top/service-api/LiveFeed/GetTopGamesStatZip?lng=en&antisports=66 IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hashe1146ac688be95b8521702be8339cbc4 e9ea7b89840d5b081a83154b011add03c808fd5a 32daad227d2853dfc7c5cfd964e57fa5a83cc2fac80e6211885617d58620a01e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/GetTopGamesStatZip?lng=en&antisports=66 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiVVNBSnB6RW4wTXQ1WHN6alNyR0ptK3ZWWm9nL2FIUkU4aDQ3cC8yeERpUm5obCtRVVFmZTFUWDB1WmVmVnYwUXZERUZRRGVuNGpHVVNya05RSk1qMzBIUHVaY0NMaUNCUnF5SHNkSzJDRUI2ZzN0UHliL3BWSHlTazgvU1BXZk1hTWRVU1J4MGs4bzVJbjM5cWcyUUtLaVNMU3lPWnpyVGE3bjFocGVZYUpJak9tRnpjWnE1Q00wU3BIenM3aWVNVEx0SWtVa0JNdVVSdVpVMWtueWp3RjNZOGdVQ3ZPSGRRM3ZOVVRtcFArcHpENHVqOVZ5UVZNQVUwM0hQLzBHYjBiNmpMcUYyUys5Z0xoeFRPRVFLVDJFT3pLUFVSaWx5SFVmeEZhd3g4NmVuIiwiZXhwIjoxNzE1MTgyMTYxLCJpYXQiOjE3MTUxNjc3NjF9.F5dki2OxYKDstLm-OC8y22idzoYPqHwTlWQXGV2KkoaMLFOKRY2UCDntW0uO-AYm12i2_YqPrPnhtllP9iOVgw
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET; platform_type=desktop; auid=sv0dM2Y7Yf7BbyWAAwM8Ag==; SESSION=75bb5152e29b8089ef1d8c32275dd0df; window_width=1280; _glhf=1715185523; che_g=3f2954ac-c676-fb8c-77a5-3c12a6bd9725; application_locale=en; sh.session.id=1184b48b-8c28-48ce-a06d-1956db3095c1; ggru=139; _ga_7JGWL9SV66=GS1.1.1715167761.1.0.1715167761.60.0.0; _ga=GA1.1.1162292481.1715167761
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:32 GMT
content-type: application/json; charset=utf-8
content-length: 2360
cache-control: public, max-age=5
content-encoding: br
last-modified: Wed, 08 May 2024 11:29:32 GMT
vary: Accept-Encoding
x-time-ng: 0.004
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.011
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/service-api/LineFeed/GetGameZip?id=528030908&lng=en&GroupEvents=true&countevents=50&grMode=4&marketType=1 | 178.253.29.51 | 200 OK | 1.3 kB |
URL GET HTTP/21xlite-461430.top/service-api/LineFeed/GetGameZip?id=528030908&lng=en&GroupEvents=true&countevents=50&grMode=4&marketType=1 IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hash9916782316766af14b3171c82d9b9338 41babb9646669d9bf7b683c80583d675970f06d6 859b736ff9df87115f604abe70d51495c2821221e8ea772342cfe0f59a445d87
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LineFeed/GetGameZip?id=528030908&lng=en&GroupEvents=true&countevents=50&grMode=4&marketType=1 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiVVNBSnB6RW4wTXQ1WHN6alNyR0ptK3ZWWm9nL2FIUkU4aDQ3cC8yeERpUm5obCtRVVFmZTFUWDB1WmVmVnYwUXZERUZRRGVuNGpHVVNya05RSk1qMzBIUHVaY0NMaUNCUnF5SHNkSzJDRUI2ZzN0UHliL3BWSHlTazgvU1BXZk1hTWRVU1J4MGs4bzVJbjM5cWcyUUtLaVNMU3lPWnpyVGE3bjFocGVZYUpJak9tRnpjWnE1Q00wU3BIenM3aWVNVEx0SWtVa0JNdVVSdVpVMWtueWp3RjNZOGdVQ3ZPSGRRM3ZOVVRtcFArcHpENHVqOVZ5UVZNQVUwM0hQLzBHYjBiNmpMcUYyUys5Z0xoeFRPRVFLVDJFT3pLUFVSaWx5SFVmeEZhd3g4NmVuIiwiZXhwIjoxNzE1MTgyMTYxLCJpYXQiOjE3MTUxNjc3NjF9.F5dki2OxYKDstLm-OC8y22idzoYPqHwTlWQXGV2KkoaMLFOKRY2UCDntW0uO-AYm12i2_YqPrPnhtllP9iOVgw
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET; platform_type=desktop; auid=sv0dM2Y7Yf7BbyWAAwM8Ag==; SESSION=75bb5152e29b8089ef1d8c32275dd0df; window_width=1280; _glhf=1715185523; che_g=3f2954ac-c676-fb8c-77a5-3c12a6bd9725; application_locale=en; sh.session.id=1184b48b-8c28-48ce-a06d-1956db3095c1; ggru=139; _ga_7JGWL9SV66=GS1.1.1715167761.1.0.1715167761.60.0.0; _ga=GA1.1.1162292481.1715167761
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:32 GMT
content-type: application/json; charset=utf-8
content-length: 1323
cache-control: public, max-age=5
content-encoding: br
last-modified: Wed, 08 May 2024 11:29:27 GMT
vary: Accept-Encoding
x-time-ng: 0.010
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/service-api/LineFeed/GetGameZip?id=528450883&lng=en&GroupEvents=true&countevents=50&grMode=4&marketType=1 | 178.253.29.51 | | 1.6 kB |
URL 1xlite-461430.top/service-api/LineFeed/GetGameZip?id=528450883&lng=en&GroupEvents=true&countevents=50&grMode=4&marketType=1 IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hash2e065f310e18a5fc661d7bbec0bdafae 4af7f398cfac4b08274c5eb0f4194673b3a2d178 de37b01be0c84bd72a05aa9914c4b9fb45c7210986447c59e9ee3ada20a257e3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LineFeed/GetGameZip?id=528450883&lng=en&GroupEvents=true&countevents=50&grMode=4&marketType=1 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiVVNBSnB6RW4wTXQ1WHN6alNyR0ptK3ZWWm9nL2FIUkU4aDQ3cC8yeERpUm5obCtRVVFmZTFUWDB1WmVmVnYwUXZERUZRRGVuNGpHVVNya05RSk1qMzBIUHVaY0NMaUNCUnF5SHNkSzJDRUI2ZzN0UHliL3BWSHlTazgvU1BXZk1hTWRVU1J4MGs4bzVJbjM5cWcyUUtLaVNMU3lPWnpyVGE3bjFocGVZYUpJak9tRnpjWnE1Q00wU3BIenM3aWVNVEx0SWtVa0JNdVVSdVpVMWtueWp3RjNZOGdVQ3ZPSGRRM3ZOVVRtcFArcHpENHVqOVZ5UVZNQVUwM0hQLzBHYjBiNmpMcUYyUys5Z0xoeFRPRVFLVDJFT3pLUFVSaWx5SFVmeEZhd3g4NmVuIiwiZXhwIjoxNzE1MTgyMTYxLCJpYXQiOjE3MTUxNjc3NjF9.F5dki2OxYKDstLm-OC8y22idzoYPqHwTlWQXGV2KkoaMLFOKRY2UCDntW0uO-AYm12i2_YqPrPnhtllP9iOVgw
