| 1xlite-660473.top/polyfills.js | 178.253.29.47 | 200 OK | 0 B |
URL GET HTTP/21xlite-660473.top/polyfills.js IP178.253.29.47:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerLet's Encrypt Subject1xlite-660473.top FingerprintAE:C9:7E:01:65:F2:2B:09:5E:F8:15:42:9A:94:F9:44:A4:7F:F2:5D ValidityTue, 26 Mar 2024 09:13:24 GMT - Mon, 24 Jun 2024 09:13:23 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /polyfills.js HTTP/1.1
Host: 1xlite-660473.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder; postback_watcher=; platform_type=desktop; auid=sv0dL2Yq7Xxr7e+7AxAFAg==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:40 GMT
content-type: text/javascript; charset=utf-8
content-length: 0
vary: user-agent
cache-control: public, max-age=2678400, s-maxage=2678400
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-time-ng: 0.024
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.032
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/runtime-429a9b40.js | 185.244.209.62 | 200 OK | 15 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/runtime-429a9b40.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (47028), with no line terminators Hash98255763f3f394149bb9d0b5f43f0cf7 9f9956c07034407cf605d11bc57b37c8a928c01f 664cac2629ba11af02afaabf5b06ef2bfab319d36efdb7c6b81ade6edcffd217
GET /_nuxt/desktop/default/runtime-429a9b40.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:40 GMT
content-type: application/javascript; charset=utf-8
content-length: 14721
last-modified: Thu, 25 Apr 2024 10:37:52 GMT
etag: "662a3280-3981"
content-encoding: gzip
expires: Fri, 26 Apr 2024 12:56:44 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-fd49ce82e2f57a57406a655bff0c3643-6f68fc052ec83379-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T12:56:44+00:00, 2024-04-25T12:58:31+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/1c94b87d.css | 185.244.209.62 | 200 OK | 7.3 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/1c94b87d.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (53523), with no line terminators Hash09f5d4ef76cd62ba561edcd01f6b5c5f 270b17bb922c6e3559a71fb9530ec41bd1b54f95 7e1af9add1d57b07ff5cdab9ee1af0b09253f3de94d42a4333a4f1603bce46bb
GET /_nuxt/desktop/default/css/1c94b87d.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:40 GMT
content-type: text/css
content-length: 7300
last-modified: Thu, 25 Apr 2024 10:37:52 GMT
etag: "662a3280-1c84"
content-encoding: gzip
expires: Fri, 26 Apr 2024 12:54:23 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-78bd13f3d70b69e491e16c2de2077924-1c020f4ff4c03262-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T12:54:23+00:00, 2024-04-25T13:06:02+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main-09271208.js | 185.244.209.62 | 200 OK | 58 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main-09271208.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (64940), with no line terminators Hash510ed48f64189337e8de2946d86f628b c31579baef67dbaf7cc2f17bed8e2335223e3f8e a236c2dd075d9f3fb5ba4ef3dec0efe9a6e60c79520bcc589a0f233dc96e54d2
GET /_nuxt/desktop/default/Page.Betting.Main-09271208.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:40 GMT
content-type: application/javascript; charset=utf-8
content-length: 57868
last-modified: Thu, 25 Apr 2024 10:37:52 GMT
etag: "662a3280-e20c"
content-encoding: gzip
expires: Fri, 26 Apr 2024 14:25:32 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-5c3a800ecdd540f17e7fcce21fe1e19b-7c5baf73a44aa5e2-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T14:28:32+00:00, 2024-04-25T14:32:54+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Main/Page.Betting.Main.Asian/registration.Main/user.userRegistration-61022f43.js | 185.244.209.62 | 200 OK | 9.2 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Main/Page.Betting.Main.Asian/registration.Main/user.userRegistration-61022f43.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (31451), with no line terminators Hashe56eb405b1675cee62515df2dd269796 9c9c94e310d2895822831bd3face015b1cbf6b06 d2dbde0611294046d74c6cfb5ef4fb9b3559df984253e2e490fe238b59303a54
GET /_nuxt/desktop/default/vendors/Page.Betting.Main/Page.Betting.Main.Asian/registration.Main/user.userRegistration-61022f43.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:40 GMT
content-type: application/javascript; charset=utf-8
content-length: 9167
last-modified: Thu, 25 Apr 2024 10:37:52 GMT
etag: "662a3280-23cf"
content-encoding: gzip
expires: Fri, 26 Apr 2024 14:25:09 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-cd68dfe5604bf6c15e877a84881f642e-a7288cfb18dfb35e-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T14:28:32+00:00, 2024-04-25T14:32:54+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.Homepage/Page.Betting.Main/Page.Betting.Main.Asian/Page.Betting.TeamGames/Page.New/a4ad9f6b-09f13029.js | 185.244.209.62 | 200 OK | 4.2 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.Homepage/Page.Betting.Main/Page.Betting.Main.Asian/Page.Betting.TeamGames/Page.New/a4ad9f6b-09f13029.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (14590), with no line terminators Hash73f82bd11055f942d7fdc91daeeeffe3 b105ad08a4eace9e06c2dccad185cffd174b2abb 599ee13f2007b11321a9bfaeee0b82ce9fceb73545b010019bedd35d2bdf491a
GET /_nuxt/desktop/default/Page.Betting.Asia.Homepage/Page.Betting.Main/Page.Betting.Main.Asian/Page.Betting.TeamGames/Page.New/a4ad9f6b-09f13029.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:40 GMT
content-type: application/javascript; charset=utf-8
content-length: 4207
last-modified: Thu, 25 Apr 2024 10:37:52 GMT
etag: "662a3280-106f"
content-encoding: gzip
expires: Fri, 26 Apr 2024 14:28:32 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-cec571914f1708dbf053485d936174a2-c81f47cc5ec916e9-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T14:28:32+00:00, 2024-04-25T14:32:54+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Main/Page.Betting.TeamGames-212b3d8d.js | 185.244.209.62 | 200 OK | 7.6 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Main/Page.Betting.TeamGames-212b3d8d.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (29993), with no line terminators Hash361fe5a6001442cf39008a4c1116f2e4 81884dd80c15438223e8d8d3e6c1ac1593d3e99a a75467a41371ace952fbdb97273852b0d3bde6c06e2f2405808601693201d89d
GET /_nuxt/desktop/default/vendors/Page.Betting.Main/Page.Betting.TeamGames-212b3d8d.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:40 GMT
content-type: application/javascript; charset=utf-8
content-length: 7632
last-modified: Thu, 25 Apr 2024 10:37:52 GMT
etag: "662a3280-1dd0"
content-encoding: gzip
expires: Fri, 26 Apr 2024 14:28:32 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-9e3a9cd1ef2867644dff339981c90f04-2498e248551a7ece-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T14:28:32+00:00, 2024-04-25T14:32:54+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/98ce2926.css | 185.244.209.62 | 200 OK | 1.5 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/98ce2926.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (8509), with no line terminators Hashb0cd3891fe08ec67c50bbdfd9f7e9181 205511f8e55a0498e8129c290759a26ba4a4db31 75c619e9cabd7b2c1939e6837909e12c51fb3e68888ba20d650cb1939f983f6e
GET /_nuxt/desktop/default/css/98ce2926.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:40 GMT
content-type: text/css
content-length: 1491
last-modified: Thu, 25 Apr 2024 10:37:52 GMT
etag: "662a3280-5d3"
content-encoding: gzip
expires: Fri, 26 Apr 2024 12:26:51 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-79877cc153e91e004b4f137542c612f3-c0d2943ccbbdae77-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T12:26:51+00:00, 2024-04-25T12:57:32+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/6cc025d5.css | 185.244.209.62 | 200 OK | 1.3 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/6cc025d5.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (6716), with no line terminators Hashbe35c859b4087d52ff863e02472b7438 acce1097a331dc2ec0669d17db06c679e7c81be6 af7c9af6bda4b329f14b870f4df09e1b11e87d8dba17c30eed496dc5d27dfc1f
GET /_nuxt/desktop/default/css/6cc025d5.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:40 GMT
content-type: text/css
content-length: 1324
last-modified: Thu, 25 Apr 2024 10:37:52 GMT
etag: "662a3280-52c"
content-encoding: gzip
expires: Fri, 26 Apr 2024 12:26:51 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-0a1d4665011c4567f601549fd09a1ef9-3f698857d37f4e83-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T12:26:51+00:00, 2024-04-25T12:57:32+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/a7906856.css | 185.244.209.62 | 200 OK | 336 B |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/a7906856.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (1099), with no line terminators Hash6921418ff9395c44037498a4cf17ee66 31879049279e2cb5bc06b249d80d1735ef112b19 e6de221b29f3b4e47505c877067f28565ab5e1b419dc5003aca29c49596e73ab
GET /_nuxt/desktop/default/css/a7906856.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:40 GMT
content-type: text/css
content-length: 336
last-modified: Thu, 25 Apr 2024 10:37:52 GMT
etag: "662a3280-150"
content-encoding: gzip
expires: Fri, 26 Apr 2024 12:26:51 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-4c20cd6d7178423c98e9cbf862d5b75e-13f8aefd63c194e0-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T12:26:51+00:00, 2024-04-25T12:57:32+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/version.json | 185.244.209.62 | 200 OK | 44 B |
URL GET HTTP/2v3.traincdn.com/version.json IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
Hash4dda53dbeb340a5129b07e1702aa8dad 614a638c883bf28d94af0918fc794d5d275cfc20 eeb319ca820c70f7b63d4ff6a64bb4852647c066b7cd0245601964722306e983
GET /version.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-660473.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:40 GMT
content-type: application/json
content-length: 44
last-modified: Thu, 25 Apr 2024 10:41:36 GMT
etag: "662a3360-2c"
content-encoding: gzip
expires: Thu, 25 Apr 2024 11:27:56 GMT
cache-control: max-age=60, max-age=60, s-maxage=60
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-47bb9a1c45e2723777da347285d8aa0d-e9159b1800441525-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T11:26:56+00:00, 2024-04-25T23:55:20+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside-500bea4e.js | 185.244.209.62 | 200 OK | 17 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside-500bea4e.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65113), with no line terminators Hash85aa5ed6fedc499534bfeb8eee571fb6 b751e2adaae96f130072f0e7eab069e15d196ec1 e5e627bc912c4a35155dec18e77f6d9bf9c211c970530570975b82c4409828f9
GET /_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside-500bea4e.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:40 GMT
content-type: application/javascript; charset=utf-8
content-length: 17005
last-modified: Thu, 25 Apr 2024 10:37:52 GMT
etag: "662a3280-426d"
content-encoding: gzip
expires: Fri, 26 Apr 2024 14:25:31 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-fbc99866ae1216a5c0ef857ac31def8e-154830e20213c932-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T14:28:32+00:00, 2024-04-25T14:32:54+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Main.BettingLeftAside-cff7ad48.js | 185.244.209.62 | 200 OK | 5.9 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Main.BettingLeftAside-cff7ad48.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (21263), with no line terminators Hash3f56cba5378467ab13f9b0306595ae53 2750c16fab16b27a053e7e98aac5e8f0208172d4 2401f7c429a40b5ff67fcbb6b78a804167da3d50d936c45b30e6fdcc990c04cb
GET /_nuxt/desktop/default/vendors/Page.Betting.Main.BettingLeftAside-cff7ad48.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:40 GMT
content-type: application/javascript; charset=utf-8
content-length: 5867
last-modified: Thu, 25 Apr 2024 10:37:52 GMT
etag: "662a3280-16eb"
content-encoding: gzip
expires: Fri, 26 Apr 2024 14:25:33 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-51dbf87405951b100ba970fb3efdc21d-3ace8d75ae2658a7-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T14:28:32+00:00, 2024-04-25T14:32:54+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main/Page.Betting.Main.BettingLeftAside/Page.Betting.TeamGames/betting.GamesSliderApp/b/e7e00398-9123e772.js | 185.244.209.62 | 200 OK | 2.2 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main/Page.Betting.Main.BettingLeftAside/Page.Betting.TeamGames/betting.GamesSliderApp/b/e7e00398-9123e772.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (7613), with no line terminators Hash6799557112e6479f4840348196eed7a5 046037566d79a018ad198bef462fa51c74bbb5a4 40caffbe2d55fa120e702fc464aac54e941c61b3031f22f5792205a572ff5ac7
GET /_nuxt/desktop/default/Page.Betting.Main/Page.Betting.Main.BettingLeftAside/Page.Betting.TeamGames/betting.GamesSliderApp/b/e7e00398-9123e772.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:40 GMT
content-type: application/javascript; charset=utf-8
content-length: 2212
last-modified: Thu, 25 Apr 2024 10:37:52 GMT
etag: "662a3280-8a4"
content-encoding: gzip
expires: Fri, 26 Apr 2024 14:25:33 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-652bdbdaaf07da135cf57d74631ae52a-65a2de7743d2f023-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T14:28:32+00:00, 2024-04-25T14:32:54+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside/Page.NewCyber.CyberChamps/Page.NewCyber.CyberDashboard/Page.NewCy/adc1b632-d5668a78.js | 185.244.209.62 | 200 OK | 3.5 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside/Page.NewCyber.CyberChamps/Page.NewCyber.CyberDashboard/Page.NewCy/adc1b632-d5668a78.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (13913), with no line terminators Hashfdb7a93a6ddb45c5aa62038f2425f285 a4836eee77f925e40da1e670590dd08faf87b992 4a0463cc93f9ab8a16261880e0ac51d30932b1d07553817879a0addb00af38e0
GET /_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside/Page.NewCyber.CyberChamps/Page.NewCyber.CyberDashboard/Page.NewCy/adc1b632-d5668a78.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:40 GMT
content-type: application/javascript; charset=utf-8
content-length: 3531
last-modified: Thu, 25 Apr 2024 10:37:52 GMT
etag: "662a3280-dcb"
content-encoding: gzip
expires: Fri, 26 Apr 2024 14:25:32 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-6b83fc9d28b435be550ae1dfeb8ffa07-f78c47916ad5cd9f-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T14:28:32+00:00, 2024-04-25T14:32:54+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/c3d37cc4.css | 185.244.209.62 | 200 OK | 194 B |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/c3d37cc4.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (395), with no line terminators Hash7f1ee7f9ec47159043591789124ec7cc bb021131214d4b70b327355a5a947b974f2eccbd 4041bafac614e354c03b647dc8d226e140460381c4816a65528e4ba428b0a0ad
GET /_nuxt/desktop/default/css/c3d37cc4.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:40 GMT
content-type: text/css
content-length: 194
last-modified: Wed, 24 Apr 2024 11:16:25 GMT
etag: "6628ea09-c2"
content-encoding: gzip
expires: Fri, 26 Apr 2024 09:22:48 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-fde37f9f9041dfc8e5a38f59159ff812-74fbfd3f2a832015-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T09:22:48+00:00, 2024-04-25T13:58:48+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside/betting.SportMenuApp-f5f00544.js | 185.244.209.62 | 200 OK | 10 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside/betting.SportMenuApp-f5f00544.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (41616), with no line terminators Hash09f939cf46957d82e821f8807e05968a 5e1ec26d95f29042bb2f78c902b37c44817cc109 771bb7992371b7c701a37d462456fc4529bc477b52a334c8667762ca4e5a306b
GET /_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside/betting.SportMenuApp-f5f00544.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:40 GMT
content-type: application/javascript; charset=utf-8
content-length: 10291
last-modified: Thu, 25 Apr 2024 10:37:52 GMT
etag: "662a3280-2833"
content-encoding: gzip
expires: Fri, 26 Apr 2024 14:25:32 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-294467916c85561f97d06973f8349634-aada906bb3e3a852-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T14:28:33+00:00, 2024-04-25T14:32:54+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/9eb4939a.css | 185.244.209.62 | 200 OK | 2.8 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/9eb4939a.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (20960), with no line terminators Hash6cae6098e169876c305ca92f82fe3cde d27c18f05738795d575c8ce370ed83cf07da0a5a 7095d096e88dd0a09d84d063de1e0eedd406b032150a5af99e796c2ac63bcfe5
GET /_nuxt/desktop/default/css/9eb4939a.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:40 GMT
content-type: text/css
content-length: 2763
last-modified: Thu, 25 Apr 2024 10:37:52 GMT
etag: "662a3280-acb"
content-encoding: gzip
expires: Fri, 26 Apr 2024 12:26:51 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-bb01ebbb19f95af1a527b885665e26d5-96bf3161ed726075-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T12:26:51+00:00, 2024-04-25T12:57:32+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingContent-2d71b204.js | 185.244.209.62 | 200 OK | 646 B |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingContent-2d71b204.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (1333), with no line terminators Hash195337917bfce628357a5db2aee5432f 154d69e35c36bd6e01d05b4045badf4872f9ebc3 c605b7891079605ad4b90aa944b0557202c0df060c4cfff972d413db0170fad3
GET /_nuxt/desktop/default/Page.Betting.Main.BettingContent-2d71b204.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:40 GMT
content-type: application/javascript; charset=utf-8
content-length: 646
last-modified: Thu, 25 Apr 2024 10:37:52 GMT
etag: "662a3280-286"
content-encoding: gzip
expires: Fri, 26 Apr 2024 14:24:42 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-6ef0a744bb99905c24d4d01aba475535-ce1c4c536e6ad9f1-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T14:28:34+00:00, 2024-04-25T14:32:54+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/885d64fc.css | 185.244.209.62 | 200 OK | 332 B |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/885d64fc.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (975), with no line terminators Hash31aa50dcbc858f61bf3ed903493b8431 abf67e7f02256d2d5c5e2054b2930aa9b5ece999 18337e3b3c6f57695afaca43e471c075fd711e0485b4e7f1fdc1b6fe4e8703d7
GET /_nuxt/desktop/default/css/885d64fc.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:40 GMT
content-type: text/css
content-length: 332
last-modified: Thu, 25 Apr 2024 10:37:52 GMT
etag: "662a3280-14c"
content-encoding: gzip
expires: Fri, 26 Apr 2024 12:16:17 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-39026420866ce1de90b926290383d848-1807213cb93b894e-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T12:16:17+00:00, 2024-04-25T19:20:22+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Layout.Betting.ExpressDay-1d2478b0.js | 185.244.209.62 | 200 OK | 3.4 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/Layout.Betting.ExpressDay-1d2478b0.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (10178), with no line terminators Hashbadfd1b5440c69f594132dab6b8ece6f e1320ef520529473fd5de690b92bd42dd41eac81 12fc9f116dac766e665d2fd70f408cccc5497e8f6f25cc3c0ce3df667d43d693
GET /_nuxt/desktop/default/Layout.Betting.ExpressDay-1d2478b0.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:40 GMT
content-type: application/javascript; charset=utf-8
content-length: 3362
last-modified: Thu, 25 Apr 2024 10:37:52 GMT
etag: "662a3280-d22"
content-encoding: gzip
expires: Fri, 26 Apr 2024 14:25:33 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-4b0285f1cac0b3a97b53d939d674e204-e46a2268757cd0c4-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T14:28:33+00:00, 2024-04-25T14:32:54+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/6c310293.css | 185.244.209.62 | 200 OK | 3.2 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/6c310293.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (31339), with no line terminators Hash3cc47f5bfd7fb2ef96257df775a1b810 bbb36b671dd4a1f6e24cce1a48368724994b3913 18aeb0ed76dd6ce1471582770244ed6c55b69fef2e84ffabdabdbf7f32600326
GET /_nuxt/desktop/default/css/6c310293.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:40 GMT
content-type: text/css
content-length: 3225
last-modified: Thu, 25 Apr 2024 10:37:52 GMT
etag: "662a3280-c99"
content-encoding: gzip
expires: Fri, 26 Apr 2024 12:26:51 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-d4c323e9b034003496556f9cbc282348-0c3f1bf97100bed0-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T12:26:51+00:00, 2024-04-25T12:57:32+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Layout.SeoModule.Lazy-133d5539.js | 185.244.209.62 | 200 OK | 2.3 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/Layout.SeoModule.Lazy-133d5539.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (8037), with no line terminators Hashceb24e94d87d9c04b6685d611e9050c1 781d9f7fb4ff0e09fa74cdcdc5b1e707a57b4539 bfc675160863b2fdb50b84830a53646a8c762836217ffc99ea6a8b5dc16cd734
GET /_nuxt/desktop/default/Layout.SeoModule.Lazy-133d5539.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:40 GMT
content-type: application/javascript; charset=utf-8
content-length: 2257
last-modified: Thu, 25 Apr 2024 10:37:52 GMT
etag: "662a3280-8d1"
content-encoding: gzip
expires: Fri, 26 Apr 2024 14:28:33 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-d7b5f4af4163d65e156cc4d410f14fa8-362d8d33465ab1a1-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T14:28:33+00:00, 2024-04-25T14:32:54+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/85148a0b.css | 185.244.209.62 | 200 OK | 4.0 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/85148a0b.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (32277), with no line terminators Hasheeaf257a8645b90669a2ea93b8fb534e d81289258b7a5c126dd860232760852cc8ad865e 3a170c88ab694ad7552f7a84baa04ddb248c32b7f8ffe16d55dd73685de87aa6
GET /_nuxt/desktop/default/css/85148a0b.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:40 GMT
content-type: text/css
content-length: 3964
last-modified: Thu, 25 Apr 2024 10:37:52 GMT
etag: "662a3280-f7c"
content-encoding: gzip
expires: Fri, 26 Apr 2024 12:54:24 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-62f3f0c568d979693fccf2cc731ccebe-62bccd46a6933168-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T12:54:24+00:00, 2024-04-25T13:05:38+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Layout.FooterComponent.Lazy-9abe035a.js | 185.244.209.62 | 200 OK | 7.8 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/Layout.FooterComponent.Lazy-9abe035a.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (28143), with no line terminators Hashc790413a6f4ea0dbbb7278d4ba07c8e2 aeea4548ef2d3820699053c3c6b7f653703688ec a85e58d257f382c639e0f17995d19e6e55271ee366813029aa709f067bbef4a2
GET /_nuxt/desktop/default/Layout.FooterComponent.Lazy-9abe035a.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:40 GMT
content-type: application/javascript; charset=utf-8
content-length: 7783
last-modified: Thu, 25 Apr 2024 10:37:52 GMT
etag: "662a3280-1e67"
content-encoding: gzip
expires: Fri, 26 Apr 2024 14:28:34 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-0ae8e73f152dad5c58d3cbba48ac03a7-7735f466e7cfa142-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T14:28:34+00:00, 2024-04-25T14:32:54+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/Layout.FooterComponent.Lazy-627abef7.js | 185.244.209.62 | 200 OK | 8.3 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/vendors/Layout.FooterComponent.Lazy-627abef7.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (29805), with no line terminators Hash4d2f484f3465b217acb7bc2c93924f01 f6274c5c70d187c221e04edacdc4e73bc90bae28 57931838efa5e848ac1467518ce0d43b9a11e44f53f41d0b48a8fc321ecebb7f
GET /_nuxt/desktop/default/vendors/Layout.FooterComponent.Lazy-627abef7.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:40 GMT
content-type: application/javascript; charset=utf-8
content-length: 8274
last-modified: Thu, 25 Apr 2024 10:37:52 GMT
etag: "662a3280-2052"
content-encoding: gzip
expires: Fri, 26 Apr 2024 14:28:34 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-62cf1f8eea8ee39bc4b939d0529a340d-7463e12cec9b13b2-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T14:28:34+00:00, 2024-04-25T14:32:54+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/5cfdf959.css | 185.244.209.62 | 200 OK | 1.1 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/5cfdf959.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (4632), with no line terminators Hashf74d8b7e31b6ab236a9577348874385d 87091e6542649037a05fc137fa449b713c85225d b33d72295f1edbfc13da30236c4b811cffe4ba8ef758a515914cd69cf02edbf8
GET /_nuxt/desktop/default/css/5cfdf959.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:40 GMT
content-type: text/css
content-length: 1113
last-modified: Wed, 24 Apr 2024 11:16:25 GMT
etag: "6628ea09-459"
content-encoding: gzip
expires: Fri, 26 Apr 2024 06:45:01 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-e2a96b5c44927682487514ed2bac9240-8712f649868bcc8e-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T06:45:01+00:00, 2024-04-25T07:56:22+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Layout.FooterComponent.Lazy/Page.Game.Project-27024645.js | 185.244.209.62 | 200 OK | 6.3 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/Layout.FooterComponent.Lazy/Page.Game.Project-27024645.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (20014), with no line terminators Hashb69735a0304bc0ac21b40573ee550f0b 96f237bfaac6dab3ce2595e9961762984ae1545b 5defbae69d8affe7aa3e1eda4b2f1759900c2ce35985b69928b65cdfabfc78e3
GET /_nuxt/desktop/default/Layout.FooterComponent.Lazy/Page.Game.Project-27024645.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:40 GMT
content-type: application/javascript; charset=utf-8
content-length: 6262
last-modified: Thu, 25 Apr 2024 10:37:52 GMT
etag: "662a3280-1876"
content-encoding: gzip
expires: Fri, 26 Apr 2024 14:28:34 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-ce8d7da9caddad209f7611ad57346611-b0ed87b168e6b8cc-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T14:28:34+00:00, 2024-04-25T14:32:54+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/b31cf88f.css | 185.244.209.62 | 200 OK | 2.2 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/b31cf88f.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (9498), with no line terminators Hash96a29f0004392655cc9593713581f6bc 9e217c48ea7052b0df22bd29aa1b62afd807ef2d f38f8cbcdd652cad7465c60c1eff068b6d104e97f4603f1499cb790f81b17cff
GET /_nuxt/desktop/default/css/b31cf88f.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:40 GMT
content-type: text/css
content-length: 2186
last-modified: Thu, 25 Apr 2024 10:37:52 GMT
etag: "662a3280-88a"
content-encoding: gzip
expires: Fri, 26 Apr 2024 12:33:29 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-39715d4fc5cb4b9792e11e37c4e9aee3-7b682ec6e2365b04-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T12:33:29+00:00, 2024-04-25T12:57:32+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/e74c776d.css | 185.244.209.62 | 200 OK | 14 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/e74c776d.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hash46c8f0c05f1b041270e8e142c7ce5d70 2b14a5ef8669fe0e73a40a816b894a50c829219f eed5933b3a22f8155625627d59bf536ceda18acc679a4019833a890e75b07ba7
GET /_nuxt/desktop/default/css/e74c776d.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:40 GMT
content-type: text/css
content-length: 13767
last-modified: Thu, 25 Apr 2024 10:37:52 GMT
etag: "662a3280-35c7"
content-encoding: gzip
expires: Fri, 26 Apr 2024 12:54:14 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-cc5f1743f41a23b6d340236bd70dc769-14ee5c1b934d4866-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T12:54:14+00:00, 2024-04-25T13:04:37+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/app-3a0481ca.js | 185.244.209.62 | 200 OK | 270 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/vendors/app-3a0481ca.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (61101) Size270 kB (270073 bytes) Hash47ed64bc46475959fb808f6ad315b17a 6458a90607fec951440547e5da3ece80345a79b3 6e6e1c838342b6cc15d98b2024a13f8f1e39dec2338a15bf9b04c1d73c9650c4
GET /_nuxt/desktop/default/vendors/app-3a0481ca.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:40 GMT
content-type: application/javascript; charset=utf-8
content-length: 270073
last-modified: Thu, 25 Apr 2024 10:37:52 GMT
etag: "662a3280-41ef9"
content-encoding: gzip
expires: Fri, 26 Apr 2024 14:28:31 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-5d0e46af5fa57463ce8f6562c750a6c7-a0a9d9ba4390a33c-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T14:28:31+00:00, 2024-04-25T14:32:54+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/app-019fd1f8.js | 185.244.209.62 | 200 OK | 225 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/app-019fd1f8.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (64966), with no line terminators Size225 kB (224677 bytes) Hashd43b77608bc8d96538ae9c273040c05f 976870970f803da08317c877884507f74612dcb0 6d2939523f88a6d4cce3fb00a10e7b0bd1a2733ba36d72ce608bdb19a287f109
GET /_nuxt/desktop/default/app-019fd1f8.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:40 GMT
content-type: application/javascript; charset=utf-8
content-length: 224677
last-modified: Thu, 25 Apr 2024 10:37:52 GMT
etag: "662a3280-36da5"
content-encoding: gzip
expires: Fri, 26 Apr 2024 12:56:44 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-5dd448dec7a6365925de95200c7275a4-f54b61d08f78d2a7-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T12:56:44+00:00, 2024-04-25T12:58:31+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/commons/app-52fe5dc2.js | 185.244.209.62 | 200 OK | 47 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/commons/app-52fe5dc2.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65476) Hash67738af5bf23b478a572a381a2acc716 dd7280b456a511724f02c36bc432472d28897aef 38d639b8059f8649a3afd6bae7727428d389d106ba7f5f58abe27ef6d5a59183
GET /_nuxt/desktop/default/commons/app-52fe5dc2.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:40 GMT
content-type: application/javascript; charset=utf-8
content-length: 46792
last-modified: Thu, 25 Apr 2024 10:37:52 GMT
etag: "662a3280-b6c8"
content-encoding: gzip
expires: Fri, 26 Apr 2024 14:28:31 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-d697d0524f0af0869c068128e26ae85c-b98fa271aaae5a0f-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T14:28:31+00:00, 2024-04-25T14:32:54+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2 | 185.244.209.62 | 200 OK | 64 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2 IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 63748, version 1.0 Hash6887b6f24414dbc612dbf42ccdc76b70 8068d3abfbc6cbf35b55919da45b1f4d2d136238 fc5c015fc32518f1ed810fa84ca28941eb9d5a3c81acc8df69a4dbbeedef7b0c
GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-660473.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:41 GMT
content-type: font/woff2
content-length: 63748
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "6887b6f24414dbc612dbf42ccdc76b70"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-3f7d72299a5a788e88914c006ebe8d64-398a15af0ba8c3f6-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T07:13:59+00:00, 2024-04-25T23:07:49+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Medium.woff2 | 185.244.209.62 | 200 OK | 65 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Medium.woff2 IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 64732, version 1.0 Hash3ac5d40d1b3966fc5eb09ecca74d9cbf a69f32357765dd321519889aeacba5e9ca893bb0 3310766b8f58538d07abded74a2babe1acbe1a3ee820d5b8c8265da666f4fb0c
GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Medium.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-660473.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:41 GMT
content-type: font/woff2
content-length: 64732
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "3ac5d40d1b3966fc5eb09ecca74d9cbf"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-e3490eb78e2ed546e2feb163982d83d2-d863aa7b2bb07038-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T07:56:30+00:00, 2024-04-25T23:29:35+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2 | 185.244.209.62 | 200 OK | 64 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2 IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 63920, version 1.0 Hasha65527fcb58f66a7cfbc0e6b160538b4 45d260e7fa343401b5bb0df982a014f53e2d253b fb13c3a1cbac60649b76f7d7f85c1645d35ac69b85ce5f4eb0692505ecc2cd45
GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-660473.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:41 GMT
content-type: font/woff2
content-length: 63920
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "a65527fcb58f66a7cfbc0e6b160538b4"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-24bc14f8d64129b42d361ca55f4a7dc3-3fd3b3269ee320e0-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T07:54:39+00:00, 2024-04-25T23:10:28+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/check-ob.js | 185.244.209.62 | 200 OK | 187 B |
URL GET HTTP/2v3.traincdn.com/_nuxt/check-ob.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text Hashced67278c38d1ce1297c121af69fff8a df6e1531fd84d956263b04254e6f94f5356623f4 2958134c3c00f7c6320858dd66e454c2856e4842821d3523c4cc5e44e1ec8616
GET /_nuxt/check-ob.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:41 GMT
content-type: application/javascript; charset=utf-8
content-length: 187
last-modified: Wed, 24 Apr 2024 11:16:59 GMT
etag: "6628ea2b-bb"
content-encoding: gzip
expires: Thu, 25 Apr 2024 12:52:17 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-bbd7b099b5387bf6211357a8d2f8f418-15c907ba10e8917f-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-24T12:52:17+00:00, 2024-04-25T11:36:14+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/1da51baa342984a84ca1ac8dd900998b.png | 185.244.209.62 | 200 OK | 653 B |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/1da51baa342984a84ca1ac8dd900998b.png IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typePNG image data, 32 x 32, 8-bit colormap, non-interlaced Hashe6f0766cbd95db33da44e7a9140648f2 5f196b1bfe8c3f92bd2ebcd67124e72e81ae6aaf c0399d478788d5d483f104a2e8cb7c32f41cb40e9df0c22e831b2bfa2db63ec0
GET /genfiles/cms/1-285/desktop/media_asset/1da51baa342984a84ca1ac8dd900998b.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:41 GMT
content-type: image/png
content-length: 653
last-modified: Tue, 25 Apr 2023 13:43:56 GMT
etag: "e6f0766cbd95db33da44e7a9140648f2"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
x-cached-since: 2023-12-18T07:12:59+00:00
traceparent: 00-ef1dc1054950bc93f65fd1fb07858af3-c995889923cf55e7-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/f5105820.css | 185.244.209.62 | 200 OK | 194 B |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/f5105820.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (395), with no line terminators Hash2818ab9c6ece35261fbf658165189623 f01f8175a7a89449a1dad5f2a7df06c5866c10af b4f0b619b6f6ece6589df376a16eae022b084640348887d3c557e20a37207583
GET /_nuxt/desktop/default/css/f5105820.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:41 GMT
content-type: text/css
content-length: 194
last-modified: Wed, 24 Apr 2024 11:16:25 GMT
etag: "6628ea09-c2"
content-encoding: gzip
