Report - 1xlite-81734.top/en/promotions/wheel-bet

Report Overview

Visited public
2024-09-23 23:03:26
Tags
URL
1xlite-81734.top/en/promotions/wheel-bet
Finishing URL
1xlite-81734.top/en/bonus/rules
IP / ASN
46.32.182.117
#0
Title
1xBet bonus ᐉ All 1xBet bonuses ᐉ 1xlite-81734.top

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
widget.suphelper.top	unknown	2023-08-02	2023-10-04 22:18:19	2024-09-23 16:19:10	3.3 kB	2.0 MB	172.64.148.184
region1.analytics.google.com	unknown	1997-09-15	2022-03-17 12:26:33	2024-09-23 09:16:49	1.9 kB	874 B	216.239.34.36
radar.cedexis.com	3035	2009-01-07	2013-11-27 03:31:43	2024-09-23 16:19:22	820 B	1.1 kB	45.54.49.5
www.google.no	25607	2001-02-26	2016-04-05 21:50:59	2024-09-23 10:54:22	623 B	558 B	142.250.74.163
services.addons.mozilla.org	6161	1998-01-24	2012-05-21 16:03:02	2024-09-23 08:25:54	677 B	1.9 kB	18.165.122.81
aus5.mozilla.org	2548	1998-01-24	2015-10-27 08:06:24	2024-09-23 07:25:43	521 B	477 B	35.244.181.201
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-09-23 07:24:14	327 B	887 B	23.33.119.27
v3.traincdn.com	unknown	2022-11-10	2022-11-25 11:00:40	2024-09-23 16:19:08	81 kB	5.6 MB	185.244.209.62
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2024-09-23 09:00:12	2.7 kB	560 kB	142.250.74.168
1xlite-81734.top	unknown	2023-10-27	2024-09-16 16:39:37	2024-09-22 10:31:19	34 kB	2.1 MB	46.32.182.117

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-09-23	medium	suphelper.top	Sinkholed
2024-09-23	medium	suphelper.top	Sinkholed
2024-09-23	medium	suphelper.top	Sinkholed
2024-09-23	medium	suphelper.top	Sinkholed
2024-09-23	medium	suphelper.top	Sinkholed
2024-09-23	medium	suphelper.top	Sinkholed
2024-09-23	medium	suphelper.top	Sinkholed
2024-09-23	medium	suphelper.top	Sinkholed

ThreatFox

No alerts detected

JavaScript (91)

	URL	From	Size	First Seen	Last Seen
	v3.traincdn.com/sys-static/shared-assets/__shared_chunk_HD56R3QT.js	ImportedModule	105 kB	2024-08-21	2024-12-18
Pretty URL v3.traincdn.com/sys-static/shared-assets/__shared_chunk_HD56R3QT.js IP 0.0.0.0 ASN #0 Introduced by importedModule Embedded in HTML false Observations First Seen2024-08-21 18:09 Last Seen2024-12-18 10:00 Times Seen224 Hash 1a4105ff3b518b4374239f7fb9023594 ffec3b3b18c2073d2539bc9de2df80a513364d80 6f0587469034e527c4c5f7e9a9b288bde3ac5046248e4e7d57e36772d2af7aa9 Loading...

	v3.traincdn.com/sys-static/sys-welcome-app-static/Desktop/Default/44136fa355b3/LpKMx-vCQpqW.js	ImportedModule	39 kB	2024-09-19	2024-09-28
Pretty URL v3.traincdn.com/sys-static/sys-welcome-app-static/Desktop/Default/44136fa355b3/LpKMx-vCQpqW.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2024-09-19 16:55 Last Seen2024-09-28 08:48 Times Seen36 Hash 07a652bf449c814ae60d894415daa198 5482dac398d3d824b8d6c419debdc0a67f271a16 9ce98a52072a6ed49d64ca9f0aa77c487ce0aeba4b0ba9b38a672f8a6ea0942a Loading...

	v3.traincdn.com/main-static/3245538d/desktop/default/app-b0dba5b9.js	ScriptElement	902 kB	2024-09-23	2024-09-28
Pretty URL v3.traincdn.com/main-static/3245538d/desktop/default/app-b0dba5b9.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-23 17:09 Last Seen2024-09-28 08:15 Times Seen4 Hash 3b138841293e2e4ea269ac83b5ff7634 f743458978bc1f50b17b3fbd4becdab831d6a248 b39ee0b3727ab77cf738c1955425cae10d64ba70c4566405ac30eece969f7c79 Loading...

	v3.traincdn.com/sys-static/shared-assets/__shared_sweetalert2_X3CQ7PJQ.js	ImportedModule	69 kB	2024-03-23	2024-10-13
Pretty URL v3.traincdn.com/sys-static/shared-assets/__shared_sweetalert2_X3CQ7PJQ.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2024-03-23 16:35 Last Seen2024-10-13 10:48 Times Seen889 Hash 138de5d55ee831195dd90bbf5c557926 4413082980942643803d8d4567df2f8395c0e868 55a6d9d38b0c68a21367ae7ae43333bfa61e2eddd38b2376eb5b192f0a0383cd Loading...

	v3.traincdn.com/sys-static/sys-v3-host-app-static/Desktop/Default/44136fa355b3/Cl5-fHQqz6Ie.js	ScriptElement	37 kB	2024-09-23	2024-09-28
Pretty URL v3.traincdn.com/sys-static/sys-v3-host-app-static/Desktop/Default/44136fa355b3/Cl5-fHQqz6Ie.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-23 17:09 Last Seen2024-09-28 08:15 Times Seen5 Hash 89d1826d8cc83f81e68d9591119866cf 342ed2f8aa52f8746a51e1a4d3b6da836ae67e4b 39bff5392343b4fbfcb5c7ad63895eb88a2d74a3ba808f242ceeaff0a8d89e24 Loading...

	v3.traincdn.com/sys-static/sys-welcome-app-static/Desktop/Default/44136fa355b3/Bid74MqbobEd.js	ScriptElement	3.9 kB	2024-09-19	2024-09-28
Pretty URL v3.traincdn.com/sys-static/sys-welcome-app-static/Desktop/Default/44136fa355b3/Bid74MqbobEd.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-19 16:55 Last Seen2024-09-28 08:48 Times Seen36 Hash a90cba07af77f93da2a574d523da0428 30b691fbbaaeea80d9f83af26d6d1b8e3552341d 64364b2a249aa4121ae10a0c32aba613a9eddd5876de46fdd11217e1ad028174 Loading...

	v3.traincdn.com/sys-static/sys-v3-host-app-static/Desktop/Default/44136fa355b3/Cij4nvDaSL9v.js	ImportedModule	5.6 kB	2024-09-23	2024-09-28
Pretty URL v3.traincdn.com/sys-static/sys-v3-host-app-static/Desktop/Default/44136fa355b3/Cij4nvDaSL9v.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2024-09-23 17:09 Last Seen2024-09-28 08:15 Times Seen7 Hash 4651cb5599cadf4ac19809f0cad0d8b1 0384c9ad31bfb3d49e8da7860f2ce8f5a031c492 f30eca34bd7dd64e025a780802091ca4b5b1528dc97347b0fc85a97240448c58 Loading...

	v3.traincdn.com/sys-static/shared-assets/__shared_accept_language_parser_QKZ6ULEV.js	ImportedModule	1.3 kB	2024-03-23	2024-12-18
Pretty URL v3.traincdn.com/sys-static/shared-assets/__shared_accept_language_parser_QKZ6ULEV.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2024-03-23 16:35 Last Seen2024-12-18 10:00 Times Seen887 Hash 518e0ae196483ada8b528a1f2b7df0a1 50e66030d9aca44adb3bd7893ef3c42593e26be4 529ca09688eb85183a34a43651cad1e8fabae2a02924753d54786f3de5e85693 Loading...

	widget.suphelper.top/_next/static/d1710da4/_buildManifest.js	ScriptElement	519 B	2024-09-01	2024-09-28
Pretty URL widget.suphelper.top/_next/static/d1710da4/_buildManifest.js IP 172.64.148.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-01 04:03 Last Seen2024-09-28 08:48 Times Seen107 Hash 51e5ab816765a933908c584a24b5d220 bfe54d3fa789c71eafeb9212e2c02b1f71081d56 00a67d68a12dbfb74a0dee43de0a48d465226c0448aba6774e957d5f5cb1ccf4 Loading...

	1xlite-81734.top/polyfills.js	ScriptElement	0 B	0001-01-01	2025-05-19
Pretty URL 1xlite-81734.top/polyfills.js IP 46.32.182.117 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen0001-01-01 00:00 Last Seen2025-05-19 03:20 Times Seen4727493 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	v3.traincdn.com/sys-static/sys-welcome-app-static/Desktop/Default/44136fa355b3/DNatjDJDjbd3.js	ImportedModule	16 kB	2024-09-19	2024-09-28
Pretty URL v3.traincdn.com/sys-static/sys-welcome-app-static/Desktop/Default/44136fa355b3/DNatjDJDjbd3.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2024-09-19 16:55 Last Seen2024-09-28 08:48 Times Seen37 Hash 29af30b5d8c5be6fccbc99c24fccb1fb 35f5522ae2c5cc332ad93fb4e8e65a5f29836cd3 094530eb4dfb0594c8fce49534c75401ef165af459bb7091ae77b1d973301e44 Loading...

	v3.traincdn.com/sys-static/sys-welcome-app-static/Desktop/Default/44136fa355b3/DJj1CGvAFBuN.js	ImportedModule	1.4 kB	2024-09-19	2024-09-28
Pretty URL v3.traincdn.com/sys-static/sys-welcome-app-static/Desktop/Default/44136fa355b3/DJj1CGvAFBuN.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2024-09-19 16:55 Last Seen2024-09-28 08:48 Times Seen36 Hash d002dd7240d156878dd0aef4ca07502c d4ade3dea89e2b9f0e321a9df22fdd7529095a66 9015f6ca77fb5ff44c761c84b13e3ff16e406d8f2d73a6186c241abe6546dccc Loading...

	www.googletagmanager.com/gtag/destination?id=DC-14030178&l=dataLayer&cx=c	ScriptElement	220 kB	2024-09-28	2024-09-28
Pretty URL www.googletagmanager.com/gtag/destination?id=DC-14030178&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-28 08:11 Last Seen2024-09-28 08:11 Times Seen1 Hash 4ca60b6f449a6f9d1874c7f12a0e28ca e80bd82ce26a02d2c065a25cd6eca9e88718dd6f ab8ec0b8532e38dde26197b3cbe8fbb51dd355346b9800000f7eb0d1e6dc4631 Loading...