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET; platform_type=desktop; auid=sv0dM2Y7Yf7BbyWAAwM8Ag==; SESSION=75bb5152e29b8089ef1d8c32275dd0df; window_width=1280; _glhf=1715185523; che_g=3f2954ac-c676-fb8c-77a5-3c12a6bd9725; application_locale=en; sh.session.id=1184b48b-8c28-48ce-a06d-1956db3095c1; ggru=139; _ga_7JGWL9SV66=GS1.1.1715167761.1.0.1715167761.60.0.0; _ga=GA1.1.1162292481.1715167761
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:32 GMT
content-type: application/json; charset=utf-8
content-length: 1556
cache-control: public, max-age=5
content-encoding: br
last-modified: Wed, 08 May 2024 11:29:27 GMT
vary: Accept-Encoding
x-time-ng: 0.014
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/service-api/LineFeed/GetGameZip?id=528915807&lng=en&GroupEvents=true&countevents=50&grMode=4&marketType=1 | 178.253.29.51 | 200 OK | 1.5 kB |
URL GET HTTP/21xlite-461430.top/service-api/LineFeed/GetGameZip?id=528915807&lng=en&GroupEvents=true&countevents=50&grMode=4&marketType=1 IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hashd636d5a4e55e938007e1556e84b98bbb bd5978b51f3845aa92c4abf5cad5be96d85aed3b 5615a09887797b83f6fab9703b246353d982533859fd79fca83d858cae371c35
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LineFeed/GetGameZip?id=528915807&lng=en&GroupEvents=true&countevents=50&grMode=4&marketType=1 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiVVNBSnB6RW4wTXQ1WHN6alNyR0ptK3ZWWm9nL2FIUkU4aDQ3cC8yeERpUm5obCtRVVFmZTFUWDB1WmVmVnYwUXZERUZRRGVuNGpHVVNya05RSk1qMzBIUHVaY0NMaUNCUnF5SHNkSzJDRUI2ZzN0UHliL3BWSHlTazgvU1BXZk1hTWRVU1J4MGs4bzVJbjM5cWcyUUtLaVNMU3lPWnpyVGE3bjFocGVZYUpJak9tRnpjWnE1Q00wU3BIenM3aWVNVEx0SWtVa0JNdVVSdVpVMWtueWp3RjNZOGdVQ3ZPSGRRM3ZOVVRtcFArcHpENHVqOVZ5UVZNQVUwM0hQLzBHYjBiNmpMcUYyUys5Z0xoeFRPRVFLVDJFT3pLUFVSaWx5SFVmeEZhd3g4NmVuIiwiZXhwIjoxNzE1MTgyMTYxLCJpYXQiOjE3MTUxNjc3NjF9.F5dki2OxYKDstLm-OC8y22idzoYPqHwTlWQXGV2KkoaMLFOKRY2UCDntW0uO-AYm12i2_YqPrPnhtllP9iOVgw
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET; platform_type=desktop; auid=sv0dM2Y7Yf7BbyWAAwM8Ag==; SESSION=75bb5152e29b8089ef1d8c32275dd0df; window_width=1280; _glhf=1715185523; che_g=3f2954ac-c676-fb8c-77a5-3c12a6bd9725; application_locale=en; sh.session.id=1184b48b-8c28-48ce-a06d-1956db3095c1; ggru=139; _ga_7JGWL9SV66=GS1.1.1715167761.1.0.1715167761.60.0.0; _ga=GA1.1.1162292481.1715167761
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:33 GMT
content-type: application/json; charset=utf-8
content-length: 1467
cache-control: public, max-age=5
content-encoding: br
last-modified: Wed, 08 May 2024 11:29:33 GMT
vary: Accept-Encoding
x-time-ng: 0.012
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.020
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true | 178.253.29.51 | 200 OK | 14 kB |
URL GET HTTP/21xlite-461430.top/service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hash825ef87a6daedfce15f72c44601bf911 58d56ab8b3c8d3383f08934c607bf6c44a6b7fd8 65fd41cc9f5bc95c05c055cd5b2f1d3ea818d49381eaa5e65d67086aed7447c1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiVVNBSnB6RW4wTXQ1WHN6alNyR0ptK3ZWWm9nL2FIUkU4aDQ3cC8yeERpUm5obCtRVVFmZTFUWDB1WmVmVnYwUXZERUZRRGVuNGpHVVNya05RSk1qMzBIUHVaY0NMaUNCUnF5SHNkSzJDRUI2ZzN0UHliL3BWSHlTazgvU1BXZk1hTWRVU1J4MGs4bzVJbjM5cWcyUUtLaVNMU3lPWnpyVGE3bjFocGVZYUpJak9tRnpjWnE1Q00wU3BIenM3aWVNVEx0SWtVa0JNdVVSdVpVMWtueWp3RjNZOGdVQ3ZPSGRRM3ZOVVRtcFArcHpENHVqOVZ5UVZNQVUwM0hQLzBHYjBiNmpMcUYyUys5Z0xoeFRPRVFLVDJFT3pLUFVSaWx5SFVmeEZhd3g4NmVuIiwiZXhwIjoxNzE1MTgyMTYxLCJpYXQiOjE3MTUxNjc3NjF9.F5dki2OxYKDstLm-OC8y22idzoYPqHwTlWQXGV2KkoaMLFOKRY2UCDntW0uO-AYm12i2_YqPrPnhtllP9iOVgw
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET; platform_type=desktop; auid=sv0dM2Y7Yf7BbyWAAwM8Ag==; SESSION=75bb5152e29b8089ef1d8c32275dd0df; window_width=1280; _glhf=1715185523; che_g=3f2954ac-c676-fb8c-77a5-3c12a6bd9725; application_locale=en; sh.session.id=1184b48b-8c28-48ce-a06d-1956db3095c1; ggru=139; _ga_7JGWL9SV66=GS1.1.1715167761.1.0.1715167761.60.0.0; _ga=GA1.1.1162292481.1715167761
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:36 GMT
content-type: application/json; charset=utf-8
content-length: 13918
cache-control: public, max-age=5
content-encoding: br
last-modified: Wed, 08 May 2024 11:29:31 GMT
vary: Accept-Encoding
x-time-ng: 0.015
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/banner/bf26d696b76130d9781b16f89f1de4cc.webp | 185.244.209.62 | | 20 kB |
URL v3.traincdn.com/genfiles/cms/1/desktop/banner/bf26d696b76130d9781b16f89f1de4cc.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1380x248, Scaling: [none]x[none], YUV color, decoders should clamp Hash95767496ab1dce71f394c97620666756 127389c7327fec508549222dd477edbd524e33dd fca493b566204dfff5ef8b8cd6c74c40659c812ac6665696dd5c66c664a31c7e