expires: Fri, 26 Apr 2024 09:23:37 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-b0a9900c096d65782f97f87e210b39cb-c528e7a83959a676-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T09:23:37+00:00, 2024-04-25T16:08:49+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.BettingContent-e046fd95.js | 185.244.209.62 | 200 OK | 636 B |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.BettingContent-e046fd95.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (1235), with no line terminators Hash9e3ac47608f356bc1dc1a9e6416bb442 ee016384b8a9bd54bb3d9acb0e692fdf935eca37 363d977ed612005685ed3c836a5add69b008d52a94e3da92b0ee2dcbe92ac486
GET /_nuxt/desktop/default/Page.Betting.Asia.BettingContent-e046fd95.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:41 GMT
content-type: application/javascript; charset=utf-8
content-length: 636
last-modified: Thu, 25 Apr 2024 10:37:52 GMT
etag: "662a3280-27c"
content-encoding: gzip
expires: Fri, 26 Apr 2024 14:28:35 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-5dedc860332a29de1f295263b10bcee4-c5844c37a5440f68-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T14:28:35+00:00, 2024-04-25T14:32:55+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.BettingLeftAside/Page.Betting.Main.Asian/betting.CentralMenuApp/betting.SportsMenuCompact-4ac47a98.js | 185.244.209.62 | 200 OK | 4.2 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.BettingLeftAside/Page.Betting.Main.Asian/betting.CentralMenuApp/betting.SportsMenuCompact-4ac47a98.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (14574), with no line terminators Hashc57084469422f881a05ddd74499c60ff 739fdc06fcdfbcd15f86b58445fa17026fa33dc5 7abe74e474edb41787c9e7b7a653a3660adaab357d4544c631adc41b6241dcb5
GET /_nuxt/desktop/default/Page.Betting.Asia.BettingLeftAside/Page.Betting.Main.Asian/betting.CentralMenuApp/betting.SportsMenuCompact-4ac47a98.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:41 GMT
content-type: application/javascript; charset=utf-8
content-length: 4186
last-modified: Thu, 25 Apr 2024 10:37:52 GMT
etag: "662a3280-105a"
content-encoding: gzip
expires: Fri, 26 Apr 2024 14:28:37 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-8ba57e1938028861322a371cd2a11c3d-ebe9c3e87cc423d3-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T14:28:37+00:00, 2024-04-25T14:32:55+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/2a37879e.css | 185.244.209.62 | 200 OK | 1.3 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/2a37879e.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (6872), with no line terminators Hash7727cc93d85a2459297f9b1237fc6a92 f37f7a3ec3d30df2513a38dd2c67fefaf038edec e4559060670fd8cf92ad4e830ae9237d2bbc735470f4597ad5d943388d9248d2
GET /_nuxt/desktop/default/css/2a37879e.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:41 GMT
content-type: text/css
content-length: 1331
last-modified: Thu, 25 Apr 2024 10:37:52 GMT
etag: "662a3280-533"
content-encoding: gzip
expires: Fri, 26 Apr 2024 12:27:19 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-8a70604d16d2372c47affb6d1065cb3e-fc48de5ebdebc537-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T12:27:19+00:00, 2024-04-25T13:42:35+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.BettingLeftAside-79ad2f0e.js | 185.244.209.62 | 200 OK | 10 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.BettingLeftAside-79ad2f0e.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (37195), with no line terminators Hash70a856ece2dd02e933e2fef3414ed184 1934275e14664f9ae568d5c584cf0d7bc405eb80 2436484f2b0d5cf261d2b340beb9d9d93998a13162919864119ac0cc0c13a8d6
GET /_nuxt/desktop/default/Page.Betting.Asia.BettingLeftAside-79ad2f0e.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:41 GMT
content-type: application/javascript; charset=utf-8
content-length: 10215
last-modified: Thu, 25 Apr 2024 10:37:52 GMT
etag: "662a3280-27e7"
content-encoding: gzip
expires: Fri, 26 Apr 2024 14:28:35 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-b9cc2d02f8125dd2e4f10045c348f7a5-6db909f984e673f6-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T14:28:35+00:00, 2024-04-25T14:32:56+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/GameProvider/Page.Betting.Asia.Homepage/Page.Betting.MultiLive/Page.CricketWorldCupPage/Page/17c2374e-ae524f2a.js | 185.244.209.62 | 200 OK | 37 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/vendors/GameProvider/Page.Betting.Asia.Homepage/Page.Betting.MultiLive/Page.CricketWorldCupPage/Page/17c2374e-ae524f2a.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65461) Hash886694940b166ad79a7c4b5a30eedb58 7ed534a6ed7b235ce25bc5376476ef84138432bc b0bc120f4a78e08b3d2765eb6da792d0d2232427317decb665bd6aac2fdc431e
GET /_nuxt/desktop/default/vendors/GameProvider/Page.Betting.Asia.Homepage/Page.Betting.MultiLive/Page.CricketWorldCupPage/Page/17c2374e-ae524f2a.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:41 GMT
content-type: application/javascript; charset=utf-8
content-length: 37175
last-modified: Thu, 25 Apr 2024 10:37:52 GMT
etag: "662a3280-9137"
content-encoding: gzip
expires: Fri, 26 Apr 2024 14:28:35 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-9cdef399ad21dea9d341fb943dad0883-e2294db98c7b50cd-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T14:28:35+00:00, 2024-04-25T14:32:56+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.Homepage/Page.NewCyber.Cyber/Page.NewCyber.CyberApp/Page.NewCyber.CyberChamp/Page./8c362243-c8580d37.js | 185.244.209.62 | 200 OK | 5.6 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.Homepage/Page.NewCyber.Cyber/Page.NewCyber.CyberApp/Page.NewCyber.CyberChamp/Page./8c362243-c8580d37.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (19536), with no line terminators Hash68b0e7b36aaabe3fc4c55b9b7a99b204 8e30dc11ce9406793473bdff9aac0101f562655e 2bdec28d6e101619011e495111f672ccba2334d2f089a5a87fca2512d86d7f0c
GET /_nuxt/desktop/default/Page.Betting.Asia.Homepage/Page.NewCyber.Cyber/Page.NewCyber.CyberApp/Page.NewCyber.CyberChamp/Page./8c362243-c8580d37.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:41 GMT
content-type: application/javascript; charset=utf-8
content-length: 5568
last-modified: Thu, 25 Apr 2024 10:37:52 GMT
etag: "662a3280-15c0"
content-encoding: gzip
expires: Fri, 26 Apr 2024 14:28:35 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-05a6db6e2a8249beb8c21b663f55b12e-6251ee63721753b8-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T14:28:35+00:00, 2024-04-25T14:32:55+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Asia.Homepage-997209ca.js | 185.244.209.62 | 200 OK | 10 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Asia.Homepage-997209ca.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (36639), with no line terminators Hash65e245bd372dea1e58738d756283e8f6 8f6563d4b9b19f66c4e537ab793c123599168d26 38c3961b371948346f708b3bf23d6f20b83e76f5b0b4102154c84bb50fe7ee5c
GET /_nuxt/desktop/default/vendors/Page.Betting.Asia.Homepage-997209ca.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:41 GMT
content-type: application/javascript; charset=utf-8
content-length: 10111
last-modified: Thu, 25 Apr 2024 10:37:52 GMT
etag: "662a3280-277f"
content-encoding: gzip
expires: Fri, 26 Apr 2024 14:28:35 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-6eb86c372517eee21bf0456d15114535-1d3307a96dfaf1ec-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T14:28:35+00:00, 2024-04-25T14:32:55+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/4b5c6c89.css | 185.244.209.62 | 200 OK | 6.7 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/4b5c6c89.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (53058), with no line terminators Hash173f5247c95e1b42bb3b77ed0a8eb44d 5b4b32ac3c6b995e254b7e8e1ecdf00ef4882aa9 f20b6d24581afe4c6af83abbc14b11194385c8e5f15a27e972724f61891c6dd0
GET /_nuxt/desktop/default/css/4b5c6c89.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:41 GMT
content-type: text/css
content-length: 6667
last-modified: Thu, 25 Apr 2024 10:37:52 GMT
etag: "662a3280-1a0b"
content-encoding: gzip
expires: Fri, 26 Apr 2024 12:54:25 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-4f55d43662b9da0959466357fad8befe-6d7b7e0834d971c9-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T12:54:25+00:00, 2024-04-25T13:42:35+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.Homepage-da45acc1.js | 185.244.209.62 | 200 OK | 32 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.Homepage-da45acc1.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (64912), with no line terminators Hashcbf2424a84930767b46aa8d32382630e 237dc0de3c9db7b080424eeb69e2feb2a6d7805e 4a2f536eada6636b0d6d1747962d8aa508c88405865199c32f05cd95605bdfbb
GET /_nuxt/desktop/default/Page.Betting.Asia.Homepage-da45acc1.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:41 GMT
content-type: application/javascript; charset=utf-8
content-length: 32515
last-modified: Thu, 25 Apr 2024 10:37:52 GMT
etag: "662a3280-7f03"
content-encoding: gzip
expires: Fri, 26 Apr 2024 14:28:37 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-e858253e7671a6fe14791f82d0199799-5c60e0c9e0240e97-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T14:28:37+00:00, 2024-04-25T14:32:56+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/f72f2b10.css | 185.244.209.62 | 200 OK | 4.8 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/f72f2b10.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (38649), with no line terminators Hash8ab5f1e804e2a4565dea164054ff0907 7ee2bea2c9dcb6424f707c35588a316a249270fa ce3424802faaac382a0efe23fbc285123fae95d0461ecf26e4881e1907acd9ec
GET /_nuxt/desktop/default/css/f72f2b10.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:41 GMT
content-type: text/css
content-length: 4780
last-modified: Thu, 25 Apr 2024 10:37:52 GMT
etag: "662a3280-12ac"
content-encoding: gzip
expires: Fri, 26 Apr 2024 12:27:19 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-f6144c313a984eb3309b41967b712f7b-6df55adecb2099b8-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T12:27:19+00:00, 2024-04-25T13:42:36+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.Asian-cb1300f7.js | 185.244.209.62 | 200 OK | 29 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.Asian-cb1300f7.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (64788), with no line terminators Hash07824180288a9c6a3276f486612df7d7 ec83f284a957114b2bf1e709b574c8bab032bf19 b89df0b5e3c1a25a67b84e7fb42719fd512dbc49a8c3dda0e7dfe786f6ee573a
GET /_nuxt/desktop/default/Page.Betting.Main.Asian-cb1300f7.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:41 GMT
content-type: application/javascript; charset=utf-8
content-length: 28909
last-modified: Thu, 25 Apr 2024 10:37:52 GMT
etag: "662a3280-70ed"
content-encoding: gzip
expires: Fri, 26 Apr 2024 14:28:35 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-7fd70b02f41ada8bad1f2e2b9784c280-3034c30ceb266b60-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T14:28:35+00:00, 2024-04-25T14:32:56+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.v-tooltip-de9cbf4c.js | 185.244.209.62 | 200 OK | 22 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.v-tooltip-de9cbf4c.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65476) Hashe0798c11c128dde9a2f8cb7010b4f2ac b501199439c816e3ce7b4db9343be18c7176393f f4d06de3e82b9e4717168f7368574bd7878368633d05b5b2136645e9f0f41fcb
GET /_nuxt/desktop/default/vendors/plugins.v-tooltip-de9cbf4c.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:42 GMT
content-type: application/javascript; charset=utf-8
content-length: 21881
last-modified: Thu, 25 Apr 2024 10:37:52 GMT
etag: "662a3280-5579"
content-encoding: gzip
expires: Fri, 26 Apr 2024 14:28:36 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-885c034e0910a5055a60f4234a526d13-e37c5c74a32248b6-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T14:28:36+00:00, 2024-04-25T14:32:56+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.vue-notification-be432464.js | 185.244.209.62 | 200 OK | 4.6 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.vue-notification-be432464.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (12527), with no line terminators Hash1f560cda98016a758f23b98bb6451629 601e2074c0bac9c95a4cde3a1b0c8b2c46fc4157 e56d555d970e127bfcc5baf5da80649f7db6e3b9b09795af851020ca565644cd
GET /_nuxt/desktop/default/vendors/plugins.vue-notification-be432464.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:42 GMT
content-type: application/javascript; charset=utf-8
content-length: 4556
last-modified: Thu, 25 Apr 2024 10:37:52 GMT
etag: "662a3280-11cc"
content-encoding: gzip
expires: Fri, 26 Apr 2024 12:54:19 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-624b033b33d88f8992f2d9c7142917b7-ae31966b28992baf-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T12:54:19+00:00, 2024-04-25T13:05:44+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/e5c0e314.css | 185.244.209.62 | 200 OK | 953 B |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/e5c0e314.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (3352), with no line terminators Hash748da80084597d87b4ff5e98b017b07b db6ad2ec24bfcbe751a23061d935403e1163f471 4eaf4071f43aaa0243a4c6948131b7a3e03fe6ab1f4228da38e8588c15e01f24
GET /_nuxt/desktop/default/css/e5c0e314.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:42 GMT
content-type: text/css
content-length: 953
last-modified: Wed, 24 Apr 2024 11:16:26 GMT
etag: "6628ea0a-3b9"
content-encoding: gzip
expires: Fri, 26 Apr 2024 11:04:50 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-dbbd752c5eb1067bfbb49ebe12237ea2-c56b94c67fa3cbd8-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T11:04:50+00:00, 2024-04-25T14:51:46+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.vue-js-modal-b4e5c536.js | 185.244.209.62 | 200 OK | 8.1 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.vue-js-modal-b4e5c536.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (26717), with no line terminators Hashd6c0749abfe6ac3fa12439f8c5280965 9f433c690b68983f71225293938bfbea88e432f1 fe95732bdaefa78507800cbdf5e127902eec74eef86bee6a9bf1eeafc915c26c
GET /_nuxt/desktop/default/vendors/plugins.vue-js-modal-b4e5c536.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:42 GMT
content-type: application/javascript; charset=utf-8
content-length: 8056
last-modified: Thu, 25 Apr 2024 10:37:52 GMT
etag: "662a3280-1f78"
content-encoding: gzip
expires: Fri, 26 Apr 2024 12:54:19 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-64db905d442edc382caf5b3339750d59-a1567eaa82555448-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T12:54:19+00:00, 2024-04-25T13:05:44+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/date-fns-locale-21-1bddb75a.js | 185.244.209.62 | 200 OK | 2.1 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/date-fns-locale-21-1bddb75a.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (6960), with no line terminators Hash646a2b32c35fc60e6fe759e25b80b680 4bffb554df5ebcd3f96154047e39cc1efe9d4658 b8339391f1719293f8987d960120957904d99c0e4d634e48f6f16f3e2c25e812
GET /_nuxt/desktop/default/date-fns-locale-21-1bddb75a.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:42 GMT
content-type: application/javascript; charset=utf-8
content-length: 2118
last-modified: Thu, 25 Apr 2024 10:37:52 GMT
etag: "662a3280-846"
content-encoding: gzip
expires: Fri, 26 Apr 2024 14:28:37 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-79d7ea99356730a62a8467abc8c0267b-8a08baea28f8593b-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T14:28:37+00:00, 2024-04-25T14:51:46+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/DC-5812449e.js | 185.244.209.62 | 200 OK | 1.0 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/DC-5812449e.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (2336), with no line terminators Hash5fd92d5e19084953d42f6435bf43dbc3 1605b683a815f82e1439bedd7f7acc9bef1d75c1 ad5547e0059467c7711c34a6627570759b87ea738c7659a3f169fe1871eb2dda
GET /_nuxt/desktop/default/DC-5812449e.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:42 GMT
content-type: application/javascript; charset=utf-8
content-length: 1000
last-modified: Thu, 25 Apr 2024 10:37:52 GMT
etag: "662a3280-3e8"
content-encoding: gzip
expires: Fri, 26 Apr 2024 12:54:22 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-405194b75a898f1b713a55a6a270cd02-fc1778cb79f395d2-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T12:54:22+00:00, 2024-04-25T13:05:48+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Betting.Core-3d5acad8.js | 185.244.209.62 | 200 OK | 1.5 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/Betting.Core-3d5acad8.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (2341), with no line terminators Hash20dfbfd0b527a3400141072543ab8d14 8b18103124ebcc40d3817e5b0897403dd79a777d 60ad198390a8936e848b2beeb25fb8f57fdb8a9a44cae0a2b22b731e38242d95
GET /_nuxt/desktop/default/Betting.Core-3d5acad8.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:42 GMT
content-type: application/javascript; charset=utf-8
content-length: 1504
last-modified: Thu, 25 Apr 2024 10:37:52 GMT
etag: "662a3280-5e0"
content-encoding: gzip
expires: Fri, 26 Apr 2024 12:56:51 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-dd9263deff991b6e2fbee5603f0c3bf3-8e9333ef206f0977-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T12:56:51+00:00, 2024-04-25T12:58:32+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-660473.top/seo-module-api/api/public/v1/analytics-counters?url=https:%2F%2F1xlite-660473.top&projectId=285 | 178.253.29.47 | 200 OK | 141 B |
URL GET HTTP/21xlite-660473.top/seo-module-api/api/public/v1/analytics-counters?url=https:%2F%2F1xlite-660473.top&projectId=285 IP178.253.29.47:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerLet's Encrypt Subject1xlite-660473.top FingerprintAE:C9:7E:01:65:F2:2B:09:5E:F8:15:42:9A:94:F9:44:A4:7F:F2:5D ValidityTue, 26 Mar 2024 09:13:24 GMT - Mon, 24 Jun 2024 09:13:23 GMT
Hashbd9be2fa89d26e9e6f1b2e08ffcd0ed6 90eae25ee792254c7ca97e98c5782078f9bdc37f c11510c5556799ec6bf918684e80903d08cf6237d3c4f94d32a8ebf35d067a1d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /seo-module-api/api/public/v1/analytics-counters?url=https:%2F%2F1xlite-660473.top&projectId=285 HTTP/1.1
Host: 1xlite-660473.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder; platform_type=desktop; auid=sv0dL2Yq7Xxr7e+7AxAFAg==; SESSION=587ba088a1b8608459f8108426e49de1; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:42 GMT
content-type: application/json
content-length: 141
cache-control: max-age=1200, must-revalidate, public, s-maxage=1800, stale-if-error=86400, stale-while-revalidate=300
x-content-digest: enebf83560af95b198ca2d2caf127b1151
age: 995
x-request-id: d8247a16e65b4124fbdf7e2b0af64966
x-request-guid: d8247a16e65b4124fbdf7e2b0af64966
x-time-ng: 0.002
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: p;dur=1.478910446167, wf-uht;dur=
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/consultant.supHelperV2-56fa9b09.js | 185.244.209.62 | 200 OK | 1.5 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/consultant.supHelperV2-56fa9b09.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (3229), with no line terminators Hash31dddc1647801a3327fdbc35796cc728 be143b7b082c2e26d4f5888795cdfbae3ee7fe30 5e182646aa4ce68aad3d97501ada00313a7dd51a5883b713c27803bb51e0a7ca
GET /_nuxt/desktop/default/consultant.supHelperV2-56fa9b09.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:42 GMT
content-type: application/javascript; charset=utf-8
content-length: 1451
last-modified: Thu, 25 Apr 2024 10:37:52 GMT
etag: "662a3280-5ab"
content-encoding: gzip
expires: Fri, 26 Apr 2024 14:28:37 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-b56f9721cceabf464a6669d51039897f-80218ef05df9eaec-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T14:28:37+00:00, 2024-04-25T14:32:56+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-660473.top/version.json?timestamp=1714089342225 | 178.253.29.47 | 200 OK | 44 B |
URL GET HTTP/21xlite-660473.top/version.json?timestamp=1714089342225 IP178.253.29.47:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerLet's Encrypt Subject1xlite-660473.top FingerprintAE:C9:7E:01:65:F2:2B:09:5E:F8:15:42:9A:94:F9:44:A4:7F:F2:5D ValidityTue, 26 Mar 2024 09:13:24 GMT - Mon, 24 Jun 2024 09:13:23 GMT
Hash4dda53dbeb340a5129b07e1702aa8dad 614a638c883bf28d94af0918fc794d5d275cfc20 eeb319ca820c70f7b63d4ff6a64bb4852647c066b7cd0245601964722306e983
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /version.json?timestamp=1714089342225 HTTP/1.1
Host: 1xlite-660473.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder; platform_type=desktop; auid=sv0dL2Yq7Xxr7e+7AxAFAg==; SESSION=587ba088a1b8608459f8108426e49de1; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:42 GMT
content-type: application/json
content-length: 44
last-modified: Thu, 25 Apr 2024 10:41:36 GMT
vary: Accept-Encoding
etag: "662a3360-2c"
content-encoding: gzip
expires: Thu, 25 Apr 2024 23:56:42 GMT
access-control-allow-origin: *
cache-control: max-age=60, max-age=60, s-maxage=60
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.008
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/ioc.dependencies.18-6c0bd0e4.js | 185.244.209.62 | 200 OK | 1.3 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/ioc.dependencies.18-6c0bd0e4.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (3073), with no line terminators Hash8de2f812def30650dc849a6c4ad1d711 cb603fde42ac77caf6f5432c710cfe271dda3cef 537262d05d61223f1d34cb2ec7ec7240f6b49c1189d0b7d7cff0384a4292f150
GET /_nuxt/desktop/default/ioc.dependencies.18-6c0bd0e4.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:42 GMT
content-type: application/javascript; charset=utf-8
content-length: 1321
last-modified: Thu, 25 Apr 2024 10:37:52 GMT
etag: "662a3280-529"
content-encoding: gzip
expires: Fri, 26 Apr 2024 14:28:37 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-92111d4b2e289855e3c4e3ea98d486e0-c57c59c5516077e6-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T14:28:37+00:00, 2024-04-25T14:32:56+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Cyber.Game/Page.NewCyber.CyberApp/Page.NewCyber.CyberChamps/Page.NewCyber.CyberDashboar/ff3e75d4-3bf76071.js | 185.244.209.62 | 200 OK | 7.4 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Cyber.Game/Page.NewCyber.CyberApp/Page.NewCyber.CyberChamps/Page.NewCyber.CyberDashboar/ff3e75d4-3bf76071.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (32231), with no line terminators Hash73045dab5a0f1892f4ecaa63deac81c4 53f582f313d660bcb8bc204d4b9930878f667271 3da8040fa2cbba713382129ac29b73bbd06c920cd0086fd10edad8b85c413e23
GET /_nuxt/desktop/default/vendors/Page.Cyber.Game/Page.NewCyber.CyberApp/Page.NewCyber.CyberChamps/Page.NewCyber.CyberDashboar/ff3e75d4-3bf76071.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:42 GMT
content-type: application/javascript; charset=utf-8
content-length: 7382
last-modified: Thu, 25 Apr 2024 10:37:52 GMT
etag: "662a3280-1cd6"
content-encoding: gzip
expires: Fri, 26 Apr 2024 14:28:39 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-c34db0720929aabbf4d4dc45680f5fcf-7b7008c3c08c4ad9-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T14:28:39+00:00, 2024-04-25T14:32:56+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/betting.SportMenuApp-c04577b2.js | 185.244.209.62 | 200 OK | 5.3 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/vendors/betting.SportMenuApp-c04577b2.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (20674), with no line terminators Hash92f2228f7f2d8ea17cc1bbd2946c5235 79c8609806d6d5d95cc518023baecc8d1952e6e2 e097b717e3ae34e2ff062ec780fb4b9513f743f41ca1e0528f07361bb5dc3f48
GET /_nuxt/desktop/default/vendors/betting.SportMenuApp-c04577b2.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:42 GMT
content-type: application/javascript; charset=utf-8
content-length: 5347
last-modified: Thu, 25 Apr 2024 10:37:52 GMT
etag: "662a3280-14e3"
content-encoding: gzip
expires: Fri, 26 Apr 2024 14:28:39 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-3528f606c3273e0624ee32451ec52315-7e3e34fc346f6e58-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T14:28:39+00:00, 2024-04-25T14:32:56+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/ad481252.css | 185.244.209.62 | 200 OK | 3.0 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/ad481252.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (22886), with no line terminators Hashc7f34a5d51920cc71c1de5650e93ba9f c8e496bab9ced71a3160f0d30d5f061e9b9845b1 5768f888a21a23426a5ba6c204d97b7fc73ba52a24d503676206036ec84a1265
GET /_nuxt/desktop/default/css/ad481252.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:42 GMT
content-type: text/css
content-length: 3004
last-modified: Thu, 25 Apr 2024 10:37:52 GMT
etag: "662a3280-bbc"
content-encoding: gzip
expires: Fri, 26 Apr 2024 12:27:40 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-d152a055f82760626627871403c9fe43-76f5772e52fe1b3f-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T12:27:40+00:00, 2024-04-25T14:32:56+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/betting.SportMenuApp-82ce6195.js | 185.244.209.62 | 200 OK | 25 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/betting.SportMenuApp-82ce6195.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65483), with no line terminators Hashcb65d148da616bc7624597ec1f9802da 51d8d278e180f09b548c0b123e3627840bce9244 2e27352090f3824edb7a7849a5daf063288ad34f11c710525c99b0bf1486b66f
GET /_nuxt/desktop/default/betting.SportMenuApp-82ce6195.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:42 GMT
content-type: application/javascript; charset=utf-8
content-length: 24915
last-modified: Thu, 25 Apr 2024 10:37:52 GMT
etag: "662a3280-6153"
content-encoding: gzip
expires: Fri, 26 Apr 2024 14:28:39 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-e5a214a725ae93578ad687e460e223c8-84e9bc7e3ccae208-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T14:28:39+00:00, 2024-04-25T14:32:56+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/betting.HomeSliderComponent-74faad26.js | 185.244.209.62 | 200 OK | 7.4 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/vendors/betting.HomeSliderComponent-74faad26.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (27479), with no line terminators Hash36a40a25b745631e0e28cac4083cbeac 76ad3820c008567577fec994bf3e1e7440e2e77e af4793dd4927863c6ac8d66b033d5d7efb7bfa65a967208fc1c12a07bdc64436
GET /_nuxt/desktop/default/vendors/betting.HomeSliderComponent-74faad26.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:42 GMT
content-type: application/javascript; charset=utf-8
content-length: 7383
last-modified: Thu, 25 Apr 2024 10:37:52 GMT
etag: "662a3280-1cd7"
content-encoding: gzip
expires: Fri, 26 Apr 2024 14:28:39 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-74e0d9dd6b5f7e7aecf2e10e858f6f81-0338e087b9c5b5e3-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T14:28:39+00:00, 2024-04-25T14:32:56+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/85022173.css | 185.244.209.62 | 200 OK | 1.7 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/85022173.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (9757), with no line terminators Hashd9ff2bf37891da2be05d7fd5442113f5 419f63a7b47f983139a1cdc040707ab4b90bc255 05d90d1e2368c45cf52f0796d76035b98b8ab02ff57d218005ddffbfc20963c5
GET /_nuxt/desktop/default/css/85022173.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:42 GMT
content-type: text/css
content-length: 1731
last-modified: Thu, 25 Apr 2024 10:37:52 GMT
etag: "662a3280-6c3"
content-encoding: gzip
expires: Fri, 26 Apr 2024 12:54:33 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-f9a41f159f9f70673a3bddbcb14b5fd2-8febc4396d83cef6-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T12:54:33+00:00, 2024-04-25T13:05:48+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/betting.HomeSliderComponent-888df66d.js | 185.244.209.62 | 200 OK | 7.6 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/betting.HomeSliderComponent-888df66d.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (24523), with no line terminators Hash54be88936d941a65bd59d27f8bf96657 47a93d65c60bc45add632fcf288afff7ba6fe257 ee1dc1579a781b5d03318e39af446dfe8d2fd2c1cd6878a61882c21414d24a06
GET /_nuxt/desktop/default/betting.HomeSliderComponent-888df66d.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:42 GMT
content-type: application/javascript; charset=utf-8
content-length: 7601
last-modified: Thu, 25 Apr 2024 10:37:52 GMT
etag: "662a3280-1db1"
content-encoding: gzip
expires: Fri, 26 Apr 2024 14:28:39 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-2b904872e7aea31ed7273373bc65592c-813f774365bb2109-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T14:28:39+00:00, 2024-04-25T14:32:56+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/9f2746da.css | 185.244.209.62 | 200 OK | 1.3 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/9f2746da.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (6439), with no line terminators Hashcdd7464b2b178b37ed8a1368b6383203 0a13fc4908d91476649bb51e33d690b460a5a89c aeacff8e3f578ea2842f067e3f42d53e72a4f668cf526c60dc659bd89f5a3c6b
GET /_nuxt/desktop/default/css/9f2746da.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:42 GMT
content-type: text/css
content-length: 1305
last-modified: Thu, 25 Apr 2024 10:37:52 GMT
etag: "662a3280-519"
content-encoding: gzip
expires: Fri, 26 Apr 2024 12:27:40 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-f9d8afdcd970d9fe32e49ef299f1ea06-0f18175c2a0343cc-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T12:27:40+00:00, 2024-04-25T14:32:56+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/betting.CentralMenuApp-fcf94262.js | 185.244.209.62 | 200 OK | 16 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/betting.CentralMenuApp-fcf94262.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (64597), with no line terminators Hash0b750d1eb8ed980568c3b2783bc73abe 2f4cbcbc29cf5174e2490d0723dffd13919391a4 36844a337b242c366f594f7cd16f1505aefa8c2c38dccaf97b78eec261021312
GET /_nuxt/desktop/default/betting.CentralMenuApp-fcf94262.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:42 GMT
content-type: application/javascript; charset=utf-8
content-length: 16497
last-modified: Thu, 25 Apr 2024 10:37:52 GMT
etag: "662a3280-4071"
content-encoding: gzip
expires: Fri, 26 Apr 2024 14:28:39 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-32706086b15b9d92f6772a8225409287-39c8a0a8996576cc-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T14:28:39+00:00, 2024-04-25T14:32:56+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/526e44d9.css | 185.244.209.62 | 200 OK | 459 B |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/526e44d9.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (1526), with no line terminators Hash97fdf5b6e7dfddf6ab251e984133b2c3 bb552fe685c52c34e0ed91e4dfaa9df2675ad086 92fcdb73c544b1f2befe78685340fd3371e920187a2232f8e4bffd73985d40e3
GET /_nuxt/desktop/default/css/526e44d9.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:42 GMT
content-type: text/css
content-length: 459
last-modified: Wed, 24 Apr 2024 11:16:26 GMT
etag: "6628ea0a-1cb"
content-encoding: gzip
expires: Fri, 26 Apr 2024 11:05:14 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-d78c19ae99be7969882cc3fd75fbbeb0-199067dcb25d1d07-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T11:05:14+00:00, 2024-04-25T14:54:44+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/betting.media-969fa6be.js | 185.244.209.62 | 200 OK | 17 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/vendors/betting.media-969fa6be.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (41022), with NEL line terminators Hashed1aa306ac0483a61e03d12f0cf0c683 3688fabf92067a4cc58d87aec282cddc6a7e33f0 fdc6326914576f6b064f1b56dc5e153e8f601d12932d28cda623ea1c6670ffff
GET /_nuxt/desktop/default/vendors/betting.media-969fa6be.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:42 GMT
content-type: application/javascript; charset=utf-8
content-length: 16831
last-modified: Thu, 25 Apr 2024 10:37:52 GMT
etag: "662a3280-41bf"
content-encoding: gzip
expires: Fri, 26 Apr 2024 12:54:31 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-7a0b59549707ebb8d034ec9316aa7f1c-3ee651575351b467-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T12:54:31+00:00, 2024-04-25T13:05:52+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/ff267c5c.css | 185.244.209.62 | 200 OK | 1.5 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/ff267c5c.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (7000), with no line terminators Hashf379bc6f4b94f34d96f6fe51159bee63 f4c0d4dbef1e1e734e84e05d75e4ff950d06eb60 b2a5bd6495250a19500dd5a6ca62f045c8b70226a668dc63ef40c78883bdae11
GET /_nuxt/desktop/default/css/ff267c5c.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:42 GMT
content-type: text/css
content-length: 1486
last-modified: Thu, 25 Apr 2024 10:37:52 GMT
etag: "662a3280-5ce"
content-encoding: gzip
expires: Fri, 26 Apr 2024 14:33:18 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-6938d90c812be71b63475f2308cd0c8a-c5dde3a9402cf780-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T14:33:18+00:00, 2024-04-25T16:12:56+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/betting.media-91c67102.js | 185.244.209.62 | 200 OK | 4.7 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/betting.media-91c67102.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (16761), with no line terminators Hash9edd02014a4812685d800389066bc94b c89f400bb9b8ab7af4e7461a2d2ec002aea83bb8 23e9fe0dac6ac461e53781b9d407e7e3595eeea010fb4d6236eaa6b7699928ee
GET /_nuxt/desktop/default/betting.media-91c67102.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:42 GMT
content-type: application/javascript; charset=utf-8
content-length: 4731
last-modified: Thu, 25 Apr 2024 10:37:52 GMT
etag: "662a3280-127b"
content-encoding: gzip
expires: Fri, 26 Apr 2024 14:28:39 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-f4f24a9292b5f044cd96b4f77bd08d89-6140ee3aec48c225-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T14:28:39+00:00, 2024-04-25T14:32:56+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-660473.top/service-api/gamespreview/getbanner?whence=55&ref=1&gr=285&lng=en&fCountry=137 | 178.253.29.47 | 200 OK | 155 B |
URL GET HTTP/21xlite-660473.top/service-api/gamespreview/getbanner?whence=55&ref=1&gr=285&lng=en&fCountry=137 IP178.253.29.47:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerLet's Encrypt Subject1xlite-660473.top FingerprintAE:C9:7E:01:65:F2:2B:09:5E:F8:15:42:9A:94:F9:44:A4:7F:F2:5D ValidityTue, 26 Mar 2024 09:13:24 GMT - Mon, 24 Jun 2024 09:13:23 GMT
Hashd9c4e764d0719887a701a2fd57d2ed20 dd9132eb122454d6202e18dc89cf3f813bd28eea bfb3eb33d14d3606f7ef2f2ebf7194a6eba1837022e2cce1a5adaebff4226d10
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/gamespreview/getbanner?whence=55&ref=1&gr=285&lng=en&fCountry=137 HTTP/1.1
Host: 1xlite-660473.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-660473.top/en?tag=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder; platform_type=desktop; auid=sv0dL2Yq7Xxr7e+7AxAFAg==; SESSION=587ba088a1b8608459f8108426e49de1; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:42 GMT
content-type: application/json; charset=utf-8
content-length: 155
x-time-ng: 0.003
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.012
X-Firefox-Spdy: h2
|
|
| 1xlite-660473.top/session-api/sessions/user | 178.253.29.47 | 200 OK | 16 B |
URL GET HTTP/21xlite-660473.top/session-api/sessions/user IP178.253.29.47:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerLet's Encrypt Subject1xlite-660473.top FingerprintAE:C9:7E:01:65:F2:2B:09:5E:F8:15:42:9A:94:F9:44:A4:7F:F2:5D ValidityTue, 26 Mar 2024 09:13:24 GMT - Mon, 24 Jun 2024 09:13:23 GMT
Hash646b2e82b65602d35f7aa6283c387e3a b163a70c5df8e4b0861a23a04f8a6f78393747f4 b68bf12405ee2cb5b76764df21dbc2df0953ddff4072ddc5281d1aab05e8c4ab
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /session-api/sessions/user HTTP/1.1
Host: 1xlite-660473.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-660473.top/en?tag=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder; platform_type=desktop; auid=sv0dL2Yq7Xxr7e+7AxAFAg==; SESSION=587ba088a1b8608459f8108426e49de1; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:42 GMT