	1xlite-81734.top/en/promotions/wheel-bet	ScriptElement	1.5 kB	2024-09-23	2024-09-28
Pretty URL 1xlite-81734.top/en/promotions/wheel-bet IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-09-23 17:09 Last Seen2024-09-28 08:15 Times Seen3 Hash 15d79b4d1e374d186041cfa2dfddd4b2 a75c22fbea87bb3f566693d3f883fff20462915d 7bb714cb5be412b11221c5a20a763d812e78c101c533443140e2318099b52d23 Loading...

	unknown	Function	96 B	2023-12-06	2025-05-18
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-12-06 14:32 Last Seen2025-05-18 18:09 Times Seen2716 Hash 94361ed86ab9b2fbb8d805c2025df46a 3f428332f7a1c7196a85c93a373a966d75708c19 eee4d228a49a86625f29410cf9a23d145e821a09cbb1f7a4d7557d206872715a Loading...

	widget.suphelper.top/injector.js	ScriptElement	211 kB	2024-09-12	2024-10-20
Pretty URL widget.suphelper.top/injector.js IP 172.64.148.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-12 16:18 Last Seen2024-10-20 01:26 Times Seen209 Hash a6faad3d4e935c214083bb5d78243a7c cc832abe44f362a664b8ad0a8512490c4755bdf6 231f0c47b7400ad4ac54f2f303b9dd0a1bbe7c1c890196e87462d7d0a2358843 Loading...

	v3.traincdn.com/sys-static/shared-assets/__shared_popper_js_MO5RLEN3.js	ImportedModule	21 kB	2024-03-23	2024-12-18
Pretty URL v3.traincdn.com/sys-static/shared-assets/__shared_popper_js_MO5RLEN3.js IP 0.0.0.0 ASN #0 Introduced by importedModule Embedded in HTML false Observations First Seen2024-03-23 16:35 Last Seen2024-12-18 10:00 Times Seen897 Hash 598d5481ac96b9bf8013b0eb1413b8e5 cc7e3384da379a215ac43b2385e901e22ceb6327 1488ecc35389c72a3aa26d468420069f6b719db456ea82605762311da663b65f Loading...

	v3.traincdn.com/sys-static/sys-promotions-and-bonuses-static/Desktop/Default/44136fa355b3/entry-B8Za0WPR.js	ScriptElement	929 kB	2024-09-28	2024-09-28
Pretty URL v3.traincdn.com/sys-static/sys-promotions-and-bonuses-static/Desktop/Default/44136fa355b3/entry-B8Za0WPR.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-28 08:11 Last Seen2024-09-28 08:11 Times Seen1 Hash 8cd81e0019a7f57fb21f7f165b2b9ba7 1231d4ac82d994a9f7bc0ba7baf2c1a900d07b49 a6e1ddd6e46306086bbf455d8aa7d1f98323eabadb921d292bae71a9f483fd3f Loading...

	v3.traincdn.com/sys-static/shared-assets/__shared_vue_deps_L2AJW2XI.js	ImportedModule	89 kB	2024-09-21	2024-09-28
Pretty URL v3.traincdn.com/sys-static/shared-assets/__shared_vue_deps_L2AJW2XI.js IP 0.0.0.0 ASN #0 Introduced by importedModule Embedded in HTML false Observations First Seen2024-09-21 15:04 Last Seen2024-09-28 08:46 Times Seen16 Hash 3b22bcd5bde3047bffd7aae99b6f09d1 a695601655eaae1afb8310b51aff806f37185460 172179e27439be69fb16cf83983451b6521fc603afe6c243a483da179bffa4e4 Loading...

	v3.traincdn.com/sys-static/sys-v3-host-app-static/Desktop/Default/44136fa355b3/DSOcuwRsvpbt.js	ImportedModule	5.8 kB	2024-09-23	2024-09-28
Pretty URL v3.traincdn.com/sys-static/sys-v3-host-app-static/Desktop/Default/44136fa355b3/DSOcuwRsvpbt.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2024-09-23 17:09 Last Seen2024-09-28 08:15 Times Seen7 Hash e5ac7d25be0e11f91e270a2bf658e5aa 467e9a90ee7936392e3ee9eb17d89477ad6beb25 0f4294dd4cf35b194cf3743ab7de72c64713bad74e982c851d93ff0b118b6c75 Loading...

	v3.traincdn.com/main-static/3245538d/desktop/default/vendors/plugins.vue-js-modal-f7bed911.js	ScriptElement	27 kB	2024-09-19	2024-09-28
Pretty URL v3.traincdn.com/main-static/3245538d/desktop/default/vendors/plugins.vue-js-modal-f7bed911.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-19 16:55 Last Seen2024-09-28 08:48 Times Seen33 Hash 371625e11d87d7e053ac7886e4ea74d1 c46183eb6fab01fe1c1638988f60be2c1e23c403 0822df7a6f3f8c9d86b12b3b0e2e0cf4908437641b5e4caa905271be8bea7b92 Loading...

	widget.suphelper.top/_next/static/chunks/pages/_app-e933266831ae8be2.js	ScriptElement	967 kB	2024-09-12	2024-09-28
Pretty URL widget.suphelper.top/_next/static/chunks/pages/_app-e933266831ae8be2.js IP 172.64.148.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-12 16:18 Last Seen2024-09-28 08:48 Times Seen72 Hash d7f6cf37ec6dd8ff2db3476162fed010 0cf9c6fd3fee47aafa44c9ed9cc8a3c4d6d77b4c f3dc63c6596dd8744bfabbe28bd3c65cc9fb0bd4de894b060f8d69844f524e09 Loading...

	v3.traincdn.com/sys-static/shared-assets/__shared_vue_deps_Q5NVLTGO.js	ImportedModule	89 kB	2024-09-19	2024-09-28
Pretty URL v3.traincdn.com/sys-static/shared-assets/__shared_vue_deps_Q5NVLTGO.js IP 0.0.0.0 ASN #0 Introduced by importedModule Embedded in HTML false Observations First Seen2024-09-19 16:55 Last Seen2024-09-28 08:48 Times Seen59 Hash 20a0521ee67cc236be502977f036edcc be3097304457ca52c1a9d1061821a109fd4eecce 7d990c0da34f5bfe2118a3c5b7ae2abc847320ef1ddb985e7da8dd8b93870dfd Loading...

	1xlite-81734.top/en/promotions/sandbox%20eval%20code		147 B	2023-04-11	2025-05-19
Pretty URL 1xlite-81734.top/en/promotions/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-19 03:08 Times Seen343875 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	v3.traincdn.com/sys-static/sys-promotions-and-bonuses-static/Desktop/Default/44136fa355b3/DkHx90ZZ_zHk.js	ImportedModule	339 B	2024-09-06	2024-10-04
Pretty URL v3.traincdn.com/sys-static/sys-promotions-and-bonuses-static/Desktop/Default/44136fa355b3/DkHx90ZZ_zHk.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2024-09-06 04:22 Last Seen2024-10-04 11:18 Times Seen14 Hash bb2674b6fca4ff867fa3e562b77ef247 e59d5489fd1b88cb391d17bdb038ff523a8831d5 81216ae248daa69ad08b01062b24791242e38b14e2e37bc34766cc3d6d44ae44 Loading...

	radar.cedexis.com/1/23802/radar.js	ScriptElement	390 B	2024-02-13	2025-05-18
Pretty URL radar.cedexis.com/1/23802/radar.js IP 45.54.49.5 ASN #63911 NetActuate, Inc Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-13 14:23 Last Seen2025-05-18 18:09 Times Seen1925 Hash 82dec77fd0353c7c71ce053b8601387e fbbca95419e1d0c042e0a5fdf10f380aca66188c 39f2b7b0fa78d37d0c84d2d6618bd635d86fd683d9bcdd5729850cb2a62522f7 Loading...

	v3.traincdn.com/main-static/3245538d/desktop/default/vendors/plugins.v-tooltip-81215ba8.js	ScriptElement	77 kB	2024-09-19	2024-09-28
Pretty URL v3.traincdn.com/main-static/3245538d/desktop/default/vendors/plugins.v-tooltip-81215ba8.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-19 16:55 Last Seen2024-09-28 08:48 Times Seen33 Hash b5ea7299e99f3b7b46c0b1efffcff341 a2eaef2456ac006441e8e348d3d395abc4cc1a11 019e41def2a664fa2af3939573f6e74b70dac9a69d1aa9c9d3b85ffc4f725e73 Loading...

	v3.traincdn.com/sys-static/sys-welcome-app-static/Desktop/Default/44136fa355b3/DYFCTZqMJSQw.js	ImportedModule	25 kB	2024-09-19	2024-09-28
Pretty URL v3.traincdn.com/sys-static/sys-welcome-app-static/Desktop/Default/44136fa355b3/DYFCTZqMJSQw.js IP 0.0.0.0 ASN #0 Introduced by importedModule Embedded in HTML false Observations First Seen2024-09-19 16:55 Last Seen2024-09-28 08:48 Times Seen36 Hash 23d86caec59453bbc0690d52e74e1b49 5c721622a1aa0092ac0bdb09f2b2519ac4c5b796 c8dd271a14d04a53383338801bb98c42f77ecc4d1bc4b46569ec5d7c63212e07 Loading...

	www.googletagmanager.com/gtag/destination?id=AW-16664555628&l=dataLayer&cx=c	ScriptElement	272 kB	2024-09-28	2024-09-28
Pretty URL www.googletagmanager.com/gtag/destination?id=AW-16664555628&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-28 08:11 Last Seen2024-09-28 08:11 Times Seen1 Hash 67130937bec7ca32092a9329fccc3306 66f9df01f5637a784b1995d0a16081021603c608 7427d6b9976807036453c2107b876bffb5474c6c2a1b0c8ef288d37e3f90b584 Loading...

	widget.suphelper.top/_next/static/d1710da4/_ssgManifest.js	ScriptElement	77 B	2023-03-07	2025-05-19
Pretty URL widget.suphelper.top/_next/static/d1710da4/_ssgManifest.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-19 01:13 Times Seen69519 Hash b6652df95db52feb4daf4eca35380933 65451d110137761b318c82d9071c042db80c4036 6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e Loading...

	v3.traincdn.com/sys-static/sys-v3-host-app-static/Desktop/Default/44136fa355b3/entry-C0r-qPj3.js	ScriptElement	874 kB	2024-09-23	2024-09-28
Pretty URL v3.traincdn.com/sys-static/sys-v3-host-app-static/Desktop/Default/44136fa355b3/entry-C0r-qPj3.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-23 17:09 Last Seen2024-09-28 08:15 Times Seen7 Hash 593860ca96a2924f6ffe20ed9f91dd52 75735850fb2458cbc8c8ce7e736955ef3c2b64ed a2faf32db0bb04344481e2297d69a51735f7dc09b8de8ff41c4a309e8ea3e236 Loading...

	v3.traincdn.com/sys-static/sys-v3-host-app-static/Desktop/Default/44136fa355b3/nPVqwwpV3OUp.js	ScriptElement	26 kB	2024-09-23	2024-09-28
Pretty URL v3.traincdn.com/sys-static/sys-v3-host-app-static/Desktop/Default/44136fa355b3/nPVqwwpV3OUp.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-23 17:09 Last Seen2024-09-28 08:15 Times Seen7 Hash eb91f5162fa2655e04851f76b3674fbb 1604523edb27bfecf708439c86b1d35f0d7d1aa4 9333f9923587fe3b0f064dd22808bf7905bd98a205e299898a21556547f46811 Loading...

	v3.traincdn.com/sys-static/sys-welcome-app-static/Desktop/Default/44136fa355b3/hPzJUuc_nbjj.js	ImportedModule	36 kB	2024-09-19	2024-09-28
Pretty URL v3.traincdn.com/sys-static/sys-welcome-app-static/Desktop/Default/44136fa355b3/hPzJUuc_nbjj.js IP 0.0.0.0 ASN #0 Introduced by importedModule Embedded in HTML false Observations First Seen2024-09-19 16:55 Last Seen2024-09-28 08:48 Times Seen36 Hash f0343c8f798c06d83b375d0f65666162 5be1dc1002818addf7ee95b4c174f0735649fc53 3f808dfc79f960bf6d6a413355a44b8148d5dd5fe114c3e2b93b1bf91504bca4 Loading...