GET /genfiles/cms/1/desktop/banner/bf26d696b76130d9781b16f89f1de4cc.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:36 GMT
content-type: image/webp
content-length: 20522
last-modified: Thu, 08 Jun 2023 18:05:27 GMT
etag: "95767496ab1dce71f394c97620666756"
x-time-ng: 0.006
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-06568858bb65a055389a312b38b5570f-86f5a681bdd4235f-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-02-27T14:22:50+00:00, 2024-05-08T10:37:51+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true | 178.253.29.51 | 200 OK | 2.8 kB |
URL GET HTTP/21xlite-461430.top/service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hashf361b4c99b7a1981fd849ba88376ea53 d1fbde594b01c015a637a079dbb804f715e15ca1 c1e7fa17f237aac8f6933fb239650175053254f2ead14e4830e4a94b23d551a6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiVVNBSnB6RW4wTXQ1WHN6alNyR0ptK3ZWWm9nL2FIUkU4aDQ3cC8yeERpUm5obCtRVVFmZTFUWDB1WmVmVnYwUXZERUZRRGVuNGpHVVNya05RSk1qMzBIUHVaY0NMaUNCUnF5SHNkSzJDRUI2ZzN0UHliL3BWSHlTazgvU1BXZk1hTWRVU1J4MGs4bzVJbjM5cWcyUUtLaVNMU3lPWnpyVGE3bjFocGVZYUpJak9tRnpjWnE1Q00wU3BIenM3aWVNVEx0SWtVa0JNdVVSdVpVMWtueWp3RjNZOGdVQ3ZPSGRRM3ZOVVRtcFArcHpENHVqOVZ5UVZNQVUwM0hQLzBHYjBiNmpMcUYyUys5Z0xoeFRPRVFLVDJFT3pLUFVSaWx5SFVmeEZhd3g4NmVuIiwiZXhwIjoxNzE1MTgyMTYxLCJpYXQiOjE3MTUxNjc3NjF9.F5dki2OxYKDstLm-OC8y22idzoYPqHwTlWQXGV2KkoaMLFOKRY2UCDntW0uO-AYm12i2_YqPrPnhtllP9iOVgw
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET; platform_type=desktop; auid=sv0dM2Y7Yf7BbyWAAwM8Ag==; SESSION=75bb5152e29b8089ef1d8c32275dd0df; window_width=1280; _glhf=1715185523; che_g=3f2954ac-c676-fb8c-77a5-3c12a6bd9725; application_locale=en; sh.session.id=1184b48b-8c28-48ce-a06d-1956db3095c1; ggru=139; _ga_7JGWL9SV66=GS1.1.1715167761.1.0.1715167761.60.0.0; _ga=GA1.1.1162292481.1715167761
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:37 GMT
content-type: application/json; charset=utf-8
content-length: 2824
cache-control: public, max-age=5
content-encoding: br
last-modified: Wed, 08 May 2024 11:29:37 GMT
vary: Accept-Encoding
x-time-ng: 0.009
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.017
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/service-api/LineFeed/GetGameZip?id=528030908&lng=en&GroupEvents=true&countevents=50&grMode=4&marketType=1 | 178.253.29.51 | 200 OK | 1.3 kB |
URL GET HTTP/21xlite-461430.top/service-api/LineFeed/GetGameZip?id=528030908&lng=en&GroupEvents=true&countevents=50&grMode=4&marketType=1 IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hashedb0e0f59659d206d55a8bac5c430237 2220fe121025eac61eba4ce4a525b29effae4a8e 448d1b481ffa7b185e6605dfc234f516c0667af945eb878b80412a67834d1ac5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LineFeed/GetGameZip?id=528030908&lng=en&GroupEvents=true&countevents=50&grMode=4&marketType=1 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiVVNBSnB6RW4wTXQ1WHN6alNyR0ptK3ZWWm9nL2FIUkU4aDQ3cC8yeERpUm5obCtRVVFmZTFUWDB1WmVmVnYwUXZERUZRRGVuNGpHVVNya05RSk1qMzBIUHVaY0NMaUNCUnF5SHNkSzJDRUI2ZzN0UHliL3BWSHlTazgvU1BXZk1hTWRVU1J4MGs4bzVJbjM5cWcyUUtLaVNMU3lPWnpyVGE3bjFocGVZYUpJak9tRnpjWnE1Q00wU3BIenM3aWVNVEx0SWtVa0JNdVVSdVpVMWtueWp3RjNZOGdVQ3ZPSGRRM3ZOVVRtcFArcHpENHVqOVZ5UVZNQVUwM0hQLzBHYjBiNmpMcUYyUys5Z0xoeFRPRVFLVDJFT3pLUFVSaWx5SFVmeEZhd3g4NmVuIiwiZXhwIjoxNzE1MTgyMTYxLCJpYXQiOjE3MTUxNjc3NjF9.F5dki2OxYKDstLm-OC8y22idzoYPqHwTlWQXGV2KkoaMLFOKRY2UCDntW0uO-AYm12i2_YqPrPnhtllP9iOVgw
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET; platform_type=desktop; auid=sv0dM2Y7Yf7BbyWAAwM8Ag==; SESSION=75bb5152e29b8089ef1d8c32275dd0df; window_width=1280; _glhf=1715185523; che_g=3f2954ac-c676-fb8c-77a5-3c12a6bd9725; application_locale=en; sh.session.id=1184b48b-8c28-48ce-a06d-1956db3095c1; ggru=139; _ga_7JGWL9SV66=GS1.1.1715167761.1.0.1715167761.60.0.0; _ga=GA1.1.1162292481.1715167761
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:38 GMT
content-type: application/json; charset=utf-8
content-length: 1323
cache-control: public, max-age=5
content-encoding: br
last-modified: Wed, 08 May 2024 11:29:38 GMT
vary: Accept-Encoding
x-time-ng: 0.016
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.024
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/web-api/external-api/v3/banners?project_id=285&country_code=NO&language=en&platform=2§ion=6&is_auth=false&limit=100 | 178.253.29.51 | | 4.8 kB |
URL 1xlite-461430.top/web-api/external-api/v3/banners?project_id=285&country_code=NO&language=en&platform=2§ion=6&is_auth=false&limit=100 IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hasheaa2f5c3db3e7de74a21ae4020cf2432 b281f515b3bf6e53a470a3497469e4dfb469358e 6601115576fd1d37165ec956c7f22bd8e8e8efff99a9e4dfebbc75bfac703a47