content-type: application/json
content-length: 16
cache-control: no-cache, private
x-time-ng: 0.003
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: p;dur=1.4321804046631, wf-uht;dur=0.010
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/88cfac66.css | 185.244.209.62 | 200 OK | 97 B |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/88cfac66.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash9deb70dd3fbdc7061ed21c5632fbc55b 22ae1cadf75b3fdd5e3e3762842b1b7a6f6e7ed8 be8196057ac43ab3882caf30239c364e1ef4ceda087e92ca87187ce239f022f9
GET /_nuxt/desktop/default/css/88cfac66.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:42 GMT
content-type: text/css
content-length: 97
last-modified: Wed, 24 Apr 2024 11:16:25 GMT
etag: "6628ea09-61"
content-encoding: gzip
expires: Thu, 25 Apr 2024 14:35:41 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-7d3d5189b68d2f107e2594929681380f-5f30a28e7578c99c-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-24T14:35:41+00:00, 2024-04-25T11:57:25+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/Auth.Forms/RegistrationWidgetApp/components/userControl.auth_form_extended/registration.Main/da7322db-4c41d619.js | 185.244.209.62 | 200 OK | 8.5 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/vendors/Auth.Forms/RegistrationWidgetApp/components/userControl.auth_form_extended/registration.Main/da7322db-4c41d619.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (25972) Hash83575afda287eafafb4102f4463ea9a7 241502bfcd1fdaf75068e1f6497e65642ec7981d 6c7258871472c35e8d3f7f4c71550a079165d95f913297204b6746faf5f31f33
GET /_nuxt/desktop/default/vendors/Auth.Forms/RegistrationWidgetApp/components/userControl.auth_form_extended/registration.Main/da7322db-4c41d619.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:42 GMT
content-type: application/javascript; charset=utf-8
content-length: 8517
last-modified: Thu, 25 Apr 2024 10:37:52 GMT
etag: "662a3280-2145"
content-encoding: gzip
expires: Fri, 26 Apr 2024 14:28:38 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-d78a14370cdc6d38b568a5f6d8e3667b-e7fe996672434252-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T14:28:38+00:00, 2024-04-25T14:32:56+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/25e24e18.css | 185.244.209.62 | 200 OK | 1.5 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/25e24e18.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (6262), with no line terminators Hash09f1bd90913ad83743065cc13ee3e0c6 0f1d49d4ddfccf474d882839c1ac901a8c1d91e6 b0222e16baaccc20a1143166da7715bbab586f1d8d8bebf26f91e98738a55a92
GET /_nuxt/desktop/default/css/25e24e18.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:42 GMT
content-type: text/css
content-length: 1505
last-modified: Thu, 25 Apr 2024 10:37:52 GMT
etag: "662a3280-5e1"
content-encoding: gzip
expires: Fri, 26 Apr 2024 12:27:51 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-3151d465996f8865fa9e16b674a2fa41-0460722363afc990-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T12:27:51+00:00, 2024-04-25T14:32:56+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/RegistrationWidgetApp-41260109.js | 185.244.209.62 | 200 OK | 21 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/vendors/RegistrationWidgetApp-41260109.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash21a835136b8ae33cd00097879bb168a6 0be03e28575e2d36f43af705a84d6696e07717d1 cb12d647211b4890761ff8ece8e9fb9b0de34219e200e7a2c8dcc123c3417632
GET /_nuxt/desktop/default/vendors/RegistrationWidgetApp-41260109.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:43 GMT
content-type: application/javascript; charset=utf-8
content-length: 20723
last-modified: Thu, 25 Apr 2024 10:37:52 GMT
etag: "662a3280-50f3"
content-encoding: gzip
expires: Fri, 26 Apr 2024 14:28:39 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-665f34d06f14a1e618130c314a633b13-18b33d3d40f5168b-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T14:28:39+00:00, 2024-04-25T14:32:56+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/betting.coupon2-1ecfb74c.js | 185.244.209.62 | 200 OK | 580 B |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/betting.coupon2-1ecfb74c.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (1003), with no line terminators Hash14565039f0ad5d77219bca259af6c150 e4a754546968a83c871aa2a5f4d88ba141a15fc6 6558d81c13b54927cf40265b22f5c1c9184571e740da752071d574092556fc90
GET /_nuxt/desktop/default/betting.coupon2-1ecfb74c.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:43 GMT
content-type: application/javascript; charset=utf-8
content-length: 580
last-modified: Thu, 25 Apr 2024 10:37:52 GMT
etag: "662a3280-244"
content-encoding: gzip
expires: Fri, 26 Apr 2024 14:28:39 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-aa7bd336752820742fb353e75c1e204d-4f954838b037648a-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T14:28:39+00:00, 2024-04-25T14:32:56+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-660473.top/service-api/LiveFeed/WebGetTopChampsZip?lng=en&gr=285&country=137 | 178.253.29.47 | 200 OK | 266 B |
URL GET HTTP/21xlite-660473.top/service-api/LiveFeed/WebGetTopChampsZip?lng=en&gr=285&country=137 IP178.253.29.47:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerLet's Encrypt Subject1xlite-660473.top FingerprintAE:C9:7E:01:65:F2:2B:09:5E:F8:15:42:9A:94:F9:44:A4:7F:F2:5D ValidityTue, 26 Mar 2024 09:13:24 GMT - Mon, 24 Jun 2024 09:13:23 GMT
Hash16f9e35434c6dde662de2d55fd60af24 6583a4b9d596ad7c64ea58ed28fb412379995775 8922f3ebca99234ff6ee7bf29422b552064351447ec708213c6c3d823b5fb189
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/WebGetTopChampsZip?lng=en&gr=285&country=137 HTTP/1.1
Host: 1xlite-660473.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-660473.top/en?tag=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder; platform_type=desktop; auid=sv0dL2Yq7Xxr7e+7AxAFAg==; SESSION=587ba088a1b8608459f8108426e49de1; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:43 GMT
content-type: application/json; charset=utf-8
content-length: 266
cache-control: no-cache
content-encoding: br
last-modified: Thu, 25 Apr 2024 23:55:43 GMT
vary: Accept-Encoding
x-time-ng: 0.004
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.013
X-Firefox-Spdy: h2
|
|
| 1xlite-660473.top/service-api/LiveFeed/GetTopGamesStatZip?lng=en&antisports=66 | 178.253.29.47 | 200 OK | 2.2 kB |
URL GET HTTP/21xlite-660473.top/service-api/LiveFeed/GetTopGamesStatZip?lng=en&antisports=66 IP178.253.29.47:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerLet's Encrypt Subject1xlite-660473.top FingerprintAE:C9:7E:01:65:F2:2B:09:5E:F8:15:42:9A:94:F9:44:A4:7F:F2:5D ValidityTue, 26 Mar 2024 09:13:24 GMT - Mon, 24 Jun 2024 09:13:23 GMT
Hashd225d93bd4473b2b70cda0101a79fb18 d806571cc58c5d5476273ef9edce09e9cfd7b41a eeb5d6936a84de98ccd4638703cd7308a7c48a32ec32d2ffa07e0864b4bd6bf0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/GetTopGamesStatZip?lng=en&antisports=66 HTTP/1.1
Host: 1xlite-660473.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-660473.top/en?tag=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder; platform_type=desktop; auid=sv0dL2Yq7Xxr7e+7AxAFAg==; SESSION=587ba088a1b8608459f8108426e49de1; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:43 GMT
content-type: application/json; charset=utf-8
content-length: 2195
cache-control: public, max-age=5
content-encoding: br
last-modified: Thu, 25 Apr 2024 23:55:43 GMT
vary: Accept-Encoding
x-time-ng: 0.005
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.012
X-Firefox-Spdy: h2
|
|
| 1xlite-660473.top/bff-api/event-logo/v2/suitable.json?lang=en | 178.253.29.47 | 200 OK | 2 B |
URL GET HTTP/21xlite-660473.top/bff-api/event-logo/v2/suitable.json?lang=en IP178.253.29.47:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerLet's Encrypt Subject1xlite-660473.top FingerprintAE:C9:7E:01:65:F2:2B:09:5E:F8:15:42:9A:94:F9:44:A4:7F:F2:5D ValidityTue, 26 Mar 2024 09:13:24 GMT - Mon, 24 Jun 2024 09:13:23 GMT
Hashd751713988987e9331980363e24189ce 97d170e1550eee4afc0af065b78cda302a97674c 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /bff-api/event-logo/v2/suitable.json?lang=en HTTP/1.1
Host: 1xlite-660473.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-660473.top/en?tag=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder; platform_type=desktop; auid=sv0dL2Yq7Xxr7e+7AxAFAg==; SESSION=587ba088a1b8608459f8108426e49de1; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:43 GMT
content-type: application/json
content-length: 2
cache-control: no-cache, private
server-timing: bff;dur=11.92, dt_total;dur=91.239, wf-uht;dur=0.100
traceparent: 00-4c15d24f2030ff8533c680947de4a33c-156a58e14ed6bcc6-01
x-dt: 285
x-time-ng: 0.091
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| 1xlite-660473.top/genfiles/cms/desktop/contact/86f18367ce2829388dcdabccb99b1740.svg | 178.253.29.47 | 200 OK | 263 B |
URL GET HTTP/21xlite-660473.top/genfiles/cms/desktop/contact/86f18367ce2829388dcdabccb99b1740.svg IP178.253.29.47:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerLet's Encrypt Subject1xlite-660473.top FingerprintAE:C9:7E:01:65:F2:2B:09:5E:F8:15:42:9A:94:F9:44:A4:7F:F2:5D ValidityTue, 26 Mar 2024 09:13:24 GMT - Mon, 24 Jun 2024 09:13:23 GMT
File typeSVG Scalable Vector Graphics image Hash28e2c161800b61b985a163f5c492ae51 8845ea940210b4ccb195cca855a598e6aaa58ed0 77c93c24e4eb0f8815a7526d405818c9a38ba6e4317f1fee588fffbc00cb17de
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /genfiles/cms/desktop/contact/86f18367ce2829388dcdabccb99b1740.svg HTTP/1.1
Host: 1xlite-660473.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/en?tag=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder; platform_type=desktop; auid=sv0dL2Yq7Xxr7e+7AxAFAg==; SESSION=587ba088a1b8608459f8108426e49de1; window_width=1280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:43 GMT
content-type: image/svg+xml
content-length: 263
last-modified: Fri, 23 Feb 2024 10:01:24 GMT
etag: "28e2c161800b61b985a163f5c492ae51"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 1xlite-660473.top/genfiles/cms/desktop/contact/dbc1950bbcc8e27b5dbec1f42635e8d0.svg | 178.253.29.47 | 200 OK | 296 B |
URL GET HTTP/21xlite-660473.top/genfiles/cms/desktop/contact/dbc1950bbcc8e27b5dbec1f42635e8d0.svg IP178.253.29.47:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerLet's Encrypt Subject1xlite-660473.top FingerprintAE:C9:7E:01:65:F2:2B:09:5E:F8:15:42:9A:94:F9:44:A4:7F:F2:5D ValidityTue, 26 Mar 2024 09:13:24 GMT - Mon, 24 Jun 2024 09:13:23 GMT
File typeSVG Scalable Vector Graphics image Hashb1bf63d00887bb0354e9d89c7d790a01 2d64ab25c9afff682abd6732f62ba62a197e972b a6a4fbbd99a0a82de03f05da827ccd9d019574bf3450727530403c2b5ce92df0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /genfiles/cms/desktop/contact/dbc1950bbcc8e27b5dbec1f42635e8d0.svg HTTP/1.1
Host: 1xlite-660473.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/en?tag=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder; platform_type=desktop; auid=sv0dL2Yq7Xxr7e+7AxAFAg==; SESSION=587ba088a1b8608459f8108426e49de1; window_width=1280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:43 GMT
content-type: image/svg+xml
content-length: 296
last-modified: Fri, 23 Feb 2024 10:03:47 GMT
etag: "b1bf63d00887bb0354e9d89c7d790a01"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 1xlite-660473.top/genfiles/cms/desktop/contact/6726b16cfb4e516989153ce398d4a0e4.svg | 178.253.29.47 | 200 OK | 506 B |
URL GET HTTP/21xlite-660473.top/genfiles/cms/desktop/contact/6726b16cfb4e516989153ce398d4a0e4.svg IP178.253.29.47:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerLet's Encrypt Subject1xlite-660473.top FingerprintAE:C9:7E:01:65:F2:2B:09:5E:F8:15:42:9A:94:F9:44:A4:7F:F2:5D ValidityTue, 26 Mar 2024 09:13:24 GMT - Mon, 24 Jun 2024 09:13:23 GMT
File typeSVG Scalable Vector Graphics image Hash9c340eae608db0c25657b4a73d769afe 988fbf333a2e9290211cd9e6b7c98c59719012b0 b92e969acd8a1e0f9cfd1f84080ca5ccb8cb49b105299434c275a8813faf841e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /genfiles/cms/desktop/contact/6726b16cfb4e516989153ce398d4a0e4.svg HTTP/1.1
Host: 1xlite-660473.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/en?tag=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder; platform_type=desktop; auid=sv0dL2Yq7Xxr7e+7AxAFAg==; SESSION=587ba088a1b8608459f8108426e49de1; window_width=1280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:43 GMT
content-type: image/svg+xml
content-length: 506
last-modified: Fri, 23 Feb 2024 10:03:36 GMT
etag: "9c340eae608db0c25657b4a73d769afe"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-icons/1.0.328/285/logos.svg | 185.244.209.62 | 200 OK | 19 kB |
URL GET HTTP/2v3.traincdn.com/sys-icons/1.0.328/285/logos.svg IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hashc3fd6300f4f1eb9dd631e08c90c1ce0c 0b982ec6589377bfa6bcd07b22dc8169efa7fd9f 4f855a10192e6d15311f4b69079cab201f00ffabdeb66e187e22fbb4d403dc78
GET /sys-icons/1.0.328/285/logos.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-660473.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:43 GMT
content-type: image/svg+xml
last-modified: Mon, 15 Apr 2024 07:13:32 GMT
etag: W/"c45fb3adb3e47bdbd03c88fc4c4309aa"
x-amz-meta-mtime: 1713165210.217888091
content-encoding: gzip
expires: Tue, 23 Apr 2024 10:38:05 GMT
cache-control: max-age=86400
x-time-ng: 0.003
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-2db5fb1572870ea357bb168bf9174c39-b8d1b706193ce141-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-22T10:38:05+00:00, 2024-04-25T11:15:13+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-660473.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json | 178.253.29.47 | 200 OK | 23 B |
URL POST HTTP/21xlite-660473.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json IP178.253.29.47:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerLet's Encrypt Subject1xlite-660473.top FingerprintAE:C9:7E:01:65:F2:2B:09:5E:F8:15:42:9A:94:F9:44:A4:7F:F2:5D ValidityTue, 26 Mar 2024 09:13:24 GMT - Mon, 24 Jun 2024 09:13:23 GMT
Hash0666c2e0e460e70cbe2047fde25d1d7d 8942b0454d9caaf0139b8579b483b0c42653b691 31ee6723eb98d27ce2f3953e159cf3c8413a2c69713052832a929d02f65be8fb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json HTTP/1.1
Host: 1xlite-660473.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-660473.top/en?tag=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder
Content-Type: application/json
X-Lang: en
X-Uuid: 1cdba155-2a89-4500-9606-648141a6028a
Content-Length: 81
Origin: https://1xlite-660473.top
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder; platform_type=desktop; auid=sv0dL2Yq7Xxr7e+7AxAFAg==; SESSION=587ba088a1b8608459f8108426e49de1; window_width=1280; _glhf=1714107119
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:43 GMT
content-type: application/json
content-length: 23
x-time-ng: 0.001
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.030
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/DownloadAppWidget/modal.IplWorldInstallModal/modal.office.TwoFactorAuthEnableModal-fc97ad68.js | 185.244.209.62 | 200 OK | 5.6 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/vendors/DownloadAppWidget/modal.IplWorldInstallModal/modal.office.TwoFactorAuthEnableModal-fc97ad68.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (15997) Hash12c0a8a167063fa1743b27ac4e537460 a51e99cf826d86a23bf7e166f833b46b517ccdbb a49ece220afcdcf483c4b1a36e0813329c879079080cd81008709687811d1125
GET /_nuxt/desktop/default/vendors/DownloadAppWidget/modal.IplWorldInstallModal/modal.office.TwoFactorAuthEnableModal-fc97ad68.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:43 GMT
content-type: application/javascript; charset=utf-8
content-length: 5562
last-modified: Thu, 25 Apr 2024 10:37:52 GMT
etag: "662a3280-15ba"
content-encoding: gzip
expires: Fri, 26 Apr 2024 12:54:38 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-33abbaca9530718660e982be1de8e5fd-9e51dcf4112387ff-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T12:54:38+00:00, 2024-04-25T13:06:01+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/0e3e1e8d.css | 185.244.209.62 | 200 OK | 1.2 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/0e3e1e8d.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (5638), with no line terminators Hashbe85f100312ee4f9396b6e89cbcb0fef 3934783d38d182ddcaccfdedbbe4fb65c266864c 06a9b859f60f7872c7beaa8286d3c1f45708dd0e1dee20f4c0d55c8719cc2983
GET /_nuxt/desktop/default/css/0e3e1e8d.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:43 GMT
content-type: text/css
content-length: 1193
last-modified: Thu, 25 Apr 2024 10:37:52 GMT
etag: "662a3280-4a9"
content-encoding: gzip
expires: Fri, 26 Apr 2024 12:27:52 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-88f5f9427cacd4c425abfef98fb3a715-8225236468e29bb4-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T12:27:52+00:00, 2024-04-25T14:20:29+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder | 178.253.29.47 | 200 OK | 186 kB |
URL User Request GET HTTP/21xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder IP178.253.29.47:443 ASN#202492 Silverhill Group Holding Ltd
CertificateIssuerLet's Encrypt Subject1xlite-660473.top FingerprintAE:C9:7E:01:65:F2:2B:09:5E:F8:15:42:9A:94:F9:44:A4:7F:F2:5D ValidityTue, 26 Mar 2024 09:13:24 GMT - Mon, 24 Jun 2024 09:13:23 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (14339) Size186 kB (186020 bytes) Hashd66bbe444458b5591f8ad205ffebe1bd 744f2b671780f2effbc7c7d48eb1d7456b2bfd07 01ecb551db21990254a368ccd6d652dcfc2a38754ce5a7e51ca283807ef38c69
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder HTTP/1.1
Host: 1xlite-660473.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:40 GMT
content-type: text/html; charset=utf-8
content-encoding: br
server-timing: total;dur=1323;desc="Nuxt Server Time", dt_total;dur=1756.594, wf-uht;dur=1.791
set-cookie: lng=en; Path=/
cookies_agree_type=3; Path=/
tzo=2; Path=/
is12h=0; Path=/
referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; Path=/; Expires=Mon, 24 Jun 2024 23:55:38 GMT
reflinkid=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder; Path=/; Expires=Fri, 26 Apr 2024 00:55:38 GMT
postback_watcher=; Path=/; Expires=Thu, 25 Apr 2024 23:55:42 GMT
platform_type=desktop; Path=/; Expires=Sun, 28 Apr 2024 23:55:40 GMT; Secure; SameSite=None; Partitioned
auid=sv0dL2Yq7Xxr7e+7AxAFAg==; path=/; secure; httponly; samesite=lax
traceparent: 00-4d88a654e38b5ba07db4f27315e3def7-1db0fefff3c21976-01
vary: Accept-Encoding
x-dt: 285
x-frame-options: SAMEORIGIN
x-time-ng: 1.756
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sfiles/logo-champ/fb87599cd1236423aaeb35a23a706e18.webp | 185.244.209.62 | 200 OK | 2.0 kB |
URL GET HTTP/2v3.traincdn.com/sfiles/logo-champ/fb87599cd1236423aaeb35a23a706e18.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash870d4e81d1d5e1b0bc23e9cbd4407760 34818a0fc0f536005e182e7cfcbc54cd08bface8 195fa94124acd96f6e3b973b5adb6245c2962c244a765b3e399afea7e60faab5
GET /sfiles/logo-champ/fb87599cd1236423aaeb35a23a706e18.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:43 GMT
content-type: image/webp
content-length: 1982
last-modified: Wed, 04 Jan 2023 08:10:48 GMT
etag: "870d4e81d1d5e1b0bc23e9cbd4407760"
cache-control: public, max-age=86400, public
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-233e5256938db8a37303081fe60d8189-5dca47a96ccc36d7-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-03-19T22:39:48+00:00, 2024-04-25T02:23:53+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/5754.webp | 185.244.209.62 | 200 OK | 816 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/5754.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashbb626faf67460a45315e851801ee39da fbf5c940fc640177530d0533e38df76302b813f8 5f4c1061778ea9c6196d744276f120de35eabccbe55af89a34ab415296fcf9b8
GET /resized/size16/sfiles/logo_teams/5754.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:43 GMT
content-type: image/webp
content-length: 816
cache-control: max-age=94608000
content-disposition: inline; filename="5754.webp"
content-security-policy: script-src 'none'
expires: Mon, 22 Feb 2027 03:14:13 GMT
x-request-id: a4747bd72e7df8d32a90953f8d76affe
strict-transport-security: max-age=15724800; includeSubDomains
x-time-ng: 0.042
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-56636d608fa3a66cb822926de329c891-1340f80f8b5f3420-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-02-23T03:14:13+00:00, 2024-03-02T17:06:35+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/fad2e54836f893fa5bb1fb6e6180720c.webp | 185.244.209.62 | 200 OK | 718 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/fad2e54836f893fa5bb1fb6e6180720c.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashea680d302f174363a8328d6c71136c19 4f69f942d4aa23adf85f763e994c8fb0d8f4de57 484769bd75ab4957f099350b44fb580b90277915e66b05b422f0b0a874cb74cc
GET /resized/size16/sfiles/logo_teams/fad2e54836f893fa5bb1fb6e6180720c.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:43 GMT
content-type: image/webp
content-length: 718
cache-control: max-age=94608000
content-disposition: inline; filename="fad2e54836f893fa5bb1fb6e6180720c.webp"
content-security-policy: script-src 'none'
expires: Fri, 19 Mar 2027 16:33:52 GMT
x-request-id: fc68504335478075ca13ff137115d1ac
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-1e3cfb7f12cbf0c791805f60f2eca049-73cb11ba52e62f0e-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-03-19T16:33:52+00:00, 2024-03-31T14:20:58+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-660473.top/sys-betting-app-front/en?tag=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder | 178.253.29.47 | 200 OK | 21 kB |
URL GET HTTP/21xlite-660473.top/sys-betting-app-front/en?tag=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder IP178.253.29.47:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerLet's Encrypt Subject1xlite-660473.top FingerprintAE:C9:7E:01:65:F2:2B:09:5E:F8:15:42:9A:94:F9:44:A4:7F:F2:5D ValidityTue, 26 Mar 2024 09:13:24 GMT - Mon, 24 Jun 2024 09:13:23 GMT
Hash77f69536b89114fdd36897fd1e6f82c6 ffbcbd34f89149ca879ce4c8e7709ac5f0d27151 8eedceeea14420905d686845b7aac9e55b76224242049cc1d798a30238d89c26
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /sys-betting-app-front/en?tag=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder HTTP/1.1
Host: 1xlite-660473.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-660473.top/en?tag=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
mf-render-mode: json
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder; platform_type=desktop; auid=sv0dL2Yq7Xxr7e+7AxAFAg==; SESSION=587ba088a1b8608459f8108426e49de1; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:43 GMT
content-type: application/json
content-encoding: br
server-timing: total;dur=493;desc="Total __BETTING_APP__", dt_total;dur=509.240, wf-uht;dur=0.528
set-cookie: tzo=3; Path=/
traceparent: 00-bae92f379463f02ef7decbd70d1b822c-c369ddc383db6dc4-01
vary: Accept-Encoding, Accept-Encoding
x-dt: 285
x-time-ng: 0.508, 0.510
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/14641.webp | 185.244.209.62 | 200 OK | 718 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/14641.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash3e57084ac27a7ca95e336a06014b0b1c 50fc65441fe64dde5e83173fbc4f3477a3dddf83 705862f1e3e0c727d64e3a4020deb8e74c2fa9371a6bdbeecd6b524cfb2909cc
GET /resized/size16/sfiles/logo_teams/14641.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:43 GMT
content-type: image/webp
content-length: 718
cache-control: max-age=94608000
content-disposition: inline; filename="14641.webp"
content-security-policy: script-src 'none'
expires: Tue, 09 Mar 2027 09:51:05 GMT
x-request-id: ffa7e6e92e5a81da0974a7157606f098
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-a8446e61468ed314e6999e3d0005b194-3cf9f12137c91b09-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-03-09T09:51:05+00:00, 2024-03-09T22:06:09+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/5590.webp | 185.244.209.62 | 200 OK | 770 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/5590.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hasha01aee016aae96795d90462e5b60549c 900642a9f1fe5e517c4fae797ce25f38ff5395bd 3f88a7909654cd1a187ae69c8f6e8ea529997f1d3e9ab0fe0a5cd6d2e4f30ff5
GET /resized/size16/sfiles/logo_teams/5590.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:43 GMT
content-type: image/webp
content-length: 770
cache-control: max-age=94608000
content-disposition: inline; filename="5590.webp"
content-security-policy: script-src 'none'
expires: Tue, 06 Apr 2027 17:52:59 GMT
x-request-id: d1049c229304afa5e833acb00130644b
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-b06e42095acb88b8c4a8b5c089fa3fb8-68219bef21306835-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-06T17:52:59+00:00, 2024-04-07T06:43:31+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/3842.webp | 185.244.209.62 | 200 OK | 756 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/3842.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash32ee6335d6aa4b053d734c63c57a0107 5d056c5376602082ba1ddcab49feffe8d391e952 6049827a74de40c8d99fa19da70e50635c62c8c5e41a2e57eabb0617cc1e8416
GET /resized/size16/sfiles/logo_teams/3842.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:43 GMT
content-type: image/webp
content-length: 756
cache-control: max-age=94608000
content-disposition: inline; filename="3842.webp"
content-security-policy: script-src 'none'
expires: Fri, 19 Mar 2027 15:26:45 GMT
x-request-id: 8b78e8c50486381f18397efba1cfb9a9
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-5707c820a466238b1b1bdc30f46877de-442c22024f0cc988-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-03-19T15:26:45+00:00, 2024-03-19T17:50:41+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/6876.webp | 185.244.209.62 | 200 OK | 696 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/6876.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash5684d78523ea6e9ade48eaebdb912810 508fdabf312282535c1673b946ea2c23d312783c 6d52c56ca0649eea72c76bedfdc3f4eca41e693a4aaffdd99f1bb9de747d25e0
GET /resized/size16/sfiles/logo_teams/6876.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:43 GMT
content-type: image/webp
content-length: 696
cache-control: max-age=94608000
content-disposition: inline; filename="6876.webp"
content-security-policy: script-src 'none'
expires: Fri, 04 Dec 2026 09:37:25 GMT
x-request-id: c179aa6df0a30635afc681fe224b596b
strict-transport-security: max-age=15724800; includeSubDomains
x-time-ng: 0.000
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-98313fa914aa9becbb7f48eaf395ac87-c38a5a11372010bd-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-05T09:37:25+00:00, 2023-12-18T09:27:40+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/8d555a2cacdac3e3cc957971dba3114a.webp | 185.244.209.62 | 200 OK | 754 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/8d555a2cacdac3e3cc957971dba3114a.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash016ba99c1fb65c78e5301b046ab87a6b 07bd5d79eea6dac883e823bb8e6e5f652cfae520 025703937b373e2bcac264c1a96597aa0495caeec504123c912a93056317c46b
GET /resized/size16/sfiles/logo_teams/8d555a2cacdac3e3cc957971dba3114a.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:43 GMT
content-type: image/webp
content-length: 754
cache-control: max-age=94608000
content-disposition: inline; filename="8d555a2cacdac3e3cc957971dba3114a.webp"
content-security-policy: script-src 'none'
expires: Tue, 06 Apr 2027 01:04:53 GMT
x-request-id: 9b4f11531a889294007866ae07bb074d
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-8f823b88871d5420878519a6483547ef-cd71540408b01cd8-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-06T01:04:53+00:00, 2024-04-10T00:16:19+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/6856.webp | 185.244.209.62 | 200 OK | 786 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/6856.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hasha6ce1875e3e6738a8448b17948554967 c6dc2ffb9cacd4743ba570c6db7d065b811d3a2c 2bda0c62d4862b47806b83c3e69b89634240ea80e6207d35becdae8765a740a1
GET /resized/size16/sfiles/logo_teams/6856.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:43 GMT
content-type: image/webp
content-length: 786
cache-control: max-age=94608000
content-disposition: inline; filename="6856.webp"
content-security-policy: script-src 'none'
expires: Wed, 24 Feb 2027 12:45:31 GMT
x-request-id: 8647d02f90571121715389b75ca171d1
strict-transport-security: max-age=15724800; includeSubDomains
x-time-ng: 0.000
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-f9b2c0d421b1774b48079a03dd4d6642-420c139b70d89a8d-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-02-25T12:45:31+00:00, 2024-02-29T22:05:51+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/6850.webp | 185.244.209.62 | 200 OK | 722 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/6850.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash423e87d6457b04112b0699f71126959b 28a2bef21222c94f6375423573e86d9ce23e490c 02a1ab41987f4509efa56e3dd4650e74df063830c9ad02698f062a932d8c7f4a
GET /resized/size16/sfiles/logo_teams/6850.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:43 GMT
content-type: image/webp
content-length: 722
cache-control: max-age=94608000
content-disposition: inline; filename="6850.webp"
content-security-policy: script-src 'none'
expires: Fri, 16 Apr 2027 18:59:10 GMT
x-request-id: a293c545707b15017ef5321dc86fb237
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-0fddcd078af910c0e2915f7d475dc417-5725fa2ad33b4a53-01
x-id: osix-hw-edge-gc4
cache: MISS, HIT
x-cached-since: 2024-04-16T18:59:10+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sfiles/logo-champ/246a944858d7a07393dd4f6739f94bf9.webp | 185.244.209.62 | 200 OK | 7.1 kB |
URL GET HTTP/2v3.traincdn.com/sfiles/logo-champ/246a944858d7a07393dd4f6739f94bf9.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash14b81bb2a70130c395b98ba4cb1f4a3a 378094090781a2d412f234bff2bb311adf0a22d0 11128b17e044b6dfe4d716c11854e95486c9e942a942064c82968f6a34c777bb
GET /sfiles/logo-champ/246a944858d7a07393dd4f6739f94bf9.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:43 GMT
content-type: image/webp
content-length: 7066
last-modified: Wed, 04 Jan 2023 07:42:08 GMT
etag: "14b81bb2a70130c395b98ba4cb1f4a3a"
cache-control: public, max-age=86400, public
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-a5eae002fc382b044deb83dfd25253aa-2c8b4a52733511ed-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T00:05:10+00:00, 2024-04-25T20:22:04+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/8492.webp | 185.244.209.62 | 200 OK | 780 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/8492.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash3dd44cf69df412685847cf56636b62df 101b3a5e2faf781150b3fec57f0d0292f244f079 6ae5ae16dd41a9f2715dd42ef0d073e77ad272958c3af03d8a9996a7cf5fe292
GET /resized/size16/sfiles/logo_teams/8492.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:43 GMT
content-type: image/webp
content-length: 780
cache-control: max-age=94608000
content-disposition: inline; filename="8492.webp"
content-security-policy: script-src 'none'
expires: Thu, 04 Mar 2027 13:59:34 GMT
x-request-id: aebcabbfbe9ed8212e10ee0d6880d363
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-32fef98be654bcd50a6ae6a94ae39bca-df2340191a29f819-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-03-04T13:59:34+00:00, 2024-03-05T09:49:32+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/8470.webp | 185.244.209.62 | 200 OK | 764 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/8470.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash98f64072aeb1bcc5fb26df0739a544ee 4be5f3e3d5854c485891a0c58c2cff1b74e9f0d4 eaa93e8db54dc341acf14c4e20c4698d263924b0a6181760a501dfc80b094e7c
GET /resized/size16/sfiles/logo_teams/8470.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:43 GMT
content-type: image/webp
content-length: 764
cache-control: max-age=94608000
content-disposition: inline; filename="8470.webp"
content-security-policy: script-src 'none'
expires: Mon, 18 Jan 2027 00:30:02 GMT
x-request-id: bd0916415ed84b0b801478937b875ea8
strict-transport-security: max-age=15724800; includeSubDomains
x-time-ng: 0.000
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-5f32fa2c719e6fb8e35bdf507a1927e4-573bfa76c616531d-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-01-19T00:30:02+00:00, 2024-01-31T15:53:56+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/8496.webp | 185.244.209.62 | 200 OK | 784 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/8496.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashc9d33666d25dff319c27373084867a83 af0b72d3aeb8d4ff078bae69d198658b6a6740bb b2d13aacda397122d423f5bb0cc90b1eb7ddb254a94df895324c99717ce72d1c
GET /resized/size16/sfiles/logo_teams/8496.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:43 GMT
content-type: image/webp
content-length: 784
cache-control: max-age=94608000
content-disposition: inline; filename="8496.webp"
content-security-policy: script-src 'none'
expires: Thu, 18 Mar 2027 22:09:42 GMT
x-request-id: 9b380898a6c9eb9f2aecbe92e10025b0
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-07840f13d4923e5ea2c8dcc4a2184755-ece658dbf4ceaf9c-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-03-18T22:09:42+00:00, 2024-03-19T17:00:51+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/8494.webp | 185.244.209.62 | 200 OK | 680 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/8494.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash8686002d44d2007edd700837fa5bc659 cf20851e144bb3cc669a1e7081fdb7b348884c79 3ba32b44295dd22b2a33e4683e79b8e86ac1c5d85c6532a38d74c32ccb60938b
GET /resized/size16/sfiles/logo_teams/8494.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:43 GMT
content-type: image/webp
content-length: 680
cache-control: max-age=94608000
content-disposition: inline; filename="8494.webp"
content-security-policy: script-src 'none'
expires: Thu, 11 Mar 2027 14:15:17 GMT
x-request-id: 673dc6dd9df4cf7a63a41c28d39af83d
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-5deac2fbbe4eb4d18cef919facc8e2c1-05681258267ae51e-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-03-11T14:15:17+00:00, 2024-03-12T09:11:15+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-660473.top/service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true | 178.253.29.47 | 200 OK | 9.9 kB |
URL GET HTTP/21xlite-660473.top/service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true IP178.253.29.47:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerLet's Encrypt Subject1xlite-660473.top FingerprintAE:C9:7E:01:65:F2:2B:09:5E:F8:15:42:9A:94:F9:44:A4:7F:F2:5D ValidityTue, 26 Mar 2024 09:13:24 GMT - Mon, 24 Jun 2024 09:13:23 GMT
Hash333979e7e2825a71892bfe67c9d52b9e f94b21f4a14469c8bfca08f1ce99069e934d5bae fd122846741d81ef08899851235115e5586990f6f73fa871d900fff78c279d5d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true HTTP/1.1
Host: 1xlite-660473.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-660473.top/en?tag=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder; platform_type=desktop; auid=sv0dL2Yq7Xxr7e+7AxAFAg==; SESSION=587ba088a1b8608459f8108426e49de1; window_width=1280; _glhf=1714107119; che_g=237c3e42-bb07-1392-9107-2863f3373895; application_locale=en
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:44 GMT
content-type: application/json; charset=utf-8
content-length: 9942
cache-control: public, max-age=5
content-encoding: br
last-modified: Thu, 25 Apr 2024 23:55:44 GMT
vary: Accept-Encoding
x-time-ng: 0.017
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.031
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/ff09be90.css | 185.244.209.62 | 200 OK | 705 B |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/ff09be90.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (4705), with no line terminators Hash2b6cccff5325f6e14ccd6ec354319cd6 f4ec05fc468d3daddec1a3d825c29a55ce4b2050 a153e31a0350b58aad71597632348e14c954738845b58f05ca04b8212dbaca38