	1xlite-81734.top/hd-api/external/assets/hdf.js	ScriptElement	4.3 kB	2024-09-18	2024-10-20
Pretty URL 1xlite-81734.top/hd-api/external/assets/hdf.js IP 46.32.182.117 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-18 16:57 Last Seen2024-10-20 01:26 Times Seen209 Hash 4aa51d1920f0c025eb39517aeb6267cf 471a57aeefc44f60e65f6715dd71e6b13103c1d1 d7c82c2fd75bc941de69ba237fefa543f3632b5eaa09f1c18a645b3908cdf9ac Loading...

	unknown	Function	34 B	2023-04-14	2025-05-19
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-14 16:26 Last Seen2025-05-19 00:36 Times Seen4444 Hash 7bcdb973ab8af8e24ab11cb554a1ba6e 24e8a10f240f2b06f81d7c173cd0a90606641fc1 916ec4eb9b485eb47f43a17fe212e84e4b72600b45eb6d4588599ad495a57fcd Loading...

	unknown	Function	39 B	2023-04-14	2025-05-19
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-14 16:26 Last Seen2025-05-19 00:36 Times Seen4437 Hash bc51ed8c76553717f10d58b2df60fd76 e2d03a8fd8d280074b226c288880f9df299c7cb1 bee994eaf88453f6343ba57571a069054c12c9b4e42f8cbad4f2ad75c7fb264c Loading...

	v3.traincdn.com/sys-static/sys-promotions-and-bonuses-static/Desktop/Default/44136fa355b3/D4SZR96osmMZ.js	ScriptElement	3.2 kB	2024-09-28	2024-09-28
Pretty URL v3.traincdn.com/sys-static/sys-promotions-and-bonuses-static/Desktop/Default/44136fa355b3/D4SZR96osmMZ.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-28 08:11 Last Seen2024-09-28 08:11 Times Seen1 Hash 966cb2154c80addd9ccf29503d2724c7 34b8f7c685bb5cb9bf432ca4561edbc8755a44ea 71c42e748dd4afb8c0ff15557de87b69e6048863b82208cec5b9edd2b5d9be56 Loading...

	widget.suphelper.top/_next/static/chunks/7413e8b9-8adee4b5b5407a55.js	ScriptElement	78 kB	2024-01-20	2025-03-11
Pretty URL widget.suphelper.top/_next/static/chunks/7413e8b9-8adee4b5b5407a55.js IP 172.64.148.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-20 01:21 Last Seen2025-03-11 19:05 Times Seen1761 Hash dc6852529f28802d37affa5953d07260 4edd220fe8df4b009a1775ebe57f19d40999659f 4aefb18221e4fb46818b0f52302b7c7717e45701e26990726cce645d8c80ed84 Loading...

	v3.traincdn.com/sys-static/sys-v3-host-app-static/Desktop/Default/44136fa355b3/bWqA0ghOEjwX.js	ImportedModule	2.0 kB	2024-09-20	2024-09-28
Pretty URL v3.traincdn.com/sys-static/sys-v3-host-app-static/Desktop/Default/44136fa355b3/bWqA0ghOEjwX.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2024-09-20 12:34 Last Seen2024-09-28 08:48 Times Seen19 Hash ac44846cafe2d3931dd1d88dce6970b4 d7e7939171932d84d85eae7c97de2053a4bfdf77 95ec42491084a3f9e7967f67d279c36b3861c4fd55ec31b6f88fc141e093658f Loading...

	v3.traincdn.com/main-static/3245538d/desktop/default/vendors/plugins.vue-notification-df83bbc4.js	ScriptElement	13 kB	2024-09-19	2024-09-28
Pretty URL v3.traincdn.com/main-static/3245538d/desktop/default/vendors/plugins.vue-notification-df83bbc4.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-19 16:55 Last Seen2024-09-28 08:48 Times Seen33 Hash 2c2ce385fb9b9556e06ce2f68681fb70 0abccea68380e68c30ffe4ef9ef8d4dc2e770cfa 534800f62cbba5e4df4a5a9c9cb23b2e2307387a3cdd0ba2c0cee72d9ac74d36 Loading...

	v3.traincdn.com/sys-static/sys-welcome-app-static/Desktop/Default/44136fa355b3/entry-CxHpmnCS.js	ScriptElement	1.1 MB	2024-09-19	2024-09-28
Pretty URL v3.traincdn.com/sys-static/sys-welcome-app-static/Desktop/Default/44136fa355b3/entry-CxHpmnCS.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-19 16:55 Last Seen2024-09-28 08:48 Times Seen36 Hash e9e6eed2bba073038f5edcac205bd69a a368ed7bbb364218149950b4a1e88c0cd148b445 80f643d667a32b0ed32437d6e85c3cfe141a6487a844cb90e0f80457e6841db1 Loading...

	v3.traincdn.com/sys-static/sys-welcome-app-static/Desktop/Default/44136fa355b3/BdczhPPPAtQx.js	ImportedModule	1.4 kB	2024-09-19	2024-09-28
Pretty URL v3.traincdn.com/sys-static/sys-welcome-app-static/Desktop/Default/44136fa355b3/BdczhPPPAtQx.js IP 0.0.0.0 ASN #0 Introduced by importedModule Embedded in HTML false Observations First Seen2024-09-19 16:55 Last Seen2024-09-28 08:48 Times Seen36 Hash 4c48daa58687c36013e96a9a64848694 7a8105f72e6aa19cde3093c98f1224a4cb150c49 4c4ea128af93c89099150de64103e31fec4d5ea034f5dd0482f15ddb72f40a59 Loading...

	v3.traincdn.com/main-static/3245538d/desktop/default/analytics-b49b330c.js	ScriptElement	6.5 kB	2024-09-19	2024-09-28
Pretty URL v3.traincdn.com/main-static/3245538d/desktop/default/analytics-b49b330c.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-19 16:55 Last Seen2024-09-28 08:48 Times Seen33 Hash 2bb80b3ebd01d26782edd459f08569ad 97fa623901d00b145efd09c5c27bb46c54e0a77c 2b9ecf1dd9eaf89120608a7c5150a623139b670c7d0a4364e524aa381deee412 Loading...

	1xlite-81734.top/en/promotions/wheel-bet	ScriptElement	168 kB	2024-09-28	2024-09-28
Pretty URL 1xlite-81734.top/en/promotions/wheel-bet IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-09-28 08:11 Last Seen2024-09-28 08:11 Times Seen1 Hash 23be5caeaffcccd2a5eef542d43f2aaf 959530cabd25a11c3429e82860a002baf02a6e99 1fde5cc0def91c0ea1ba6c2b53c1aa55bb062f80e3fc5d772b3944c995b4b503 Loading...

	widget.suphelper.top/_next/static/chunks/main-39d1bca7561ea264.js	ScriptElement	114 kB	2024-06-14	2025-03-11
Pretty URL widget.suphelper.top/_next/static/chunks/main-39d1bca7561ea264.js IP 172.64.148.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-06-14 23:00 Last Seen2025-03-11 19:05 Times Seen1161 Hash e35b5ea2a5ec21d28d01a32a1f37f315 207e8d27407432cc613e316575516469a03a44a7 6934a20100be7289ed7058aa80d771c08913c52cf94b4dc979dca9f31bad67f8 Loading...

	widget.suphelper.top/_next/static/chunks/pages/index-d355b1fcec38f214.js	ScriptElement	67 kB	2024-09-01	2024-09-28
Pretty URL widget.suphelper.top/_next/static/chunks/pages/index-d355b1fcec38f214.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-01 04:03 Last Seen2024-09-28 08:48 Times Seen107 Hash 6f097a0787b389555bed6b2165142beb a556d494f13213e92d7c71d3cfa09dcbf5d23e8e 5694d13323e20636f982ab6ab98b1df74b760ded4dda4159c489d07b41f8c4ed Loading...

	v3.traincdn.com/main-static/3245538d/desktop/default/runtime-f1320451.js	ScriptElement	42 kB	2024-09-23	2024-09-28
Pretty URL v3.traincdn.com/main-static/3245538d/desktop/default/runtime-f1320451.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-23 17:09 Last Seen2024-09-28 08:15 Times Seen4 Hash d32de2778ba9205e96533d9919b64baa 81af9a4e579e96672f0a662bc2e84856b4a13141 050d34a55f192cf50654dac977d77885182ae74509b1e60519339e466b776bb4 Loading...

	widget.suphelper.top/	ScriptElement	196 B	2023-07-20	2025-05-18
Pretty URL widget.suphelper.top/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-07-20 14:42 Last Seen2025-05-18 20:29 Times Seen3842 Hash aa729c2ec64b60ce3b2052cc8edaa329 0f673deff4bffdd337a6220feb0b7b5b5ff666c4 9693391d461678be59d683100b1442f4ee65d2cf5bda3904fbf6232a7eb921ca Loading...

	v3.traincdn.com/sys-static/sys-welcome-app-static/Desktop/Default/44136fa355b3/BHDubfAE-1MM.js	ImportedModule	31 kB	2024-09-19	2024-09-28
Pretty URL v3.traincdn.com/sys-static/sys-welcome-app-static/Desktop/Default/44136fa355b3/BHDubfAE-1MM.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2024-09-19 16:55 Last Seen2024-09-28 08:48 Times Seen36 Hash 2f939e01593633f8ccfe711d271f86e8 176381d23c2057763893aa83809857d31ce13ee1 a96164c6f8991a33695ac258f84464af1c0ccff3d461d422f5c3354f95932de7 Loading...

	1xlite-81734.top/en/promotions/wheel-bet	ScriptElement	46 B	2024-09-18	2025-05-18
Pretty URL 1xlite-81734.top/en/promotions/wheel-bet IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-09-18 12:37 Last Seen2025-05-18 10:10 Times Seen313 Hash 4e23a4e9a088df12ab8f09a048c07177 a0f03ab470f0be10ebde278bd4242e884fb27b1d 439fc48e5a557ff906eb4bc9f5b80c0c86b9cf8f3b3180a2a35ff7c233c9e0cb Loading...

	v3.traincdn.com/sys-static/sys-welcome-app-static/Desktop/Default/44136fa355b3/Sz_Id2DHAkQ8.js	ImportedModule	30 kB	2024-09-19	2024-09-28
Pretty URL v3.traincdn.com/sys-static/sys-welcome-app-static/Desktop/Default/44136fa355b3/Sz_Id2DHAkQ8.js IP 0.0.0.0 ASN #0 Introduced by importedModule Embedded in HTML false Observations First Seen2024-09-19 16:55 Last Seen2024-09-28 08:48 Times Seen36 Hash 117f636b99438b84afd6c4756b7b49a3 367dfdc04c0c9651262797370a523b2649b8a2dc 6894673aa799d2ed9de4d5185ad3454004d200e0c8736a2e9a3d75090fe05896 Loading...

	www.googletagmanager.com/gtag/js?id=G-7JGWL9SV66	ScriptElement	337 kB	2024-09-28	2024-09-28
Pretty URL www.googletagmanager.com/gtag/js?id=G-7JGWL9SV66 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-28 08:11 Last Seen2024-09-28 08:11 Times Seen1 Hash 48251616d412266450f351488909a868 294cbe387aaa94b38e64d9b0d5867fa019402e45 cd07f00c385705d8f485ee98cf5ba42acea24525bf7449feaf8a1dd5597c4976 Loading...

	1xlite-81734.top/main-static/3245538d/check-ob.js	ScriptElement	219 B	2024-07-17	2025-05-18
Pretty URL 1xlite-81734.top/main-static/3245538d/check-ob.js IP 46.32.182.117 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-17 14:33 Last Seen2025-05-18 18:09 Times Seen1141 Hash c065700c9c8c493403359e1f2baa10d9 4630fe729e70bdf63fa7ba6c84ec277fd1f51030 1e61f0c82ae82ffcf503fcd4b4c8ae27b32c11e19b882d5d13f3c44364c893f4 Loading...

	v3.traincdn.com/sys-static/shared-assets/__shared_chunk_Y7BFQXXC.js	ImportedModule	1.0 kB	2024-03-23	2024-12-18
Pretty URL v3.traincdn.com/sys-static/shared-assets/__shared_chunk_Y7BFQXXC.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2024-03-23 16:35 Last Seen2024-12-18 10:00 Times Seen889 Hash 8fecd56fc5520134f3c39b17431fe0c2 e0cedac030a1fcf68779a592ed9e0775beb45123 3e01dfddf1e68faa32769d615eeb0e838a29241d18a57090040c595ee05f0ba8 Loading...

	widget.suphelper.top/_next/static/chunks/1743016e-d00d67a74426f155.js	ScriptElement	481 kB	2024-01-20	2025-03-11
Pretty URL widget.suphelper.top/_next/static/chunks/1743016e-d00d67a74426f155.js IP 172.64.148.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-20 01:21 Last Seen2025-03-11 19:05 Times Seen1744 Hash 46260bb46d51262abee818c0c3bcf1c6 fe3be222aec74704fad1fa2559788b1fa287094a 20700e65659e04d422580d9c792ba811b7b76de4ec1b3163c284af83bd5a7d6c Loading...