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /web-api/external-api/v3/banners?project_id=285&country_code=NO&language=en&platform=2§ion=6&is_auth=false&limit=100 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiVVNBSnB6RW4wTXQ1WHN6alNyR0ptK3ZWWm9nL2FIUkU4aDQ3cC8yeERpUm5obCtRVVFmZTFUWDB1WmVmVnYwUXZERUZRRGVuNGpHVVNya05RSk1qMzBIUHVaY0NMaUNCUnF5SHNkSzJDRUI2ZzN0UHliL3BWSHlTazgvU1BXZk1hTWRVU1J4MGs4bzVJbjM5cWcyUUtLaVNMU3lPWnpyVGE3bjFocGVZYUpJak9tRnpjWnE1Q00wU3BIenM3aWVNVEx0SWtVa0JNdVVSdVpVMWtueWp3RjNZOGdVQ3ZPSGRRM3ZOVVRtcFArcHpENHVqOVZ5UVZNQVUwM0hQLzBHYjBiNmpMcUYyUys5Z0xoeFRPRVFLVDJFT3pLUFVSaWx5SFVmeEZhd3g4NmVuIiwiZXhwIjoxNzE1MTgyMTYxLCJpYXQiOjE3MTUxNjc3NjF9.F5dki2OxYKDstLm-OC8y22idzoYPqHwTlWQXGV2KkoaMLFOKRY2UCDntW0uO-AYm12i2_YqPrPnhtllP9iOVgw
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET; platform_type=desktop; auid=sv0dM2Y7Yf7BbyWAAwM8Ag==; SESSION=75bb5152e29b8089ef1d8c32275dd0df; window_width=1280; _glhf=1715185523; che_g=3f2954ac-c676-fb8c-77a5-3c12a6bd9725; application_locale=en; sh.session.id=1184b48b-8c28-48ce-a06d-1956db3095c1; ggru=139; _ga_7JGWL9SV66=GS1.1.1715167761.1.0.1715167761.60.0.0; _ga=GA1.1.1162292481.1715167761
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:32 GMT
content-type: application/vnd.api+json
vary: Accept-Encoding
cache-control: no-cache, private
server-timing: p;dur=25, dt_total;dur=26.129, wf-uht;dur=0.039
traceparent: 00-b4cb4ed0fb64fb8f4cb74e87c998bed9-6bd264394711dcd7-01
x-dt: 285
x-time-ng: 0.026
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/08646c799532.css | 185.244.209.62 | 200 OK | 15 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/08646c799532.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Hash1be7925828508bdd934081eee62a7e22 44ba6b56edf8aacdafa1837e4d0d91c7120cfe1a 59bb7bb60638750328a34071ce55aa8bf6237f6a2cd25f844ecfa6f19755c617
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/08646c799532.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:15 GMT
content-type: text/css; charset=utf-8
last-modified: Wed, 08 May 2024 10:11:58 GMT
etag: W/"68721335fcec1406a789e81bb2cfef91"
x-amz-meta-mtime: 1715162852.700948182
content-encoding: gzip
expires: Thu, 09 May 2024 10:43:41 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-247fa60b2dbbd7aa54dd54efc78638a3-26a274f086704668-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:43:41+00:00, 2024-05-08T10:48:40+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET | 178.253.29.51 | 200 OK | 867 kB |
URL User Request GET HTTP/21xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Size867 kB (867071 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:02 GMT
content-type: text/html; charset=utf-8
content-encoding: br
server-timing: total;dur=977;desc="Nuxt Server Time", dt_total;dur=980.013, wf-uht;dur=1.006
set-cookie: lng=en; Path=/
cookies_agree_type=3; Path=/
tzo=2; Path=/
is12h=0; Path=/
referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; Path=/; Expires=Sun, 07 Jul 2024 11:29:02 GMT
reflinkid=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET; Path=/; Expires=Wed, 08 May 2024 12:29:02 GMT
postback_watcher=; Path=/; Expires=Wed, 08 May 2024 11:29:06 GMT
platform_type=desktop; Path=/; Expires=Sat, 11 May 2024 11:29:02 GMT; Secure; SameSite=None; Partitioned
auid=sv0dM2Y7Yf7BbyWAAwM8Ag==; path=/; secure; httponly; samesite=lax
traceparent: 00-d8526bcf17c4db31eccd869c20e88f9b-db0fcfc1b487ac75-01
vary: Accept-Encoding
x-dt: 285
x-frame-options: SAMEORIGIN
x-time-ng: 0.979
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| widget.suphelper.top/_next/static/chunks/framework-49f1e091cbf6b261.js | 104.18.39.72 | 200 OK | 141 kB |
URL GET HTTP/2widget.suphelper.top/_next/static/chunks/framework-49f1e091cbf6b261.js IP104.18.39.72:443
Requested byhttps://widget.suphelper.top/ CertificateIssuerGoogle Trust Services LLC Subjectsuphelper.top Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36 ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size141 kB (140949 bytes) Hash896d1930437c1ab92b8a359c1d6fdaae 71e0e23d1af9722f356eb5d1c497d100ec8b0f7a 8c508636d885890bfb5c56bcd6dad1b8b64c498781d351b588a8de7f686774d4
GET /_next/static/chunks/framework-49f1e091cbf6b261.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 11:29:09 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Mon, 11 Mar 2024 06:37:37 GMT
etag: W/"22695-18e2c3b24d9"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 665394
expires: Thu, 08 May 2025 11:29:09 GMT
server: cloudflare
cf-ray: 88091c43cec5b512-OSL