GET /_nuxt/desktop/default/css/ff09be90.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:44 GMT
content-type: text/css
content-length: 705
last-modified: Thu, 25 Apr 2024 10:37:52 GMT
etag: "662a3280-2c1"
content-encoding: gzip
expires: Fri, 26 Apr 2024 14:36:33 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-5334cbac505028a19962bc10d5adf9ba-0bfc8b51a96deb99-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T14:36:33+00:00, 2024-04-25T19:32:09+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/betting.SportsMenuCompact-942b40c1.js | 185.244.209.62 | 200 OK | 2.3 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/betting.SportsMenuCompact-942b40c1.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (7751), with no line terminators Hash232ecfa8f26b49fb3480baefeb590279 833cd5b10a0705d28a970a8bc3a3ab5c66553a84 fca603603d836bc26b0b016e308ef7a897c3109b0a2b25b9c7c87ae0c7e160a1
GET /_nuxt/desktop/default/betting.SportsMenuCompact-942b40c1.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:44 GMT
content-type: application/javascript; charset=utf-8
content-length: 2297
last-modified: Thu, 25 Apr 2024 10:37:52 GMT
etag: "662a3280-8f9"
content-encoding: gzip
expires: Fri, 26 Apr 2024 14:28:40 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-2976a58718aa5973895f155b7a8edeaa-91872c009d32c48e-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T14:28:40+00:00, 2024-04-25T14:54:45+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-660473.top/service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true | 178.253.29.47 | 200 OK | 2.7 kB |
URL GET HTTP/21xlite-660473.top/service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true IP178.253.29.47:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerLet's Encrypt Subject1xlite-660473.top FingerprintAE:C9:7E:01:65:F2:2B:09:5E:F8:15:42:9A:94:F9:44:A4:7F:F2:5D ValidityTue, 26 Mar 2024 09:13:24 GMT - Mon, 24 Jun 2024 09:13:23 GMT
Hash333b7518b1caa1b100e8a90017ca613a de1aa300b4dfa9311bdabbe4f2da5969d4ee9a98 ccfa97efaae476575a9eecc6ecd575059f158675602ad5af306da7e7e59f7d48
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true HTTP/1.1
Host: 1xlite-660473.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-660473.top/en?tag=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder; platform_type=desktop; auid=sv0dL2Yq7Xxr7e+7AxAFAg==; SESSION=587ba088a1b8608459f8108426e49de1; window_width=1280; _glhf=1714107119; che_g=237c3e42-bb07-1392-9107-2863f3373895; application_locale=en
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:44 GMT
content-type: application/json; charset=utf-8
content-length: 2670
cache-control: public, max-age=5
content-encoding: br
last-modified: Thu, 25 Apr 2024 23:55:44 GMT
vary: Accept-Encoding
x-time-ng: 0.007
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.021
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sfiles/games-images/game-previews/190x102/games-no-faceless.webp | 185.244.209.62 | 200 OK | 6.9 kB |
URL GET HTTP/2v3.traincdn.com/sfiles/games-images/game-previews/190x102/games-no-faceless.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 380x204, Scaling: [none]x[none], YUV color, decoders should clamp Hashb7304b532dca88cc708b1c81edf7e051 d9ca9db864badb40bcab6d846ba7110413a339d3 324b9021e7fa1a227b418f5b0707e174d86aa20decea945eab3cea41aac8d2ca
GET /sfiles/games-images/game-previews/190x102/games-no-faceless.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:44 GMT
content-type: application/octet-stream
content-length: 6884
last-modified: Thu, 31 Aug 2023 08:11:01 GMT
etag: "b7304b532dca88cc708b1c81edf7e051"
x-amz-meta-origin-date-iso8601: 2023-08-31T08:04:10.000Z
expires: Tue, 14 Nov 2023 18:21:42 GMT
cache-control: max-age=86400, public
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-e0da9686f3b879b4b09851c51818acea-340c4e37c13ad24e-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-17T18:59:15+00:00, 2024-04-25T20:28:43+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sfiles/games-images/game-previews/190x102/game-58.webp | 185.244.209.62 | 200 OK | 8.9 kB |
URL GET HTTP/2v3.traincdn.com/sfiles/games-images/game-previews/190x102/game-58.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 380x204, Scaling: [none]x[none], YUV color, decoders should clamp Hash7a49dad906575c61dd636edbe1201479 d4bf0fbfadca8c6d3a7ec8f3d34d08fced98a21d 0e0cd085244f6272acfa6794d90e32685fa203973e85c62fa96f02cddf7172c6
GET /sfiles/games-images/game-previews/190x102/game-58.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:44 GMT
content-type: application/octet-stream
content-length: 8880
last-modified: Thu, 31 Aug 2023 08:11:00 GMT
etag: "7a49dad906575c61dd636edbe1201479"
x-amz-meta-origin-date-iso8601: 2023-08-31T08:03:42.000Z
expires: Tue, 14 Nov 2023 18:21:44 GMT
cache-control: max-age=86400, public
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-281f1d2dc0f6df52451d10b48301f50b-b73bc3e8fa4d1a04-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-17T19:17:28+00:00, 2024-04-25T20:28:43+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sfiles/games-images/game-previews/190x102/game-371.webp | 185.244.209.62 | 200 OK | 6.2 kB |
URL GET HTTP/2v3.traincdn.com/sfiles/games-images/game-previews/190x102/game-371.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 380x204, Scaling: [none]x[none], YUV color, decoders should clamp Hash64ff358fd3a82358542d29d53649dd85 0a15b0731a9468fe49e3b512febe91d951ef6156 a9ae35f930c0bf59e407a0c082347049ae11738d330df4e32f4b2b1129d1470c
GET /sfiles/games-images/game-previews/190x102/game-371.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:44 GMT
content-type: application/octet-stream
content-length: 6158
last-modified: Thu, 31 Aug 2023 08:10:58 GMT
etag: "64ff358fd3a82358542d29d53649dd85"
x-amz-meta-origin-date-iso8601: 2023-08-31T08:04:04.000Z
expires: Tue, 14 Nov 2023 18:22:10 GMT
cache-control: max-age=86400, public
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-6de0bafb2e450adc03a349ce2dbff8e0-ac3d238f3e612a08-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-17T19:17:28+00:00, 2024-04-25T20:28:43+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sfiles/games-images/game-previews/190x102/game-249.webp | 185.244.209.62 | 200 OK | 20 kB |
URL GET HTTP/2v3.traincdn.com/sfiles/games-images/game-previews/190x102/game-249.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 380x204, Scaling: [none]x[none], YUV color, decoders should clamp Hash2c02d34e261b48da9db2682ad433c5e8 e6b9618ac0040910f755a6f24dcb2f5500bb9aca d8db064ea1623849ccee86b27bdb7825aa0dc452293576de352f9269af60ecfe
GET /sfiles/games-images/game-previews/190x102/game-249.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:44 GMT
content-type: application/octet-stream
content-length: 19770
last-modified: Thu, 31 Aug 2023 08:10:56 GMT
etag: "2c02d34e261b48da9db2682ad433c5e8"
x-amz-meta-origin-date-iso8601: 2023-08-31T08:04:00.000Z
expires: Tue, 14 Nov 2023 18:22:10 GMT
cache-control: max-age=86400, public
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-29fac6253d1611e1fda658800a82a2ba-a47846a2792aa21a-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-17T19:17:28+00:00, 2024-04-25T20:28:43+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sfiles/games-images/game-previews/190x102/game-69.webp | 185.244.209.62 | 200 OK | 4.3 kB |
URL GET HTTP/2v3.traincdn.com/sfiles/games-images/game-previews/190x102/game-69.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 380x204, Scaling: [none]x[none], YUV color, decoders should clamp Hash8c2b80027d3818f6bc91227418589ee6 c6d3c4595860bd3d685e4ddea5d4610a6f642a9b cec387d33e94b8222d71031dbda50143a7ea2e1470d2c96c9e147aa4c4a43960
GET /sfiles/games-images/game-previews/190x102/game-69.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:44 GMT
content-type: application/octet-stream
content-length: 4256
last-modified: Thu, 31 Aug 2023 08:11:01 GMT
etag: "8c2b80027d3818f6bc91227418589ee6"
x-amz-meta-origin-date-iso8601: 2023-08-31T08:03:42.000Z
expires: Tue, 14 Nov 2023 18:22:10 GMT
cache-control: max-age=86400, public
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-df76b61612a062ba454640a81904c80c-5140e0df4f2d2a25-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-17T19:23:21+00:00, 2024-04-25T05:32:51+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-660473.top/service-api/LineFeed/GetSportsShortZip?lng=en&country=137&virtualSports=true&gr=285&groupChamps=true | 178.253.29.47 | 200 OK | 2.0 kB |
URL GET HTTP/21xlite-660473.top/service-api/LineFeed/GetSportsShortZip?lng=en&country=137&virtualSports=true&gr=285&groupChamps=true IP178.253.29.47:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerLet's Encrypt Subject1xlite-660473.top FingerprintAE:C9:7E:01:65:F2:2B:09:5E:F8:15:42:9A:94:F9:44:A4:7F:F2:5D ValidityTue, 26 Mar 2024 09:13:24 GMT - Mon, 24 Jun 2024 09:13:23 GMT
Hash945777af058bf9d43e194bb93cbd01ed bc8a34cea40dc06877db40e401e7486c410a344a 794cc9ee16128a52ccc9355d9ed6447f0ee123b4dcb3886c25b97332a47d38fb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LineFeed/GetSportsShortZip?lng=en&country=137&virtualSports=true&gr=285&groupChamps=true HTTP/1.1
Host: 1xlite-660473.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-660473.top/en?tag=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder; platform_type=desktop; auid=sv0dL2Yq7Xxr7e+7AxAFAg==; SESSION=587ba088a1b8608459f8108426e49de1; window_width=1280; _glhf=1714107119; che_g=237c3e42-bb07-1392-9107-2863f3373895; application_locale=en
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:44 GMT
content-type: application/json; charset=utf-8
content-length: 2021
cache-control: public, max-age=5
content-encoding: br
last-modified: Thu, 25 Apr 2024 23:55:44 GMT
vary: Accept-Encoding
x-time-ng: 0.066
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.074
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/betstemplates/bets_model_full_en_0.json | 185.244.209.62 | 200 OK | 4.7 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/betstemplates/bets_model_full_en_0.json IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Hash5c02302349824946e02c1d97f7c90b9a dcf5f1300ccf5e6223be865bfc2b3bc39d68f278 9894068f7da645e43d807b8f424e5f5707c570d2b8acd2b4c7c3304eb64b98e5
GET /genfiles/cms/betstemplates/bets_model_full_en_0.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-660473.top/
Origin: https://1xlite-660473.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:45 GMT
content-type: application/json
last-modified: Thu, 25 Apr 2024 14:05:02 GMT
etag: W/"65c4f8441dea9f78c50a9fc7029f9193"
content-encoding: gzip
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-295d638a3652966c4a2d2d05c9653091-4dff5502880b3e37-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T15:36:27+00:00, 2024-04-25T23:02:29+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| widget.suphelper.top/_next/static/chunks/pages/_app-a10a22844227e6a6.js | 104.18.39.72 | 200 OK | 288 kB |
URL GET HTTP/2widget.suphelper.top/_next/static/chunks/pages/_app-a10a22844227e6a6.js IP104.18.39.72:443
Requested byhttps://widget.suphelper.top/ CertificateIssuerGoogle Trust Services LLC Subjectsuphelper.top Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36 ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT
File typegzip compressed data, from Unix Size288 kB (288407 bytes) Hashcd308c42112892dff5f6ac352ad2e777 d80927e549483b31baebd39b2855b3b4655ddd8c 9280ab89439f7f2db6a54827d86a6188ef59d71226b04d8619749dcc2cabafd4
GET /_next/static/chunks/pages/_app-a10a22844227e6a6.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 25 Apr 2024 23:55:45 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Wed, 24 Apr 2024 22:20:24 GMT
etag: W/"f8027-18f12321a97"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 63484
expires: Fri, 25 Apr 2025 23:55:45 GMT
server: cloudflare
cf-ray: 87a244070df056ae-OSL
X-Firefox-Spdy: h2
|
|
| widget.suphelper.top/_next/static/chunks/webpack-fb94d2f19425a3e3.js | 104.18.39.72 | 200 OK | 32 kB |
URL GET HTTP/2widget.suphelper.top/_next/static/chunks/webpack-fb94d2f19425a3e3.js IP104.18.39.72:443
Requested byhttps://widget.suphelper.top/ CertificateIssuerGoogle Trust Services LLC Subjectsuphelper.top Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36 ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT
File typegzip compressed data, from Unix Hashdba944e5cd7abb288ff3b7ce59811837 6d83188682b80fffa23269758b324b19002428e0 cb7924e2ac4a1723af9a7860eef718b64438a2240d4fb01e802ce5173baaeb6e
GET /_next/static/chunks/webpack-fb94d2f19425a3e3.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 25 Apr 2024 23:55:45 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://file-hosting-api-stage.kube.prod.cons.lan https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Thu, 09 Nov 2023 06:03:45 GMT
etag: W/"ed0-18bb2adf0eb"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 13463934
expires: Fri, 25 Apr 2025 23:55:45 GMT
server: cloudflare
cf-ray: 87a24406fdeb56ae-OSL
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/banner/d94c9b1508a286d270c77946ff0972fa.webp | 185.244.209.62 | 200 OK | 15 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1/desktop/banner/d94c9b1508a286d270c77946ff0972fa.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1380x248, Scaling: [none]x[none], YUV color, decoders should clamp Hash2ccdf625b855ce93bc9b56a671accd6e bc8f3a791f6251b714bafad614d15c477ba428e4 c5012a832581da604a5c57e8f822008f749fe484c6d24127ca91232af71169cd
GET /genfiles/cms/1/desktop/banner/d94c9b1508a286d270c77946ff0972fa.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:47 GMT
content-type: image/webp
content-length: 14610
last-modified: Thu, 08 Jun 2023 09:20:03 GMT
etag: "2ccdf625b855ce93bc9b56a671accd6e"
x-time-ng: 0.002
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
x-cached-since: 2024-02-27T14:22:50+00:00
traceparent: 00-4d532c6b23803f1eb60be076a2a5b8c8-87be0f2da2fca1df-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/banner/bf26d696b76130d9781b16f89f1de4cc.webp | 185.244.209.62 | 200 OK | 20 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1/desktop/banner/bf26d696b76130d9781b16f89f1de4cc.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1380x248, Scaling: [none]x[none], YUV color, decoders should clamp Hash95767496ab1dce71f394c97620666756 127389c7327fec508549222dd477edbd524e33dd fca493b566204dfff5ef8b8cd6c74c40659c812ac6665696dd5c66c664a31c7e
GET /genfiles/cms/1/desktop/banner/bf26d696b76130d9781b16f89f1de4cc.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:47 GMT
content-type: image/webp
content-length: 20522
last-modified: Thu, 08 Jun 2023 18:05:27 GMT
etag: "95767496ab1dce71f394c97620666756"
x-time-ng: 0.006
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
x-cached-since: 2024-02-27T14:22:50+00:00
traceparent: 00-323cd7ac5251ffe315e8b6cfd2a70056-f4afb89b9d66af7e-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/banner/8c83a62ae8afe0aa371618f02b8e4a01.webp | 185.244.209.62 | 200 OK | 28 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1/desktop/banner/8c83a62ae8afe0aa371618f02b8e4a01.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1380x248, Scaling: [none]x[none], YUV color, decoders should clamp Hash77673f5b9062ff0a3565cba49941a954 f1c6d769ad6f256677c8558f06c4ee98d8e403d3 e78791dcbada0412db798159d9e781f2a50c12f04be4d0a4ecf96a617ec8b33b
GET /genfiles/cms/1/desktop/banner/8c83a62ae8afe0aa371618f02b8e4a01.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:47 GMT
content-type: image/webp
content-length: 27922
last-modified: Thu, 05 Oct 2023 10:29:56 GMT
etag: "77673f5b9062ff0a3565cba49941a954"
x-time-ng: 0.002
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
x-cached-since: 2024-02-27T14:22:50+00:00
traceparent: 00-a5d91b6ec6f44d19318b0ddf92e52103-a98e3bca1dd5c6b4-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/entry-372f5fe6.js | 185.244.209.62 | 200 OK | 719 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/entry-372f5fe6.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Size719 kB (718650 bytes) Hash41950c0a8ea0b59b670e32ddef687b93 4f3fcf259056cd11d7302ce42357bfbf0ed533e5 134d10319f02026dcff34bc039829aace92aace82f6b3304fb145ff66e5e7641
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/entry-372f5fe6.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-660473.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:46 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 23 Apr 2024 12:34:23 GMT
etag: W/"e0292fb628a2f149f222bae2c2246200"
x-amz-meta-mtime: 1713875281.745615589
content-encoding: gzip
expires: Wed, 24 Apr 2024 12:55:06 GMT
cache-control: max-age=86400
x-time-ng: 0.010
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-87167117af1eb026bf9c4f462177b2a4-cf203a35075e2713-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T12:55:06+00:00, 2024-04-25T13:42:39+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/banner/0cd280af89b0819825587a2cf75e33d0.webp | 185.244.209.62 | 200 OK | 21 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1/desktop/banner/0cd280af89b0819825587a2cf75e33d0.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1380x248, Scaling: [none]x[none], YUV color, decoders should clamp Hash1e9191583a9bca6627e85945c6c5d3f1 f2d4d5e76e448d1dd986c9616a660ae6c7806dde 733d49aa25dab77ba7fe51a0a831f51e988d3201c5cfc6fbc808c3b2c59b48c1
GET /genfiles/cms/1/desktop/banner/0cd280af89b0819825587a2cf75e33d0.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:47 GMT
content-type: image/webp
content-length: 21412
last-modified: Fri, 12 Apr 2024 09:23:52 GMT
etag: "1e9191583a9bca6627e85945c6c5d3f1"
x-time-ng: 0.002
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
x-cached-since: 2024-04-12T09:33:12+00:00
traceparent: 00-551f97d26604a70d34236cf7db672ebf-0059dfb3c9d79aad-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size14/sfiles/logo_teams/1714cc610522ad7c9eb91db91120f28c.webp | 185.244.209.62 | 200 OK | 682 B |
URL GET HTTP/2v3.traincdn.com/resized/size14/sfiles/logo_teams/1714cc610522ad7c9eb91db91120f28c.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash36d619e63eec0784959cfe787c1edb9c 8fc48feffede36316fa3ac0d157f23c4dc9b3f9e 18baa938de666468c436403b85e4d4577148644bef342b87ee6ae5f867306250
GET /resized/size14/sfiles/logo_teams/1714cc610522ad7c9eb91db91120f28c.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:47 GMT
content-type: image/webp
content-length: 682
cache-control: max-age=94608000
content-disposition: inline; filename="1714cc610522ad7c9eb91db91120f28c.webp"
content-security-policy: script-src 'none'
expires: Mon, 05 Apr 2027 23:15:40 GMT
x-request-id: bc3f8c4336504c29f69eab367e968974
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-1093e139b2b9029c2fec6fe15fa2995a-987461f43b43874c-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-05T23:15:40+00:00, 2024-04-23T13:06:21+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size14/sfiles/logo_teams/2608.webp | 185.244.209.62 | 200 OK | 722 B |
URL GET HTTP/2v3.traincdn.com/resized/size14/sfiles/logo_teams/2608.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashdb9cb80ea9a3121d58c3a2197daf7443 f7d7692dde5ea2c9c8ffc42dda588bafa7dcda39 e997f8e86e69885bf786b58b0bbd9f88b54d89ee393d0c3631fc9650fe6b1148
GET /resized/size14/sfiles/logo_teams/2608.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:47 GMT
content-type: image/webp
content-length: 722
cache-control: max-age=94608000
content-disposition: inline; filename="2608.webp"
content-security-policy: script-src 'none'
expires: Mon, 19 Apr 2027 03:36:55 GMT
x-request-id: cd27f27bd64a1ebca120d0885a65807f
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-a477ce25c665b5e5987ff525e1a927a9-388e9c11506024d8-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-19T03:36:55+00:00, 2024-04-20T18:36:25+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-660473.top/web-api/registration/fields | 178.253.29.47 | 200 OK | 7.4 kB |
URL POST HTTP/21xlite-660473.top/web-api/registration/fields IP178.253.29.47:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerLet's Encrypt Subject1xlite-660473.top FingerprintAE:C9:7E:01:65:F2:2B:09:5E:F8:15:42:9A:94:F9:44:A4:7F:F2:5D ValidityTue, 26 Mar 2024 09:13:24 GMT - Mon, 24 Jun 2024 09:13:23 GMT
Hash3b5fc74c6bee5ffbc649f663e5f6c1a3 0f00adb4eb180726ecd2abcc2317a29beceb13bd fe1005c8a0940ff6384b2b89aa744d692b9aed79f1d72cecfa11d1bb11fa7294
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /web-api/registration/fields HTTP/1.1
Host: 1xlite-660473.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-660473.top/en?tag=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
Content-Length: 19
Origin: https://1xlite-660473.top
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder; platform_type=desktop; auid=sv0dL2Yq7Xxr7e+7AxAFAg==; SESSION=587ba088a1b8608459f8108426e49de1; window_width=1280; _glhf=1714107119; che_g=237c3e42-bb07-1392-9107-2863f3373895; application_locale=en; sh.session.id=36771331-bf5d-48a8-8829-8a3074d48db3; ggru=167
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:47 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: br
server-timing: p;dur=84, dt_total;dur=89.895, wf-uht;dur=0.102
traceparent: 00-efd6a3dd122bcde1d3baafb9256a0bba-b6ab692aae5fad5e-01
vary: Accept-Encoding
x-dt: 285
x-time-ng: 0.087
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/754697.webp | 185.244.209.62 | 200 OK | 732 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/754697.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash03f0fe30582acfe52c878bbca64e325f a09a52d91ff9b0f661711328e879b606fafb342e ba0ca684624a1b8a5be4e47d829a286b76867ba31ad05e2687fbecb9f38f93f8
GET /resized/size16/sfiles/logo_teams/754697.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:48 GMT
content-type: image/webp
content-length: 732
cache-control: max-age=94608000
content-disposition: inline; filename="754697.webp"
content-security-policy: script-src 'none'
expires: Fri, 16 Apr 2027 08:04:13 GMT
x-request-id: c68113ab600c371970867e97abe9724c
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-cff3563036f94b701dea495e9525d297-8ca6626e127eccb4-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-16T08:04:13+00:00, 2024-04-18T23:40:22+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/8550.webp | 185.244.209.62 | 200 OK | 812 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/8550.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashaf8778836d33a3c821fe6dee2e246a7f f4d1c72bee238f35c6bdc8c368a0a2d22acc8934 e29a107b9504bd57328ef926c90607d363232ad526b0cc6fee3728c0cf0da809
GET /resized/size16/sfiles/logo_teams/8550.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:48 GMT
content-type: image/webp
content-length: 812
cache-control: max-age=94608000
content-disposition: inline; filename="8550.webp"
content-security-policy: script-src 'none'
expires: Fri, 23 Apr 2027 17:09:25 GMT
x-request-id: fa9f931ee6fc8aa2ff7fa66f6c2f8453
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-07e2d3064b874894dcfa01e3f1f09e69-393bbe8f6a874075-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T17:09:25+00:00, 2024-04-25T05:14:13+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/33977.webp | 185.244.209.62 | 200 OK | 796 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/33977.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash11f3e38d404bd10410d12e147593bb8d da1682ee85dae549dc5a5a1b14e1c65fb9bb1173 a01617ee09fbb951732884c003ef665f00ce282ccf1bd89de64fae3f285258c0
GET /resized/size16/sfiles/logo_teams/33977.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:48 GMT
content-type: image/webp
content-length: 796
cache-control: max-age=94608000
content-disposition: inline; filename="33977.webp"
content-security-policy: script-src 'none'
expires: Fri, 23 Apr 2027 17:09:25 GMT
x-request-id: a6190cbe1d7f8b0f7cc1cd35f7585890
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-afbb608d17855d950ab145363dfe3f33-90b7e96a90f71d27-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T17:09:25+00:00, 2024-04-25T05:14:13+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/73d66fd62491e88a75a3bbd195ef0fbc.webp | 185.244.209.62 | 200 OK | 506 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/73d66fd62491e88a75a3bbd195ef0fbc.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash549038eea28128ac02ac213409973e84 a9c46aa67dace21602c38f3948bf10af90d3f41b c0646a671a99f612a7e975d78a23ffa783c421ec1f411d2850f83f7d2fe35082
GET /resized/size16/sfiles/logo_teams/73d66fd62491e88a75a3bbd195ef0fbc.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:48 GMT
content-type: image/webp
content-length: 506
cache-control: max-age=94608000
content-disposition: inline; filename="73d66fd62491e88a75a3bbd195ef0fbc.webp"
content-security-policy: script-src 'none'
expires: Sun, 25 Apr 2027 12:34:35 GMT
x-request-id: fab07df1dc2c378c4df9903cf0c4aa3d
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-6b3dd74511f55d796c103bc82ac5356d-2e97a8642cef453a-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T12:34:35+00:00, 2024-04-25T23:32:12+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/9ce7383ea65e873a4aa67c1d64c7b524.webp | 185.244.209.62 | 200 OK | 768 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/9ce7383ea65e873a4aa67c1d64c7b524.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashfeebf2988ff92e142f408eeea6dd1cee 594581192c8299325f11c419e559837e28cccf84 ba65c58ce48c1a38bb00a55e438b86ca5248d09952db07fc162a122246e75c81
GET /resized/size16/sfiles/logo_teams/9ce7383ea65e873a4aa67c1d64c7b524.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:48 GMT
content-type: image/webp
content-length: 768
cache-control: max-age=94608000
content-disposition: inline; filename="9ce7383ea65e873a4aa67c1d64c7b524.webp"
content-security-policy: script-src 'none'
expires: Wed, 21 Apr 2027 01:25:44 GMT
x-request-id: 23513e7533a55586c647e22d403217ea
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-dba3fbfd5adb2c1233109c8dd9b35bf2-b49988c21b8566c9-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-21T01:25:44+00:00, 2024-04-25T23:32:12+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/009e3b23e9b62bde4aa259622c7444e3.webp | 185.244.209.62 | 200 OK | 840 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/009e3b23e9b62bde4aa259622c7444e3.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash55ef7cbcced5affbd363d971d45cdc53 24bd8b23714155cd8f73792b1a64c668fab0bf98 dae46d8786431678d1a1e5b23f9f2f7ea0f68d770a640e010b1394ef3f56e9eb
GET /resized/size16/sfiles/logo_teams/009e3b23e9b62bde4aa259622c7444e3.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:48 GMT
content-type: image/webp
content-length: 840
cache-control: max-age=94608000
content-disposition: inline; filename="009e3b23e9b62bde4aa259622c7444e3.webp"
content-security-policy: script-src 'none'
expires: Sat, 17 Apr 2027 16:18:07 GMT
x-request-id: 34f59f84c7ab6883d4081182251fbf95
x-time-ng: 0.038
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-b804f256c4b29413de62d97d6c3bf696-47c1b528232c51f6-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-17T16:18:07+00:00, 2024-04-25T18:48:21+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/2830.webp | 185.244.209.62 | 200 OK | 760 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/2830.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash670fe56cb92d1777d560019dffa0108f 529d0b0d4599803f21de695380de868bf2f5c059 e37fef63682d67f2e00f762a07730a6c3e962b7f41b9c358125010ca9e80905d
GET /resized/size16/sfiles/logo_teams/2830.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:48 GMT
content-type: image/webp
content-length: 760
cache-control: max-age=94608000
content-disposition: inline; filename="2830.webp"
content-security-policy: script-src 'none'
expires: Fri, 16 Apr 2027 19:29:33 GMT
x-request-id: 99c6f3c960f0dbb3486b9a62fa9339e1
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-4c597f340d784c7d22fc0c89d9262847-ce8e84020ae1e10c-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-16T19:29:33+00:00, 2024-04-25T18:48:21+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/3862.webp | 185.244.209.62 | 200 OK | 796 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/3862.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash95aa75bf7a1a5737fd6c2c5df144ee75 3638c4d7e56d2649d174c9aec29c55297caa302a 135a0deeeae779298ddb7df5fcc1688d23d207bb5bd0775e8dd401d5334b43be
GET /resized/size16/sfiles/logo_teams/3862.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:48 GMT
content-type: image/webp
content-length: 796
cache-control: max-age=94608000
content-disposition: inline; filename="3862.webp"
content-security-policy: script-src 'none'
expires: Mon, 19 Apr 2027 00:03:27 GMT
x-request-id: 9fd4fd73a1c9de66c27c112531f72aac
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-bb2d5eaec18f005817dba92a2bcea443-2ba662d43c5c2c6b-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-19T00:03:27+00:00, 2024-04-25T18:48:20+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/3feec248b0e9c9bd524f2342977e5993.webp | 185.244.209.62 | 200 OK | 786 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/3feec248b0e9c9bd524f2342977e5993.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash7b00bc13d38705f6abe22720396e5e4d 44791dd20ebb4dcf3ac8a6584fb15bf3f89c51a6 b423ab6fb9ad6da6426945b19c4b1a9ff46835feed3a23d2b231d14d009675cd
GET /resized/size16/sfiles/logo_teams/3feec248b0e9c9bd524f2342977e5993.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:48 GMT
content-type: image/webp
content-length: 786
cache-control: max-age=94608000
content-disposition: inline; filename="3feec248b0e9c9bd524f2342977e5993.webp"
content-security-policy: script-src 'none'
expires: Wed, 07 Apr 2027 10:51:13 GMT
x-request-id: 9a1f9d22e6582cce5d3a07bdbc395de0
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-df71c6249844f079277b258798818836-a0c1668c5bc07eee-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-07T10:51:13+00:00, 2024-04-25T18:48:20+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/415199.webp | 185.244.209.62 | 200 OK | 738 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/415199.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashfc517e3068950383a7372b743db99e82 aff8c6e613afbb43832998827d89e3441c25861b 90aa7e95ef212186d65e007a0b1391088a327507b9aa193a3db55c7bb1fa3280
GET /resized/size16/sfiles/logo_teams/415199.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:48 GMT
content-type: image/webp
content-length: 738
cache-control: max-age=94608000
content-disposition: inline; filename="415199.webp"
content-security-policy: script-src 'none'
expires: Fri, 23 Apr 2027 23:57:23 GMT
x-request-id: f877a2e9c0081cdb51feeb3b42e0c5fa
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-546a4a7e42e0e78cb28d2bc39ad2689c-a342460e2656ddeb-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T23:57:23+00:00, 2024-04-25T19:02:24+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/765ff1cec6a94be3f6748dc588420e16.webp | 185.244.209.62 | 200 OK | 778 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/765ff1cec6a94be3f6748dc588420e16.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash8929c9c703612cd73c370de6ff8286e6 e81efe3b98abf72dba0d77c9224d1da39c5e75e3 cd9a33b9232b3eaefdaead7e62f57ff7b5981a069551c5ab18933165aa2560b6
GET /resized/size16/sfiles/logo_teams/765ff1cec6a94be3f6748dc588420e16.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:48 GMT
content-type: image/webp
content-length: 778
cache-control: max-age=94608000
content-disposition: inline; filename="765ff1cec6a94be3f6748dc588420e16.webp"
content-security-policy: script-src 'none'
expires: Wed, 21 Apr 2027 15:11:47 GMT
x-request-id: b6ae4c11c566e956ee6a29d488d4a4c2
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-92be3f7ba78a63501c61dfaafa465327-12d0a95c07aeea04-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-21T15:11:47+00:00, 2024-04-25T18:48:20+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/2470141.webp | 185.244.209.62 | 200 OK | 730 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/2470141.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashaa6c816e3ea92c355a0e4cd52a31af71 6de3e4d7f84c0c8543dc1ccebb6071880967b516 dc4c4704c0fa7fb0fe0c245c4b8560d787ea6b87dc780e22b3030c29e1acea16
GET /resized/size16/sfiles/logo_teams/2470141.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:48 GMT
content-type: image/webp
content-length: 730
cache-control: max-age=94608000
content-disposition: inline; filename="2470141.webp"
content-security-policy: script-src 'none'
expires: Thu, 22 Apr 2027 23:03:03 GMT
x-request-id: 740bee6e373ad901654d4e2817d96c6c
x-time-ng: 0.054
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-e5f02ad7e8b2b1645499160a94ce6eca-0def79f9a15f8220-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-22T23:03:03+00:00, 2024-04-23T12:28:32+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| widget.suphelper.top/_next/static/chunks/1743016e-d00d67a74426f155.js | 104.18.39.72 | 200 OK | 83 kB |
URL GET HTTP/2widget.suphelper.top/_next/static/chunks/1743016e-d00d67a74426f155.js IP104.18.39.72:443
Requested byhttps://widget.suphelper.top/ CertificateIssuerGoogle Trust Services LLC Subjectsuphelper.top Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36 ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT
File typegzip compressed data, from Unix Hash96f87b9212406126b47f4af7f2e0b33f 06eae80706dffd2c4757eec570a9ccbbdf622d63 4ce899c13450f0a2377ec80a03fbaad68874481d1751fbae030e9060189d993b
GET /_next/static/chunks/1743016e-d00d67a74426f155.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 25 Apr 2024 23:55:45 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Wed, 17 Jan 2024 06:19:55 GMT
etag: W/"75543-18d161388b8"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 8614293
expires: Fri, 25 Apr 2025 23:55:45 GMT
server: cloudflare
cf-ray: 87a244070df156ae-OSL
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/5516317147efb14ac1ae2a0382fe67b1.webp | 185.244.209.62 | 200 OK | 828 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/5516317147efb14ac1ae2a0382fe67b1.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash68381c7d913ba640d321bb4c5aaea615 6908011112e78d66179200e1e916a9221efe1274 17b0661088ef1e66731949112ded332960798d15b8187c6956ccb3a996822642
GET /resized/size16/sfiles/logo_teams/5516317147efb14ac1ae2a0382fe67b1.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:48 GMT
content-type: image/webp
content-length: 828
cache-control: max-age=94608000
content-disposition: inline; filename="5516317147efb14ac1ae2a0382fe67b1.webp"
content-security-policy: script-src 'none'
expires: Sat, 24 Apr 2027 11:07:55 GMT
x-request-id: 99c1727932dfafef2d7f9b7e99e230e6
x-time-ng: 0.038
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-e24d89cef6d4067a71244b41ff0ae3fb-d48ae0cbf34272d8-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-24T11:07:55+00:00, 2024-04-25T13:47:24+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/73d325a732f65d1d2f65e39ea1a0f395.webp | 185.244.209.62 | 200 OK | 822 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/73d325a732f65d1d2f65e39ea1a0f395.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashad3f977a33d8a151b1b2255cea2ba69d b48578afdf064a9ce9484b875f4207ee38623bbb 32b5c3c73a3b5147a3d3841e16d052de0ace6cf70bcbd687ba52eb093dafcabe
GET /resized/size16/sfiles/logo_teams/73d325a732f65d1d2f65e39ea1a0f395.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:48 GMT
content-type: image/webp
content-length: 822
cache-control: max-age=94608000
content-disposition: inline; filename="73d325a732f65d1d2f65e39ea1a0f395.webp"
content-security-policy: script-src 'none'
expires: Sat, 24 Apr 2027 11:07:55 GMT
x-request-id: b4d597fd0af512ed4504eabda87d0c94
x-time-ng: 0.033