	1xlite-81734.top/hd-api/external/apps/c5e31d5915661de4393e3f1489b00ebc4497dd48/api.js	ScriptElement	595 B	2024-08-21	2025-02-23
Pretty URL 1xlite-81734.top/hd-api/external/apps/c5e31d5915661de4393e3f1489b00ebc4497dd48/api.js IP 46.32.182.117 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-21 18:09 Last Seen2025-02-23 03:19 Times Seen345 Hash bd2e3553032ba63e3b6b3200a743bc8d a15c755742b456440614377121fadba24bd3e220 66103e021ac66e5ac2a26dfa09c44b567a455096dd77bfd809295cae281e2046 Loading...

	v3.traincdn.com/main-static/3245538d/desktop/default/Betting.Core-7530bcfa.js	ScriptElement	2.1 kB	2024-09-23	2024-09-28
Pretty URL v3.traincdn.com/main-static/3245538d/desktop/default/Betting.Core-7530bcfa.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-23 17:09 Last Seen2024-09-28 08:15 Times Seen4 Hash 3f00029597e091d787db7fcdfcdac8a0 91df81cee144b94815b01078818d365e03bbca80 6fd79cba3055028c116aa657cb27ba53605d8fbf07bd2366f723b7e5da10d4cf Loading...

	v3.traincdn.com/sys-static/shared-assets/__shared_localforage_PLMWICWN.js	ImportedModule	30 kB	2024-03-23	2024-12-18
Pretty URL v3.traincdn.com/sys-static/shared-assets/__shared_localforage_PLMWICWN.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2024-03-23 16:35 Last Seen2024-12-18 10:00 Times Seen897 Hash dfa127e93d125d4f6c566203eaf225f2 32c1fd89c4eeed7ac2a942582b3786659b15cd43 cf5077d1cff62ce76807408ebc2203563b7a221ddf1cf38339c6d54289bff390 Loading...

	widget.suphelper.top/_next/static/chunks/0c294a17-7efa3cbf6c9d3fc6.js	ScriptElement	12 kB	2024-05-29	2025-03-11
Pretty URL widget.suphelper.top/_next/static/chunks/0c294a17-7efa3cbf6c9d3fc6.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-29 08:55 Last Seen2025-03-11 19:05 Times Seen1242 Hash c87323bb32251961d2d26884db4e1480 4b82302cf4e46c5a0e658b9f19b2b052879689cd b7464ae5dbd4b3469eb8f1f49b4c4b8011598f900fa81863881a04efcc8a8eb5 Loading...

	widget.suphelper.top/_next/static/chunks/754-0008cc8909fa2e6d.js	ScriptElement	374 kB	2024-06-14	2025-02-12
Pretty URL widget.suphelper.top/_next/static/chunks/754-0008cc8909fa2e6d.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-06-14 22:59 Last Seen2025-02-12 02:59 Times Seen1121 Hash 4de0416cdeee40bfc17f74a6ba85555e bcb4ca73f5f04848254d3bb27969785940179012 92adaf2c1ff8ad0100389c27de3ded012f9beeded897e1bc96246c7583b53fd1 Loading...

	v3.traincdn.com/sys-static/sys-welcome-app-static/Desktop/Default/44136fa355b3/LSnbPbic1-6E.js	ImportedModule	32 kB	2024-09-19	2024-09-28
Pretty URL v3.traincdn.com/sys-static/sys-welcome-app-static/Desktop/Default/44136fa355b3/LSnbPbic1-6E.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2024-09-19 16:55 Last Seen2024-09-28 08:48 Times Seen36 Hash 9cbef5ed26e4c09b6574d8f0f2683f4d be6a7ffa7c2213b7b3901ec6845b344e9089fd93 66831a3a6f5a712cbbc5f7158f7b6b4d4c553608ad6c1dddbe697ca63c816501 Loading...

	unknown	Function	44 B	2023-04-14	2025-05-19
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-14 16:26 Last Seen2025-05-19 00:36 Times Seen4436 Hash 00beb9884d0391b342eadd30744b539a 3124c0bd593822379d22f13d3e08e70a1bf5ea14 92394eec5690449a4f6cfc9a7f97497a69e926b2365cb9a9aad3507a844f835c Loading...

	unknown	Function	47 B	2023-04-14	2025-05-19
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-14 16:26 Last Seen2025-05-19 00:36 Times Seen4433 Hash 580b3e56fc9ab6e8b4655f43ee057cc1 5dfce565e446f4a167195de9a1a5dd26163c711c 446f07b6e56de61d2c2d5b6ba408cc580b492a6d1ede8fc51cfde4ef75a2b382 Loading...

	data:text/javascript,export const meta = import.meta;	ScriptElement	32 B	2023-12-06	2025-05-18
Pretty URL data:text/javascript,export const meta = import.meta; IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-06 14:32 Last Seen2025-05-18 18:09 Times Seen2716 Hash 6d772b7d405b447ecee54ab61cdd5108 dd65fb9cd5a7cb94a40fe161f4f72303a61eb3b7 b90ff694e492935b6036fb7e878d365dab51aafa46f0afb1e33414e7ecc3307b Loading...

	v3.traincdn.com/main-static/3245538d/desktop/default/vendors/app-b0644363.js	ScriptElement	1.1 MB	2024-09-21	2024-09-28
Pretty URL v3.traincdn.com/main-static/3245538d/desktop/default/vendors/app-b0644363.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-21 00:59 Last Seen2024-09-28 08:48 Times Seen21 Hash 1c150cf0d4e718ae3612d1f4bb696fa1 ae05d62d442d621f773fb498cbbf947668017275 e9a50768d8344d9f920888a0059edcf276097d19e28149bf50a6f93cfaaafb17 Loading...

	v3.traincdn.com/sys-static/shared-assets/__shared_vue_final_modal_J3HEFUJ2.js	ImportedModule	25 kB	2024-08-21	2024-12-18
Pretty URL v3.traincdn.com/sys-static/shared-assets/__shared_vue_final_modal_J3HEFUJ2.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2024-08-21 18:09 Last Seen2024-12-18 10:00 Times Seen224 Hash 57c364d5ba041e0996ba71070dcda4e1 97a7497cd0cefc821375e1393a483d679e71d6aa 9fb078ccadd86032d8b96e90c34e04279759d2d4bb93d71d57baed6d23441831 Loading...

	v3.traincdn.com/sys-static/sys-welcome-app-static/Desktop/Default/44136fa355b3/CxP0t_gEa-7f.js	ImportedModule	28 kB	2024-09-19	2024-09-28
Pretty URL v3.traincdn.com/sys-static/sys-welcome-app-static/Desktop/Default/44136fa355b3/CxP0t_gEa-7f.js IP 0.0.0.0 ASN #0 Introduced by importedModule Embedded in HTML false Observations First Seen2024-09-19 16:55 Last Seen2024-09-28 08:48 Times Seen36 Hash fb044e23c6dbf09fee1d39f39ae785cb ec9c38255ecc6ed0bdddb05bb54fc13e146bf114 4108a40595d7e7cb0dfd10abf52a9ed8a260e283693541830b843d8034d8bfb9 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-KFGPRJ2V	ScriptElement	269 kB	2024-09-28	2024-09-28
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-KFGPRJ2V IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-28 08:11 Last Seen2024-09-28 08:11 Times Seen1 Hash 2f247cf4185ba27efc944bd66a31fd37 ba0ba0e88115695e2210e2f130288706960fc635 7c54af5d5595aa62a76b73e9310f08a27b6a9b9825c9ccf5020dd2be813b4a53 Loading...

	v3.traincdn.com/sys-static/sys-welcome-app-static/Desktop/Default/44136fa355b3/xHwmuJJAk7bN.js	ImportedModule	534 B	2024-09-19	2024-09-28
Pretty URL v3.traincdn.com/sys-static/sys-welcome-app-static/Desktop/Default/44136fa355b3/xHwmuJJAk7bN.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2024-09-19 16:55 Last Seen2024-09-28 08:48 Times Seen36 Hash 4bfb7359132eb90c0c535daa25b4ee63 44caa0c087aca0a747970528cec744c7d242ed55 ede067b348a0c295f91a40b5b04b74c336eeae0c5b4a66aaf8d82fe37eb9e287 Loading...

	v3.traincdn.com/main-static/3245538d/desktop/default/commons/app-914e17fb.js	ScriptElement	138 kB	2024-09-19	2024-09-28
Pretty URL v3.traincdn.com/main-static/3245538d/desktop/default/commons/app-914e17fb.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-19 16:55 Last Seen2024-09-28 08:48 Times Seen28 Hash b124cb7a734b06aa2bd1f7e0190c719e a71c65ce938e44f17434aaa43b46f270be0ed7dd c68906076c410c9e2389c8abc80c8906d60e65554ea3f551c20ac6c12d782808 Loading...

	v3.traincdn.com/main-static/3245538d/desktop/default/consultant.supHelperV2-754f2fc9.js	ScriptElement	3.5 kB	2024-09-19	2024-09-28
Pretty URL v3.traincdn.com/main-static/3245538d/desktop/default/consultant.supHelperV2-754f2fc9.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-19 16:55 Last Seen2024-09-28 08:48 Times Seen33 Hash 9e675921d63fffa99319ddeb40cce7bf f4ec6c68bb82c07009ad5baed01c51be6fe4d047 173348a79e55d5bdd3c685fcf2c35ba25e5598641b0f6cf34b9418eb52030bd0 Loading...

	v3.traincdn.com/main-static/3245538d/desktop/default/Layout.SeoModule.Lazy-9773443c.js	ScriptElement	1.4 kB	2024-09-19	2024-09-28
Pretty URL v3.traincdn.com/main-static/3245538d/desktop/default/Layout.SeoModule.Lazy-9773443c.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-19 16:55 Last Seen2024-09-28 08:48 Times Seen33 Hash f6dcdb28096393236f91bda9cb0b5d58 2dffba368982c444ccc1519fa60c79bbae055861 1ebb6f2233ddcfaccb8c32c685ba17801a6fc091c0e75d3541fb7515aa5b324b Loading...

	widget.suphelper.top/_next/static/chunks/81.9c6562bba5669b47.js	ScriptElement	37 kB	2023-10-13	2025-03-11
Pretty URL widget.suphelper.top/_next/static/chunks/81.9c6562bba5669b47.js IP 172.64.148.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-13 06:04 Last Seen2025-03-11 19:05 Times Seen3457 Hash 6782c8abf3d14391f6ed5c805a973cf5 a08b255c0084e14d74199f5af64522ffaba14486 88331f3bf38157ecb0e64f22c08a582384dc74c8bae09d9f78b9eab5fe82cfa3 Loading...

	v3.traincdn.com/sys-static/sys-v3-host-app-static/Desktop/Default/44136fa355b3/DTEvUBj1d5QH.js	ScriptElement	23 kB	2024-09-23	2024-09-28
Pretty URL v3.traincdn.com/sys-static/sys-v3-host-app-static/Desktop/Default/44136fa355b3/DTEvUBj1d5QH.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-23 17:09 Last Seen2024-09-28 08:15 Times Seen7 Hash 8e542f4d947b44edfab7a6443bb3ea0f 2dcb7c868da5a271485dc2c37e62029651caa12a 81bd3e8d5bb8d02d7293ac3746e8b93412907bba10b4b7574a7fc7b3cd89476e Loading...

	v3.traincdn.com/sys-static/sys-v3-host-app-static/Desktop/Default/44136fa355b3/BMMTLnViCvSX.js	ImportedModule	6.6 kB	2024-09-23	2024-09-28
Pretty URL v3.traincdn.com/sys-static/sys-v3-host-app-static/Desktop/Default/44136fa355b3/BMMTLnViCvSX.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2024-09-23 17:09 Last Seen2024-09-28 08:15 Times Seen7 Hash 4f1e717a9000b58248fb4b7ee0800fe5 6cd38303987794af361b50e03606e749c7391243 68494eeee61ca3388fcc1f235ee3b817fe9e9603659f61873405006c79088120 Loading...

	v3.traincdn.com/sys-static/sys-v3-host-app-static/Desktop/Default/44136fa355b3/CRFDE348YAt9.js	ImportedModule	6.7 kB	2024-09-23	2024-09-28
Pretty URL v3.traincdn.com/sys-static/sys-v3-host-app-static/Desktop/Default/44136fa355b3/CRFDE348YAt9.js IP 0.0.0.0 ASN #0 Introduced by importedModule Embedded in HTML false Observations First Seen2024-09-23 17:09 Last Seen2024-09-28 08:15 Times Seen7 Hash d4b17fcdd9f7c6d4d0c657db86fdadb6 cc242965848b4b717c95cbccbc79d7bbeecd1d2a 98a707cc7c240d52bc5243b97a1e3a273502ae8181a47268979d188c91669a0e Loading...