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/betstemplates/bets_model_map_short_en.json | 185.244.209.62 | 200 OK | 1.2 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/betstemplates/bets_model_map_short_en.json IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (1347), with no line terminators Hash5922dc454392c9a9b6c9bae5092d5de9 61ecda5a9544cb12de20388bdda8a430f437a12f 40858dece0bf27d974a252a8db6910f15de22fda278b2a662cb44e2086135474
GET /genfiles/cms/betstemplates/bets_model_map_short_en.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:14 GMT
content-type: application/json
last-modified: Thu, 02 May 2024 09:18:56 GMT
etag: W/"a799a969a6e2b30c7a407d320499643b"
content-encoding: gzip
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-37fd0580496afb3aad756d3bd44c9113-82725de4bf1b1b7a-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-02T10:20:51+00:00, 2024-05-08T10:36:21+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/c6409e21932f.js | 185.244.209.62 | 200 OK | 731 B |
URL GET HTTP/2v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/c6409e21932f.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (754), with no line terminators Hashc349ca92c209152e9f8f6f8a9e41d413 a63b3601a5fd052a850c4ac562ad20f8e63e5eae b27b91835745617650b4410ebd07b094f0319340f1e364d594b3efaa9cc4440e
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/c6409e21932f.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:15 GMT
content-type: text/javascript; charset=utf-8
content-length: 731
last-modified: Wed, 08 May 2024 10:11:59 GMT
etag: "79c1e0d539880fd610f91e5b16085eec"
x-amz-meta-mtime: 1715162852.716948018
expires: Thu, 09 May 2024 10:43:41 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-c15cf877a8cbda483d6cc74db277a7da-869df7e26709abe4-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:43:41+00:00, 2024-05-08T10:48:40+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/betstemplates/bets_model_full_en_0.json | 185.244.209.62 | 200 OK | 22 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/betstemplates/bets_model_full_en_0.json IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /genfiles/cms/betstemplates/bets_model_full_en_0.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:09 GMT
content-type: application/json
last-modified: Thu, 02 May 2024 09:18:58 GMT
etag: W/"65c4f8441dea9f78c50a9fc7029f9193"
content-encoding: gzip
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-6370a8324ce1e027975f2da5df7606c4-171ad24fb0fce787-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-02T10:43:17+00:00, 2024-05-08T10:41:20+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-ui/3.2.3/Desktop/Default/client.css | 185.244.209.62 | 200 OK | 1.0 MB |
URL GET HTTP/2v3.traincdn.com/sys-ui/3.2.3/Desktop/Default/client.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
Size1.0 MB (1048668 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sys-ui/3.2.3/Desktop/Default/client.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:10 GMT
content-type: text/css; charset=utf-8
last-modified: Fri, 19 Apr 2024 10:53:25 GMT
etag: W/"64d292a033c097211f9f4c21ffbcb2b0"
x-amz-meta-mtime: 1713523729.13591556
content-encoding: gzip
expires: Wed, 24 Apr 2024 12:54:48 GMT
cache-control: max-age=86400
x-time-ng: 0.003
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-da77d65a5a7db22278b13aceb9be46c5-67dd12b2bb2972a0-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T12:54:48+00:00, 2024-05-07T15:14:50+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/bff-api/config/all.json?lang=en | 178.253.29.51 | 200 OK | 124 kB |
URL GET HTTP/21xlite-461430.top/bff-api/config/all.json?lang=en IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Size124 kB (123724 bytes) Hash34de8def8a49cd31b6e21cdf1533a200 ca2573b778aadf0d47556149b41f41b93fe1033e 28f6dfc71a80bd12e0c2de0179db0e51a5ba4f4b11cf07059364e8a1b06a89cb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /bff-api/config/all.json?lang=en HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
x-geoip2-country-code: ru
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET; platform_type=desktop; auid=sv0dM2Y7Yf7BbyWAAwM8Ag==; SESSION=75bb5152e29b8089ef1d8c32275dd0df; window_width=1280; _glhf=1715185523; che_g=3f2954ac-c676-fb8c-77a5-3c12a6bd9725; application_locale=en; sh.session.id=1184b48b-8c28-48ce-a06d-1956db3095c1; ggru=139
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:14 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: br
server-timing: bff;dur=4.18, dt_total;dur=36.749, wf-uht;dur=0.051
traceparent: 00-a951342fb8b88d7abd4c253064d77fe2-e8f32f1083b3da8b-01
vary: Accept-Encoding
x-cache-expire: 593
x-cache-hit: 1
x-dt: 285
x-time-ng: 0.022
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| widget.suphelper.top/_next/static/chunks/pages/index-ed7cd77912c6e3a9.js | 104.18.39.72 | 200 OK | 107 kB |