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-748b9245360b4e85653f98090813cf32-7d5fa5d14dddb95d-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-24T11:07:55+00:00, 2024-04-25T13:47:24+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sfiles/logo-champ/f2f3ed4ab91179f4cc5768ec644dc694.webp | 185.244.209.62 | 200 OK | 1.9 kB |
URL GET HTTP/2v3.traincdn.com/sfiles/logo-champ/f2f3ed4ab91179f4cc5768ec644dc694.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash5a1d610f426207daf7d841e0620ebaee 2e59d96cd5092ab8deca98bdb3e6849b35f35fa2 8df8ca48cf06f0009bd1a02597dd420e04d6dea038a68aef5d6df35f707e7fea
GET /sfiles/logo-champ/f2f3ed4ab91179f4cc5768ec644dc694.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:48 GMT
content-type: image/webp
content-length: 1900
last-modified: Sat, 05 Aug 2023 05:40:20 GMT
etag: "5a1d610f426207daf7d841e0620ebaee"
cache-control: public, max-age=86400, public
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-d012c9404db09e8426cdc115c69f7b07-0f8857a0abadc093-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-03-30T17:41:20+00:00, 2024-04-25T21:35:28+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| widget.suphelper.top/ | 104.18.39.72 | 200 OK | 136 kB |
IP104.18.39.72:443
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerGoogle Trust Services LLC Subjectsuphelper.top Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36 ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT
File typegzip compressed data, from Unix Size136 kB (135506 bytes) Hasha2098043ff5dd1534a33d8dc916df01e 397debd8bf91a125b0daba958f3c3d1b16ce5ec9 dcfc5cbe74ca2e9ccb7fe4fd2e261984f9e732ca63d0f8c97067678f93b1e99d
GET / HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 25 Apr 2024 23:55:45 GMT
content-type: text/html; charset=utf-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=60, stale-while-revalidate=30
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 87a244061da056ae-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| widget.suphelper.top/_next/static/chunks/main-fa1d3b21fd97b583.js | 104.18.39.72 | 200 OK | 34 kB |
URL GET HTTP/2widget.suphelper.top/_next/static/chunks/main-fa1d3b21fd97b583.js IP104.18.39.72:443
Requested byhttps://widget.suphelper.top/ CertificateIssuerGoogle Trust Services LLC Subjectsuphelper.top Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36 ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT
File typegzip compressed data, from Unix Hash0c7454a3036673f4797a753f0a5ac398 b1d2aa86cd1e81ae3bf8a2444523a34b30f81d74 eef51314347120e6d6e1af0e4b6359a689cbbca583e47173439e8fcd7de7d168
GET /_next/static/chunks/main-fa1d3b21fd97b583.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 25 Apr 2024 23:55:45 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://file-hosting-api-stage.kube.prod.cons.lan https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Thu, 09 Nov 2023 06:03:45 GMT
etag: W/"1a544-18bb2adf0eb"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 13372812
expires: Fri, 25 Apr 2025 23:55:45 GMT
server: cloudflare
cf-ray: 87a244070dee56ae-OSL
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/shared-assets/__shared_accept_language_parser_QKZ6ULEV.js | 185.244.209.62 | 200 OK | 47 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/shared-assets/__shared_accept_language_parser_QKZ6ULEV.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (35828) Hash230b4c60023e43a65fc4806b1083d095 02d18ebffd1037f0931859191c145dc2fa9b109f 0ca816457c3aa38d8dcc542dc3064715230ae5252a9e9b1e1c658d15cf161bae
GET /sys-static/shared-assets/__shared_accept_language_parser_QKZ6ULEV.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-660473.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:48 GMT
content-type: text/javascript; charset=utf-8
last-modified: Thu, 25 Apr 2024 13:43:42 GMT
etag: W/"518e0ae196483ada8b528a1f2b7df0a1"
x-amz-meta-mtime: 1714052428.630038208
content-encoding: gzip
expires: Fri, 26 Apr 2024 15:18:00 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-ac61ec6ecbeb81e32ce6f8fe2f78b81b-d130df98854f49f4-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T15:18:00+00:00, 2024-04-25T15:47:48+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/Registration.Fields-3ce6506f.js | 185.244.209.62 | 200 OK | 8.9 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/vendors/Registration.Fields-3ce6506f.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (39925), with no line terminators Hash681145f0441284174ef426e56941290b 6e6844a39c0a7b28cd162391753ac6429a576728 a9b554dc85ad806c70c5a650600b4c39ea900812543992e8aa761b779600c3bb
GET /_nuxt/desktop/default/vendors/Registration.Fields-3ce6506f.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:48 GMT
content-type: application/javascript; charset=utf-8
content-length: 8875
last-modified: Thu, 25 Apr 2024 10:37:52 GMT
etag: "662a3280-22ab"
content-encoding: gzip
expires: Fri, 26 Apr 2024 14:28:43 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-1bf89eb638bf57c1d420a8863c6c40ea-9a2aebadd210285f-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T14:28:43+00:00, 2024-04-25T14:51:48+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-660473.top/bff-api/config/all.json?lang=en | 178.253.29.47 | 200 OK | 28 kB |
URL GET HTTP/21xlite-660473.top/bff-api/config/all.json?lang=en IP178.253.29.47:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerLet's Encrypt Subject1xlite-660473.top FingerprintAE:C9:7E:01:65:F2:2B:09:5E:F8:15:42:9A:94:F9:44:A4:7F:F2:5D ValidityTue, 26 Mar 2024 09:13:24 GMT - Mon, 24 Jun 2024 09:13:23 GMT
Hashd3369a35ebaf485ef2c65676ccdab2b2 51a6a8a687655144d18971b0197c777294986e23 bd8df5e777d22a5c3010f0293146a8102bf672b2a16c7c60e8909e71286bf7e5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /bff-api/config/all.json?lang=en HTTP/1.1
Host: 1xlite-660473.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-660473.top/en?tag=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
x-geoip2-country-code: ru
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder; platform_type=desktop; auid=sv0dL2Yq7Xxr7e+7AxAFAg==; SESSION=587ba088a1b8608459f8108426e49de1; window_width=1280; _glhf=1714107119; che_g=237c3e42-bb07-1392-9107-2863f3373895; application_locale=en; sh.session.id=36771331-bf5d-48a8-8829-8a3074d48db3; ggru=167
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:49 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: br
server-timing: bff;dur=114.00, dt_total;dur=121.121, wf-uht;dur=0.136
traceparent: 00-4c3a5c3465fab205c306b3ee69dcd303-78ab0e9b4714b7b2-01
vary: Accept-Encoding
x-dt: 285
x-time-ng: 0.114
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/e4f5a237b491.js | 185.244.209.62 | 200 OK | 14 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/e4f5a237b491.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Hash39ccd3abf820b48b552e48920172f7bb c59c94132bb60fba5409378eff05f19406da6ff5 257f9b72f129069bd138c8a8137bcc39f733b5d7887f3dc32d50e6a6260a81af
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/e4f5a237b491.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-660473.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:49 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 23 Apr 2024 12:34:23 GMT
etag: W/"827336e53d45532bf8abee174a7db24c"
x-amz-meta-mtime: 1713875281.745615589
content-encoding: gzip
expires: Wed, 24 Apr 2024 12:55:13 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-1e6f9893da9f34c5722ab4e3da2241e2-49c36b0220a83cb2-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T12:55:13+00:00, 2024-04-25T13:05:55+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-icons/1.0.328/285/country.svg | 185.244.209.62 | 200 OK | 63 kB |
URL GET HTTP/2v3.traincdn.com/sys-icons/1.0.328/285/country.svg IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Hash878dc111463822972958c8b0cb814ca4 50f30da8eb359ef153340a5f3f1c196f808680d9 95492e801a450ae01d38fe007cdf5a1978380b6ce4187fe3ede6ae12f0db7f75
GET /sys-icons/1.0.328/285/country.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-660473.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:48 GMT
content-type: image/svg+xml
last-modified: Mon, 15 Apr 2024 07:13:32 GMT
etag: W/"60caf0d666af828706b3d83c428a31e4"
x-amz-meta-mtime: 1713165210.217888091
content-encoding: gzip
expires: Tue, 23 Apr 2024 10:38:03 GMT
cache-control: max-age=86400
x-time-ng: 0.003
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-60db75f9f6af36d321eb7834fe4533d2-5e19e46cc203f6cb-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-22T10:38:03+00:00, 2024-04-25T11:01:26+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/5e0dc9f15b39.js | 185.244.209.62 | 200 OK | 53 B |
URL GET HTTP/2v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/5e0dc9f15b39.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
Hashbb7e15ec1662efa164ad912bd1c65e19 bdd420a5f5bf96a8a4f85abbbe3b0cd2ad547f52 a9378fb3de73c35f466dfae4d2956a63b95813d4eaf88ae7f4ce820d0992cc01
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/5e0dc9f15b39.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-660473.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:49 GMT
content-type: text/javascript; charset=utf-8
content-length: 53
last-modified: Tue, 23 Apr 2024 12:34:11 GMT
etag: "bb7e15ec1662efa164ad912bd1c65e19"
x-amz-meta-mtime: 1713875281.761615713
expires: Wed, 24 Apr 2024 20:51:53 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-708d25ce5e478baff6a4a6e54b99cf8e-c5947be93ae2cef0-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T20:51:53+00:00, 2024-04-25T14:20:37+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/shared-assets/__shared_popper_js_MO5RLEN3.js | 185.244.209.62 | 200 OK | 8.8 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/shared-assets/__shared_popper_js_MO5RLEN3.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Hashda845574307410bfeb3c7e758acba008 a785a593c9d9c1001a9fd83e2b4c9da88576d213 02b58ac50393eedf9ac7f9c61064084a3d52ccadb8fb7ae7985cfb05c8b669e0
GET /sys-static/shared-assets/__shared_popper_js_MO5RLEN3.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-660473.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:48 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 24 Apr 2024 11:42:21 GMT
etag: W/"598d5481ac96b9bf8013b0eb1413b8e5"
x-amz-meta-mtime: 1713958799.496295842
content-encoding: gzip
expires: Thu, 25 Apr 2024 15:31:25 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-ba7b99ca2730c114e39b3e39aea5ca6b-6b694655df5c3b8c-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-24T15:31:25+00:00, 2024-04-25T12:27:14+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/694da3a9483f.js | 185.244.209.62 | 200 OK | 424 B |
URL GET HTTP/2v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/694da3a9483f.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJava source, ASCII text, with very long lines (423) Hash784714dbdeff946febf2eb88c77d6340 5da79cae3317a05b281ff8c256686a1a772b2352 1ba04d68c320b81d0d06784ac28bd95743cb6ef9ba02f34a3e733beca5e23c11
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/694da3a9483f.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-660473.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:49 GMT
content-type: text/javascript; charset=utf-8
content-length: 424
last-modified: Tue, 23 Apr 2024 12:34:23 GMT
etag: "784714dbdeff946febf2eb88c77d6340"
x-amz-meta-mtime: 1713875281.713615339
expires: Wed, 24 Apr 2024 12:55:17 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-984a442f2fea42b92a18ff6719bd4e44-49dcd37d79c21fac-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T12:55:17+00:00, 2024-04-25T13:53:27+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-660473.top/web-api/mobile | 178.253.29.47 | 200 OK | 34 kB |
URL POST HTTP/21xlite-660473.top/web-api/mobile IP178.253.29.47:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerLet's Encrypt Subject1xlite-660473.top FingerprintAE:C9:7E:01:65:F2:2B:09:5E:F8:15:42:9A:94:F9:44:A4:7F:F2:5D ValidityTue, 26 Mar 2024 09:13:24 GMT - Mon, 24 Jun 2024 09:13:23 GMT
Hash9cab5bd9648e50acfe75043982631c0d 12f5df8e5a59e6bac0a4cd074b7a0ec8fb713365 db492ee90d48d737bfbd6ddf1c25483d10e0877e75b6ee0a63950a9767f676e9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /web-api/mobile HTTP/1.1
Host: 1xlite-660473.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-660473.top/en?tag=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
Origin: https://1xlite-660473.top
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder; platform_type=desktop; auid=sv0dL2Yq7Xxr7e+7AxAFAg==; SESSION=587ba088a1b8608459f8108426e49de1; window_width=1280; _glhf=1714107119; che_g=237c3e42-bb07-1392-9107-2863f3373895; application_locale=en; sh.session.id=36771331-bf5d-48a8-8829-8a3074d48db3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:45 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: br
server-timing: p;dur=21, dt_total;dur=22.661, wf-uht;dur=0.033
traceparent: 00-5d477cefdb4c6ab47fcc175f75396199-530bc12e23dafe32-01
vary: Accept-Encoding
x-dt: 285
x-time-ng: 0.022
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| 1xlite-660473.top/web-api/api/v3/bonuses/welcome-bonuses | 178.253.29.47 | 200 OK | 711 B |
URL GET HTTP/21xlite-660473.top/web-api/api/v3/bonuses/welcome-bonuses IP178.253.29.47:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerLet's Encrypt Subject1xlite-660473.top FingerprintAE:C9:7E:01:65:F2:2B:09:5E:F8:15:42:9A:94:F9:44:A4:7F:F2:5D ValidityTue, 26 Mar 2024 09:13:24 GMT - Mon, 24 Jun 2024 09:13:23 GMT
Hash3b95c708633bddc9e7e22d49dad5fc0f a8df6625dbc748880d5d8c7848cf596f3745b87c e23bcc0d393deacc52f246838faf46a23d0bf4cfe70079980e20a4d0a2a80e53
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /web-api/api/v3/bonuses/welcome-bonuses HTTP/1.1
Host: 1xlite-660473.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-660473.top/en?tag=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder; platform_type=desktop; auid=sv0dL2Yq7Xxr7e+7AxAFAg==; SESSION=587ba088a1b8608459f8108426e49de1; window_width=1280; _glhf=1714107119; che_g=237c3e42-bb07-1392-9107-2863f3373895; application_locale=en
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:44 GMT
content-type: application/vnd.api+json
vary: Accept-Encoding
cache-control: no-cache, private
server-timing: p;dur=22, dt_total;dur=61.891, wf-uht;dur=0.070
traceparent: 00-1f8c96c08991f8daff1d1c619acde886-dcccc96c8b9e50e5-01
x-dt: 285
x-time-ng: 0.036
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/344e644612ea.js | 185.244.209.62 | 200 OK | 13 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/344e644612ea.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Hashfcd78bbc0c1abc8fe1d157e409212dd5 8707d489e63fe9f8f27eb313f8fd276e5c4bd70a 8fbdf6e5ffa0d5359d0c6a13ee3248f244af3410d49df586a54b461cdd3d701b
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/344e644612ea.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-660473.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:49 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 23 Apr 2024 12:34:22 GMT
etag: W/"e3860273696b2c2385615d1b02860059"
x-amz-meta-mtime: 1713875281.701615245
content-encoding: gzip
expires: Wed, 24 Apr 2024 12:55:17 GMT
cache-control: max-age=86400
x-time-ng: 0.001
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-18674c31d749990aa602da5e212d014b-495787e9a4c891ba-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T12:55:17+00:00, 2024-04-25T13:05:56+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/00526da4cdf3.css | 185.244.209.62 | 200 OK | 21 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/00526da4cdf3.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Hash373ee26f9b1e1c751e620dc1c915df6e bce3a7adf3539d912f99b8b5e1721e615acc2f2e 2438ff82cf5b964a6ed7ec517503416ee00a06256a1d286a5df688c1a8c941ab
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/00526da4cdf3.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:49 GMT
content-type: text/css; charset=utf-8
last-modified: Tue, 23 Apr 2024 12:34:11 GMT
etag: W/"6aa11e1c24ebb592cd2fe02d36340453"
x-amz-meta-mtime: 1713875281.633614714
content-encoding: gzip
expires: Thu, 25 Apr 2024 12:27:42 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-2fc9eba6837fd4d10fa5099354dae73f-4b11cf300ee3d727-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-24T12:27:42+00:00, 2024-04-25T14:20:35+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/3e98905ff0ef.js | 185.244.209.62 | 200 OK | 4.4 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/3e98905ff0ef.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Hash5a20ec504900d1e0c5e10ad37a6e1998 4a95fcff7d7d26950e082dab85f55a139070965f be734ef4821e192958172e699d1b84ee6d85d0f548f1a4ee18b1ca80d6dd180e
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/3e98905ff0ef.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-660473.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:49 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 23 Apr 2024 12:34:22 GMT
etag: W/"ea85164f3c2c7d7e126e0e8be39d1ce0"
x-amz-meta-mtime: 1713875281.701615245
content-encoding: gzip
expires: Wed, 24 Apr 2024 12:55:18 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-dee2798c15470e3f52aeb335346dd596-16bb3fd20949caf6-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T12:55:18+00:00, 2024-04-25T13:05:56+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/034cd6868126.js | 185.244.209.62 | 200 OK | 62 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/034cd6868126.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeUnicode text, UTF-8 text, with very long lines (38187) Hasha2bb3a4f84cc4e6bfba45a8e4c3932e1 57bf2f515613e238a1764722cc33c0047f967df9 bb68af41c9da35a2304660ed2f598a9e188a5be99c6e4cef32f52af904300a54
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/034cd6868126.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-660473.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:49 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 23 Apr 2024 12:34:22 GMT
etag: W/"a2bb3a4f84cc4e6bfba45a8e4c3932e1"
x-amz-meta-mtime: 1713875281.673615027
content-encoding: gzip
expires: Wed, 24 Apr 2024 12:55:16 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-990a0cb54b9e1a54dd06e8523def5a05-5dc536e0d909b873-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T12:55:16+00:00, 2024-04-25T13:05:56+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/4efc36d7a3c7.js | 185.244.209.62 | 200 OK | 70 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/4efc36d7a3c7.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (58867) Hash69c80009bab45e7bf538a3f587429990 77d1b7143adef2354e7cbf0febac790e3cbe446f 1d462fb93af65ca431e28a0a659d794ade9cdd4635543e72ca614d9a123cf784
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/4efc36d7a3c7.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-660473.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:49 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 23 Apr 2024 12:34:22 GMT
etag: W/"d6054001e832a4dbc81c272445edf992"
x-amz-meta-mtime: 1713875281.705615276
content-encoding: gzip
expires: Wed, 24 Apr 2024 12:55:17 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-88ef36741865962b5f2b3a54266e055a-3c37c2bbb764a237-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T12:55:17+00:00, 2024-04-25T13:53:25+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/093330da9752.js | 185.244.209.62 | 200 OK | 65 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/093330da9752.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Hashc6e052ab68e51e8c08d2894bb9ba31d0 b9f35cd7ffcdc13cb574d1da98ff224e2ab7f4fe 9fa52b857fc27cf352b1d7c4d96ef78043186a12152510c881ba61484f089410
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/093330da9752.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-660473.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:49 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 23 Apr 2024 12:34:22 GMT
etag: W/"e99039abd8dac007c9c64df5cbb76091"
x-amz-meta-mtime: 1713875281.673615027
content-encoding: gzip
expires: Wed, 24 Apr 2024 12:55:16 GMT
cache-control: max-age=86400
x-time-ng: 0.001
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-869f03c18122f6c4dd96ef6ba6fb4bdc-7ce60f55f579b3eb-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T12:55:16+00:00, 2024-04-25T13:53:25+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/betstemplates/bets_model_short_en_0.json | 185.244.209.62 | 200 OK | 68 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/betstemplates/bets_model_short_en_0.json IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Hashbd597cd7898ec7c92077c78226258411 6cbb2513f68acdd4bf6df6c763fb22ff3a473759 9f4017cabb33aeb17a2363f55260e2a1f7dddf2eccdf87ac446ae405fec3df5b
GET /genfiles/cms/betstemplates/bets_model_short_en_0.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-660473.top/
Origin: https://1xlite-660473.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:47 GMT
content-type: application/json
last-modified: Thu, 25 Apr 2024 14:04:55 GMT
etag: W/"d3e39abc76f19e176765d21ac9e70c5c"
content-encoding: gzip
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-9ed09d5aca431a458a2d8ba779b5f9af-9ad809fadd68dce7-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T15:42:47+00:00, 2024-04-25T23:34:29+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/0b23288bd734.js | 185.244.209.62 | 200 OK | 67 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/0b23288bd734.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Hashbf8733731fa46cc9f8b5c02a9f627ed3 ceda6259762a31a3bc5d0a59a3aa3ec7d4b77832 d0d6075c6dff69e6ac52d03977fcf5d19bad7000a81272af10e8922f3ea29945
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/0b23288bd734.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-660473.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:49 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 23 Apr 2024 12:34:22 GMT
etag: W/"ac462273a8335f158ccd0812c8d96cca"
x-amz-meta-mtime: 1713875281.673615027
content-encoding: gzip
expires: Wed, 24 Apr 2024 12:55:17 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-e097a7872b396fe96bfd7d24b6af4c23-8c0b88a80758114b-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T12:55:17+00:00, 2024-04-25T13:05:56+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2 | 185.244.209.62 | 200 OK | 64 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2 IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 63920, version 1.0 Hasha65527fcb58f66a7cfbc0e6b160538b4 45d260e7fa343401b5bb0df982a014f53e2d253b fb13c3a1cbac60649b76f7d7f85c1645d35ac69b85ce5f4eb0692505ecc2cd45
GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-660473.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:51 GMT
content-type: font/woff2
content-length: 63920
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "a65527fcb58f66a7cfbc0e6b160538b4"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-f26d222482e2258b3dfa52361c4ba17c-7ac4d9700d8b457e-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T07:54:39+00:00, 2024-04-25T23:10:28+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2 | 185.244.209.62 | 200 OK | 64 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2 IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 63748, version 1.0 Hash6887b6f24414dbc612dbf42ccdc76b70 8068d3abfbc6cbf35b55919da45b1f4d2d136238 fc5c015fc32518f1ed810fa84ca28941eb9d5a3c81acc8df69a4dbbeedef7b0c
GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-660473.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:52 GMT
content-type: font/woff2
content-length: 63748
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "6887b6f24414dbc612dbf42ccdc76b70"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-7b8e04d4854672d5ae5806ae91b210cc-7777ce545e226be1-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T07:13:59+00:00, 2024-04-25T23:07:49+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2 | 185.244.209.62 | 200 OK | 64 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2 IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 63920, version 1.0 Hasha65527fcb58f66a7cfbc0e6b160538b4 45d260e7fa343401b5bb0df982a014f53e2d253b fb13c3a1cbac60649b76f7d7f85c1645d35ac69b85ce5f4eb0692505ecc2cd45
GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-660473.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:52 GMT
content-type: font/woff2
content-length: 63920
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "a65527fcb58f66a7cfbc0e6b160538b4"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-f581cb9fab4ecfcc4caa389f4d2e6d36-da783dc27b21301c-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T07:54:39+00:00, 2024-04-25T23:10:28+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/28a6402a2a0b.js | 185.244.209.62 | 200 OK | 66 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/28a6402a2a0b.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Hashbc08e0814497bc5c2f495219ca9c25bc 949d397b7ed43cd2e39c0e5ca398ec806bb37b1e 83d40d68a77cd4b8c85b40e840a38a315a72f5336080c08fe5dcff24fd8991d3
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/28a6402a2a0b.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-660473.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:49 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 23 Apr 2024 12:34:22 GMT
etag: W/"24906b7dbc572ec6dd8117e9bd9939e3"
x-amz-meta-mtime: 1713875281.693615182
content-encoding: gzip
expires: Wed, 24 Apr 2024 12:55:17 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-e60dfacfa00272422c9578510a5c3d1f-db8c06d88025fbc4-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T12:55:17+00:00, 2024-04-25T13:53:25+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-660473.top/service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true | 178.253.29.47 | 200 OK | 10 kB |
URL GET HTTP/21xlite-660473.top/service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true IP178.253.29.47:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerLet's Encrypt Subject1xlite-660473.top FingerprintAE:C9:7E:01:65:F2:2B:09:5E:F8:15:42:9A:94:F9:44:A4:7F:F2:5D ValidityTue, 26 Mar 2024 09:13:24 GMT - Mon, 24 Jun 2024 09:13:23 GMT
Hash78d42b7e64cc3bdfe8bb7a4e04cf7790 05a3af4b42cea796f03cff80073353fc8e0ffc72 4c72616ca293f2219b34d798e9623cd82b3ee35b2af846eedbd0e6dd94080ea9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true HTTP/1.1
Host: 1xlite-660473.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-660473.top/en?tag=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder; platform_type=desktop; auid=sv0dL2Yq7Xxr7e+7AxAFAg==; SESSION=587ba088a1b8608459f8108426e49de1; window_width=1280; _glhf=1714107119; che_g=237c3e42-bb07-1392-9107-2863f3373895; application_locale=en; sh.session.id=36771331-bf5d-48a8-8829-8a3074d48db3; ggru=167
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:53 GMT
content-type: application/json; charset=utf-8
content-length: 10007
cache-control: public, max-age=5
content-encoding: br
last-modified: Thu, 25 Apr 2024 23:55:53 GMT
vary: Accept-Encoding
x-time-ng: 0.055
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.063
X-Firefox-Spdy: h2
|
|
| widget.suphelper.top/_next/static/chunks/663-81a4add2f1c95639.js | 104.18.39.72 | 200 OK | 190 kB |
URL GET HTTP/2widget.suphelper.top/_next/static/chunks/663-81a4add2f1c95639.js IP104.18.39.72:443
Requested byhttps://widget.suphelper.top/ CertificateIssuerGoogle Trust Services LLC Subjectsuphelper.top Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36 ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT
File typegzip compressed data, from Unix Size190 kB (189741 bytes) Hash9756268c753213d9d29adb860aeae69f 68cbfa42020dfd73da3f6e008a4f321460fdc887 b9513e312cd82a89d1fe53b5037931ccdf0ebddcc6f7d2fb425603962c38770c
GET /_next/static/chunks/663-81a4add2f1c95639.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 25 Apr 2024 23:55:45 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Thu, 28 Mar 2024 06:56:31 GMT
etag: W/"5b0da-18e83d890e3"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 2476439
expires: Fri, 25 Apr 2025 23:55:45 GMT
server: cloudflare
cf-ray: 87a244071df656ae-OSL
X-Firefox-Spdy: h2
|
|
| 1xlite-660473.top/hd-api/external/api/web/v1/j/ed1m7i903i7d9g85516bf5e5bfc53d0fdc592771c9911bd5f19b | 178.253.29.47 | 200 OK | 515 B |
URL POST HTTP/21xlite-660473.top/hd-api/external/api/web/v1/j/ed1m7i903i7d9g85516bf5e5bfc53d0fdc592771c9911bd5f19b IP178.253.29.47:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerLet's Encrypt Subject1xlite-660473.top FingerprintAE:C9:7E:01:65:F2:2B:09:5E:F8:15:42:9A:94:F9:44:A4:7F:F2:5D ValidityTue, 26 Mar 2024 09:13:24 GMT - Mon, 24 Jun 2024 09:13:23 GMT
Hashecdbd38be34966d6993d0aaa27d566ce f3d3fbf448c205fac6c605d4bc95fcc37ca24e9f ecea03189d4fa5ace1b24aef4dbd48700d01d48d62ce4f5994260da4b058cff3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /hd-api/external/api/web/v1/j/ed1m7i903i7d9g85516bf5e5bfc53d0fdc592771c9911bd5f19b HTTP/1.1
Host: 1xlite-660473.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-660473.top/en?tag=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder
X-Requested-With: XMLHttpRequest
Content-Type: application/json
Content-Length: 105936
Origin: https://1xlite-660473.top
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder; platform_type=desktop; auid=sv0dL2Yq7Xxr7e+7AxAFAg==; SESSION=587ba088a1b8608459f8108426e49de1; window_width=1280; _glhf=1714107119; che_g=237c3e42-bb07-1392-9107-2863f3373895; application_locale=en; sh.session.id=36771331-bf5d-48a8-8829-8a3074d48db3; ggru=167
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:54 GMT
content-type: application/json
content-length: 515
content-encoding: gzip
traceparent: 00-dc398955a57bebd5c2a7699cd3890855-610fc3cd973c832a-01
vary: Accept-Encoding
x-dt: 285
x-request-guid: c2731ee3f18e72b14dde802eede8eb5a
x-time-ng: 0.006
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=5.381, wf-uht;dur=0.028
X-Firefox-Spdy: h2
|
|
| 1xlite-660473.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json | 178.253.29.47 | 200 OK | 23 B |
URL POST HTTP/21xlite-660473.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json IP178.253.29.47:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerLet's Encrypt Subject1xlite-660473.top FingerprintAE:C9:7E:01:65:F2:2B:09:5E:F8:15:42:9A:94:F9:44:A4:7F:F2:5D ValidityTue, 26 Mar 2024 09:13:24 GMT - Mon, 24 Jun 2024 09:13:23 GMT
Hash54c57e18e840f765d7e6bd34c8568af1 2ede0c1ef4f02f6121704c26d6bd39cb775adda6 e1ab381146d68bfe920b972f3ae77e1a71f0ccf28839f0834ddf2539a05069b4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json HTTP/1.1
Host: 1xlite-660473.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-660473.top/en?tag=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder
Content-Type: application/json
X-Lang: en
X-Uuid: 1cdba155-2a89-4500-9606-648141a6028a
Content-Length: 99
Origin: https://1xlite-660473.top
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder; platform_type=desktop; auid=sv0dL2Yq7Xxr7e+7AxAFAg==; SESSION=587ba088a1b8608459f8108426e49de1; window_width=1280; _glhf=1714107119; che_g=237c3e42-bb07-1392-9107-2863f3373895; application_locale=en; sh.session.id=36771331-bf5d-48a8-8829-8a3074d48db3; ggru=167
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:54 GMT
content-type: application/json
content-length: 23
x-time-ng: 0.000
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.009
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/analytics-c706fc54.js | 185.244.209.62 | 200 OK | 2.4 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/analytics-c706fc54.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (6444), with no line terminators Hash14c0a5b475850d7da7e8459bf9df5766 f4cbfa40f0f3e3781d23a8a2e3715bf8252a2402 a6a30f6358ba3aea4d315b8838587ef81df7d171d0f84e2aa6d6faaadad614fd
GET /_nuxt/desktop/default/analytics-c706fc54.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:55 GMT
content-type: application/javascript; charset=utf-8
content-length: 2434
last-modified: Thu, 25 Apr 2024 10:37:52 GMT
etag: "662a3280-982"
content-encoding: gzip
expires: Fri, 26 Apr 2024 14:28:50 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-6687f95da26376bf4d7a229ffe53da57-e31da6c000c68407-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T14:28:50+00:00, 2024-04-25T14:33:07+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-660473.top/service-api/LiveFeed/WebGetTopChampsZip?lng=en&gr=285&country=137 | 178.253.29.47 | 200 OK | 266 B |
URL GET HTTP/21xlite-660473.top/service-api/LiveFeed/WebGetTopChampsZip?lng=en&gr=285&country=137 IP178.253.29.47:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerLet's Encrypt Subject1xlite-660473.top FingerprintAE:C9:7E:01:65:F2:2B:09:5E:F8:15:42:9A:94:F9:44:A4:7F:F2:5D ValidityTue, 26 Mar 2024 09:13:24 GMT - Mon, 24 Jun 2024 09:13:23 GMT
Hashf8ff37b50397222b6b0fc5254695b78c 246172bd71b85ecac94c7cbe5a4d35b0e17d3e2f 8729571270ff6fca33ba3564cda631a6133387c9a2cb7ec221ec73d91fa6d829
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/WebGetTopChampsZip?lng=en&gr=285&country=137 HTTP/1.1
Host: 1xlite-660473.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-660473.top/en?tag=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiYi90Njcza1Z3Umd0Sm03WnV6WlQ3VkEvcG9sRU80UVhMNURtVnZMcG1kR0dmb3NDUFJScEpwcTJQeDltUk40SjkwTXFZYmU4WlBFR2xGTGVkLzhDMWxMWHZ0VHp5M09oU1FWMlFCUTVoSjFQdHVEYjg3RzhZbWJNTjFDcHpCYStuaE52VFkraUpHMmk0R3QwNlU2bFJTK0RsdENFclFiaVNTei9LZ0pNbzBEYnQzUzA1Qmc5Qmt0eXJQcXc4b2szcW9hemsxT01Sdk9IcEdlaTdQYUJnbFNabURCR3JXRUhvaDlURUtlczVaR3RBa1pDWHFyaFlDSWFHOTFDVS80SlJYaW5hYllFWTE5cEVRUlpWcG1SODM0VDJXa053dmI4MmdjMmdmWmlnMHVJIiwiZXhwIjoxNzE0MTAzNzU0LCJpYXQiOjE3MTQwODkzNTR9.Z4EP5s3-UKiwZNTlLOxwbjstRxZs5xeVZBGYYiixu6-I32n2n_sVDzxKHUH4FQLD2T37TUUa_bd3AQHZ-ALn_A
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder; platform_type=desktop; auid=sv0dL2Yq7Xxr7e+7AxAFAg==; SESSION=587ba088a1b8608459f8108426e49de1; window_width=1280; _glhf=1714107119; che_g=237c3e42-bb07-1392-9107-2863f3373895; application_locale=en; sh.session.id=36771331-bf5d-48a8-8829-8a3074d48db3; ggru=167
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:55 GMT
content-type: application/json; charset=utf-8
content-length: 266
cache-control: no-cache
content-encoding: br
last-modified: Thu, 25 Apr 2024 23:55:55 GMT
vary: Accept-Encoding
x-time-ng: 0.006
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.014
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-icons/1.0.328/285/coloredSvg.svg | 185.244.209.62 | 200 OK | 132 kB |
URL GET HTTP/2v3.traincdn.com/sys-icons/1.0.328/285/coloredSvg.svg IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Size132 kB (132366 bytes) Hash9ee98971bf9f107179f9ccfbf3940224 53e326c2bf2fa253a946aa458540a224ee89a816 4ea052dedae48178b9d65be34c8f2515e409fb283edccff2ec6fa89eac04cf99
GET /sys-icons/1.0.328/285/coloredSvg.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-660473.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:45 GMT
content-type: image/svg+xml
last-modified: Mon, 15 Apr 2024 07:13:32 GMT
etag: W/"fd241a06afa4bae60c4bbab7fa1a9a5b"
x-amz-meta-mtime: 1713165210.217888091
content-encoding: gzip
expires: Tue, 23 Apr 2024 10:38:11 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-3ea08d77817726a583315ad4cb1ba44f-131b7767dcd35481-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-22T10:38:11+00:00, 2024-04-25T11:15:25+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtm.js?id=GTM-KFGPRJ2V | 142.250.74.72 | 200 OK | 63 kB |
URL GET HTTP/2www.googletagmanager.com/gtm.js?id=GTM-KFGPRJ2V IP142.250.74.72:443
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
File typeJavaScript source, ASCII text, with very long lines (1763) Hashb891b1487647a7b5c543d54519250248 0758ea8a890cbba449c147efa2ef401928febe38 d74b699e5dae5536c155bf215c383fa22dd7ca007b2d9b87c1e302a33fc7bcc9
GET /gtm.js?id=GTM-KFGPRJ2V HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 25 Apr 2024 23:55:55 GMT
expires: Thu, 25 Apr 2024 23:55:55 GMT
cache-control: private, max-age=900
last-modified: Thu, 25 Apr 2024 21:56:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 62928
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| radar.cedexis.com/1/23802/radar.js | 45.54.49.5 | 302 Moved Temporarily | 154 B |