	v3.traincdn.com/sys-static/sys-v3-host-app-static/Desktop/Default/44136fa355b3/K237SKhxvkbd.js	ImportedModule	10 kB	2024-09-23	2024-09-28
Pretty URL v3.traincdn.com/sys-static/sys-v3-host-app-static/Desktop/Default/44136fa355b3/K237SKhxvkbd.js IP 0.0.0.0 ASN #0 Introduced by importedModule Embedded in HTML false Observations First Seen2024-09-23 17:09 Last Seen2024-09-28 08:15 Times Seen5 Hash 11603c16d61998d1410c95bea1b76535 f97d29afba51ecbcfd2b49eda4a7a48f69e0544c 9d0267b7728cbb947c6721d9a2b4546eb34d587b0c2fd1610e074cf1ee1442af Loading...

	unknown	DomTimer	10 B	2024-09-21	2025-05-18
Pretty Introduced by domTimer Embedded in HTML false Observations First Seen2024-09-21 15:04 Last Seen2025-05-18 18:09 Times Seen764 Hash 01f4b51b4ba7edd00ad9f0a22259f06e 00723d0eda4be61a7b1c542b0a08a94a94a60017 9fdac1c31a22f55dbb8ca225ee28c3f7e88b41cce82968af0018c9f8b3bd35ba Loading...

	v3.traincdn.com/sys-static/sys-promotions-and-bonuses-static/Desktop/Default/44136fa355b3/PB-3_zCK0-5O.js	ImportedModule	34 kB	2024-09-28	2024-09-28
Pretty URL v3.traincdn.com/sys-static/sys-promotions-and-bonuses-static/Desktop/Default/44136fa355b3/PB-3_zCK0-5O.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2024-09-28 08:11 Last Seen2024-09-28 08:11 Times Seen1 Hash e9af3201dd8ed51cae9ed4c4b0f60f7a c9447a0bc06a1673ba533d22b5311714729d438f 4c0ffaa32e1c9a22617706d55209cfd75ad349cb72c96a1d429e824d6c386d67 Loading...

	v3.traincdn.com/sys-static/sys-promotions-and-bonuses-static/Desktop/Default/44136fa355b3/DfO1byMyY1lZ.js	ScriptElement	29 kB	2024-09-28	2024-09-28
Pretty URL v3.traincdn.com/sys-static/sys-promotions-and-bonuses-static/Desktop/Default/44136fa355b3/DfO1byMyY1lZ.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-28 08:11 Last Seen2024-09-28 08:11 Times Seen1 Hash 5179ebd982976f34d12699c9c1d3b73c b897e18cc9c4f9075d7ba41d23a6bc72b9779299 c508736b76aa0cec112cd0e110846d5c720418240381249d80727ffc5667ba9c Loading...

	v3.traincdn.com/sys-static/sys-welcome-app-static/Desktop/Default/44136fa355b3/DB_rZMmBy-Jf.js	ScriptElement	40 kB	2024-09-19	2024-09-28
Pretty URL v3.traincdn.com/sys-static/sys-welcome-app-static/Desktop/Default/44136fa355b3/DB_rZMmBy-Jf.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-19 16:55 Last Seen2024-09-28 08:48 Times Seen36 Hash 2cf980d57cdbbc1647c83ceb1cd84c0e 0e5ab87edcf2511c687595f8cc575b5af3778476 c29e7016ab0a4260562d73eb4e815109eb9720d19d04347571dca59476eee371 Loading...

	v3.traincdn.com/sys-static/sys-v3-host-app-static/Desktop/Default/44136fa355b3/BMPxzVRMWOUV.js	ImportedModule	1.4 kB	2024-09-23	2024-09-28
Pretty URL v3.traincdn.com/sys-static/sys-v3-host-app-static/Desktop/Default/44136fa355b3/BMPxzVRMWOUV.js IP 0.0.0.0 ASN #0 Introduced by importedModule Embedded in HTML false Observations First Seen2024-09-23 17:09 Last Seen2024-09-28 08:15 Times Seen7 Hash 95949a1bcf357b9b1d4ec53d4490b3dd bfb2b0cd22b03345a7396bdb8737e124438df60f 05033081cc4ffa1ddf3d5fd89555b751530f4903db6cb459ce8f7943d23fa2d0 Loading...

	1xlite-81734.top/en/promotions/wheel-bet	ScriptElement	571 kB	2024-09-28	2024-09-28
Pretty URL 1xlite-81734.top/en/promotions/wheel-bet IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-09-28 08:11 Last Seen2024-09-28 08:11 Times Seen1 Hash 89276e0a4a605a8c516f6cdc906cd403 8ab409a33d9a66632b195a41e0640292fcd45cb5 04d06810209fde25c216954f8b478b7c3d63aeb2de0bc53e8be38c78e83dbe4f Loading...

	unknown	Function	47 B	2023-04-14	2025-05-19
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-14 16:26 Last Seen2025-05-19 00:36 Times Seen4430 Hash a01893d8e129ad16c1e0fc5c7537f411 0e46d1bf2718f848d9d596fa269eaedb31204772 cbe7b89533bcd75b69f3e54807308551d68242ec1761e63bee1a99fc6e560175 Loading...

	widget.suphelper.top/_next/static/chunks/webpack-8e78511ccb1ad0e5.js	ScriptElement	4.1 kB	2024-06-14	2025-03-11
Pretty URL widget.suphelper.top/_next/static/chunks/webpack-8e78511ccb1ad0e5.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-06-14 22:59 Last Seen2025-03-11 19:05 Times Seen1147 Hash 9c71e619e44b722570e26873d7918365 01802df709e449dd28d28d4f88de5a0c8a9134cc 4092debe8ca641c27a5b5d6503b3e8a877b961cdfb3de4ee7fb0350698c928ff Loading...

	v3.traincdn.com/main-static/3245538d/desktop/default/DC-954fabdb.js	ScriptElement	2.3 kB	2024-09-19	2024-09-28
Pretty URL v3.traincdn.com/main-static/3245538d/desktop/default/DC-954fabdb.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-19 16:55 Last Seen2024-09-28 08:48 Times Seen33 Hash 3c3bd4f3ef8feb41b8b4d431842f923c 042ce9df23151624d03f0a4656d0bd56c3cacb32 adfdd45bdae0f42db5c0e8358b9f0b4b8396eef8fe7e245ef467947b2f642c2c Loading...

	widget.suphelper.top/_next/static/chunks/framework-49f1e091cbf6b261.js	ScriptElement	141 kB	2023-03-08	2025-03-11
Pretty URL widget.suphelper.top/_next/static/chunks/framework-49f1e091cbf6b261.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 08:26 Last Seen2025-03-11 19:05 Times Seen2992 Hash 896d1930437c1ab92b8a359c1d6fdaae 71e0e23d1af9722f356eb5d1c497d100ec8b0f7a 8c508636d885890bfb5c56bcd6dad1b8b64c498781d351b588a8de7f686774d4 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 4149967382025593b30d86796e355905	122 kB	2024-09-23 17:09	2024-09-28 08:15
Pretty Observations First Seen2024-09-23 17:09 Last Seen2024-09-28 08:15 Times Seen7 Hash 4149967382025593b30d86796e355905 9ff7d49d60b942cf402070c47d1a6a04c3604c65 7ae792b86a34bc05e232cffc88d7a752d30acdde99898e7e156334826a99ef85 Loading...

	#2 Eval - 3f9e08d76652fdbe44b827376d71c90d	150 kB	2024-09-28 08:11	2024-09-28 08:11
Pretty Observations First Seen2024-09-28 08:11 Last Seen2024-09-28 08:11 Times Seen1 Hash 3f9e08d76652fdbe44b827376d71c90d 8d82d417d61298070ddef253f3ccffef71324b3a adfdd7f2d6fa479ee603ecc852be5525e2eab58207e06e87fffee3c037b7f176 Loading...

	#3 Eval - 6879af43938823668555f4250d129b78	161 kB	2024-09-24 01:03	2024-09-28 08:11
Pretty Observations First Seen2024-09-24 01:03 Last Seen2024-09-28 08:11 Times Seen5 Hash 6879af43938823668555f4250d129b78 aa9751aabe37f3a38aebc274bfc5de96d3a86ac2 82c4bcab0df443d9530c621a1ab137528998becd7b512bc450cc1e793c5633a1 Loading...

	#4 Eval - fcd0cc36d23e1bf5542f5aeda8e50491	184 kB	2024-09-28 08:11	2024-09-28 08:11
Pretty Observations First Seen2024-09-28 08:11 Last Seen2024-09-28 08:11 Times Seen1 Hash fcd0cc36d23e1bf5542f5aeda8e50491 83ae89db06aabd93abc42f5681d1fde5e56cd302 a01d5ffff8f160ee282a524c29a17616add630037b21fe8093ea34bc55f48a3e Loading...

HTTP Transactions (229)

URL IP Response Size

r10.o.lencr.org/

23.33.119.27

504 B

URL
r10.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
cee6f187f86d8f7b2779939286a4bbaa
52ca24c4137cb54a6437894f645919084cb479ee
e1738902960c8c11c246196351ee0adbe1f5c5722ba7765dc0a536efff18b85e

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "E1738902960C8C11C246196351EE0ADBE1F5C5722BA7765DC0A536EFFF18B85E"
Last-Modified: Mon, 23 Sep 2024 13:26:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7068
Expires: Tue, 24 Sep 2024 01:00:37 GMT
Date: Mon, 23 Sep 2024 23:02:49 GMT
Connection: keep-alive

1xlite-81734.top/main-static/3245538d/check-ob.js

46.32.182.117

200 OK

219 B

URL GET HTTP/2
1xlite-81734.top/main-static/3245538d/check-ob.js
IP
46.32.182.117:443
ASN
#0

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerLet's Encrypt
Subject1xlite-81734.top
Fingerprint0A:30:E7:1C:B7:AC:1C:34:8E:35:29:86:A0:0E:70:67:B5:74:52:63
ValidityMon, 26 Aug 2024 05:19:45 GMT - Sun, 24 Nov 2024 05:19:44 GMT

File type
JavaScript source, ASCII text
Size
219 B (219 bytes)
Hash
c065700c9c8c493403359e1f2baa10d9
4630fe729e70bdf63fa7ba6c84ec277fd1f51030
1e61f0c82ae82ffcf503fcd4b4c8ae27b32c11e19b882d5d13f3c44364c893f4

HTTP Headers

GET /main-static/3245538d/check-ob.js HTTP/1.1
Host: 1xlite-81734.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/en/promotions/wheel-bet
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=LiC2dWbx85pu/XJbA1lWAg==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:50 GMT
content-type: text/javascript; charset=utf-8
content-length: 219
last-modified: Mon, 23 Sep 2024 08:15:37 GMT
etag: "c065700c9c8c493403359e1f2baa10d9"
x-amz-meta-mtime: 1727079336.985912876
expires: Tue, 24 Sep 2024 08:37:40 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
accept-ranges: bytes
X-Firefox-Spdy: h2

1xlite-81734.top/polyfills.js

46.32.182.117

200 OK

0 B

URL GET HTTP/2
1xlite-81734.top/polyfills.js
IP
46.32.182.117:443
ASN
#0

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerLet's Encrypt
Subject1xlite-81734.top
Fingerprint0A:30:E7:1C:B7:AC:1C:34:8E:35:29:86:A0:0E:70:67:B5:74:52:63
ValidityMon, 26 Aug 2024 05:19:45 GMT - Sun, 24 Nov 2024 05:19:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /polyfills.js HTTP/1.1
Host: 1xlite-81734.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/en/promotions/wheel-bet
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=LiC2dWbx85pu/XJbA1lWAg==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:50 GMT
content-type: text/javascript; charset=utf-8
content-length: 0
vary: user-agent
cache-control: public, max-age=2678400, s-maxage=2678400
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-time-ng: 0.002
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.016
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/site-admin/css_vars/f506188b04c16eaa9c664ed23f7ce58e.css