URL GET HTTP/2widget.suphelper.top/_next/static/chunks/pages/index-ed7cd77912c6e3a9.js IP104.18.39.72:443
Requested byhttps://widget.suphelper.top/ CertificateIssuerGoogle Trust Services LLC Subjectsuphelper.top Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36 ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size107 kB (107186 bytes) Hashd0a7ecc59065580118a9ea8880c58962 21573546ac5011592094ef6aea0696ccdeb2164d e1b09efa81ca44cda394e366b64fbf2b3f0725eab9ad24782839cbb8f66842b5
GET /_next/static/chunks/pages/index-ed7cd77912c6e3a9.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 11:29:09 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Wed, 24 Apr 2024 22:20:24 GMT
etag: W/"1a2b2-18f12321a97"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 669675
expires: Thu, 08 May 2025 11:29:09 GMT
server: cloudflare
cf-ray: 88091c43fef5b512-OSL
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sfiles/logo-champ/sub_e_sport_dota_2.webp | 185.244.209.62 | 200 OK | 3.4 kB |
URL GET HTTP/2v3.traincdn.com/sfiles/logo-champ/sub_e_sport_dota_2.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hasha46689e442c017ae101b316767eca350 2a48883da6738204defdfb8f81f44f78b7bb0731 9d5e3beccf36f35346ea0fabe57602cb4beed97d6e770e7bf74fa67c963d05a4
GET /sfiles/logo-champ/sub_e_sport_dota_2.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:13 GMT
content-type: image/webp
content-length: 3422
last-modified: Tue, 03 Jan 2023 12:42:31 GMT
etag: "a46689e442c017ae101b316767eca350"
cache-control: public, max-age=86400, public
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-c6ab2961740a5450a7ef5a0940e8542c-fa45c77126151a3c-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-01-01T14:14:31+00:00, 2024-05-08T10:50:00+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/shared-assets/__shared_chunk_Y7BFQXXC.js | 185.244.209.62 | 200 OK | 1.0 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/shared-assets/__shared_chunk_Y7BFQXXC.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (1036), with no line terminators Hash305de1535e3f2a45efa2f1dd096f496e 9fd79178b39d8a196f9f3640758cc5285f5914fd 9b0fc84933536e9c4ca4b8013f656f393c6073e746901340133cbc11059aec46
GET /sys-static/shared-assets/__shared_chunk_Y7BFQXXC.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:12 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 07 May 2024 09:11:40 GMT
etag: W/"8fecd56fc5520134f3c39b17431fe0c2"
x-amz-meta-mtime: 1715072814.257664589
content-encoding: gzip
expires: Wed, 08 May 2024 15:18:05 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-b96339b1396efaabd7634cb5909f1ff6-ae2c4ea9415d38c1-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T15:18:05+00:00, 2024-05-07T15:58:34+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/web-api/user/secure | 178.253.29.51 | 200 OK | 57 B |
URL POST HTTP/21xlite-461430.top/web-api/user/secure IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hash4126b6c5045e0091d7c4e797a98fa533 ba7189e6deaaba2e73fe08323dc43de445aac352 2f0a90e9dd8b5dc577978e5c4ed698608bd389fc220df1cf933820ea7602917b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /web-api/user/secure HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET
content-type: application/json
x-requested-with: XMLHttpRequest
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET; platform_type=desktop; auid=sv0dM2Y7Yf7BbyWAAwM8Ag==; SESSION=75bb5152e29b8089ef1d8c32275dd0df; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:07 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: br
server-timing: p;dur=15, dt_total;dur=16.937, wf-uht;dur=0.030
set-cookie: _glhf=1715185523; expires=Wed, 08-May-2024 12:29:07 GMT; Max-Age=3600; path=/
traceparent: 00-6c3ef13b4af9fb8f195808791225b6e6-865cff45c7049805-01
vary: Accept-Encoding
x-dt: 285
x-time-ng: 0.017
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-icons/1.0.334/285/coloredSvg.svg | 185.244.209.62 | 200 OK | 88 kB |
URL GET HTTP/2v3.traincdn.com/sys-icons/1.0.334/285/coloredSvg.svg IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hasha6f668d0aabdde5402adab210db914b1 67ae23ae768eda8a4e02d215bef54f622cc69e85 9e73861b840a90e64c92bfe73aa0f659e1eb2404e7020f145e7dc2100f82980c
GET /sys-icons/1.0.334/285/coloredSvg.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:09 GMT
content-type: image/svg+xml
last-modified: Tue, 16 Apr 2024 12:55:56 GMT
etag: W/"a6f668d0aabdde5402adab210db914b1"
x-amz-meta-mtime: 1713272153.420902787
content-encoding: gzip
expires: Thu, 09 May 2024 10:51:51 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-52182e14e405610fc03e108247761751-e937a84f5d723765-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:51:51+00:00, 2024-05-08T11:01:40+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/sys-betting-app-front/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET | 178.253.29.51 | 200 OK | 233 kB |