URL GET HTTP/1.1radar.cedexis.com/1/23802/radar.js IP45.54.49.5:443 ASN#63911 NetActuate, Inc
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerDigiCert Inc Subjectradar.cedexis.com Fingerprint33:58:79:8E:87:A5:C3:05:CA:E2:82:50:61:CF:72:83:BD:64:80:C1 ValidityFri, 29 Mar 2024 00:00:00 GMT - Fri, 28 Mar 2025 23:59:59 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hashcfbeaf604823f038b8b46f0ac862b98c 7b9eb1dac48e74fa5f418bc456cb410f88b81d98 20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /1/23802/radar.js HTTP/1.1
Host: radar.cedexis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 25 Apr 2024 23:55:55 GMT
Content-Type: text/html
Content-Length: 154
Connection: keep-alive
Location: /1707728419/stub.js
Expires: Fri, 26 Apr 2024 00:05:55 GMT
Cache-Control: max-age=600
Vary: User-Agent,DNT
|
|
| radar.cedexis.com/1707728419/stub.js | 45.54.49.5 | 200 OK | 271 B |
URL GET HTTP/1.1radar.cedexis.com/1707728419/stub.js IP45.54.49.5:443 ASN#63911 NetActuate, Inc
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerDigiCert Inc Subjectradar.cedexis.com Fingerprint33:58:79:8E:87:A5:C3:05:CA:E2:82:50:61:CF:72:83:BD:64:80:C1 ValidityFri, 29 Mar 2024 00:00:00 GMT - Fri, 28 Mar 2025 23:59:59 GMT
File typeJavaScript source, ASCII text Hash82dec77fd0353c7c71ce053b8601387e fbbca95419e1d0c042e0a5fdf10f380aca66188c 39f2b7b0fa78d37d0c84d2d6618bd635d86fd683d9bcdd5729850cb2a62522f7
GET /1707728419/stub.js HTTP/1.1
Host: radar.cedexis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-660473.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 23:55:55 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 12 Feb 2024 09:50:42 GMT
Vary: Accept-Encoding
ETag: W/"65c9e9f2-186"
Expires: Thu, 09 May 2024 23:55:55 GMT
Cache-Control: max-age=1209600, public
Content-Encoding: gzip
|
|
| widget.suphelper.top/_next/static/chunks/81.9c6562bba5669b47.js | 104.18.39.72 | 200 OK | 9.8 kB |
URL GET HTTP/2widget.suphelper.top/_next/static/chunks/81.9c6562bba5669b47.js IP104.18.39.72:443
Requested byhttps://widget.suphelper.top/ CertificateIssuerGoogle Trust Services LLC Subjectsuphelper.top Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36 ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT
File typegzip compressed data, from Unix Hasha246fca424f22ccc9dcd93dcfa4c30b5 b7a1703cdcc41cbf3955839273f4238e0bad62c4 ebecf4fafc2a5f451b7b0c05d337f08602943f47bb21775f225abb5ab7376427
GET /_next/static/chunks/81.9c6562bba5669b47.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 25 Apr 2024 23:55:46 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://file-hosting-api-stage.kube.prod.cons.lan https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Thu, 09 Nov 2023 06:03:45 GMT
etag: W/"8f42-18bb2adf0eb"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 13462088
expires: Fri, 25 Apr 2025 23:55:46 GMT
server: cloudflare
cf-ray: 87a24410190556ae-OSL
X-Firefox-Spdy: h2
|
|
| 1xlite-660473.top/service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true | 178.253.29.47 | 200 OK | 2.7 kB |
URL GET HTTP/21xlite-660473.top/service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true IP178.253.29.47:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerLet's Encrypt Subject1xlite-660473.top FingerprintAE:C9:7E:01:65:F2:2B:09:5E:F8:15:42:9A:94:F9:44:A4:7F:F2:5D ValidityTue, 26 Mar 2024 09:13:24 GMT - Mon, 24 Jun 2024 09:13:23 GMT
Hashfe0e1dd8585aea7a1e7c01a8bbc98efb c3b0caad8de9beba1be043264d776c16590ac7f2 5c86acd1f9acaa15f0ad3af0c4d7a806d7bde4eca9813724ccccb45d74e59474
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true HTTP/1.1
Host: 1xlite-660473.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-660473.top/en?tag=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiYi90Njcza1Z3Umd0Sm03WnV6WlQ3VkEvcG9sRU80UVhMNURtVnZMcG1kR0dmb3NDUFJScEpwcTJQeDltUk40SjkwTXFZYmU4WlBFR2xGTGVkLzhDMWxMWHZ0VHp5M09oU1FWMlFCUTVoSjFQdHVEYjg3RzhZbWJNTjFDcHpCYStuaE52VFkraUpHMmk0R3QwNlU2bFJTK0RsdENFclFiaVNTei9LZ0pNbzBEYnQzUzA1Qmc5Qmt0eXJQcXc4b2szcW9hemsxT01Sdk9IcEdlaTdQYUJnbFNabURCR3JXRUhvaDlURUtlczVaR3RBa1pDWHFyaFlDSWFHOTFDVS80SlJYaW5hYllFWTE5cEVRUlpWcG1SODM0VDJXa053dmI4MmdjMmdmWmlnMHVJIiwiZXhwIjoxNzE0MTAzNzU0LCJpYXQiOjE3MTQwODkzNTR9.Z4EP5s3-UKiwZNTlLOxwbjstRxZs5xeVZBGYYiixu6-I32n2n_sVDzxKHUH4FQLD2T37TUUa_bd3AQHZ-ALn_A
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder; platform_type=desktop; auid=sv0dL2Yq7Xxr7e+7AxAFAg==; SESSION=587ba088a1b8608459f8108426e49de1; window_width=1280; _glhf=1714107119; che_g=237c3e42-bb07-1392-9107-2863f3373895; application_locale=en; sh.session.id=36771331-bf5d-48a8-8829-8a3074d48db3; ggru=167; _ga_7JGWL9SV66=GS1.1.1714089355.1.0.1714089355.60.0.0; _ga=GA1.1.2128929782.1714089356
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:55 GMT
content-type: application/json; charset=utf-8
content-length: 2665
cache-control: public, max-age=5
content-encoding: br
last-modified: Thu, 25 Apr 2024 23:55:50 GMT
vary: Accept-Encoding
x-time-ng: 0.010
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
X-Firefox-Spdy: h2
|
|
| 1xlite-660473.top/service-api/LineFeed/GetSportsShortZip?lng=en&country=137&virtualSports=true&gr=285&groupChamps=true | 178.253.29.47 | 200 OK | 2.0 kB |
URL GET HTTP/21xlite-660473.top/service-api/LineFeed/GetSportsShortZip?lng=en&country=137&virtualSports=true&gr=285&groupChamps=true IP178.253.29.47:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerLet's Encrypt Subject1xlite-660473.top FingerprintAE:C9:7E:01:65:F2:2B:09:5E:F8:15:42:9A:94:F9:44:A4:7F:F2:5D ValidityTue, 26 Mar 2024 09:13:24 GMT - Mon, 24 Jun 2024 09:13:23 GMT
Hash945777af058bf9d43e194bb93cbd01ed bc8a34cea40dc06877db40e401e7486c410a344a 794cc9ee16128a52ccc9355d9ed6447f0ee123b4dcb3886c25b97332a47d38fb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LineFeed/GetSportsShortZip?lng=en&country=137&virtualSports=true&gr=285&groupChamps=true HTTP/1.1
Host: 1xlite-660473.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-660473.top/en?tag=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiYi90Njcza1Z3Umd0Sm03WnV6WlQ3VkEvcG9sRU80UVhMNURtVnZMcG1kR0dmb3NDUFJScEpwcTJQeDltUk40SjkwTXFZYmU4WlBFR2xGTGVkLzhDMWxMWHZ0VHp5M09oU1FWMlFCUTVoSjFQdHVEYjg3RzhZbWJNTjFDcHpCYStuaE52VFkraUpHMmk0R3QwNlU2bFJTK0RsdENFclFiaVNTei9LZ0pNbzBEYnQzUzA1Qmc5Qmt0eXJQcXc4b2szcW9hemsxT01Sdk9IcEdlaTdQYUJnbFNabURCR3JXRUhvaDlURUtlczVaR3RBa1pDWHFyaFlDSWFHOTFDVS80SlJYaW5hYllFWTE5cEVRUlpWcG1SODM0VDJXa053dmI4MmdjMmdmWmlnMHVJIiwiZXhwIjoxNzE0MTAzNzU0LCJpYXQiOjE3MTQwODkzNTR9.Z4EP5s3-UKiwZNTlLOxwbjstRxZs5xeVZBGYYiixu6-I32n2n_sVDzxKHUH4FQLD2T37TUUa_bd3AQHZ-ALn_A
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder; platform_type=desktop; auid=sv0dL2Yq7Xxr7e+7AxAFAg==; SESSION=587ba088a1b8608459f8108426e49de1; window_width=1280; _glhf=1714107119; che_g=237c3e42-bb07-1392-9107-2863f3373895; application_locale=en; sh.session.id=36771331-bf5d-48a8-8829-8a3074d48db3; ggru=167; _ga_7JGWL9SV66=GS1.1.1714089355.1.0.1714089355.60.0.0; _ga=GA1.1.2128929782.1714089356
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:56 GMT
content-type: application/json; charset=utf-8
content-length: 2021
cache-control: public, max-age=5
content-encoding: br
last-modified: Thu, 25 Apr 2024 23:55:56 GMT
vary: Accept-Encoding
x-time-ng: 0.067
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.075
X-Firefox-Spdy: h2
|
|
| region1.analytics.google.com/g/collect?v=2&tid=G-7JGWL9SV66>m=45je44o0v897130004za200&_p=1714089355324&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=2128929782.1714089356&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1714089355&sct=1&seg=0&dl=https%3A%2F%2F1xlite-660473.top%2Fen%3Ftag%3Dd_34142m_22583c_%255B%255DMS%255B%255Dnull%255B%255Dnull%255B%255Dgeneral%255B%255D%257Bsite_id%257D_d22490_l30755_clickunder&dt=1xBet%20%E1%90%89%20Online%20sports%20betting%20%E1%90%89%201xBet%20online%20bookmaker%20log%20in%20%E1%90%89%201xlite-660473.top&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.optimize_id=GTM-5R4MT54&tfd=17836 | 216.239.32.36 | 204 No Content | 0 B |
URL POST HTTP/2region1.analytics.google.com/g/collect?v=2&tid=G-7JGWL9SV66>m=45je44o0v897130004za200&_p=1714089355324&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=2128929782.1714089356&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1714089355&sct=1&seg=0&dl=https%3A%2F%2F1xlite-660473.top%2Fen%3Ftag%3Dd_34142m_22583c_%255B%255DMS%255B%255Dnull%255B%255Dnull%255B%255Dgeneral%255B%255D%257Bsite_id%257D_d22490_l30755_clickunder&dt=1xBet%20%E1%90%89%20Online%20sports%20betting%20%E1%90%89%201xBet%20online%20bookmaker%20log%20in%20%E1%90%89%201xlite-660473.top&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.optimize_id=GTM-5R4MT54&tfd=17836 IP216.239.32.36:443
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-7JGWL9SV66>m=45je44o0v897130004za200&_p=1714089355324&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=2128929782.1714089356&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1714089355&sct=1&seg=0&dl=https%3A%2F%2F1xlite-660473.top%2Fen%3Ftag%3Dd_34142m_22583c_%255B%255DMS%255B%255Dnull%255B%255Dnull%255B%255Dgeneral%255B%255D%257Bsite_id%257D_d22490_l30755_clickunder&dt=1xBet%20%E1%90%89%20Online%20sports%20betting%20%E1%90%89%201xBet%20online%20bookmaker%20log%20in%20%E1%90%89%201xlite-660473.top&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.optimize_id=GTM-5R4MT54&tfd=17836 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-660473.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://1xlite-660473.top
date: Thu, 25 Apr 2024 23:55:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 1xlite-660473.top/web-api/default/img/icons/pixels2.svg?v=1714089344 | 178.253.29.47 | 200 OK | 2.3 kB |
URL GET HTTP/21xlite-660473.top/web-api/default/img/icons/pixels2.svg?v=1714089344 IP178.253.29.47:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerLet's Encrypt Subject1xlite-660473.top FingerprintAE:C9:7E:01:65:F2:2B:09:5E:F8:15:42:9A:94:F9:44:A4:7F:F2:5D ValidityTue, 26 Mar 2024 09:13:24 GMT - Mon, 24 Jun 2024 09:13:23 GMT
File typePNG image data, 1 x 1, 8-bit/color RGB, non-interlaced Hashfcd54e6a5b01c8146fba917de39b09b9 ce8e81a1ba4a5e22c0fa1d1d6e73407c77b40049 de2daa46446b57d0b50272b46fd06c5f44fb3eb04441dd0c60d3cc8d02f7ebc4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /web-api/default/img/icons/pixels2.svg?v=1714089344 HTTP/1.1
Host: 1xlite-660473.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/en?tag=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder; platform_type=desktop; auid=sv0dL2Yq7Xxr7e+7AxAFAg==; SESSION=587ba088a1b8608459f8108426e49de1; window_width=1280; _glhf=1714107119; che_g=237c3e42-bb07-1392-9107-2863f3373895; application_locale=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:44 GMT
content-type: image/png
cache-control: no-cache, private
server-timing: p;dur=12, dt_total;dur=13.784, wf-uht;dur=0.025
traceparent: 00-6faf3446f3548a4306bbda8b265c849d-dad8b832decb3ee3-01
x-dt: 285
x-time-ng: 0.013
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/banner/0cd280af89b0819825587a2cf75e33d0.jpg | 185.244.209.62 | 200 OK | 39 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1/desktop/banner/0cd280af89b0819825587a2cf75e33d0.jpg IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1380x248, components 3 Hashb40d0e8304343f7070eff5ee310d7a98 db6c62254d55d3c26384345945ba84b4bafbf65e 484c8af4bfd7677b00a2d5d1dc26ab05990dc674585f71f9e8b21a79d95deff9
GET /genfiles/cms/1/desktop/banner/0cd280af89b0819825587a2cf75e33d0.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:58 GMT
content-type: image/jpeg
content-length: 39085
last-modified: Fri, 12 Apr 2024 09:23:30 GMT
etag: "b40d0e8304343f7070eff5ee310d7a98"
x-time-ng: 0.038
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-058c7d975a79a96c1d5d028bd3cf9399-f45abb03f34183fb-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-12T10:33:38+00:00, 2024-04-25T23:55:47+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-660473.top/service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true | 178.253.29.47 | 200 OK | 9.9 kB |
URL GET HTTP/21xlite-660473.top/service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true IP178.253.29.47:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerLet's Encrypt Subject1xlite-660473.top FingerprintAE:C9:7E:01:65:F2:2B:09:5E:F8:15:42:9A:94:F9:44:A4:7F:F2:5D ValidityTue, 26 Mar 2024 09:13:24 GMT - Mon, 24 Jun 2024 09:13:23 GMT
Hash64792e9974b2c121aac9a5e27c4c2aab f2263fad03c9c280809fdc3d252b75b45a298016 20478a6b67162d2048b6cc2b218960ebda4f099e1663d43a4b73ab303b3e7619
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true HTTP/1.1
Host: 1xlite-660473.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-660473.top/en?tag=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiYi90Njcza1Z3Umd0Sm03WnV6WlQ3VkEvcG9sRU80UVhMNURtVnZMcG1kR0dmb3NDUFJScEpwcTJQeDltUk40SjkwTXFZYmU4WlBFR2xGTGVkLzhDMWxMWHZ0VHp5M09oU1FWMlFCUTVoSjFQdHVEYjg3RzhZbWJNTjFDcHpCYStuaE52VFkraUpHMmk0R3QwNlU2bFJTK0RsdENFclFiaVNTei9LZ0pNbzBEYnQzUzA1Qmc5Qmt0eXJQcXc4b2szcW9hemsxT01Sdk9IcEdlaTdQYUJnbFNabURCR3JXRUhvaDlURUtlczVaR3RBa1pDWHFyaFlDSWFHOTFDVS80SlJYaW5hYllFWTE5cEVRUlpWcG1SODM0VDJXa053dmI4MmdjMmdmWmlnMHVJIiwiZXhwIjoxNzE0MTAzNzU0LCJpYXQiOjE3MTQwODkzNTR9.Z4EP5s3-UKiwZNTlLOxwbjstRxZs5xeVZBGYYiixu6-I32n2n_sVDzxKHUH4FQLD2T37TUUa_bd3AQHZ-ALn_A
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder; platform_type=desktop; auid=sv0dL2Yq7Xxr7e+7AxAFAg==; SESSION=587ba088a1b8608459f8108426e49de1; window_width=1280; _glhf=1714107119; che_g=237c3e42-bb07-1392-9107-2863f3373895; application_locale=en; sh.session.id=36771331-bf5d-48a8-8829-8a3074d48db3; ggru=167; _ga_7JGWL9SV66=GS1.1.1714089355.1.0.1714089355.60.0.0; _ga=GA1.1.2128929782.1714089356
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:59 GMT
content-type: application/json; charset=utf-8
content-length: 9938
cache-control: public, max-age=5
content-encoding: br
last-modified: Thu, 25 Apr 2024 23:55:59 GMT
vary: Accept-Encoding
x-time-ng: 0.018
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.028
X-Firefox-Spdy: h2
|
|
| 1xlite-660473.top/service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true | 178.253.29.47 | 200 OK | 2.7 kB |
URL GET HTTP/21xlite-660473.top/service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true IP178.253.29.47:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerLet's Encrypt Subject1xlite-660473.top FingerprintAE:C9:7E:01:65:F2:2B:09:5E:F8:15:42:9A:94:F9:44:A4:7F:F2:5D ValidityTue, 26 Mar 2024 09:13:24 GMT - Mon, 24 Jun 2024 09:13:23 GMT
Hash12ca3b10d1a07b72156d74bd13bb4374 b541c4883447422d7b35331bd37148a6376881f0 e7bb7e43d13b683aa9c3989444edc4ae574a315a79064f328d80318b77e41f4f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true HTTP/1.1
Host: 1xlite-660473.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-660473.top/en?tag=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiYi90Njcza1Z3Umd0Sm03WnV6WlQ3VkEvcG9sRU80UVhMNURtVnZMcG1kR0dmb3NDUFJScEpwcTJQeDltUk40SjkwTXFZYmU4WlBFR2xGTGVkLzhDMWxMWHZ0VHp5M09oU1FWMlFCUTVoSjFQdHVEYjg3RzhZbWJNTjFDcHpCYStuaE52VFkraUpHMmk0R3QwNlU2bFJTK0RsdENFclFiaVNTei9LZ0pNbzBEYnQzUzA1Qmc5Qmt0eXJQcXc4b2szcW9hemsxT01Sdk9IcEdlaTdQYUJnbFNabURCR3JXRUhvaDlURUtlczVaR3RBa1pDWHFyaFlDSWFHOTFDVS80SlJYaW5hYllFWTE5cEVRUlpWcG1SODM0VDJXa053dmI4MmdjMmdmWmlnMHVJIiwiZXhwIjoxNzE0MTAzNzU0LCJpYXQiOjE3MTQwODkzNTR9.Z4EP5s3-UKiwZNTlLOxwbjstRxZs5xeVZBGYYiixu6-I32n2n_sVDzxKHUH4FQLD2T37TUUa_bd3AQHZ-ALn_A
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder; platform_type=desktop; auid=sv0dL2Yq7Xxr7e+7AxAFAg==; SESSION=587ba088a1b8608459f8108426e49de1; window_width=1280; _glhf=1714107119; che_g=237c3e42-bb07-1392-9107-2863f3373895; application_locale=en; sh.session.id=36771331-bf5d-48a8-8829-8a3074d48db3; ggru=167; _ga_7JGWL9SV66=GS1.1.1714089355.1.0.1714089355.60.0.0; _ga=GA1.1.2128929782.1714089356
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:56:01 GMT
content-type: application/json; charset=utf-8
content-length: 2682
cache-control: public, max-age=5
content-encoding: br
last-modified: Thu, 25 Apr 2024 23:56:01 GMT
vary: Accept-Encoding
x-time-ng: 0.020
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.031
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/banner/48c55a46abd5ab116e797f7903d61d9a.webp | 185.244.209.62 | | 22 kB |
URL v3.traincdn.com/genfiles/cms/1/desktop/banner/48c55a46abd5ab116e797f7903d61d9a.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1380x248, Scaling: [none]x[none], YUV color, decoders should clamp Hash223959ab229c22ef60216e9c780ef376 03fef16fe4253987b207ebd4f5ab77da8262cad7 07dc1d52de65dc11175476efd14081c77cec2379f6b78879bca4c079c2675a3e
GET /genfiles/cms/1/desktop/banner/48c55a46abd5ab116e797f7903d61d9a.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:56:03 GMT
content-type: image/webp
content-length: 22384
last-modified: Wed, 06 Sep 2023 13:14:07 GMT
etag: "223959ab229c22ef60216e9c780ef376"
x-time-ng: 0.001
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
x-cached-since: 2024-02-27T14:23:29+00:00
traceparent: 00-a5f270335d2972bba1386d62fb8b8702-bcddba90c6e35dc3-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-660473.top/service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true | 178.253.29.47 | 200 OK | 9.9 kB |
URL GET HTTP/21xlite-660473.top/service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true IP178.253.29.47:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerLet's Encrypt Subject1xlite-660473.top FingerprintAE:C9:7E:01:65:F2:2B:09:5E:F8:15:42:9A:94:F9:44:A4:7F:F2:5D ValidityTue, 26 Mar 2024 09:13:24 GMT - Mon, 24 Jun 2024 09:13:23 GMT
Hash64792e9974b2c121aac9a5e27c4c2aab f2263fad03c9c280809fdc3d252b75b45a298016 20478a6b67162d2048b6cc2b218960ebda4f099e1663d43a4b73ab303b3e7619
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true HTTP/1.1
Host: 1xlite-660473.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-660473.top/en?tag=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiYi90Njcza1Z3Umd0Sm03WnV6WlQ3VkEvcG9sRU80UVhMNURtVnZMcG1kR0dmb3NDUFJScEpwcTJQeDltUk40SjkwTXFZYmU4WlBFR2xGTGVkLzhDMWxMWHZ0VHp5M09oU1FWMlFCUTVoSjFQdHVEYjg3RzhZbWJNTjFDcHpCYStuaE52VFkraUpHMmk0R3QwNlU2bFJTK0RsdENFclFiaVNTei9LZ0pNbzBEYnQzUzA1Qmc5Qmt0eXJQcXc4b2szcW9hemsxT01Sdk9IcEdlaTdQYUJnbFNabURCR3JXRUhvaDlURUtlczVaR3RBa1pDWHFyaFlDSWFHOTFDVS80SlJYaW5hYllFWTE5cEVRUlpWcG1SODM0VDJXa053dmI4MmdjMmdmWmlnMHVJIiwiZXhwIjoxNzE0MTAzNzU0LCJpYXQiOjE3MTQwODkzNTR9.Z4EP5s3-UKiwZNTlLOxwbjstRxZs5xeVZBGYYiixu6-I32n2n_sVDzxKHUH4FQLD2T37TUUa_bd3AQHZ-ALn_A
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder; platform_type=desktop; auid=sv0dL2Yq7Xxr7e+7AxAFAg==; SESSION=587ba088a1b8608459f8108426e49de1; window_width=1280; _glhf=1714107119; che_g=237c3e42-bb07-1392-9107-2863f3373895; application_locale=en; sh.session.id=36771331-bf5d-48a8-8829-8a3074d48db3; ggru=167; _ga_7JGWL9SV66=GS1.1.1714089355.1.0.1714089355.60.0.0; _ga=GA1.1.2128929782.1714089356
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:56:04 GMT
content-type: application/json; charset=utf-8
content-length: 9938
cache-control: public, max-age=5
content-encoding: br
last-modified: Thu, 25 Apr 2024 23:55:59 GMT
vary: Accept-Encoding
x-time-ng: 0.018
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
X-Firefox-Spdy: h2
|
|
| 1xlite-660473.top/service-api/LiveFeed/WebGetTopChampsZip?lng=en&gr=285&country=137 | 178.253.29.47 | 200 OK | 266 B |
URL GET HTTP/21xlite-660473.top/service-api/LiveFeed/WebGetTopChampsZip?lng=en&gr=285&country=137 IP178.253.29.47:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerLet's Encrypt Subject1xlite-660473.top FingerprintAE:C9:7E:01:65:F2:2B:09:5E:F8:15:42:9A:94:F9:44:A4:7F:F2:5D ValidityTue, 26 Mar 2024 09:13:24 GMT - Mon, 24 Jun 2024 09:13:23 GMT
Hashf8ff37b50397222b6b0fc5254695b78c 246172bd71b85ecac94c7cbe5a4d35b0e17d3e2f 8729571270ff6fca33ba3564cda631a6133387c9a2cb7ec221ec73d91fa6d829
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/WebGetTopChampsZip?lng=en&gr=285&country=137 HTTP/1.1
Host: 1xlite-660473.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-660473.top/en?tag=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiYi90Njcza1Z3Umd0Sm03WnV6WlQ3VkEvcG9sRU80UVhMNURtVnZMcG1kR0dmb3NDUFJScEpwcTJQeDltUk40SjkwTXFZYmU4WlBFR2xGTGVkLzhDMWxMWHZ0VHp5M09oU1FWMlFCUTVoSjFQdHVEYjg3RzhZbWJNTjFDcHpCYStuaE52VFkraUpHMmk0R3QwNlU2bFJTK0RsdENFclFiaVNTei9LZ0pNbzBEYnQzUzA1Qmc5Qmt0eXJQcXc4b2szcW9hemsxT01Sdk9IcEdlaTdQYUJnbFNabURCR3JXRUhvaDlURUtlczVaR3RBa1pDWHFyaFlDSWFHOTFDVS80SlJYaW5hYllFWTE5cEVRUlpWcG1SODM0VDJXa053dmI4MmdjMmdmWmlnMHVJIiwiZXhwIjoxNzE0MTAzNzU0LCJpYXQiOjE3MTQwODkzNTR9.Z4EP5s3-UKiwZNTlLOxwbjstRxZs5xeVZBGYYiixu6-I32n2n_sVDzxKHUH4FQLD2T37TUUa_bd3AQHZ-ALn_A
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder; platform_type=desktop; auid=sv0dL2Yq7Xxr7e+7AxAFAg==; SESSION=587ba088a1b8608459f8108426e49de1; window_width=1280; _glhf=1714107119; che_g=237c3e42-bb07-1392-9107-2863f3373895; application_locale=en; sh.session.id=36771331-bf5d-48a8-8829-8a3074d48db3; ggru=167; _ga_7JGWL9SV66=GS1.1.1714089355.1.0.1714089355.60.0.0; _ga=GA1.1.2128929782.1714089356
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:56:05 GMT
content-type: application/json; charset=utf-8
content-length: 266
cache-control: no-cache
content-encoding: br
last-modified: Thu, 25 Apr 2024 23:56:05 GMT
vary: Accept-Encoding
x-time-ng: 0.004
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.012
X-Firefox-Spdy: h2
|
|
| 1xlite-660473.top/service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true | 178.253.29.47 | 200 OK | 2.7 kB |
URL GET HTTP/21xlite-660473.top/service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true IP178.253.29.47:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerLet's Encrypt Subject1xlite-660473.top FingerprintAE:C9:7E:01:65:F2:2B:09:5E:F8:15:42:9A:94:F9:44:A4:7F:F2:5D ValidityTue, 26 Mar 2024 09:13:24 GMT - Mon, 24 Jun 2024 09:13:23 GMT
Hash12ca3b10d1a07b72156d74bd13bb4374 b541c4883447422d7b35331bd37148a6376881f0 e7bb7e43d13b683aa9c3989444edc4ae574a315a79064f328d80318b77e41f4f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true HTTP/1.1
Host: 1xlite-660473.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-660473.top/en?tag=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiYi90Njcza1Z3Umd0Sm03WnV6WlQ3VkEvcG9sRU80UVhMNURtVnZMcG1kR0dmb3NDUFJScEpwcTJQeDltUk40SjkwTXFZYmU4WlBFR2xGTGVkLzhDMWxMWHZ0VHp5M09oU1FWMlFCUTVoSjFQdHVEYjg3RzhZbWJNTjFDcHpCYStuaE52VFkraUpHMmk0R3QwNlU2bFJTK0RsdENFclFiaVNTei9LZ0pNbzBEYnQzUzA1Qmc5Qmt0eXJQcXc4b2szcW9hemsxT01Sdk9IcEdlaTdQYUJnbFNabURCR3JXRUhvaDlURUtlczVaR3RBa1pDWHFyaFlDSWFHOTFDVS80SlJYaW5hYllFWTE5cEVRUlpWcG1SODM0VDJXa053dmI4MmdjMmdmWmlnMHVJIiwiZXhwIjoxNzE0MTAzNzU0LCJpYXQiOjE3MTQwODkzNTR9.Z4EP5s3-UKiwZNTlLOxwbjstRxZs5xeVZBGYYiixu6-I32n2n_sVDzxKHUH4FQLD2T37TUUa_bd3AQHZ-ALn_A
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder; platform_type=desktop; auid=sv0dL2Yq7Xxr7e+7AxAFAg==; SESSION=587ba088a1b8608459f8108426e49de1; window_width=1280; _glhf=1714107119; che_g=237c3e42-bb07-1392-9107-2863f3373895; application_locale=en; sh.session.id=36771331-bf5d-48a8-8829-8a3074d48db3; ggru=167; _ga_7JGWL9SV66=GS1.1.1714089355.1.0.1714089355.60.0.0; _ga=GA1.1.2128929782.1714089356
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:56:06 GMT
content-type: application/json; charset=utf-8
content-length: 2682
cache-control: public, max-age=5
content-encoding: br
last-modified: Thu, 25 Apr 2024 23:56:01 GMT
vary: Accept-Encoding
x-time-ng: 0.020
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
X-Firefox-Spdy: h2
|
|
| 1xlite-660473.top/service-api/LineFeed/GetSportsShortZip?lng=en&country=137&virtualSports=true&gr=285&groupChamps=true | 178.253.29.47 | 200 OK | 2.0 kB |
URL GET HTTP/21xlite-660473.top/service-api/LineFeed/GetSportsShortZip?lng=en&country=137&virtualSports=true&gr=285&groupChamps=true IP178.253.29.47:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerLet's Encrypt Subject1xlite-660473.top FingerprintAE:C9:7E:01:65:F2:2B:09:5E:F8:15:42:9A:94:F9:44:A4:7F:F2:5D ValidityTue, 26 Mar 2024 09:13:24 GMT - Mon, 24 Jun 2024 09:13:23 GMT
Hash945777af058bf9d43e194bb93cbd01ed bc8a34cea40dc06877db40e401e7486c410a344a 794cc9ee16128a52ccc9355d9ed6447f0ee123b4dcb3886c25b97332a47d38fb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LineFeed/GetSportsShortZip?lng=en&country=137&virtualSports=true&gr=285&groupChamps=true HTTP/1.1
Host: 1xlite-660473.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-660473.top/en?tag=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiYi90Njcza1Z3Umd0Sm03WnV6WlQ3VkEvcG9sRU80UVhMNURtVnZMcG1kR0dmb3NDUFJScEpwcTJQeDltUk40SjkwTXFZYmU4WlBFR2xGTGVkLzhDMWxMWHZ0VHp5M09oU1FWMlFCUTVoSjFQdHVEYjg3RzhZbWJNTjFDcHpCYStuaE52VFkraUpHMmk0R3QwNlU2bFJTK0RsdENFclFiaVNTei9LZ0pNbzBEYnQzUzA1Qmc5Qmt0eXJQcXc4b2szcW9hemsxT01Sdk9IcEdlaTdQYUJnbFNabURCR3JXRUhvaDlURUtlczVaR3RBa1pDWHFyaFlDSWFHOTFDVS80SlJYaW5hYllFWTE5cEVRUlpWcG1SODM0VDJXa053dmI4MmdjMmdmWmlnMHVJIiwiZXhwIjoxNzE0MTAzNzU0LCJpYXQiOjE3MTQwODkzNTR9.Z4EP5s3-UKiwZNTlLOxwbjstRxZs5xeVZBGYYiixu6-I32n2n_sVDzxKHUH4FQLD2T37TUUa_bd3AQHZ-ALn_A
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder; platform_type=desktop; auid=sv0dL2Yq7Xxr7e+7AxAFAg==; SESSION=587ba088a1b8608459f8108426e49de1; window_width=1280; _glhf=1714107119; che_g=237c3e42-bb07-1392-9107-2863f3373895; application_locale=en; sh.session.id=36771331-bf5d-48a8-8829-8a3074d48db3; ggru=167; _ga_7JGWL9SV66=GS1.1.1714089355.1.0.1714089355.60.0.0; _ga=GA1.1.2128929782.1714089356
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:56:06 GMT
content-type: application/json; charset=utf-8
content-length: 2021
cache-control: public, max-age=5
content-encoding: br
last-modified: Thu, 25 Apr 2024 23:56:06 GMT
vary: Accept-Encoding
x-time-ng: 0.075
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.082
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/3083a20a3f73c30fce38710d7ada9cbb.svg | 185.244.209.62 | 200 OK | 30 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/3083a20a3f73c30fce38710d7ada9cbb.svg IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Hashbc17c99b94c74514265b2e39b2dd1599 50d711503c99c142882d7117174afbbdb9a9e2bf cf5d4bb7bcab5b6506f4817f919e909b9b9c5eecae72b32c04c53dac15c03a20
GET /genfiles/cms/1-285/desktop/media_asset/3083a20a3f73c30fce38710d7ada9cbb.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:45 GMT
content-type: image/svg+xml
last-modified: Wed, 19 Apr 2023 11:51:30 GMT
etag: W/"3ae81b002dca46d3b732ce3e03ae35c6"
content-encoding: gzip
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-5dff9705a0aa4a1df4407c63d98e4638-c46b57c57150eb02-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T08:36:11+00:00, 2024-04-25T23:21:47+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/banner/ae180f15a3d5b627f628afdca3fa6bdd.webp | 185.244.209.62 | | 37 kB |
URL v3.traincdn.com/genfiles/cms/1/desktop/banner/ae180f15a3d5b627f628afdca3fa6bdd.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1380x248, Scaling: [none]x[none], YUV color, decoders should clamp Hash75deadbff841341315c61275cb663d23 83f7a4805c1fe1e50c30ffe9372a2a4125a829e1 5535616e6979cbfeb494b91c37ac03dde69a30469e78ac0c6e80a778cb34393b
GET /genfiles/cms/1/desktop/banner/ae180f15a3d5b627f628afdca3fa6bdd.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:56:08 GMT
content-type: image/webp
content-length: 37416
last-modified: Wed, 20 Mar 2024 13:47:46 GMT
etag: "75deadbff841341315c61275cb663d23"
x-time-ng: 0.003
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
x-cached-since: 2024-04-01T08:00:53+00:00
traceparent: 00-678cdeab092cb2f38f11d41eace62af7-acddb390cc739ebe-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-660473.top/service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true | 178.253.29.47 | 200 OK | 10 kB |
URL GET HTTP/21xlite-660473.top/service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true IP178.253.29.47:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerLet's Encrypt Subject1xlite-660473.top FingerprintAE:C9:7E:01:65:F2:2B:09:5E:F8:15:42:9A:94:F9:44:A4:7F:F2:5D ValidityTue, 26 Mar 2024 09:13:24 GMT - Mon, 24 Jun 2024 09:13:23 GMT
Hash5b5c98c25be4e9538c90a2e56e6932f0 457fea00a7f3d0e3481960ac09d16ab88c394db7 942ef44e24c4ab013fe7dcab088ca333dfac937069b7a9433074909a370a6be8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true HTTP/1.1
Host: 1xlite-660473.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-660473.top/en?tag=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiYi90Njcza1Z3Umd0Sm03WnV6WlQ3VkEvcG9sRU80UVhMNURtVnZMcG1kR0dmb3NDUFJScEpwcTJQeDltUk40SjkwTXFZYmU4WlBFR2xGTGVkLzhDMWxMWHZ0VHp5M09oU1FWMlFCUTVoSjFQdHVEYjg3RzhZbWJNTjFDcHpCYStuaE52VFkraUpHMmk0R3QwNlU2bFJTK0RsdENFclFiaVNTei9LZ0pNbzBEYnQzUzA1Qmc5Qmt0eXJQcXc4b2szcW9hemsxT01Sdk9IcEdlaTdQYUJnbFNabURCR3JXRUhvaDlURUtlczVaR3RBa1pDWHFyaFlDSWFHOTFDVS80SlJYaW5hYllFWTE5cEVRUlpWcG1SODM0VDJXa053dmI4MmdjMmdmWmlnMHVJIiwiZXhwIjoxNzE0MTAzNzU0LCJpYXQiOjE3MTQwODkzNTR9.Z4EP5s3-UKiwZNTlLOxwbjstRxZs5xeVZBGYYiixu6-I32n2n_sVDzxKHUH4FQLD2T37TUUa_bd3AQHZ-ALn_A
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder; platform_type=desktop; auid=sv0dL2Yq7Xxr7e+7AxAFAg==; SESSION=587ba088a1b8608459f8108426e49de1; window_width=1280; _glhf=1714107119; che_g=237c3e42-bb07-1392-9107-2863f3373895; application_locale=en; sh.session.id=36771331-bf5d-48a8-8829-8a3074d48db3; ggru=167; _ga_7JGWL9SV66=GS1.1.1714089355.1.0.1714089355.60.0.0; _ga=GA1.1.2128929782.1714089356
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:56:09 GMT
content-type: application/json; charset=utf-8
content-length: 9954
cache-control: public, max-age=5
content-encoding: br
last-modified: Thu, 25 Apr 2024 23:56:09 GMT
vary: Accept-Encoding
x-time-ng: 0.018
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.030
X-Firefox-Spdy: h2
|
|
| pp23vi1.com/static/pixel.gif?1714089371374 | 178.253.14.123 | | 43 B |
URL pp23vi1.com/static/pixel.gif?1714089371374 IP178.253.14.123:0 ASN#202492 Silverhill Group Holding Ltd
File typeGIF image data, version 89a, 1 x 1 Hashad4b0f606e0f8465bc4c4c170b37e1a3 50b30fd5f87c85fe5cba2635cb83316ca71250d7 cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /static/pixel.gif?1714089371374 HTTP/1.1
Host: pp23vi1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:56:11 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
X-Firefox-Spdy: h2
|
|
| 1xlite-660473.top/service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true | 178.253.29.47 | 200 OK | 2.7 kB |
URL GET HTTP/21xlite-660473.top/service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true IP178.253.29.47:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerLet's Encrypt Subject1xlite-660473.top FingerprintAE:C9:7E:01:65:F2:2B:09:5E:F8:15:42:9A:94:F9:44:A4:7F:F2:5D ValidityTue, 26 Mar 2024 09:13:24 GMT - Mon, 24 Jun 2024 09:13:23 GMT
Hashdac8639f4b777e5322f8b24a65330da2 0ac37945f4a6b61107bac44c0eadabdb6839d5d1 6a5b89a73266f1f3ec39be96021fac7fc8689a9edba3184f1464d2766d35542d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true HTTP/1.1
Host: 1xlite-660473.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-660473.top/en?tag=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiYi90Njcza1Z3Umd0Sm03WnV6WlQ3VkEvcG9sRU80UVhMNURtVnZMcG1kR0dmb3NDUFJScEpwcTJQeDltUk40SjkwTXFZYmU4WlBFR2xGTGVkLzhDMWxMWHZ0VHp5M09oU1FWMlFCUTVoSjFQdHVEYjg3RzhZbWJNTjFDcHpCYStuaE52VFkraUpHMmk0R3QwNlU2bFJTK0RsdENFclFiaVNTei9LZ0pNbzBEYnQzUzA1Qmc5Qmt0eXJQcXc4b2szcW9hemsxT01Sdk9IcEdlaTdQYUJnbFNabURCR3JXRUhvaDlURUtlczVaR3RBa1pDWHFyaFlDSWFHOTFDVS80SlJYaW5hYllFWTE5cEVRUlpWcG1SODM0VDJXa053dmI4MmdjMmdmWmlnMHVJIiwiZXhwIjoxNzE0MTAzNzU0LCJpYXQiOjE3MTQwODkzNTR9.Z4EP5s3-UKiwZNTlLOxwbjstRxZs5xeVZBGYYiixu6-I32n2n_sVDzxKHUH4FQLD2T37TUUa_bd3AQHZ-ALn_A
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder; platform_type=desktop; auid=sv0dL2Yq7Xxr7e+7AxAFAg==; SESSION=587ba088a1b8608459f8108426e49de1; window_width=1280; _glhf=1714107119; che_g=237c3e42-bb07-1392-9107-2863f3373895; application_locale=en; sh.session.id=36771331-bf5d-48a8-8829-8a3074d48db3; ggru=167; _ga_7JGWL9SV66=GS1.1.1714089355.1.0.1714089355.60.0.0; _ga=GA1.1.2128929782.1714089356
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:56:11 GMT
content-type: application/json; charset=utf-8
content-length: 2695
cache-control: public, max-age=5
content-encoding: br
last-modified: Thu, 25 Apr 2024 23:56:11 GMT
vary: Accept-Encoding
x-time-ng: 0.011
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.019
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/banner/02ba76589565792069601ad523578b27.webp | 185.244.209.62 | | 23 kB |
URL v3.traincdn.com/genfiles/cms/1/desktop/banner/02ba76589565792069601ad523578b27.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1380x248, Scaling: [none]x[none], YUV color, decoders should clamp Hash94f24dc02426e0d7baf117e11bd3fd36 2482ed081abe85f9470a290ca0d362f0c9dd94a3 c4c5ae9f997b5aaa309494bcba42b17504a76daf7f0da2674df6314d8a9841fb
GET /genfiles/cms/1/desktop/banner/02ba76589565792069601ad523578b27.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:56:13 GMT
content-type: image/webp
content-length: 22774
last-modified: Thu, 07 Mar 2024 08:40:40 GMT
etag: "94f24dc02426e0d7baf117e11bd3fd36"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
x-cached-since: 2024-04-22T22:00:55+00:00
traceparent: 00-6ae144cf00dc2d1f40ee8b9844a96375-66b11b7367c8ca93-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-660473.top/service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true | 178.253.29.47 | 200 OK | 10 kB |
URL GET HTTP/21xlite-660473.top/service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true IP178.253.29.47:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerLet's Encrypt Subject1xlite-660473.top FingerprintAE:C9:7E:01:65:F2:2B:09:5E:F8:15:42:9A:94:F9:44:A4:7F:F2:5D ValidityTue, 26 Mar 2024 09:13:24 GMT - Mon, 24 Jun 2024 09:13:23 GMT
Hash5b5c98c25be4e9538c90a2e56e6932f0 457fea00a7f3d0e3481960ac09d16ab88c394db7 942ef44e24c4ab013fe7dcab088ca333dfac937069b7a9433074909a370a6be8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true HTTP/1.1
Host: 1xlite-660473.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-660473.top/en?tag=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiYi90Njcza1Z3Umd0Sm03WnV6WlQ3VkEvcG9sRU80UVhMNURtVnZMcG1kR0dmb3NDUFJScEpwcTJQeDltUk40SjkwTXFZYmU4WlBFR2xGTGVkLzhDMWxMWHZ0VHp5M09oU1FWMlFCUTVoSjFQdHVEYjg3RzhZbWJNTjFDcHpCYStuaE52VFkraUpHMmk0R3QwNlU2bFJTK0RsdENFclFiaVNTei9LZ0pNbzBEYnQzUzA1Qmc5Qmt0eXJQcXc4b2szcW9hemsxT01Sdk9IcEdlaTdQYUJnbFNabURCR3JXRUhvaDlURUtlczVaR3RBa1pDWHFyaFlDSWFHOTFDVS80SlJYaW5hYllFWTE5cEVRUlpWcG1SODM0VDJXa053dmI4MmdjMmdmWmlnMHVJIiwiZXhwIjoxNzE0MTAzNzU0LCJpYXQiOjE3MTQwODkzNTR9.Z4EP5s3-UKiwZNTlLOxwbjstRxZs5xeVZBGYYiixu6-I32n2n_sVDzxKHUH4FQLD2T37TUUa_bd3AQHZ-ALn_A
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder; platform_type=desktop; auid=sv0dL2Yq7Xxr7e+7AxAFAg==; SESSION=587ba088a1b8608459f8108426e49de1; window_width=1280; _glhf=1714107119; che_g=237c3e42-bb07-1392-9107-2863f3373895; application_locale=en; sh.session.id=36771331-bf5d-48a8-8829-8a3074d48db3; ggru=167; _ga_7JGWL9SV66=GS1.1.1714089355.1.0.1714089355.60.0.0; _ga=GA1.1.2128929782.1714089356; che_i=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:56:14 GMT
content-type: application/json; charset=utf-8
content-length: 9954
cache-control: public, max-age=5
content-encoding: br
last-modified: Thu, 25 Apr 2024 23:56:09 GMT
vary: Accept-Encoding
x-time-ng: 0.018
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
X-Firefox-Spdy: h2
|
|
| 1xlite-660473.top/service-api/LiveFeed/WebGetTopChampsZip?lng=en&gr=285&country=137 | 178.253.29.47 | 200 OK | 329 B |
URL GET HTTP/21xlite-660473.top/service-api/LiveFeed/WebGetTopChampsZip?lng=en&gr=285&country=137 IP178.253.29.47:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerLet's Encrypt Subject1xlite-660473.top FingerprintAE:C9:7E:01:65:F2:2B:09:5E:F8:15:42:9A:94:F9:44:A4:7F:F2:5D ValidityTue, 26 Mar 2024 09:13:24 GMT - Mon, 24 Jun 2024 09:13:23 GMT
Hashf8ff37b50397222b6b0fc5254695b78c 246172bd71b85ecac94c7cbe5a4d35b0e17d3e2f 8729571270ff6fca33ba3564cda631a6133387c9a2cb7ec221ec73d91fa6d829