185.244.209.62

46 B

URL
v3.traincdn.com/genfiles/site-admin/css_vars/f506188b04c16eaa9c664ed23f7ce58e.css
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
ASCII text, with no line terminators
Size
46 B (46 bytes)
Hash
f506188b04c16eaa9c664ed23f7ce58e
08d068d7fa5a84beb06ba924a35d84d6bfdab30a
b9bfda0e940104e190b19543b94a10d120643bd1516d3ca2d266a0af6c0966e9

HTTP Headers

GET /genfiles/site-admin/css_vars/f506188b04c16eaa9c664ed23f7ce58e.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:50 GMT
content-type: text/css
content-length: 46
last-modified: Fri, 12 Apr 2024 13:46:52 GMT
etag: "f506188b04c16eaa9c664ed23f7ce58e"
cache-control: max-age=3600
expires: Thu, 12 Sep 2024 11:21:48 GMT
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc93
age: 139
traceparent: 00-c0370163ce68bfb3997c712605d6394d-d94a7d79c96a9a42-01
x-id: osix-hw-edge-gc4
cache: HIT
x-cached-since: 2024-09-23T23:00:35+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

1xlite-81734.top/sys-static/sys-v3-host-app-static/Desktop/Default/44136fa355b3/Bb8i_KNTctFh.css

46.32.182.117

200 OK

481 B

URL GET HTTP/2
1xlite-81734.top/sys-static/sys-v3-host-app-static/Desktop/Default/44136fa355b3/Bb8i_KNTctFh.css
IP
46.32.182.117:443
ASN
#0

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerLet's Encrypt
Subject1xlite-81734.top
Fingerprint0A:30:E7:1C:B7:AC:1C:34:8E:35:29:86:A0:0E:70:67:B5:74:52:63
ValidityMon, 26 Aug 2024 05:19:45 GMT - Sun, 24 Nov 2024 05:19:44 GMT

File type
ASCII text, with very long lines (480)
Size
481 B (481 bytes)
Hash
b3191a5c48bea49383e8167d18a0a4cd
6c4cbe80981a97cd11d67fe9cceb9b0469e96440
397e6e761f662de426c9693476d7b426606b3e6b9727609464210b097aee6c61

HTTP Headers

GET /sys-static/sys-v3-host-app-static/Desktop/Default/44136fa355b3/Bb8i_KNTctFh.css HTTP/1.1
Host: 1xlite-81734.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/en/promotions/wheel-bet
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=LiC2dWbx85pu/XJbA1lWAg==
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:50 GMT
content-type: text/css; charset=utf-8
content-length: 481
last-modified: Mon, 23 Sep 2024 12:46:25 GMT
etag: "b3191a5c48bea49383e8167d18a0a4cd"
x-amz-meta-mtime: 1727095475.943889596
expires: Tue, 24 Sep 2024 23:02:50 GMT
cache-control: max-age=86400
x-time-ng: 0.000
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.011
X-Firefox-Spdy: h2

v3.traincdn.com/version.json

185.244.209.62

11 B

URL
v3.traincdn.com/version.json
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
ASCII text
Size
11 B (11 bytes)
Hash
fba181ca7d5ea6bbf53f17d1eaba701a
394e9ca31b9dead8b7b3543663aceb0cbfa30245
8101b8ad098e33f1e5a3d4321905801c88a9c331fdd595039761544def84692e

HTTP Headers

GET /version.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-81734.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:50 GMT
content-type: application/json
content-length: 11
last-modified: Mon, 23 Sep 2024 08:15:37 GMT
etag: "fba181ca7d5ea6bbf53f17d1eaba701a"
x-amz-meta-mtime: 1727079337.741915183
expires: Mon, 23 Sep 2024 08:18:25 GMT
cache-control: max-age=60
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-843d1d083e70c1ed6c27590d3016b3dd-3e22e04b2442abb0-01
x-id: osix-hw-edge-gc4
age: 22
cache: HIT
x-cached-since: 2024-09-23T23:02:28+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/main-static/3245538d/desktop/default/runtime-f1320451.js

185.244.209.62

78 kB

URL
v3.traincdn.com/main-static/3245538d/desktop/default/runtime-f1320451.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
gzip compressed data, max speed, from Unix
Size
78 kB (77930 bytes)
Hash
097309f9c3a99d72e6f685ab9f3f858b
a67184447ccf8f8005d13b180985c4a75b9e7f54
067563299c79d39462380651b6589a5d3576805e70442c67c7bb25eaf83a7f4c

HTTP Headers

GET /main-static/3245538d/desktop/default/runtime-f1320451.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:51 GMT
content-type: text/javascript; charset=utf-8
last-modified: Mon, 23 Sep 2024 08:15:20 GMT
etag: W/"d32de2778ba9205e96533d9919b64baa"
x-amz-meta-mtime: 1727079317.117852259
content-encoding: gzip
expires: Tue, 24 Sep 2024 08:36:58 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-a91353698d68f3dedfe8d043aa5f5999-4531951c943f286f-01
x-id: osix-hw-edge-gc4
age: 51684
cache: HIT
x-cached-since: 2024-09-23T08:41:27+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/main-static/3245538d/desktop/default/commons/app-914e17fb.js

185.244.209.62

119 kB

URL
v3.traincdn.com/main-static/3245538d/desktop/default/commons/app-914e17fb.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
gzip compressed data, max speed, from Unix
Size
119 kB (119237 bytes)
Hash
206c70410a3336b2f284e75d23352fd4
00a9958219de3e23bba3ea6fa8e540b7a546cd8c
02c6fa582a07f356d44cccdd2cb524de9026e37b104a72610e9085ca41bc385b

HTTP Headers

GET /main-static/3245538d/desktop/default/commons/app-914e17fb.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:51 GMT
content-type: text/javascript; charset=utf-8
last-modified: Mon, 23 Sep 2024 08:15:20 GMT
etag: W/"b124cb7a734b06aa2bd1f7e0190c719e"
x-amz-meta-mtime: 1727079317.053852064
content-encoding: gzip
expires: Tue, 24 Sep 2024 08:36:58 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-831bda09b31d56afefc412ca07380941-8a513cae9deb1dae-01
x-id: osix-hw-edge-gc4
age: 51684
cache: HIT
x-cached-since: 2024-09-23T08:41:27+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/site-admin/colors/e63966f1bcb50265f2aa313a2c0b8f68.css

185.244.209.62

200 OK

416 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/site-admin/colors/e63966f1bcb50265f2aa313a2c0b8f68.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
416 kB (415622 bytes)
Hash
8ac81c6e3cbd59f1007eb37835604e4f
a033cd5a19f2ea5dac82135ac62844b489e23c14
8848770f9ebe24ad96adc7ec815845be603b71818f6e82df142dbf86b99b55d7

HTTP Headers

GET /genfiles/site-admin/colors/e63966f1bcb50265f2aa313a2c0b8f68.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:50 GMT
content-type: text/css
last-modified: Mon, 23 Sep 2024 09:08:46 GMT
etag: W/"e63966f1bcb50265f2aa313a2c0b8f68"
cache-control: max-age=3600
content-encoding: gzip
expires: Mon, 23 Sep 2024 10:49:38 GMT
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-22a84189217039c7202e709aa0794d8e-33c2146e7641e820-01
x-id: osix-hw-edge-gc4
age: 151
cache: HIT
x-cached-since: 2024-09-23T23:00:19+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/b5cd9a5e87d930de856c92da15aa121e.png

185.244.209.62

653 B

URL
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/b5cd9a5e87d930de856c92da15aa121e.png
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
PNG image data, 32 x 32, 8-bit colormap, non-interlaced
Size
653 B (653 bytes)
Hash
e6f0766cbd95db33da44e7a9140648f2
5f196b1bfe8c3f92bd2ebcd67124e72e81ae6aaf
c0399d478788d5d483f104a2e8cb7c32f41cb40e9df0c22e831b2bfa2db63ec0

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/b5cd9a5e87d930de856c92da15aa121e.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:51 GMT
content-type: image/png
content-length: 653
last-modified: Wed, 26 Jun 2024 08:18:02 GMT
etag: "e6f0766cbd95db33da44e7a9140648f2"
expires: Thu, 12 Sep 2024 11:19:39 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
age: 2650
traceparent: 00-e09ee27c08edca1775666a4d31c3c7f2-be4014d9ce70be71-01
x-id: osix-hw-edge-gc4
cache: HIT
x-cached-since: 2024-09-23T22:19:01+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/7c43e6fa10d0665cf556d13ff2a1906d.svg

185.244.209.62

200 OK

6.2 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/7c43e6fa10d0665cf556d13ff2a1906d.svg
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
6.2 kB (6236 bytes)
Hash
3f507ed1d9bc2555f1803eb5c3112090
2c3d030131781822c1fe43856fb35223ff96248c
f7b5b99087e8ca9235027ef7b0034bfe6cb17afee21d12162360e5ce06a43a56

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/7c43e6fa10d0665cf556d13ff2a1906d.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:50 GMT
content-type: image/svg+xml
last-modified: Tue, 02 May 2023 10:06:49 GMT
etag: W/"7cca3986f7a5c4c164144ff11df71073"
content-encoding: gzip
expires: Fri, 09 Aug 2024 15:41:43 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
age: 2857
traceparent: 00-a5681b4554c22cc0dec8732c456425c8-e84eae1241214b8c-01
x-id: osix-hw-edge-gc4
cache: HIT
x-cached-since: 2024-09-23T22:17:15+00:00
X-Firefox-Spdy: h2

1xlite-81734.top/sys-static/sys-v3-host-app-static/Desktop/Default/44136fa355b3/9695PIq6D6Ym.css

46.32.182.117

290 kB

URL
1xlite-81734.top/sys-static/sys-v3-host-app-static/Desktop/Default/44136fa355b3/9695PIq6D6Ym.css
IP
46.32.182.117:0
ASN
#0

Certificate
IssuerLet's Encrypt
Subject1xlite-81734.top
Fingerprint0A:30:E7:1C:B7:AC:1C:34:8E:35:29:86:A0:0E:70:67:B5:74:52:63
ValidityMon, 26 Aug 2024 05:19:45 GMT - Sun, 24 Nov 2024 05:19:44 GMT

File type
ASCII text, with very long lines (1266)
Size
290 kB (290152 bytes)
Hash
b5f230ad2e5081f16d932becd4925319
a475f57e391354ab0059cf538047812394f7bf17
a1b6d6bea9fa64cc9a5421471a89f52ef4c1e74bc4080c9ebbfb404a05a18ad1

HTTP Headers

GET /sys-static/sys-v3-host-app-static/Desktop/Default/44136fa355b3/9695PIq6D6Ym.css HTTP/1.1
Host: 1xlite-81734.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/en/promotions/wheel-bet
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=LiC2dWbx85pu/XJbA1lWAg==
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:50 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
last-modified: Mon, 23 Sep 2024 12:46:25 GMT
etag: W/"b5f230ad2e5081f16d932becd4925319"
x-amz-meta-mtime: 1727095475.939889657
content-encoding: br
expires: Tue, 24 Sep 2024 23:02:50 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.010
X-Firefox-Spdy: h2

1xlite-81734.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/ab.json

46.32.182.117

200 OK

2 B

URL POST HTTP/2
1xlite-81734.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/ab.json
IP
46.32.182.117:443
ASN
#0

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerLet's Encrypt
Subject1xlite-81734.top
Fingerprint0A:30:E7:1C:B7:AC:1C:34:8E:35:29:86:A0:0E:70:67:B5:74:52:63
ValidityMon, 26 Aug 2024 05:19:45 GMT - Sun, 24 Nov 2024 05:19:44 GMT

File type
JSON text data
Size
2 B (2 bytes)
Hash
d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

HTTP Headers

POST /fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/ab.json HTTP/1.1
Host: 1xlite-81734.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-81734.top/en/promotions/wheel-bet
Content-Type: application/json
X-Lang: en
X-Uuid: d46c0f95-e1ba-424f-b0bd-b9930ad41717
Content-Length: 19
Origin: https://1xlite-81734.top
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=LiC2dWbx85pu/XJbA1lWAg==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:51 GMT
content-type: application/json
content-length: 2
x-time-ng: 0.000
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.016
X-Firefox-Spdy: h2