URL GET HTTP/21xlite-461430.top/sys-betting-app-front/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Size233 kB (233024 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /sys-betting-app-front/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET
content-type: application/json
x-requested-with: XMLHttpRequest
mf-render-mode: json
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET; platform_type=desktop; auid=sv0dM2Y7Yf7BbyWAAwM8Ag==; SESSION=75bb5152e29b8089ef1d8c32275dd0df; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:07 GMT
content-type: application/json
content-encoding: br
server-timing: total;dur=263;desc="Total __BETTING_APP__", dt_total;dur=287.479, wf-uht;dur=0.308
set-cookie: tzo=3; Path=/
traceparent: 00-af86cd7f27edcb76b11bac76c7d0d74c-99ef3f2080d1cb69-01
vary: Accept-Encoding, Accept-Encoding
x-dt: 285
x-time-ng: 0.270, 0.288
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/bff-api/config/contacts.json?type=2&lang=en | 178.253.29.51 | 200 OK | 3.8 kB |
URL GET HTTP/21xlite-461430.top/bff-api/config/contacts.json?type=2&lang=en IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (4380), with no line terminators Hash35b15ddc8b3ddba2cdb3bfc72981faf5 4a827b334a2c3d01ebda12287e001ff2342b1ed8 b73cc38f83e92cafd70e238deb6face9210af5603208057dd1a2077fdec6b3cc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /bff-api/config/contacts.json?type=2&lang=en HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET; platform_type=desktop; auid=sv0dM2Y7Yf7BbyWAAwM8Ag==; SESSION=75bb5152e29b8089ef1d8c32275dd0df; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:07 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: br
server-timing: bff;dur=0.96, dt_total;dur=2.844, wf-uht;dur=0.011
traceparent: 00-00bc8d1ace6e789884b894633bcff2ce-9edffe80ca138fd1-01
vary: Accept-Encoding
x-cache-expire: 238
x-cache-hit: 1
x-dt: 285
x-time-ng: 0.003
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/banner/d94c9b1508a286d270c77946ff0972fa.jpg | 185.244.209.62 | 200 OK | 51 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1/desktop/banner/d94c9b1508a286d270c77946ff0972fa.jpg IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 1380x248, components 3 Hash15b1bda7b31ccc5eacce67afbe6f160b d41eac3583bb0495a008b0d1e4a584d103feb436 2e1b52936d0c7081d46010cd49e236aed8cefc16adad7c908c108aff4a73718d
GET /genfiles/cms/1/desktop/banner/d94c9b1508a286d270c77946ff0972fa.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:15 GMT
content-type: image/jpeg
content-length: 51087
last-modified: Tue, 11 Apr 2023 18:15:30 GMT
etag: "15b1bda7b31ccc5eacce67afbe6f160b"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-bef18b6e3e51925bb5932b25a0028f00-ff8217e050b691f2-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T08:23:51+00:00, 2024-05-08T11:09:13+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/7c43e6fa10d0665cf556d13ff2a1906d.svg | 185.244.209.62 | 200 OK | 1.2 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/7c43e6fa10d0665cf556d13ff2a1906d.svg IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hasha436db0af736498349f0127d8e7fab1e b07e2c449cf16ddb052ce40d881db13a0c890b9b 93261a519c1cea62e2c934496d5e0cbd1cbc8f65b4961811316e55d9e7c96ede
GET /genfiles/cms/1-285/desktop/media_asset/7c43e6fa10d0665cf556d13ff2a1906d.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:03 GMT
content-type: image/svg+xml
last-modified: Tue, 02 May 2023 10:06:49 GMT
etag: W/"7cca3986f7a5c4c164144ff11df71073"
content-encoding: gzip
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-a1eb62480f1bb75bfd6232cc9b408acc-95f908eecc697e88-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-01-11T08:32:05+00:00, 2024-05-08T11:02:47+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/35fa91628fa4.js | 185.244.209.62 | 200 OK | 24 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/35fa91628fa4.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (23507) Hash1c8f8a55f3c3a7955b08ed9c055a1b3e 3a31f8d3cbaaaf74e4616c9ab944919e0cd4c70a f900155624ef7437112d00e9a9966a755cb6588dc9c19bbed7a6de031502b8f9
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/35fa91628fa4.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:15 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 08 May 2024 10:11:58 GMT
etag: W/"1c8f8a55f3c3a7955b08ed9c055a1b3e"
x-amz-meta-mtime: 1715162852.704948141
content-encoding: gzip
expires: Thu, 09 May 2024 10:43:41 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-fa1eddc3b04478d222ce98a162cd19ef-6276d904d5327cfd-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:43:41+00:00, 2024-05-08T10:48:40+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/service-api/gamespreview/getbanner?whence=55&ref=1&gr=285&lng=en&fCountry=137 | 178.253.29.51 | 200 OK | 176 B |