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/WebGetTopChampsZip?lng=en&gr=285&country=137 HTTP/1.1
Host: 1xlite-660473.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-660473.top/en?tag=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiYi90Njcza1Z3Umd0Sm03WnV6WlQ3VkEvcG9sRU80UVhMNURtVnZMcG1kR0dmb3NDUFJScEpwcTJQeDltUk40SjkwTXFZYmU4WlBFR2xGTGVkLzhDMWxMWHZ0VHp5M09oU1FWMlFCUTVoSjFQdHVEYjg3RzhZbWJNTjFDcHpCYStuaE52VFkraUpHMmk0R3QwNlU2bFJTK0RsdENFclFiaVNTei9LZ0pNbzBEYnQzUzA1Qmc5Qmt0eXJQcXc4b2szcW9hemsxT01Sdk9IcEdlaTdQYUJnbFNabURCR3JXRUhvaDlURUtlczVaR3RBa1pDWHFyaFlDSWFHOTFDVS80SlJYaW5hYllFWTE5cEVRUlpWcG1SODM0VDJXa053dmI4MmdjMmdmWmlnMHVJIiwiZXhwIjoxNzE0MTAzNzU0LCJpYXQiOjE3MTQwODkzNTR9.Z4EP5s3-UKiwZNTlLOxwbjstRxZs5xeVZBGYYiixu6-I32n2n_sVDzxKHUH4FQLD2T37TUUa_bd3AQHZ-ALn_A
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder; platform_type=desktop; auid=sv0dL2Yq7Xxr7e+7AxAFAg==; SESSION=587ba088a1b8608459f8108426e49de1; window_width=1280; _glhf=1714107119; che_g=237c3e42-bb07-1392-9107-2863f3373895; application_locale=en; sh.session.id=36771331-bf5d-48a8-8829-8a3074d48db3; ggru=167; _ga_7JGWL9SV66=GS1.1.1714089355.1.0.1714089355.60.0.0; _ga=GA1.1.2128929782.1714089356; che_i=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:56:15 GMT
content-type: application/json; charset=utf-8
content-length: 329
cache-control: no-cache
last-modified: Thu, 25 Apr 2024 23:56:15 GMT
x-time-ng: 0.004
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.012
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/7bd3bc288fd4.js | 185.244.209.62 | 200 OK | 450 B |
URL GET HTTP/2v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/7bd3bc288fd4.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (461), with no line terminators Hash94396d27c4d9bbfc299a901902e1f11d b3d5fb445111c1b6b783db81a899a548488ebf13 33fc76fe427142c306a281e02daec062575fe489c63851cb55b487e1b058699e
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/7bd3bc288fd4.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-660473.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:49 GMT
content-type: text/javascript; charset=utf-8
content-length: 450
last-modified: Tue, 23 Apr 2024 12:34:12 GMT
etag: "056ce527a12544a37f984ac598be2344"
x-amz-meta-mtime: 1713875281.717615371
expires: Thu, 25 Apr 2024 08:42:34 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-bea1201da70e6bf63a95b56fdf11da1b-e354a6d1c6d83711-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-24T08:42:34+00:00, 2024-04-25T15:38:02+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/64dfdd8b8c9a.css | 185.244.209.62 | 200 OK | 289 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/64dfdd8b8c9a.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (65536), with no line terminators Size289 kB (289227 bytes) Hash2605377ca9d2798b33fd07bc8da267d2 eed73cfda60c9543e553820f2ad6e5595ab536dd 64dfdd8b8c9aac073358493bac418554f2e14624ba26bbd98d328ed23e80a58f
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/64dfdd8b8c9a.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:45 GMT
content-type: text/css; charset=utf-8
last-modified: Tue, 23 Apr 2024 12:34:23 GMT
etag: W/"2605377ca9d2798b33fd07bc8da267d2"
x-amz-meta-mtime: 1713875281.709615308
content-encoding: gzip
expires: Wed, 24 Apr 2024 12:55:05 GMT
cache-control: max-age=86400
x-time-ng: 0.003
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-47e4ae6a5238ce73a2219aaec9eb98aa-e189eda9db48e9e1-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T12:55:05+00:00, 2024-04-25T13:05:49+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/93ec59abc015.js | 185.244.209.62 | 200 OK | 731 B |
URL GET HTTP/2v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/93ec59abc015.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (754), with no line terminators Hashd4e7ea71a87b1f1c120557c0645d517a 16245d27e56477993925754ded67747f4a22457a 55a7929fe0360afd2ceea901f484065432f5cbd00d12ce1bc4773407272d005f
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/93ec59abc015.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-660473.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:49 GMT
content-type: text/javascript; charset=utf-8
content-length: 731
last-modified: Tue, 23 Apr 2024 12:34:23 GMT
etag: "7d7870ff5bec46f886d9df91c47f1bd0"
x-amz-meta-mtime: 1713875281.725615432
expires: Wed, 24 Apr 2024 12:55:15 GMT
cache-control: max-age=86400
x-time-ng: 0.004
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-9bb9fd87adddbaf9289a3b7105957e9e-41ec61d918ceb709-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T12:55:15+00:00, 2024-04-25T13:05:55+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/2e7e82ef0fd8.css | 185.244.209.62 | 200 OK | 67 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/2e7e82ef0fd8.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hash86bbeccf1800ba74e6c228c6ac503cef d4313d9e6192f09b3fb3a6271878833647ac4076 2e7e82ef0fd81f87d43846e9c6bf605560206cc4ec9689695447f786d43448b8
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/2e7e82ef0fd8.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:49 GMT
content-type: text/css; charset=utf-8
last-modified: Tue, 23 Apr 2024 12:34:22 GMT
etag: W/"86bbeccf1800ba74e6c228c6ac503cef"
x-amz-meta-mtime: 1713875281.697615214
content-encoding: gzip
expires: Wed, 24 Apr 2024 12:55:15 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-10d257b6125b9d46636f81053d26af48-dc0652f87a0c48ff-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T12:55:15+00:00, 2024-04-25T13:05:55+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/shared-assets/__shared_sweetalert2_X3CQ7PJQ.js | 185.244.209.62 | 200 OK | 69 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/shared-assets/__shared_sweetalert2_X3CQ7PJQ.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (32238) Hash138de5d55ee831195dd90bbf5c557926 4413082980942643803d8d4567df2f8395c0e868 55a6d9d38b0c68a21367ae7ae43333bfa61e2eddd38b2376eb5b192f0a0383cd
GET /sys-static/shared-assets/__shared_sweetalert2_X3CQ7PJQ.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-660473.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:48 GMT
content-type: text/javascript; charset=utf-8
last-modified: Thu, 25 Apr 2024 14:15:00 GMT
etag: W/"138de5d55ee831195dd90bbf5c557926"
x-amz-meta-mtime: 1714054361.504148121
content-encoding: gzip
expires: Fri, 26 Apr 2024 15:18:02 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-01fa2cf9a0e7052df8fda6a31d1a16e3-d03d78e9cd11dbf2-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T15:18:02+00:00, 2024-04-25T15:52:17+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/6684c66fedf3.js | 185.244.209.62 | 200 OK | 715 B |
URL GET HTTP/2v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/6684c66fedf3.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (734), with no line terminators Hash2efb888dbb9343ee6d683e8d796d82f4 1e1e489141485affbc1919d379cf88f7d65d23e2 e019ff00da941f85d11e34442751266d09e627a7191f2b2177018c625ffe346c
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/6684c66fedf3.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-660473.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:49 GMT
content-type: text/javascript; charset=utf-8
content-length: 715
last-modified: Tue, 23 Apr 2024 12:34:23 GMT
etag: "363cae3f1a92357379ce31b700f431ee"
x-amz-meta-mtime: 1713875281.713615339
expires: Wed, 24 Apr 2024 12:55:16 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-5ff11906bdeeee4cb076fa8a4b26d575-ec38475d326d9548-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T12:55:16+00:00, 2024-04-25T14:33:03+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/banner/8c83a62ae8afe0aa371618f02b8e4a01.jpg | 0.0.0.0 | | 0 B |
URL GET v3.traincdn.com/genfiles/cms/1/desktop/banner/8c83a62ae8afe0aa371618f02b8e4a01.jpg IP0.0.0.0:0
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /genfiles/cms/1/desktop/banner/8c83a62ae8afe0aa371618f02b8e4a01.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/conversion-c1b13bbc.js | 185.244.209.62 | 200 OK | 199 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/vendors/conversion-c1b13bbc.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
Size199 kB (198582 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /_nuxt/desktop/default/vendors/conversion-c1b13bbc.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:50 GMT
content-type: application/javascript; charset=utf-8
content-length: 66631
last-modified: Thu, 25 Apr 2024 10:37:52 GMT
etag: "662a3280-10447"
content-encoding: gzip
expires: Fri, 26 Apr 2024 14:28:46 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-d4d1a2d7ac2ed7be2e941d8ee61c36ba-30b03acae09b774e-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T14:28:46+00:00, 2024-04-25T14:33:04+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-660473.top/paysystems/information/systems?lang=en&ref_id=1&geo=NO | 178.253.29.47 | 200 OK | 27 kB |
URL GET HTTP/21xlite-660473.top/paysystems/information/systems?lang=en&ref_id=1&geo=NO IP178.253.29.47:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerLet's Encrypt Subject1xlite-660473.top FingerprintAE:C9:7E:01:65:F2:2B:09:5E:F8:15:42:9A:94:F9:44:A4:7F:F2:5D ValidityTue, 26 Mar 2024 09:13:24 GMT - Mon, 24 Jun 2024 09:13:23 GMT
Hash812c2f39676a30e71127d858e88c0d15 f0e169da1feb9f5dc5171e5c703e87c3789212f2 e44186c360b880fbdfb7d84c89156a688e94f55c2a7f7a58bb176e8024eb1ebf
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /paysystems/information/systems?lang=en&ref_id=1&geo=NO HTTP/1.1
Host: 1xlite-660473.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-660473.top/en?tag=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder; platform_type=desktop; auid=sv0dL2Yq7Xxr7e+7AxAFAg==; SESSION=587ba088a1b8608459f8108426e49de1; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:43 GMT
content-type: application/json
cache-control: max-age=0, must-revalidate, private
content-encoding: br
expires: Thu, 25 Apr 2024 23:55:43 GMT
set-cookie: application_locale=en; expires=Sat, 25-May-2024 23:55:43 GMT; Max-Age=2592000; path=/; secure; samesite=lax
traceparent: 00-d632e514207306fec43599e25be8dd4f-979653aabe3fe1a1-01
vary: Accept-Encoding
x-dt: 285
x-time-ng: 0.212, 0.215
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=223.967, wf-uht;dur=0.232
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-ui/3.2.2/Desktop/Default/client.css | 185.244.209.62 | 200 OK | 1.0 MB |
URL GET HTTP/2v3.traincdn.com/sys-ui/3.2.2/Desktop/Default/client.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
Size1.0 MB (1048646 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sys-ui/3.2.2/Desktop/Default/client.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:45 GMT
content-type: text/css; charset=utf-8
last-modified: Fri, 19 Apr 2024 10:16:19 GMT
etag: W/"e4b8405071f7ea0e1aa13cd501543a44"
x-amz-meta-mtime: 1713521458.745453226
content-encoding: gzip
expires: Sat, 20 Apr 2024 11:51:17 GMT
cache-control: max-age=86400
x-time-ng: 0.010
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-eccfd51a0f04f1787b9ce53304ad068b-1b400331ad4a7cea-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-19T11:51:17+00:00, 2024-04-25T13:42:38+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| widget.suphelper.top/_next/static/chunks/framework-49f1e091cbf6b261.js | 104.18.39.72 | 200 OK | 141 kB |
URL GET HTTP/2widget.suphelper.top/_next/static/chunks/framework-49f1e091cbf6b261.js IP104.18.39.72:443
Requested byhttps://widget.suphelper.top/ CertificateIssuerGoogle Trust Services LLC Subjectsuphelper.top Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36 ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size141 kB (140949 bytes) Hash896d1930437c1ab92b8a359c1d6fdaae 71e0e23d1af9722f356eb5d1c497d100ec8b0f7a 8c508636d885890bfb5c56bcd6dad1b8b64c498781d351b588a8de7f686774d4
GET /_next/static/chunks/framework-49f1e091cbf6b261.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 23:55:45 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Thu, 02 Nov 2023 12:45:49 GMT
etag: W/"22695-18b9011853a"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 13463934
expires: Fri, 25 Apr 2025 23:55:45 GMT
server: cloudflare
cf-ray: 87a244070ded56ae-OSL
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-7JGWL9SV66 | 142.250.74.72 | 200 OK | 318 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=G-7JGWL9SV66 IP142.250.74.72:443
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
Size318 kB (318168 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /gtag/js?id=G-7JGWL9SV66 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 25 Apr 2024 23:55:55 GMT
expires: Thu, 25 Apr 2024 23:55:55 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 104917
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/banner/d94c9b1508a286d270c77946ff0972fa.jpg | 0.0.0.0 | | 0 B |
URL GET v3.traincdn.com/genfiles/cms/1/desktop/banner/d94c9b1508a286d270c77946ff0972fa.jpg IP0.0.0.0:0
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /genfiles/cms/1/desktop/banner/d94c9b1508a286d270c77946ff0972fa.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| widget.suphelper.top/injector.js | 104.18.39.72 | 200 OK | 208 kB |
URL GET HTTP/2widget.suphelper.top/injector.js IP104.18.39.72:443
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerGoogle Trust Services LLC Subjectsuphelper.top Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36 ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT
Size208 kB (208506 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /injector.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 23:55:43 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=14400
last-modified: Wed, 24 Apr 2024 22:20:24 GMT
etag: W/"32e7a-18f123218ef"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 59
expires: Fri, 26 Apr 2024 03:55:43 GMT
server: cloudflare
cf-ray: 87a243fb9a9156ae-OSL
X-Firefox-Spdy: h2
|
|
| 1xlite-660473.top/checker/redirect/stat/run/ | 178.253.29.47 | 200 OK | 39 B |
URL GET HTTP/21xlite-660473.top/checker/redirect/stat/run/ IP178.253.29.47:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerLet's Encrypt Subject1xlite-660473.top FingerprintAE:C9:7E:01:65:F2:2B:09:5E:F8:15:42:9A:94:F9:44:A4:7F:F2:5D ValidityTue, 26 Mar 2024 09:13:24 GMT - Mon, 24 Jun 2024 09:13:23 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hash764f7f12d724bf2514249c83bbcad27d 56a72117a1ad467989abfd5a60c97ccdf72b4ea1 94a127746162790d75a0d6a79416bb428db3ed8dbf7997f097c4e10cb132a6df
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /checker/redirect/stat/run/ HTTP/1.1
Host: 1xlite-660473.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-660473.top/en?tag=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder; platform_type=desktop; auid=sv0dL2Yq7Xxr7e+7AxAFAg==; SESSION=587ba088a1b8608459f8108426e49de1; window_width=1280; _glhf=1714107119; che_g=237c3e42-bb07-1392-9107-2863f3373895
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:43 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-time-ng: 0.001
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.008
X-Firefox-Spdy: h2
|
|
| 1xlite-660473.top/web-api/external-api/config/getVideoAccessConfig | 178.253.29.47 | 200 OK | 24 kB |
URL GET HTTP/21xlite-660473.top/web-api/external-api/config/getVideoAccessConfig IP178.253.29.47:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerLet's Encrypt Subject1xlite-660473.top FingerprintAE:C9:7E:01:65:F2:2B:09:5E:F8:15:42:9A:94:F9:44:A4:7F:F2:5D ValidityTue, 26 Mar 2024 09:13:24 GMT - Mon, 24 Jun 2024 09:13:23 GMT
Hashcb0bc8eedc642fc591c0eef57e6c67e5 6c62aeececef0a5ff474bb21bf569ad8d48f6bd0 c57136f602923fc19534e58f7da5a483616d80031222372e19a29fd6f22b0a0e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /web-api/external-api/config/getVideoAccessConfig HTTP/1.1
Host: 1xlite-660473.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-660473.top/en?tag=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder; platform_type=desktop; auid=sv0dL2Yq7Xxr7e+7AxAFAg==; SESSION=587ba088a1b8608459f8108426e49de1; window_width=1280; _glhf=1714107119; che_g=237c3e42-bb07-1392-9107-2863f3373895
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:43 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: br
server-timing: p;dur=19, dt_total;dur=27.065, wf-uht;dur=0.038
traceparent: 00-917282ae35048faaa7cb8539939ff249-7e3c8b3501148bb4-01
vary: Accept-Encoding
x-dt: 285
x-time-ng: 0.021
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/9b1085266c45.js | 185.244.209.62 | 200 OK | 435 B |
URL GET HTTP/2v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/9b1085266c45.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (442), with no line terminators Hashd69836398bd4895f9ed08b64602707fb 7728053840070d0fd29aecd5bed68b05e3c88ed9 3fdb4c2cb36694d071a78552a86fe769ce9ccaef08da172fb2b7158c96d0c69c
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/9b1085266c45.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-660473.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:49 GMT
content-type: text/javascript; charset=utf-8
content-length: 435
last-modified: Tue, 23 Apr 2024 12:34:23 GMT
etag: "b075575bc06525b491d4fd8da21e93ff"
x-amz-meta-mtime: 1713875281.729615464
expires: Wed, 24 Apr 2024 12:55:17 GMT
cache-control: max-age=86400
x-time-ng: 0.001
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-fea2c9d9eace20761bc4622fc2bd8fa7-bd32fb0474014431-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T12:55:17+00:00, 2024-04-25T13:05:57+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| widget.suphelper.top/_next/static/724286ac/_ssgManifest.js | 104.18.39.72 | 200 OK | 77 B |
URL GET HTTP/2widget.suphelper.top/_next/static/724286ac/_ssgManifest.js IP104.18.39.72:443
Requested byhttps://widget.suphelper.top/ CertificateIssuerGoogle Trust Services LLC Subjectsuphelper.top Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36 ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT
File typeASCII text, with no line terminators Hashb6652df95db52feb4daf4eca35380933 65451d110137761b318c82d9071c042db80c4036 6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
GET /_next/static/724286ac/_ssgManifest.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 23:55:45 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Wed, 24 Apr 2024 22:20:24 GMT
etag: W/"4d-18f12321a93"
vary: Accept-Encoding
cf-cache-status: HIT
age: 63475
expires: Fri, 25 Apr 2025 23:55:45 GMT
server: cloudflare
cf-ray: 87a244072dfa56ae-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 1xlite-660473.top/web-api/session | 178.253.29.47 | 204 No Content | 0 B |
URL GET HTTP/21xlite-660473.top/web-api/session IP178.253.29.47:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerLet's Encrypt Subject1xlite-660473.top FingerprintAE:C9:7E:01:65:F2:2B:09:5E:F8:15:42:9A:94:F9:44:A4:7F:F2:5D ValidityTue, 26 Mar 2024 09:13:24 GMT - Mon, 24 Jun 2024 09:13:23 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /web-api/session HTTP/1.1
Host: 1xlite-660473.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-660473.top/en?tag=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder; platform_type=desktop; auid=sv0dL2Yq7Xxr7e+7AxAFAg==; SESSION=587ba088a1b8608459f8108426e49de1; window_width=1280; _glhf=1714107119; che_g=237c3e42-bb07-1392-9107-2863f3373895; application_locale=en; sh.session.id=36771331-bf5d-48a8-8829-8a3074d48db3; ggru=167
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
server: nginx
date: Thu, 25 Apr 2024 23:55:50 GMT
cache-control: no-cache, private
server-timing: p;dur=13, dt_total;dur=19.378, wf-uht;dur=0.027
traceparent: 00-bf831033c58d97b6c9c21de3df63f48e-b60e26cde5fec5cb-01
x-dt: 285
x-time-ng: 0.019
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| 1xlite-660473.top/web-api/registration | 178.253.29.47 | 200 OK | 3.5 kB |
URL POST HTTP/21xlite-660473.top/web-api/registration IP178.253.29.47:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerLet's Encrypt Subject1xlite-660473.top FingerprintAE:C9:7E:01:65:F2:2B:09:5E:F8:15:42:9A:94:F9:44:A4:7F:F2:5D ValidityTue, 26 Mar 2024 09:13:24 GMT - Mon, 24 Jun 2024 09:13:23 GMT
File typeUnicode text, UTF-8 text, with very long lines (3790), with no line terminators Hash6404887dd8d444876d728785f6314374 0cddac90bc90d8d1e52211d25ea728b96441efb8 783ced4de55511848ae604cd1f938fb701451edc082773f2b0b90cf5e84e3b22
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /web-api/registration HTTP/1.1
Host: 1xlite-660473.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-660473.top/en?tag=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
Content-Length: 17
Origin: https://1xlite-660473.top
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder; platform_type=desktop; auid=sv0dL2Yq7Xxr7e+7AxAFAg==; SESSION=587ba088a1b8608459f8108426e49de1; window_width=1280; _glhf=1714107119; che_g=237c3e42-bb07-1392-9107-2863f3373895; application_locale=en; sh.session.id=36771331-bf5d-48a8-8829-8a3074d48db3; ggru=167
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:46 GMT
content-type: application/vnd.api+json
vary: Accept-Encoding
cache-control: no-cache, private
server-timing: p;dur=31, dt_total;dur=32.522, wf-uht;dur=0.043
traceparent: 00-f5b6c4b539dabf5cd7c5ef516a0a0bcd-f310ddcb1c8a684d-01
x-dt: 285
x-time-ng: 0.032
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/DownloadAppWidget-23d987ff.js | 185.244.209.62 | 200 OK | 12 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/DownloadAppWidget-23d987ff.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (11892), with no line terminators Hash8404462012316144032423ce8fbb64eb 5c746a0ed3594abdc7d43a410293e265dd3b2fca b1f58b41aa6480dc6df0ae7a62b0726e2cb0b3e5623513aa8e954c87450f7aca
GET /_nuxt/desktop/default/DownloadAppWidget-23d987ff.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:43 GMT
content-type: application/javascript; charset=utf-8
content-length: 4082
last-modified: Thu, 25 Apr 2024 10:37:52 GMT
etag: "662a3280-ff2"
content-encoding: gzip
expires: Fri, 26 Apr 2024 14:28:40 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-b11dbb40e7f259eaab135649cee18d1c-505e961058accca8-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T14:28:40+00:00, 2024-04-25T14:32:58+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/88071a5d390d.js | 185.244.209.62 | 200 OK | 2.1 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/88071a5d390d.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (2253), with no line terminators Hash1b344ec76dcafdf426afeeba25def135 9aa097a8abb0c275f9f3023d158937df65a7db61 c32914362b1e86de0ac03e17e47c0eb1b30f266ab539b33b6f69fa336135564c
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/88071a5d390d.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-660473.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:49 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 23 Apr 2024 12:34:23 GMT
etag: W/"3084b8e581d711a9e12b5519b6d0d789"
x-amz-meta-mtime: 1713875281.721615401
content-encoding: gzip
expires: Wed, 24 Apr 2024 12:55:17 GMT
cache-control: max-age=86400
x-time-ng: 0.001
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-8b9ae9ddb8f4753e0f3910bc6694a4e0-e63e96c0f8e45b34-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T12:55:17+00:00, 2024-04-25T13:05:56+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/5ba22d89fb5e0baa9f42d6e8dff46f80.webp | 185.244.209.62 | 200 OK | 654 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/5ba22d89fb5e0baa9f42d6e8dff46f80.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash0e815673664d700b931039a728d3621e 29136c5e24aa131b094a0acd4f91d7f04db8f389 60e235f40ebb0418332930e01b6c1a40b86ef50fad6067e6200d686740d252b9
GET /resized/size16/sfiles/logo_teams/5ba22d89fb5e0baa9f42d6e8dff46f80.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:48 GMT
content-type: image/webp
content-length: 654
cache-control: max-age=94608000
content-disposition: inline; filename="5ba22d89fb5e0baa9f42d6e8dff46f80.webp"
content-security-policy: script-src 'none'
expires: Fri, 16 Apr 2027 19:07:42 GMT
x-request-id: 11fdceed62985e23dab6c5b3fbfb1b1e
x-time-ng: 0.087
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-9892920b790ce38f518b1d328bc20b9f-74bf29552e0168c3-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-16T19:07:42+00:00, 2024-04-19T17:37:05+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| widget.suphelper.top/_next/static/chunks/pages/index-ed7cd77912c6e3a9.js | 104.18.39.72 | 200 OK | 107 kB |
URL GET HTTP/2widget.suphelper.top/_next/static/chunks/pages/index-ed7cd77912c6e3a9.js IP104.18.39.72:443
Requested byhttps://widget.suphelper.top/ CertificateIssuerGoogle Trust Services LLC Subjectsuphelper.top Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36 ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size107 kB (107186 bytes) Hashd0a7ecc59065580118a9ea8880c58962 21573546ac5011592094ef6aea0696ccdeb2164d e1b09efa81ca44cda394e366b64fbf2b3f0725eab9ad24782839cbb8f66842b5
GET /_next/static/chunks/pages/index-ed7cd77912c6e3a9.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 23:55:45 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Wed, 24 Apr 2024 22:20:24 GMT
etag: W/"1a2b2-18f12321a97"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 63484
expires: Fri, 25 Apr 2025 23:55:45 GMT
server: cloudflare
cf-ray: 87a244071df856ae-OSL
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/shared-assets/__shared_chunk_Y7BFQXXC.js | 185.244.209.62 | 200 OK | 1.0 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/shared-assets/__shared_chunk_Y7BFQXXC.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (1036), with no line terminators Hash305de1535e3f2a45efa2f1dd096f496e 9fd79178b39d8a196f9f3640758cc5285f5914fd 9b0fc84933536e9c4ca4b8013f656f393c6073e746901340133cbc11059aec46
GET /sys-static/shared-assets/__shared_chunk_Y7BFQXXC.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-660473.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:48 GMT
content-type: text/javascript; charset=utf-8
last-modified: Thu, 25 Apr 2024 13:13:28 GMT
etag: W/"8fecd56fc5520134f3c39b17431fe0c2"
x-amz-meta-mtime: 1714050698.034158118
content-encoding: gzip
expires: Fri, 26 Apr 2024 15:17:53 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-c0927159c74b71f6331ad20b99704732-ba3c4215c9535e8d-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T15:17:53+00:00, 2024-04-25T15:53:11+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-icons/1.0.328/285/sports.svg | 185.244.209.62 | 200 OK | 378 kB |
URL GET HTTP/2v3.traincdn.com/sys-icons/1.0.328/285/sports.svg IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Size378 kB (378005 bytes) Hash0c52e0c32f8f2667a72e0d57b63e02a3 a0fb81e89f2510e228c1298f2d107f5672c0a03d ed4dcc337364c73f4382c79e759156e064823c54a2f78d2747bafd87d41abe73
GET /sys-icons/1.0.328/285/sports.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-660473.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:44 GMT
content-type: image/svg+xml
last-modified: Mon, 15 Apr 2024 07:13:32 GMT
etag: W/"0c52e0c32f8f2667a72e0d57b63e02a3"
x-amz-meta-mtime: 1713165210.217888091
content-encoding: gzip
expires: Tue, 23 Apr 2024 10:38:02 GMT
cache-control: max-age=86400
x-time-ng: 0.004
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-5e7b05ca03d3d1d40a07359dabe30c06-f5f7e9332b3601e9-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-22T10:38:02+00:00, 2024-04-25T11:15:17+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/5b9788e0e69d648065053fce46822a34.webp | 185.244.209.62 | 200 OK | 770 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/5b9788e0e69d648065053fce46822a34.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash70c4fc7f19c6abec9c4cb4615a961b15 69811696f0c5012e6a9dcfcc0d81d746346926d9 c290eb12c099be673ffbb55665f241c4330b8c6876ffcbe4faacebc06b1aa64d
GET /resized/size16/sfiles/logo_teams/5b9788e0e69d648065053fce46822a34.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:48 GMT
content-type: image/webp
content-length: 770
cache-control: max-age=94608000
content-disposition: inline; filename="5b9788e0e69d648065053fce46822a34.webp"
content-security-policy: script-src 'none'
expires: Sun, 18 Apr 2027 20:38:39 GMT
x-request-id: c55461a932f10c00efdaa6f6dbb3de52
x-time-ng: 0.052
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-5cf26b807773df460c0aacd7ff3a14ee-bef57708b1fda985-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-18T20:38:38+00:00, 2024-04-21T21:31:32+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/a322b86594c618f37757a299bd9428d8.webp | 185.244.209.62 | 200 OK | 494 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/a322b86594c618f37757a299bd9428d8.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashf5f039d2fc4997bb5f5b1c2cbf24ea59 0e073e9e843ba0a5ac0e4c47f163c24ddc86a46d 421c2a6e321ec1dcfa0a1fffde5804f7ea83c67618a98c9e9d374d1ec9da27f6
GET /resized/size16/sfiles/logo_teams/a322b86594c618f37757a299bd9428d8.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:48 GMT
content-type: image/webp
content-length: 494
cache-control: max-age=94608000
content-disposition: inline; filename="a322b86594c618f37757a299bd9428d8.webp"
content-security-policy: script-src 'none'
expires: Thu, 22 Apr 2027 14:32:54 GMT
x-request-id: 48b8147c8d0e1ce061f8e7259e2184de
x-time-ng: 0.068
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-dadd2900135f4e87257a1417330c91ae-3795158afc96eab9-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-22T14:32:54+00:00, 2024-04-23T12:28:32+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| widget.suphelper.top/_next/static/724286ac/_middlewareManifest.js | 104.18.39.72 | 200 OK | 92 B |
URL GET HTTP/2widget.suphelper.top/_next/static/724286ac/_middlewareManifest.js IP104.18.39.72:443
Requested byhttps://widget.suphelper.top/ CertificateIssuerGoogle Trust Services LLC Subjectsuphelper.top Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36 ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT
File typeASCII text, with no line terminators Hash7c3f7e060745668041278118c0bb3d6d e639f56695b3cc30d78dce7a0084aa8299a1311a de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a
GET /_next/static/724286ac/_middlewareManifest.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 23:55:45 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Wed, 24 Apr 2024 22:20:24 GMT
etag: W/"5c-18f12321a93"
vary: Accept-Encoding
cf-cache-status: HIT
age: 63484
expires: Fri, 25 Apr 2025 23:55:45 GMT
server: cloudflare
cf-ray: 87a244072dfd56ae-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sfiles/games-images/game-animations/game-85-animation.svg | 185.244.209.62 | 200 OK | 14 kB |
URL GET HTTP/2v3.traincdn.com/sfiles/games-images/game-animations/game-85-animation.svg IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash9e7af5cc8f19e556b8696b1f616368bb 5dfc0391d0b038c0a854280a40cd89a6e5ed970e bfb06010ec5c7f94e57ce0ee75b270c76559d76e8e49e8085866bc11408345fb
GET /sfiles/games-images/game-animations/game-85-animation.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:45 GMT
content-type: image/svg+xml
last-modified: Wed, 24 Jan 2024 13:34:39 GMT
etag: W/"9e7af5cc8f19e556b8696b1f616368bb"
x-amz-meta-origin-date-iso8601: 2024-01-24T13:05:40.000Z
expires: Fri, 19 Apr 2024 00:06:27 GMT
cache-control: max-age=86400, public
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-2b906cd8e6f53042504f33aac8be9713-67c10aff3f2a1ad1-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T03:23:59+00:00, 2024-04-25T00:19:56+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/shared-assets/__shared_chunk_M4D4AAJL.js | 185.244.209.62 | 200 OK | 101 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/shared-assets/__shared_chunk_M4D4AAJL.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (35828) Size101 kB (100701 bytes) Hash51ddc52774f4e5bd6a6f1c22e9d19674 374c2fbb2b68ad9c28898dfe60da3fd828ccf7c4 642e66ee14ca90b6ff8f91fbfdce400c6834a037dee18a60a72922ea727bb442
GET /sys-static/shared-assets/__shared_chunk_M4D4AAJL.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-660473.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:48 GMT
content-type: text/javascript; charset=utf-8
last-modified: Thu, 25 Apr 2024 10:33:48 GMT
etag: W/"51ddc52774f4e5bd6a6f1c22e9d19674"
x-amz-meta-mtime: 1714041104.905613859
content-encoding: gzip
expires: Fri, 26 Apr 2024 12:41:55 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-adef34315d7cdf3500fc47ef1091b2c6-f574e9998e5c4df0-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T12:41:55+00:00, 2024-04-25T12:44:06+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/site-admin/colors/13f2420925687a194e4c38472ae71214.css | 185.244.209.62 | 200 OK | 36 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/site-admin/colors/13f2420925687a194e4c38472ae71214.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (36299), with no line terminators Hash4610c92e7697e57d1149e233ef5edab2 534bce5791c8a3f342e7fa8552458f3b45c60ab1 92fefebfb7788539968fe67373e000ba5cdfa9d19b041f3849d38f098b49d222
GET /genfiles/site-admin/colors/13f2420925687a194e4c38472ae71214.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:40 GMT
content-type: text/css
last-modified: Fri, 05 Apr 2024 07:40:06 GMT
etag: W/"4610c92e7697e57d1149e233ef5edab2"
content-encoding: gzip
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-6b0fc59e52a8aa4157353ff333f68b6c-ce902125266c3eaf-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-05T09:04:13+00:00, 2024-04-25T23:02:17+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-660473.top/web-api/api/v3/bonuses/first-deposit | 178.253.29.47 | 200 OK | 426 B |
URL GET HTTP/21xlite-660473.top/web-api/api/v3/bonuses/first-deposit IP178.253.29.47:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerLet's Encrypt Subject1xlite-660473.top FingerprintAE:C9:7E:01:65:F2:2B:09:5E:F8:15:42:9A:94:F9:44:A4:7F:F2:5D ValidityTue, 26 Mar 2024 09:13:24 GMT - Mon, 24 Jun 2024 09:13:23 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (464), with no line terminators Hash2d9b04c0ee3ec015e9094ce942ed9139 eebc58e94d15401f9c6737a4908018fd833d94ee dea4bd3b63fac017709162cd44048f725c21396da41d2cfdc235812fcf2eb6fc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /web-api/api/v3/bonuses/first-deposit HTTP/1.1
Host: 1xlite-660473.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-660473.top/en?tag=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder; platform_type=desktop; auid=sv0dL2Yq7Xxr7e+7AxAFAg==; SESSION=587ba088a1b8608459f8108426e49de1; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:43 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: br
server-timing: p;dur=37, dt_total;dur=74.195, wf-uht;dur=0.083
traceparent: 00-eca69a6c1d5bc6e58edca47c0411febd-8405c746be6b7d45-01
vary: Accept-Encoding
x-dt: 285
x-time-ng: 0.057
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| widget.suphelper.top/_next/static/724286ac/_buildManifest.js | 104.18.39.72 | 200 OK | 519 B |
URL GET HTTP/2widget.suphelper.top/_next/static/724286ac/_buildManifest.js IP104.18.39.72:443
Requested byhttps://widget.suphelper.top/ CertificateIssuerGoogle Trust Services LLC Subjectsuphelper.top Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36 ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT
File typeASCII text, with very long lines (547), with no line terminators Hash063abc9f05b28326f5878dcd728ca1f7 321099ea5d4fa6792974fd44503ffb3e75e5c5b0 73109b74c039aec5fc1e3f4e3c2e15585b1ba094f3e8291b0cd67f51b4b830c4
GET /_next/static/724286ac/_buildManifest.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 23:55:45 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Wed, 24 Apr 2024 22:20:24 GMT
etag: W/"207-18f12321a93"
vary: Accept-Encoding
cf-cache-status: HIT
age: 63484
expires: Fri, 25 Apr 2025 23:55:45 GMT
server: cloudflare
cf-ray: 87a244071df956ae-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/DownloadAppWidgetAnalytics-0a5e307c.js | 185.244.209.62 | 200 OK | 416 B |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/DownloadAppWidgetAnalytics-0a5e307c.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (420), with no line terminators Hash906c35276e85e8939b3fe5f91bc0dfb1 ce272bd1eed5bc052fa85f16807175cb33f9dbf3 93b4a34950a8d5a5d811f657dc58467ed4c96d56e25ab0142c438253f3157717