1xlite-81734.top/version.json?timestamp=1727132571768

46.32.182.117

11 B

URL
1xlite-81734.top/version.json?timestamp=1727132571768
IP
46.32.182.117:0
ASN
#0

Certificate
IssuerLet's Encrypt
Subject1xlite-81734.top
Fingerprint0A:30:E7:1C:B7:AC:1C:34:8E:35:29:86:A0:0E:70:67:B5:74:52:63
ValidityMon, 26 Aug 2024 05:19:45 GMT - Sun, 24 Nov 2024 05:19:44 GMT

File type
ASCII text
Size
11 B (11 bytes)
Hash
fba181ca7d5ea6bbf53f17d1eaba701a
394e9ca31b9dead8b7b3543663aceb0cbfa30245
8101b8ad098e33f1e5a3d4321905801c88a9c331fdd595039761544def84692e

HTTP Headers

GET /version.json?timestamp=1727132571768 HTTP/1.1
Host: 1xlite-81734.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-81734.top/en/promotions/wheel-bet
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=LiC2dWbx85pu/XJbA1lWAg==; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:51 GMT
content-type: application/json
content-length: 11
last-modified: Mon, 23 Sep 2024 08:15:37 GMT
etag: "fba181ca7d5ea6bbf53f17d1eaba701a"
x-amz-meta-mtime: 1727079337.741915183
expires: Mon, 23 Sep 2024 23:03:51 GMT
cache-control: max-age=60
x-time-ng: 0.000
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.010
X-Firefox-Spdy: h2

1xlite-81734.top/service-api/gamespreview/getbanner?whence=55&ref=1&gr=285&lng=en&fCountry=137

46.32.182.117

249 B

URL
1xlite-81734.top/service-api/gamespreview/getbanner?whence=55&ref=1&gr=285&lng=en&fCountry=137
IP
46.32.182.117:0
ASN
#0

Certificate
IssuerLet's Encrypt
Subject1xlite-81734.top
Fingerprint0A:30:E7:1C:B7:AC:1C:34:8E:35:29:86:A0:0E:70:67:B5:74:52:63
ValidityMon, 26 Aug 2024 05:19:45 GMT - Sun, 24 Nov 2024 05:19:44 GMT

File type
JSON text data
Size
249 B (249 bytes)
Hash
ac3a935c93fa5b12375bc1c171830ad5
90dffd5269b0dd65e03783139a6d1c97d261d4d0
5a6e600281be5c4f93d7b0ce924e5fcc96238ee83f89a7f3b4ff1625fbf8ee0e

HTTP Headers

GET /service-api/gamespreview/getbanner?whence=55&ref=1&gr=285&lng=en&fCountry=137 HTTP/1.1
Host: 1xlite-81734.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-81734.top/en/promotions/wheel-bet
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=LiC2dWbx85pu/XJbA1lWAg==; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:52 GMT
content-type: application/json; charset=utf-8
content-length: 249
x-time-ng: 0.004
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.013
X-Firefox-Spdy: h2

1xlite-81734.top/seo-module-api/api/public/v1/analytics-counters?project[id]=285&domain[host]=1xlite-81734.top

46.32.182.117

91 B

URL
1xlite-81734.top/seo-module-api/api/public/v1/analytics-counters?project[id]=285&domain[host]=1xlite-81734.top
IP
46.32.182.117:0
ASN
#0

Certificate
IssuerLet's Encrypt
Subject1xlite-81734.top
Fingerprint0A:30:E7:1C:B7:AC:1C:34:8E:35:29:86:A0:0E:70:67:B5:74:52:63
ValidityMon, 26 Aug 2024 05:19:45 GMT - Sun, 24 Nov 2024 05:19:44 GMT

File type
JSON text data
Size
91 B (91 bytes)
Hash
c3b99d303306b462b1ed909b7b95987b
2d839df95274b9c85fd354e45127067095186ffa
387b26258a25650ddd79a1e7c0be2697a66584f5280152825a6605c6586d38a3

HTTP Headers

GET /seo-module-api/api/public/v1/analytics-counters?project[id]=285&domain[host]=1xlite-81734.top HTTP/1.1
Host: 1xlite-81734.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-81734.top/en/promotions/wheel-bet
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=LiC2dWbx85pu/XJbA1lWAg==; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:51 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: max-age=1200, must-revalidate, public, s-maxage=1800, stale-if-error=86400, stale-while-revalidate=300
x-content-digest: en6d0e5d6e0146a49c358c0eaad1d2ef38
age: 539
x-request-id: 445c958e7e23d17dfc2386906696fd68
x-request-guid: 445c958e7e23d17dfc2386906696fd68
x-time-ng: 0.003
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: p;dur=1.7051696777344, wf-uht;dur=0.015
X-Firefox-Spdy: h2

1xlite-81734.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json

46.32.182.117

200 OK

23 B

URL POST HTTP/2
1xlite-81734.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json
IP
46.32.182.117:443
ASN
#0

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerLet's Encrypt
Subject1xlite-81734.top
Fingerprint0A:30:E7:1C:B7:AC:1C:34:8E:35:29:86:A0:0E:70:67:B5:74:52:63
ValidityMon, 26 Aug 2024 05:19:45 GMT - Sun, 24 Nov 2024 05:19:44 GMT

File type
JSON text data
Size
23 B (23 bytes)
Hash
d0983be97bb9bcc1985fa40ad016d646
b01dcb3b5b5f282982c5332d98406454d3b31b0e
bf9056e8c8f344a6c0f5cde82a61bde0ccb97d00b5bf1c06e725fbdaff2844ee

HTTP Headers

POST /fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json HTTP/1.1
Host: 1xlite-81734.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-81734.top/en/promotions/wheel-bet
Content-Type: application/json
X-Lang: en
X-Uuid: d46c0f95-e1ba-424f-b0bd-b9930ad41717
Content-Length: 89
Origin: https://1xlite-81734.top
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=LiC2dWbx85pu/XJbA1lWAg==; window_width=1280; SESSION=e6d87a2de5058195c205cc3f9efa1898
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:52 GMT
content-type: application/json
content-length: 23
x-time-ng: 0.000
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.012
X-Firefox-Spdy: h2

1xlite-81734.top/sys-static/sys-v3-host-app-static/Desktop/Default/44136fa355b3/B11IYZpWEsTn.css

46.32.182.117

525 B

URL
1xlite-81734.top/sys-static/sys-v3-host-app-static/Desktop/Default/44136fa355b3/B11IYZpWEsTn.css
IP
46.32.182.117:0
ASN
#0

Certificate
IssuerLet's Encrypt
Subject1xlite-81734.top
Fingerprint0A:30:E7:1C:B7:AC:1C:34:8E:35:29:86:A0:0E:70:67:B5:74:52:63
ValidityMon, 26 Aug 2024 05:19:45 GMT - Sun, 24 Nov 2024 05:19:44 GMT

File type
ASCII text, with very long lines (1503)
Size
525 B (525 bytes)
Hash
d2229d094da043a177fdce7c1860ed1f
5c45472d6001b6924a1a106afc0ce1e591462239
330785f9c391f7b3bd8e25db9b27ef49cd8810e2ccd6d77db2ea1c8624fcdb8d

HTTP Headers

GET /sys-static/sys-v3-host-app-static/Desktop/Default/44136fa355b3/B11IYZpWEsTn.css HTTP/1.1
Host: 1xlite-81734.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/en/promotions/wheel-bet
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=LiC2dWbx85pu/XJbA1lWAg==
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:50 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
last-modified: Mon, 23 Sep 2024 12:46:25 GMT
etag: W/"d2229d094da043a177fdce7c1860ed1f"
x-amz-meta-mtime: 1727095475.939889657
content-encoding: br
expires: Tue, 24 Sep 2024 23:02:50 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.010
X-Firefox-Spdy: h2

1xlite-81734.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json

46.32.182.117

200 OK

23 B

URL POST HTTP/2
1xlite-81734.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json
IP
46.32.182.117:443
ASN
#0

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerLet's Encrypt
Subject1xlite-81734.top
Fingerprint0A:30:E7:1C:B7:AC:1C:34:8E:35:29:86:A0:0E:70:67:B5:74:52:63
ValidityMon, 26 Aug 2024 05:19:45 GMT - Sun, 24 Nov 2024 05:19:44 GMT

File type
JSON text data
Size
23 B (23 bytes)
Hash
85791f0f3dad9c18df06954ff8e0beab
6e39930efcf82d6a61685cd0b40e7d1a541e491a
1d4809dcb8fc78f2670d8826bf6faf75e009125867dd16e0fa63925c102f0ffa

HTTP Headers

POST /fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json HTTP/1.1
Host: 1xlite-81734.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-81734.top/en/promotions/wheel-bet
Content-Type: application/json
X-Lang: en
X-Uuid: d46c0f95-e1ba-424f-b0bd-b9930ad41717
Content-Length: 48
Origin: https://1xlite-81734.top
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=LiC2dWbx85pu/XJbA1lWAg==; window_width=1280; SESSION=6b782ee83bdc265152338b4c7f9fa0ac; che_g=9ad65ef7-763c-8096-f8b9-3db17d9dd1f0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:52 GMT
content-type: application/json
content-length: 23
x-time-ng: 0.000
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.008
X-Firefox-Spdy: h2

widget.suphelper.top/sounds/new-message.mp3

172.64.148.184

200 OK

30 kB

URL GET HTTP/2
widget.suphelper.top/sounds/new-message.mp3
IP
172.64.148.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://widget.suphelper.top/
Certificate
IssuerGoogle Trust Services
Subjectsuphelper.top
FingerprintE2:14:13:A8:92:BD:2F:EA:C0:71:F7:82:96:F9:E3:DC:19:7F:68:97
ValidityThu, 19 Sep 2024 08:52:18 GMT - Wed, 18 Dec 2024 08:52:17 GMT

File type
MPEG ADTS, layer III, v1, 192 kbps, 48 kHz, JntStereo
Size
30 kB (29952 bytes)
Hash
ef9af24dc7dbd24ffd99c832e1300351
f78744a5013038446c468de14f205f2d52373fd6
5049d7fe87a7327a291441181d1a328a15f46a21081b970502c540406011c9b9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sounds/new-message.mp3 HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 23 Sep 2024 23:02:53 GMT
content-type: audio/mpeg
content-length: 29952
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=31536000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=14400
last-modified: Wed, 11 Sep 2024 04:40:44 GMT
etag: W/"7500-191df624411"
cf-cache-status: HIT
age: 1459
expires: Tue, 24 Sep 2024 03:02:53 GMT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8c7e2a396a1a56c1-OSL
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-v3-host-app-static/Desktop/Default/44136fa355b3/Bb8i_KNTctFh.css

185.244.209.62

200 OK

481 B

URL GET HTTP/2
v3.traincdn.com/sys-static/sys-v3-host-app-static/Desktop/Default/44136fa355b3/Bb8i_KNTctFh.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (480)
Size
481 B (481 bytes)
Hash
b3191a5c48bea49383e8167d18a0a4cd
6c4cbe80981a97cd11d67fe9cceb9b0469e96440
397e6e761f662de426c9693476d7b426606b3e6b9727609464210b097aee6c61

HTTP Headers

GET /sys-static/sys-v3-host-app-static/Desktop/Default/44136fa355b3/Bb8i_KNTctFh.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:53 GMT
content-type: text/css; charset=utf-8
content-length: 481
last-modified: Fri, 20 Sep 2024 12:07:48 GMT
etag: "b3191a5c48bea49383e8167d18a0a4cd"
x-amz-meta-mtime: 1726833869.307249167
expires: Sun, 22 Sep 2024 10:31:48 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-13fca3fdacce172cbe8c73cce2bcf87f-e936317e8f2868de-01
x-id: osix-hw-edge-gc4
age: 44861
cache: HIT
x-cached-since: 2024-09-23T10:35:12+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-v3-host-app-static/Desktop/Default/44136fa355b3/Bb2uC8uRUhuJ.css

185.244.209.62

343 B

URL
v3.traincdn.com/sys-static/sys-v3-host-app-static/Desktop/Default/44136fa355b3/Bb2uC8uRUhuJ.css
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
ASCII text, with very long lines (342)
Size
343 B (343 bytes)
Hash
1ac5bbb29c4f94da0122e11b651d8f8b
3729cde2e9fe4bd2663f62b458a07dfd3a6b4e2b
c107064cc2b3debb0148816464253d9f85b0ad1eb15b559ceb4988cca798b01c