URL GET HTTP/21xlite-461430.top/service-api/gamespreview/getbanner?whence=55&ref=1&gr=285&lng=en&fCountry=137 IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hashce83848f5a9de5b927cd4cff734cab1d cca87e9e4d96eea317cebd4c3d2c299083d62de7 936bd9bc02a2de2874d557265f4ee128aaf48c383b016e5442638ba0fa5cdc39
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/gamespreview/getbanner?whence=55&ref=1&gr=285&lng=en&fCountry=137 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET; platform_type=desktop; auid=sv0dM2Y7Yf7BbyWAAwM8Ag==; SESSION=75bb5152e29b8089ef1d8c32275dd0df; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:06 GMT
content-type: application/json; charset=utf-8
content-length: 176
x-time-ng: 0.004
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.015
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/3b6d4dd2b448.js | 185.244.209.62 | 200 OK | 11 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/3b6d4dd2b448.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (11115) Hash5374f11801993ae8a92750d8b16bc96b 3c2b9d81b8e80ef7d2d1ca1882d040d44070a269 2c6b3eeae15fced6885475df56593ae8c51b2b6ba8b85955d0c1449cdee321d7
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/3b6d4dd2b448.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:15 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 08 May 2024 10:11:58 GMT
etag: W/"5374f11801993ae8a92750d8b16bc96b"
x-amz-meta-mtime: 1715162852.704948141
content-encoding: gzip
expires: Thu, 09 May 2024 10:43:41 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-f9cfe40798525a0c3cded320035d0ccd-bea2f8e5f2f096af-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T10:43:41+00:00, 2024-05-08T10:48:40+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/88cfac66.css | 185.244.209.62 | 200 OK | 64 B |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/88cfac66.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash9deb70dd3fbdc7061ed21c5632fbc55b 22ae1cadf75b3fdd5e3e3762842b1b7a6f6e7ed8 be8196057ac43ab3882caf30239c364e1ef4ceda087e92ca87187ce239f022f9
GET /_nuxt/desktop/default/css/88cfac66.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:06 GMT
content-type: text/css
content-length: 97
last-modified: Mon, 06 May 2024 10:23:04 GMT
etag: "6638af88-61"
content-encoding: gzip
expires: Tue, 07 May 2024 16:27:42 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-a5828420d7ecd1bca5efc60286b8db07-611fd5b8f04af6c0-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T16:27:42+00:00, 2024-05-07T13:45:35+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/betstemplates/bets_model_short_en_3.json | 185.244.209.62 | 200 OK | 13 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/betstemplates/bets_model_short_en_3.json IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=d_2897299m_97c_PU_KZ_PA_SB_MB_1XBET CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
Hashd4f82c6941872614b6a2c18008e217be d43ea6e3db687b9396c7f6b698561adf298caea8 b78d262cd306517df772f3a5696fd519a9807f2716dfdd0613d416f13e710193
GET /genfiles/cms/betstemplates/bets_model_short_en_3.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 11:29:14 GMT
content-type: application/json
last-modified: Thu, 02 May 2024 09:18:51 GMT
etag: W/"d4f82c6941872614b6a2c18008e217be"
content-encoding: gzip
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-4b85334c49a4f66b37087d232e4073ba-41178cb22f62da08-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-02T10:05:37+00:00, 2024-05-08T10:30:38+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| widget.suphelper.top/_next/static/f385e6db/_middlewareManifest.js | 104.18.39.72 | 200 OK | 92 B |
URL GET HTTP/2widget.suphelper.top/_next/static/f385e6db/_middlewareManifest.js IP104.18.39.72:443
Requested byhttps://widget.suphelper.top/ CertificateIssuerGoogle Trust Services LLC Subjectsuphelper.top Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36 ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT
File typeASCII text, with no line terminators Hash7c3f7e060745668041278118c0bb3d6d e639f56695b3cc30d78dce7a0084aa8299a1311a de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a
GET /_next/static/f385e6db/_middlewareManifest.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 11:29:09 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Thu, 02 May 2024 07:01:48 GMT
etag: W/"5c-18f381bf92a"
vary: Accept-Encoding
cf-cache-status: HIT
age: 534099
expires: Thu, 08 May 2025 11:29:09 GMT
server: cloudflare
cf-ray: 88091c440f04b512-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|