GET /_nuxt/desktop/default/DownloadAppWidgetAnalytics-0a5e307c.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:43 GMT
content-type: application/javascript; charset=utf-8
content-length: 365
last-modified: Thu, 25 Apr 2024 10:37:52 GMT
etag: "662a3280-16d"
content-encoding: gzip
expires: Fri, 26 Apr 2024 14:28:40 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-d80bb22868c7bc96f31a63c470142b2b-8ef50ae533de7db5-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T14:28:40+00:00, 2024-04-25T14:32:57+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-660473.top/hd-api/external/api/web/v1/converslon/load | 178.253.29.47 | 200 OK | 31 kB |
URL GET HTTP/21xlite-660473.top/hd-api/external/api/web/v1/converslon/load IP178.253.29.47:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerLet's Encrypt Subject1xlite-660473.top FingerprintAE:C9:7E:01:65:F2:2B:09:5E:F8:15:42:9A:94:F9:44:A4:7F:F2:5D ValidityTue, 26 Mar 2024 09:13:24 GMT - Mon, 24 Jun 2024 09:13:23 GMT
Hash77ed326a1dccf0bc8146ce556ef2613c 8e55b81ba65c5a251965f4ccde24068938f84be3 f42362b49d4af70aafd1afcb193b9609536645ddffc5b21a5091ac41d8d4e43b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /hd-api/external/api/web/v1/converslon/load HTTP/1.1
Host: 1xlite-660473.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-660473.top/en?tag=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder; platform_type=desktop; auid=sv0dL2Yq7Xxr7e+7AxAFAg==; SESSION=587ba088a1b8608459f8108426e49de1; window_width=1280; _glhf=1714107119; che_g=237c3e42-bb07-1392-9107-2863f3373895; application_locale=en; sh.session.id=36771331-bf5d-48a8-8829-8a3074d48db3; ggru=167
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:50 GMT
content-type: application/json
content-encoding: gzip
traceparent: 00-e5ed80e4eb3c5abc277b63258ad4de6f-0d393d8844b0533f-01
vary: Accept-Encoding
x-dt: 285
x-request-guid: 18436f8543dbdef413e219dbc80f343a
x-time-ng: 0.006
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=5.679, wf-uht;dur=0.014
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/banner/bf26d696b76130d9781b16f89f1de4cc.jpg | 0.0.0.0 | | 0 B |
URL GET v3.traincdn.com/genfiles/cms/1/desktop/banner/bf26d696b76130d9781b16f89f1de4cc.jpg IP0.0.0.0:0
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /genfiles/cms/1/desktop/banner/bf26d696b76130d9781b16f89f1de4cc.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/banner/29dd2b5a09fe4e96a7b713787183f597.webp | 185.244.209.62 | 200 OK | 27 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1/desktop/banner/29dd2b5a09fe4e96a7b713787183f597.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1380x248, Scaling: [none]x[none], YUV color, decoders should clamp Hash234b7215576d30793d525b847dd54694 a67893fb91daefe0d5576d0596387e5b89b70700 9b8287a313e05df6ef1244173a34cc1e93c8345432d481919296df8731383aef
GET /genfiles/cms/1/desktop/banner/29dd2b5a09fe4e96a7b713787183f597.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:47 GMT
content-type: image/webp
content-length: 27204
last-modified: Mon, 15 Apr 2024 10:22:26 GMT
etag: "234b7215576d30793d525b847dd54694"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
x-cached-since: 2024-04-22T09:00:01+00:00
traceparent: 00-0cc969a95a9543109e5075ae01d7a547-c8aab4b917837321-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7JGWL9SV66&cid=2128929782.1714089356>m=45je44o0v897130004za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=2142336007 | 142.250.74.163 | 200 OK | 42 B |
URL GET HTTP/2www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7JGWL9SV66&cid=2128929782.1714089356>m=45je44o0v897130004za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=2142336007 IP142.250.74.163:443
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerGoogle Trust Services LLC Subject*.google.no Fingerprint4E:BD:F9:72:97:67:A2:4B:EE:E4:B0:03:CD:C8:F3:30:53:27:53:1D ValidityMon, 18 Mar 2024 20:50:06 GMT - Mon, 10 Jun 2024 20:50:05 GMT
File typeGIF image data, version 89a, 1 x 1 Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7JGWL9SV66&cid=2128929782.1714089356>m=45je44o0v897130004za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=2142336007 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 25 Apr 2024 23:55:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/9a596f911770.js | 185.244.209.62 | 200 OK | 1.5 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/9a596f911770.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (1556), with no line terminators Hash21fc96d5cf58a7e83ad9c39e081b4926 8f3b38a3743cc5c7f6898e91c784611381de092e 42818bd31d84c24a7f003f9fdeb7ebe7e6d37125de6ca4c4daab8cdd134e494f
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/9a596f911770.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-660473.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:49 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 23 Apr 2024 12:34:23 GMT
etag: W/"37522b6a3d761c89809cb6f794ead60e"
x-amz-meta-mtime: 1713875281.725615432
content-encoding: gzip
expires: Wed, 24 Apr 2024 12:55:17 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-80c41addf8a0c300dc043c15b1889515-03926b82d8150d92-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T12:55:17+00:00, 2024-04-25T13:05:57+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| widget.suphelper.top/_next/static/chunks/7413e8b9-8adee4b5b5407a55.js | 104.18.39.72 | 200 OK | 78 kB |
URL GET HTTP/2widget.suphelper.top/_next/static/chunks/7413e8b9-8adee4b5b5407a55.js IP104.18.39.72:443
Requested byhttps://widget.suphelper.top/ CertificateIssuerGoogle Trust Services LLC Subjectsuphelper.top Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36 ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hashdc6852529f28802d37affa5953d07260 4edd220fe8df4b009a1775ebe57f19d40999659f 4aefb18221e4fb46818b0f52302b7c7717e45701e26990726cce645d8c80ed84
GET /_next/static/chunks/7413e8b9-8adee4b5b5407a55.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 23:55:45 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Wed, 17 Jan 2024 06:19:55 GMT
etag: W/"12fe9-18d161388b8"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 8616748
expires: Fri, 25 Apr 2025 23:55:45 GMT
server: cloudflare
cf-ray: 87a244070df356ae-OSL
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/d63b25015d05.js | 185.244.209.62 | 200 OK | 504 B |
URL GET HTTP/2v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/d63b25015d05.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (537), with no line terminators Hash73729d39c1243a5d7b02bb3653e93e61 5891166a06770aaba16353b147ae4a2f2e806a4b ac924b7509e7beb2d38f242ba4b6a81bc7dc3b76909133c4c1d3b7d26d30a89d
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/d63b25015d05.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-660473.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:49 GMT
content-type: text/javascript; charset=utf-8
content-length: 504
last-modified: Tue, 23 Apr 2024 12:34:23 GMT
etag: "cdd39c58f3e34ab3b3329f45f9e6199e"
x-amz-meta-mtime: 1713875281.741615558
expires: Wed, 24 Apr 2024 12:55:16 GMT
cache-control: max-age=86400
x-time-ng: 0.001
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-60d056cdf8d7c4db3697e5111dd89bec-f71eac14c445ea50-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T12:55:16+00:00, 2024-04-25T14:33:03+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/shared-assets/__shared_vue_deps_OVKZGHR6.js | 185.244.209.62 | 200 OK | 81 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/shared-assets/__shared_vue_deps_OVKZGHR6.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sys-static/shared-assets/__shared_vue_deps_OVKZGHR6.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-660473.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:48 GMT
content-type: text/javascript; charset=utf-8
last-modified: Thu, 25 Apr 2024 10:33:48 GMT
etag: W/"67267513246705d46a0bb83e1f8efd2a"
x-amz-meta-mtime: 1714041104.905613859
content-encoding: gzip
expires: Fri, 26 Apr 2024 12:41:55 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-6a435e97663658ba467a5885a1e8cc32-d6887b18e5e3f601-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T12:41:55+00:00, 2024-04-25T12:44:06+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/e5eb737e.css | 185.244.209.62 | 200 OK | 5.2 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/e5eb737e.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (5171), with no line terminators Hash5d231bea9b7df6bc1e9e74e3c0a231e1 2ef607f0c766fff1b4b1e90a2d98e7094c81721e c43fd428fe6e9d25ddf385a1cf03891194126ebf9e83d086af655272e815445b
GET /_nuxt/desktop/default/css/e5eb737e.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:48 GMT
content-type: text/css
content-length: 1050
last-modified: Wed, 24 Apr 2024 11:16:26 GMT
etag: "6628ea0a-41a"
content-encoding: gzip
expires: Fri, 26 Apr 2024 08:08:31 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-7c81179d5e720680d534dd2158dafc1c-167d36ce1f414a28-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T08:08:31+00:00, 2024-04-25T10:16:10+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| widget.suphelper.top/sounds/new-message.mp3 | 104.18.39.72 | 200 OK | 30 kB |
URL GET HTTP/2widget.suphelper.top/sounds/new-message.mp3 IP104.18.39.72:443
Requested byhttps://widget.suphelper.top/ CertificateIssuerGoogle Trust Services LLC Subjectsuphelper.top Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36 ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT
File typeMPEG ADTS, layer III, v1, 192 kbps, 48 kHz, JntStereo Hashef9af24dc7dbd24ffd99c832e1300351 f78744a5013038446c468de14f205f2d52373fd6 5049d7fe87a7327a291441181d1a328a15f46a21081b970502c540406011c9b9
GET /sounds/new-message.mp3 HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 23:55:46 GMT
content-type: audio/mpeg
content-length: 29952
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=14400
last-modified: Wed, 24 Apr 2024 22:20:24 GMT
etag: W/"7500-18f123218ff"
cf-cache-status: HIT
age: 558
expires: Fri, 26 Apr 2024 03:55:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a24410892256ae-OSL
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/7c43e6fa10d0665cf556d13ff2a1906d.svg | 185.244.209.62 | 200 OK | 1.2 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/7c43e6fa10d0665cf556d13ff2a1906d.svg IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hasha436db0af736498349f0127d8e7fab1e b07e2c449cf16ddb052ce40d881db13a0c890b9b 93261a519c1cea62e2c934496d5e0cbd1cbc8f65b4961811316e55d9e7c96ede
GET /genfiles/cms/1-285/desktop/media_asset/7c43e6fa10d0665cf556d13ff2a1906d.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:40 GMT
content-type: image/svg+xml
last-modified: Tue, 02 May 2023 10:06:49 GMT
etag: W/"7cca3986f7a5c4c164144ff11df71073"
content-encoding: gzip
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
x-cached-since: 2024-01-11T08:32:05+00:00
traceparent: 00-90371f4fc02d670d2876a216e2e2dd25-b6b90a139bbfcb9a-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-icons/1.0.328/285/common.svg | 185.244.209.62 | 200 OK | 147 kB |
URL GET HTTP/2v3.traincdn.com/sys-icons/1.0.328/285/common.svg IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Size147 kB (146981 bytes) Hash7bf3e9e7d79beac942f5e7748a3af2e6 7c6896ef647506806f2cdbe998d8c9eb845a1754 663e2fc5004af9c6c1969fc5827d7ffdbfeec8d4753efd831208cb179f0a488f
GET /sys-icons/1.0.328/285/common.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-660473.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:42 GMT
content-type: image/svg+xml
last-modified: Mon, 15 Apr 2024 07:13:32 GMT
etag: W/"7bf3e9e7d79beac942f5e7748a3af2e6"
x-amz-meta-mtime: 1713165210.217888091
content-encoding: gzip
expires: Tue, 23 Apr 2024 10:38:01 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-568024bea33793c284a3fc695a92c7d1-dfba0a09dd903fdf-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-22T10:38:01+00:00, 2024-04-25T11:15:14+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/shared-assets/__shared_vue_final_modal_XPPMTKII.js | 185.244.209.62 | 200 OK | 25 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/shared-assets/__shared_vue_final_modal_XPPMTKII.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (17403) Hash701ad5a22b8ea7213a53e334d0898349 87749d947f6aa40eb671447b58261d710ec5479b 07669c2ea7c29dd69e47f5518ba73b76389f3479e19f7362b461ef0fff96c1f0
GET /sys-static/shared-assets/__shared_vue_final_modal_XPPMTKII.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-660473.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:48 GMT
content-type: text/javascript; charset=utf-8
last-modified: Thu, 25 Apr 2024 10:33:48 GMT
etag: W/"701ad5a22b8ea7213a53e334d0898349"
x-amz-meta-mtime: 1714041104.909613795
content-encoding: gzip
expires: Fri, 26 Apr 2024 12:41:55 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-2abe67bb393ec3d3e344c46226e6d17a-fd7fb689063a3915-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T12:41:55+00:00, 2024-04-25T12:44:11+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/site-admin/css_vars/f506188b04c16eaa9c664ed23f7ce58e.css | 185.244.209.62 | 200 OK | 46 B |
URL GET HTTP/2v3.traincdn.com/genfiles/site-admin/css_vars/f506188b04c16eaa9c664ed23f7ce58e.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hashf506188b04c16eaa9c664ed23f7ce58e 08d068d7fa5a84beb06ba924a35d84d6bfdab30a b9bfda0e940104e190b19543b94a10d120643bd1516d3ca2d266a0af6c0966e9
GET /genfiles/site-admin/css_vars/f506188b04c16eaa9c664ed23f7ce58e.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:45 GMT
content-type: text/css
content-length: 46
last-modified: Fri, 12 Apr 2024 13:46:52 GMT
etag: "f506188b04c16eaa9c664ed23f7ce58e"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
x-cached-since: 2024-04-18T12:47:35+00:00
traceparent: 00-9572c7c22e943ef5f484cd4ab89cb53c-6005c746ce15f4b7-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-660473.top/bff-api/config/contacts.json?type=2&lang=en | 178.253.29.47 | 200 OK | 3.8 kB |
URL GET HTTP/21xlite-660473.top/bff-api/config/contacts.json?type=2&lang=en IP178.253.29.47:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerLet's Encrypt Subject1xlite-660473.top FingerprintAE:C9:7E:01:65:F2:2B:09:5E:F8:15:42:9A:94:F9:44:A4:7F:F2:5D ValidityTue, 26 Mar 2024 09:13:24 GMT - Mon, 24 Jun 2024 09:13:23 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (4380), with no line terminators Hash35b15ddc8b3ddba2cdb3bfc72981faf5 4a827b334a2c3d01ebda12287e001ff2342b1ed8 b73cc38f83e92cafd70e238deb6face9210af5603208057dd1a2077fdec6b3cc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /bff-api/config/contacts.json?type=2&lang=en HTTP/1.1
Host: 1xlite-660473.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-660473.top/en?tag=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder; platform_type=desktop; auid=sv0dL2Yq7Xxr7e+7AxAFAg==; SESSION=587ba088a1b8608459f8108426e49de1; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:43 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: br
server-timing: bff;dur=35.09, dt_total;dur=36.377, wf-uht;dur=0.044
traceparent: 00-d5a1d44b703ecd7671c39560bad5f3ad-7caf2aeac46cd87e-01
vary: Accept-Encoding
x-dt: 285
x-time-ng: 0.035
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| 1xlite-660473.top/web-api/api/web/v1/config/actualDomain | 178.253.29.47 | 200 OK | 269 B |
URL GET HTTP/21xlite-660473.top/web-api/api/web/v1/config/actualDomain IP178.253.29.47:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerLet's Encrypt Subject1xlite-660473.top FingerprintAE:C9:7E:01:65:F2:2B:09:5E:F8:15:42:9A:94:F9:44:A4:7F:F2:5D ValidityTue, 26 Mar 2024 09:13:24 GMT - Mon, 24 Jun 2024 09:13:23 GMT
File typeASCII text, with very long lines (309), with no line terminators Hash6469b5c07a262f60f11e004ac72262b1 978ec0042baae49cb3bc8a7882055ec9a053e522 459c4cead3579c67475b231f8d8e21e599e27ecf8108d8ba29dd10a558b43f53
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /web-api/api/web/v1/config/actualDomain HTTP/1.1
Host: 1xlite-660473.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder; platform_type=desktop; auid=sv0dL2Yq7Xxr7e+7AxAFAg==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:42 GMT
content-type: application/vnd.api+json
vary: Accept-Encoding
cache-control: no-cache, private
server-timing: p;dur=17, dt_total;dur=25.701, wf-uht;dur=0.033
set-cookie: SESSION=587ba088a1b8608459f8108426e49de1; path=/; secure; HttpOnly; SameSite=Lax
ua=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
traceparent: 00-8954d02792d7eef347491699ed2be249-bd2ab45f692a2731-01
x-dt: 285
x-time-ng: 0.026
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/banner/8c83a62ae8afe0aa371618f02b8e4a01.jpg | 185.244.209.62 | 200 OK | 82 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1/desktop/banner/8c83a62ae8afe0aa371618f02b8e4a01.jpg IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJPEG image data, progressive, precision 8, 1380x248, components 3 Hashad5f0025317357d48209be53322c4854 c95715c6077d270ab0d901fa43184565216d6177 e7d3aa1ad1cf16bb24ada1e8ab541fbd94aa6196e7f98e50b244c70b0d9b2204
GET /genfiles/cms/1/desktop/banner/8c83a62ae8afe0aa371618f02b8e4a01.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:54 GMT
content-type: image/jpeg
content-length: 81954
last-modified: Thu, 05 Oct 2023 10:29:43 GMT
etag: "ad5f0025317357d48209be53322c4854"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-0a6689ae2afb6af0cdca015b6d2f81f7-f522e624dbded173-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T09:26:31+00:00, 2024-04-25T23:55:47+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| refpamjeql.top/L?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder&site=34142&ad=22583 | 45.135.120.31 | 303 See Other | 908 kB |
URL User Request GET HTTP/2refpamjeql.top/L?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder&site=34142&ad=22583 IP45.135.120.31:443
CertificateIssuerLet's Encrypt Subjectrefpamjeql.top FingerprintFC:88:DE:71:6D:05:6E:E3:EE:1A:CD:0C:3E:A8:AE:CF:14:81:D1:40 ValidityMon, 25 Mar 2024 05:16:41 GMT - Sun, 23 Jun 2024 05:16:40 GMT
Size908 kB (907894 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /L?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder&site=34142&ad=22583 HTTP/1.1
Host: refpamjeql.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 303 See Other
server: nginx
date: Thu, 25 Apr 2024 23:55:38 GMT
cache-control: private
location: https://1xlite-660473.top:443/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder
x-aspnetmvc-version: 5.0
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.003
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/994284d39ca5.js | 185.244.209.62 | 200 OK | 1.4 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/994284d39ca5.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (1424), with no line terminators Hashc237470fa514edfe57b71d2e46e2b412 5e6dd202fcf52b92dd87afeb312b05f8581194ab 6268819bfc8850bad3c1d34f8b89ef0bc372e2b83703654c4e1c98f3ee425127
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/994284d39ca5.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-660473.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:49 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 23 Apr 2024 12:34:23 GMT
etag: W/"901f57b165b23c191081c0d0112a5eda"
x-amz-meta-mtime: 1713875281.725615432
content-encoding: gzip
expires: Wed, 24 Apr 2024 12:55:17 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-73df0b9285e7d26b41904f3adcb8887e-acb9aa1287ae35c4-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T12:55:17+00:00, 2024-04-25T13:05:56+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-660473.top/web-api/default/img/icons/pixels2.svg?v=1714089348 | 178.253.29.47 | 200 OK | 90 B |
URL GET HTTP/21xlite-660473.top/web-api/default/img/icons/pixels2.svg?v=1714089348 IP178.253.29.47:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerLet's Encrypt Subject1xlite-660473.top FingerprintAE:C9:7E:01:65:F2:2B:09:5E:F8:15:42:9A:94:F9:44:A4:7F:F2:5D ValidityTue, 26 Mar 2024 09:13:24 GMT - Mon, 24 Jun 2024 09:13:23 GMT
File typePNG image data, 1 x 1, 8-bit/color RGB, non-interlaced Hashe45f90dcbe718dea3476c4b69b501a4e e9af26a93c467a77e4733ec537f4f5ce7a4ba089 a439dd8761d9fd4ff88e82e83200877703594491065880dbd4e59ddf4ce1b204
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /web-api/default/img/icons/pixels2.svg?v=1714089348 HTTP/1.1
Host: 1xlite-660473.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/en?tag=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder; platform_type=desktop; auid=sv0dL2Yq7Xxr7e+7AxAFAg==; SESSION=587ba088a1b8608459f8108426e49de1; window_width=1280; _glhf=1714107119; che_g=237c3e42-bb07-1392-9107-2863f3373895; application_locale=en; sh.session.id=36771331-bf5d-48a8-8829-8a3074d48db3; ggru=167
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:48 GMT
content-type: image/png
cache-control: no-cache, private
server-timing: p;dur=13, dt_total;dur=14.274, wf-uht;dur=0.026
traceparent: 00-a9d091a04c699c779646e4b0496c4637-180b3c8cad175a87-01
x-dt: 285
x-time-ng: 0.014
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| 1xlite-660473.top/web-api/user/secure | 178.253.29.47 | 200 OK | 59 B |
URL POST HTTP/21xlite-660473.top/web-api/user/secure IP178.253.29.47:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerLet's Encrypt Subject1xlite-660473.top FingerprintAE:C9:7E:01:65:F2:2B:09:5E:F8:15:42:9A:94:F9:44:A4:7F:F2:5D ValidityTue, 26 Mar 2024 09:13:24 GMT - Mon, 24 Jun 2024 09:13:23 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hashc92b24765355b10d6b3891b988e27e30 44bf3aff85f16de7f831adf0135e4c33d503df31 ea260f1e7ab371523dea520bd13b1007273d6f93e2f50ceb307f5344258da5e7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /web-api/user/secure HTTP/1.1
Host: 1xlite-660473.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-660473.top/en?tag=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
Origin: https://1xlite-660473.top
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder; platform_type=desktop; auid=sv0dL2Yq7Xxr7e+7AxAFAg==; SESSION=587ba088a1b8608459f8108426e49de1; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:43 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: br
server-timing: p;dur=16, dt_total;dur=35.642, wf-uht;dur=0.048
set-cookie: _glhf=1714107119; expires=Fri, 26-Apr-2024 00:55:43 GMT; Max-Age=3600; path=/
traceparent: 00-02785dd16ac30d959b8009eb688f5755-ff4a274f584c72f5-01
vary: Accept-Encoding
x-dt: 285
x-time-ng: 0.033
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/shared-assets/__shared_localforage_PLMWICWN.js | 185.244.209.62 | 200 OK | 30 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/shared-assets/__shared_localforage_PLMWICWN.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (30255) Hashdfa127e93d125d4f6c566203eaf225f2 32c1fd89c4eeed7ac2a942582b3786659b15cd43 cf5077d1cff62ce76807408ebc2203563b7a221ddf1cf38339c6d54289bff390
GET /sys-static/shared-assets/__shared_localforage_PLMWICWN.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-660473.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:48 GMT
content-type: text/javascript; charset=utf-8
last-modified: Thu, 25 Apr 2024 13:43:42 GMT
etag: W/"dfa127e93d125d4f6c566203eaf225f2"
x-amz-meta-mtime: 1714052428.630038208
content-encoding: gzip
expires: Fri, 26 Apr 2024 15:18:00 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-d5aa32920ad6eb96990ab3cfa07974f1-952bee1d3f0f4a17-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T15:18:00+00:00, 2024-04-25T15:50:24+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-icons/1.0.330/285/common.svg | 185.244.209.62 | 200 OK | 147 kB |
URL GET HTTP/2v3.traincdn.com/sys-icons/1.0.330/285/common.svg IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Size147 kB (146981 bytes) Hash7bf3e9e7d79beac942f5e7748a3af2e6 7c6896ef647506806f2cdbe998d8c9eb845a1754 663e2fc5004af9c6c1969fc5827d7ffdbfeec8d4753efd831208cb179f0a488f
GET /sys-icons/1.0.330/285/common.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-660473.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:50 GMT
content-type: image/svg+xml
last-modified: Tue, 16 Apr 2024 09:41:01 GMT
etag: W/"7bf3e9e7d79beac942f5e7748a3af2e6"
x-amz-meta-mtime: 1713260458.134664491
content-encoding: gzip
expires: Fri, 19 Apr 2024 12:42:12 GMT
cache-control: max-age=86400
x-time-ng: 0.001
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-1d530f5d56fa95ef178149ba958f7b77-908b530c26c08fd1-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-18T12:42:12+00:00, 2024-04-25T13:53:27+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/banner/29dd2b5a09fe4e96a7b713787183f597.png | 0.0.0.0 | | 0 B |
URL GET v3.traincdn.com/genfiles/cms/1/desktop/banner/29dd2b5a09fe4e96a7b713787183f597.png IP0.0.0.0:0
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /genfiles/cms/1/desktop/banner/29dd2b5a09fe4e96a7b713787183f597.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/01023f59e318.js | 185.244.209.62 | 200 OK | 372 B |
URL GET HTTP/2v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/01023f59e318.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (379), with no line terminators Hasha9fb392e33230f72fecbc7435c9fbade a958b3e0c8867d258c038b6960de42f4a14ff5ae 1cae956a6ca4b4cdcfc8944ba7b7e96c87f58a71b97ad1c064a5449638c1c527
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/01023f59e318.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-660473.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:49 GMT
content-type: text/javascript; charset=utf-8
content-length: 372
last-modified: Tue, 23 Apr 2024 12:34:22 GMT
etag: "95f43fd089613a8f57a2ddcbce517853"
x-amz-meta-mtime: 1713875281.673615027
expires: Wed, 24 Apr 2024 12:55:17 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-214e98cfd200a154165a9df702c8ca98-ef1cc5fc8032e23c-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T12:55:17+00:00, 2024-04-25T13:05:56+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/c65c754d498ddb25accb3498c1e7540b.png | 185.244.209.62 | 200 OK | 5.2 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/c65c754d498ddb25accb3498c1e7540b.png IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typePNG image data, 514 x 514, 8-bit colormap, non-interlaced Hashb9a636eef54b2844b571fe7de49184a7 bf653690790ced40eb3189da075a275d951d1607 001bfcdd52b658d46543a1aec889d35b73b3909b47097cc011b95e96fc9e3743
GET /genfiles/cms/1-285/desktop/media_asset/c65c754d498ddb25accb3498c1e7540b.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:50 GMT
content-type: image/png
content-length: 5202
last-modified: Wed, 28 Feb 2024 07:52:20 GMT
etag: "b9a636eef54b2844b571fe7de49184a7"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-bcec5095b1d64316d34d27633b2744a5-818ef08fbe98fb78-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-03T07:12:40+00:00, 2024-04-25T23:47:36+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-660473.top/web-api/external-api/v3/banners?project_id=285&country_code=NO&language=en&platform=2§ion=6&is_auth=false&limit=100 | 178.253.29.47 | 200 OK | 31 kB |
URL GET HTTP/21xlite-660473.top/web-api/external-api/v3/banners?project_id=285&country_code=NO&language=en&platform=2§ion=6&is_auth=false&limit=100 IP178.253.29.47:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerLet's Encrypt Subject1xlite-660473.top FingerprintAE:C9:7E:01:65:F2:2B:09:5E:F8:15:42:9A:94:F9:44:A4:7F:F2:5D ValidityTue, 26 Mar 2024 09:13:24 GMT - Mon, 24 Jun 2024 09:13:23 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /web-api/external-api/v3/banners?project_id=285&country_code=NO&language=en&platform=2§ion=6&is_auth=false&limit=100 HTTP/1.1
Host: 1xlite-660473.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-660473.top/en?tag=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder; platform_type=desktop; auid=sv0dL2Yq7Xxr7e+7AxAFAg==; SESSION=587ba088a1b8608459f8108426e49de1; window_width=1280; _glhf=1714107119; che_g=237c3e42-bb07-1392-9107-2863f3373895; application_locale=en; sh.session.id=36771331-bf5d-48a8-8829-8a3074d48db3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:45 GMT
content-type: application/vnd.api+json
vary: Accept-Encoding
cache-control: no-cache, private
server-timing: p;dur=100, dt_total;dur=104.111, wf-uht;dur=0.117
traceparent: 00-4bba5b027108fc669123956fa0ddce39-7031ca3aaace530b-01
x-dt: 285
x-time-ng: 0.101
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| 1xlite-660473.top/genfiles/cms/1-285/desktop/media_asset/6a3b01d318b759a5d8cbcd76fd908037.json | 178.253.29.47 | 200 OK | 2.1 kB |
URL GET HTTP/21xlite-660473.top/genfiles/cms/1-285/desktop/media_asset/6a3b01d318b759a5d8cbcd76fd908037.json IP178.253.29.47:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerLet's Encrypt Subject1xlite-660473.top FingerprintAE:C9:7E:01:65:F2:2B:09:5E:F8:15:42:9A:94:F9:44:A4:7F:F2:5D ValidityTue, 26 Mar 2024 09:13:24 GMT - Mon, 24 Jun 2024 09:13:23 GMT
File typeASCII text, with very long lines (2345), with no line terminators Hashf28a40d30a99fab8a5ccced08db52f77 063e77333797a10e097679a1e4d17269fc6d3b6b a46ea2afe2103a473c90b17137f840e29d578a74d191daac521d45e9d3cf1d6c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /genfiles/cms/1-285/desktop/media_asset/6a3b01d318b759a5d8cbcd76fd908037.json HTTP/1.1
Host: 1xlite-660473.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_34142m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l30755_clickunder; platform_type=desktop; auid=sv0dL2Yq7Xxr7e+7AxAFAg==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:42 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Wed, 28 Feb 2024 21:42:45 GMT
etag: W/"eec4805fe0f6e17d5ade92a382f5b068"
content-encoding: br
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-ui/2.2.11/Desktop/Default/client.css | 185.244.209.62 | 200 OK | 1.6 MB |
URL GET HTTP/2v3.traincdn.com/sys-ui/2.2.11/Desktop/Default/client.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
Size1.6 MB (1550522 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sys-ui/2.2.11/Desktop/Default/client.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:40 GMT
content-type: text/css; charset=utf-8
last-modified: Tue, 23 Apr 2024 11:41:52 GMT
etag: W/"5be31e73f9aaf3c05331c4f0cd80e4d9"
x-amz-meta-mtime: 1713872392.088051093
content-encoding: gzip
expires: Wed, 24 Apr 2024 14:28:29 GMT
cache-control: max-age=86400
x-time-ng: 0.008
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-9d6d7d5ab1851b3f9d6a22affe3afeb1-185ab9bfbced1a8d-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T14:28:29+00:00, 2024-04-25T14:32:54+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/5606.webp | 185.244.209.62 | 200 OK | 856 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/5606.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash39d437b8a184967202b9e950987358f9 046e69e47e85748dbf8eca45cd7cb517d137d9d5 bd7b81a9e7ade057bec9f2d7f0f17146f3370ba75fb5102c2d0e3f8a188a36f7
GET /resized/size16/sfiles/logo_teams/5606.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:43 GMT
content-type: image/webp
content-length: 856
cache-control: max-age=94608000
content-disposition: inline; filename="5606.webp"
content-security-policy: script-src 'none'
expires: Wed, 17 Mar 2027 20:32:47 GMT
x-request-id: ebf3d97846e0b0f15e411db1bfedabd9
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-a395fa260a1483b84020b0ed8a3a2c39-199343d72a93b80a-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-03-17T20:32:47+00:00, 2024-03-23T17:52:57+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| widget.suphelper.top/services/widget/v2/most-required?projectId=5b61b42ffdf00b25dc78f342&credentials=%7B%22$type%22:%22GuestCredentials%22,%22id%22:%2236771331-bf5d-48a8-8829-8a3074d48db3%22%7D | 104.18.39.72 | 200 OK | 24 B |
URL GET HTTP/2widget.suphelper.top/services/widget/v2/most-required?projectId=5b61b42ffdf00b25dc78f342&credentials=%7B%22$type%22:%22GuestCredentials%22,%22id%22:%2236771331-bf5d-48a8-8829-8a3074d48db3%22%7D IP104.18.39.72:443
Requested byhttps://widget.suphelper.top/ CertificateIssuerGoogle Trust Services LLC Subjectsuphelper.top Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36 ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hashd6bacfff68d40ad2744454c2506cc0f9 85f1f094d174fd4d78bd382c7948b95e9db93215 cd0483a083f6c73e9cd006ee073b875188c49f4025f771ecbcb795d40ac980ed
GET /services/widget/v2/most-required?projectId=5b61b42ffdf00b25dc78f342&credentials=%7B%22$type%22:%22GuestCredentials%22,%22id%22:%2236771331-bf5d-48a8-8829-8a3074d48db3%22%7D HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 23:55:46 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 87a2440ff90056ae-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/cae4f1b8545c.js | 185.244.209.62 | 200 OK | 1.0 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/cae4f1b8545c.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (1063), with no line terminators Hasha3ae3c18635c48e68ba9002fa8dd51f7 75a1a27b788148b6bd79b7f36a1b702d817bdaa4 cded0f61d0d943609f59c0531251ca195ba897ad706004622f81d0e02f35d994
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/cae4f1b8545c.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-660473.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:49 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 23 Apr 2024 12:34:23 GMT
etag: W/"719cfbcc9fea351eaa8e09773949ae73"
x-amz-meta-mtime: 1713875281.741615558
content-encoding: gzip
expires: Wed, 24 Apr 2024 12:55:15 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-9e517180db6d0e8bfd380baf875fb8df-b5bc1cedd008beec-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T12:55:15+00:00, 2024-04-25T13:05:56+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/140129.webp | 185.244.209.62 | 200 OK | 738 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/140129.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-660473.top/en?tag=d_34142m_22583c_[]MS[]null[]null[]general[]{site_id}_d22490_l30755_clickunder CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashb5f581e44e272d7fabd29783fc5a8e5d 3fd494c43c85b49dc98561b48f9b466b834e18dc e1e4af292fb2f83b89e087877a331543d7a6de671319be410ce6b17df44f17c8
GET /resized/size16/sfiles/logo_teams/140129.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-660473.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:55:48 GMT
content-type: image/webp
content-length: 738
cache-control: max-age=94608000
content-disposition: inline; filename="140129.webp"
content-security-policy: script-src 'none'
expires: Thu, 22 Apr 2027 23:11:45 GMT
x-request-id: d1843a1ef233a04a4e5fdcffae099da0
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-74782bfdddbf9bc2928c3dee51922d78-d797014050f92b3e-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-22T23:11:45+00:00, 2024-04-23T18:21:59+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| widget.suphelper.top/_next/static/chunks/0c294a17-329dda05de2a378d.js | 104.18.39.72 | 200 OK | 10 kB |
URL GET HTTP/2widget.suphelper.top/_next/static/chunks/0c294a17-329dda05de2a378d.js IP104.18.39.72:443
Requested byhttps://widget.suphelper.top/ CertificateIssuerGoogle Trust Services LLC Subjectsuphelper.top Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36 ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT
File typeJavaScript source, ASCII text, with very long lines (10533), with no line terminators Hash54b2d4e92e16d2ea51898124107af46a ab4225b696e63c9040de1511fa229cf65b4d3750 e17ccea95df87c35add9994b01ef7bb6e8b5c2ebea282c461199a140a5675662
GET /_next/static/chunks/0c294a17-329dda05de2a378d.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 23:55:45 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Wed, 17 Jan 2024 06:19:55 GMT
etag: W/"2925-18d161388b8"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 8616748
expires: Fri, 25 Apr 2025 23:55:45 GMT
server: cloudflare
cf-ray: 87a244071df556ae-OSL
X-Firefox-Spdy: h2
|
|