HTTP Headers

GET /sys-static/sys-v3-host-app-static/Desktop/Default/44136fa355b3/Bb2uC8uRUhuJ.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:53 GMT
content-type: text/css; charset=utf-8
content-length: 343
last-modified: Fri, 20 Sep 2024 12:07:48 GMT
etag: "1ac5bbb29c4f94da0122e11b651d8f8b"
x-amz-meta-mtime: 1726833869.311249208
expires: Sun, 22 Sep 2024 10:48:57 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-dcf24fac8baf2c11023523688029842d-96c3f815b7cfd8f3-01
x-id: osix-hw-edge-gc4
age: 43653
cache: HIT
x-cached-since: 2024-09-23T10:55:20+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-v3-host-app-static/Desktop/Default/44136fa355b3/BMMTLnViCvSX.js

185.244.209.62

3.6 kB

URL
v3.traincdn.com/sys-static/sys-v3-host-app-static/Desktop/Default/44136fa355b3/BMMTLnViCvSX.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
gzip compressed data, max speed, from Unix
Size
3.6 kB (3597 bytes)
Hash
da17442969421edc501a91ece96ed06b
f083fd88513ecbe0347036574161801f2de1ca5c
f87ccc4f1732e019877c31fde2c2f544bafc45b7bc6bbf5be85cf985ce8ddd27

HTTP Headers

GET /sys-static/sys-v3-host-app-static/Desktop/Default/44136fa355b3/BMMTLnViCvSX.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-81734.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:54 GMT
content-type: text/javascript; charset=utf-8
last-modified: Mon, 23 Sep 2024 12:46:25 GMT
etag: W/"4f1e717a9000b58248fb4b7ee0800fe5"
x-amz-meta-mtime: 1727095475.943889596
content-encoding: gzip
expires: Tue, 24 Sep 2024 12:58:32 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-3f26b24da04b3e480f310bff6e16c4ed-ebc371c1b597e10e-01
x-id: osix-hw-edge-gc4
age: 36198
cache: HIT
x-cached-since: 2024-09-23T12:59:36+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-v3-host-app-static/Desktop/Default/44136fa355b3/DSOcuwRsvpbt.js

185.244.209.62

200 OK

4.5 kB

URL GET HTTP/2
v3.traincdn.com/sys-static/sys-v3-host-app-static/Desktop/Default/44136fa355b3/DSOcuwRsvpbt.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
4.5 kB (4523 bytes)
Hash
c3d1860b604842f359a7734c97935d28
e84f24e531fae93750c5e5ea51d12e3884815600
6756a0f94b2c7bfdd173dddd028d62a459ca618f5ba8fd717a56c7b78d44ff71

HTTP Headers

GET /sys-static/sys-v3-host-app-static/Desktop/Default/44136fa355b3/DSOcuwRsvpbt.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-81734.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:54 GMT
content-type: text/javascript; charset=utf-8
last-modified: Mon, 23 Sep 2024 12:46:25 GMT
etag: W/"e5ac7d25be0e11f91e270a2bf658e5aa"
x-amz-meta-mtime: 1727095475.943889596
content-encoding: gzip
expires: Tue, 24 Sep 2024 12:58:32 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-a97379c4efb90fb34878d09f07c89153-058e29989ca8c5d0-01
x-id: osix-hw-edge-gc4
age: 36198
cache: HIT
x-cached-since: 2024-09-23T12:59:36+00:00
X-Firefox-Spdy: h2

1xlite-81734.top/genfiles/cms/1-285/desktop/media_asset/e3dd2d416ede1d7659584842878349f6.json

46.32.182.117

200 OK

785 B

URL GET HTTP/2
1xlite-81734.top/genfiles/cms/1-285/desktop/media_asset/e3dd2d416ede1d7659584842878349f6.json
IP
46.32.182.117:443
ASN
#0

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerLet's Encrypt
Subject1xlite-81734.top
Fingerprint0A:30:E7:1C:B7:AC:1C:34:8E:35:29:86:A0:0E:70:67:B5:74:52:63
ValidityMon, 26 Aug 2024 05:19:45 GMT - Sun, 24 Nov 2024 05:19:44 GMT

File type
JSON text data
Size
785 B (785 bytes)
Hash
338264fc869e8f0b86b0d6c9d92102b0
83b4d35816df0e1486b766251e74d23f28b77824
015355a44429f40dd63b566dd1e9b1b76af3dfa28dcd25a43e82820ba0847b8d

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/e3dd2d416ede1d7659584842878349f6.json HTTP/1.1
Host: 1xlite-81734.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-81734.top/en/promotions/wheel-bet
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
x-svc-source: welcome-app
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=LiC2dWbx85pu/XJbA1lWAg==; window_width=1280; SESSION=6b782ee83bdc265152338b4c7f9fa0ac; che_g=9ad65ef7-763c-8096-f8b9-3db17d9dd1f0; sh.session.id=3a1f7004-a833-43a4-ac92-af0305b442cb
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:54 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Thu, 16 May 2024 19:05:13 GMT
etag: W/"338264fc869e8f0b86b0d6c9d92102b0"
content-encoding: br
expires: Tue, 24 Sep 2024 00:02:54 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.010
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-welcome-app-static/Desktop/Default/44136fa355b3/A3Vku-O_i2JO.css

185.244.209.62

944 B

URL
v3.traincdn.com/sys-static/sys-welcome-app-static/Desktop/Default/44136fa355b3/A3Vku-O_i2JO.css
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
ASCII text, with very long lines (943)
Size
944 B (944 bytes)
Hash
16bc346609219c460f631af45e05d336
21ff6a5300fa09276f99f6c9646876139d1153d3
949a94349075707e8335cfc3be004c24bd50aff363571d78de92ca40afb1d4a7

HTTP Headers

GET /sys-static/sys-welcome-app-static/Desktop/Default/44136fa355b3/A3Vku-O_i2JO.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:54 GMT
content-type: text/css; charset=utf-8
content-length: 944
last-modified: Fri, 20 Sep 2024 11:42:34 GMT
etag: "16bc346609219c460f631af45e05d336"
x-amz-meta-mtime: 1726832449.143374792
expires: Sun, 22 Sep 2024 10:04:48 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-db5f161c3173fead7e83b7c044d2c516-74abeb8d4ea1ffd2-01
x-id: osix-hw-edge-gc4
age: 46546
cache: HIT
x-cached-since: 2024-09-23T10:07:08+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-welcome-app-static/Desktop/Default/44136fa355b3/ClP0JZP-cdYM.css

185.244.209.62

126 B

URL
v3.traincdn.com/sys-static/sys-welcome-app-static/Desktop/Default/44136fa355b3/ClP0JZP-cdYM.css
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
ASCII text
Size
126 B (126 bytes)
Hash
1b806cac463679a171fff119830d0220
d44ccb961d111477680fd4656157436b68a58c7c
dfa507b67165721a3f5ae05e3f0dba423dacd0a3a391c7c37c9cb9b701c3f442

HTTP Headers

GET /sys-static/sys-welcome-app-static/Desktop/Default/44136fa355b3/ClP0JZP-cdYM.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:54 GMT
content-type: text/css; charset=utf-8
content-length: 126
last-modified: Fri, 20 Sep 2024 11:42:34 GMT
etag: "1b806cac463679a171fff119830d0220"
x-amz-meta-mtime: 1726832449.155374938
expires: Sun, 22 Sep 2024 10:04:48 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-c5ad8abcde99dbe6d775cefb27c55875-acced0f99efba512-01
x-id: osix-hw-edge-gc4
age: 46546
cache: HIT
x-cached-since: 2024-09-23T10:07:08+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

widget.suphelper.top/_next/static/chunks/81.9c6562bba5669b47.js

172.64.148.184

200 OK

69 kB

URL GET HTTP/2
widget.suphelper.top/_next/static/chunks/81.9c6562bba5669b47.js
IP
172.64.148.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://widget.suphelper.top/
Certificate
IssuerGoogle Trust Services
Subjectsuphelper.top
FingerprintE2:14:13:A8:92:BD:2F:EA:C0:71:F7:82:96:F9:E3:DC:19:7F:68:97
ValidityThu, 19 Sep 2024 08:52:18 GMT - Wed, 18 Dec 2024 08:52:17 GMT

File type
gzip compressed data, from Unix
Size
69 kB (69073 bytes)
Hash
3cb366dd90e47f673446a03bf117238a
f7bc4267ece4bded156ac70ce962030a21da6919
6fe72fc2fe9c52270ce19ac00835675c2f7db8faf920ef3f00d756a32d22ed53

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/81.9c6562bba5669b47.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 23 Sep 2024 23:02:53 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Mon, 22 Jan 2024 07:49:06 GMT
etag: W/"8f42-18d3024f9c4"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 8865455
expires: Tue, 23 Sep 2025 23:02:53 GMT
server: cloudflare
cf-ray: 8c7e2a38c93d56c1-OSL
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-welcome-app-static/Desktop/Default/44136fa355b3/xHwmuJJAk7bN.js

185.244.209.62

534 B

URL
v3.traincdn.com/sys-static/sys-welcome-app-static/Desktop/Default/44136fa355b3/xHwmuJJAk7bN.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
Java source, ASCII text, with very long lines (533)
Size
534 B (534 bytes)
Hash
4bfb7359132eb90c0c535daa25b4ee63
44caa0c087aca0a747970528cec744c7d242ed55
ede067b348a0c295f91a40b5b04b74c336eeae0c5b4a66aaf8d82fe37eb9e287

HTTP Headers

GET /sys-static/sys-welcome-app-static/Desktop/Default/44136fa355b3/xHwmuJJAk7bN.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-81734.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:55 GMT
content-type: text/javascript; charset=utf-8
content-length: 534
last-modified: Thu, 19 Sep 2024 15:15:47 GMT
etag: "4bfb7359132eb90c0c535daa25b4ee63"
x-amz-meta-mtime: 1726758816.478905861
expires: Sat, 21 Sep 2024 09:57:44 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-e2c269c45645aa3ca83039730e2e0989-5c1ef29900ab200a-01
x-id: osix-hw-edge-gc4
age: 46547
cache: HIT
x-cached-since: 2024-09-23T10:07:08+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-v3-host-app-static/Desktop/Default/44136fa355b3/bWqA0ghOEjwX.js

185.244.209.62

12 kB

URL
v3.traincdn.com/sys-static/sys-v3-host-app-static/Desktop/Default/44136fa355b3/bWqA0ghOEjwX.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
gzip compressed data, max speed, from Unix
Size
12 kB (12505 bytes)
Hash
1738610e33670b2189d90174a73047d4
4f9f132e1efc8581e27f8a95d7bdb379ce6b65cd
53e3832eb2e0b38bac83fdecec258d818cd99be79cc4f53dd806781475a33104

HTTP Headers

GET /sys-static/sys-v3-host-app-static/Desktop/Default/44136fa355b3/bWqA0ghOEjwX.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-81734.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:54 GMT
content-type: text/javascript; charset=utf-8
last-modified: Fri, 20 Sep 2024 12:07:48 GMT
etag: W/"ac44846cafe2d3931dd1d88dce6970b4"
x-amz-meta-mtime: 1726833869.315249249
content-encoding: gzip
expires: Sun, 22 Sep 2024 08:21:50 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-73cea612c74d8c24a8bacdf088593ade-147545457b5b0a78-01
x-id: osix-hw-edge-gc4
age: 52433
cache: HIT
x-cached-since: 2024-09-23T08:29:01+00:00
X-Firefox-Spdy: h2

1xlite-81734.top/promo-frame/bff-api/config/all.json?lang=en

46.32.182.117

82 kB

URL
1xlite-81734.top/promo-frame/bff-api/config/all.json?lang=en
IP
46.32.182.117:0
ASN
#0

Certificate
IssuerLet's Encrypt
Subject1xlite-81734.top
Fingerprint0A:30:E7:1C:B7:AC:1C:34:8E:35:29:86:A0:0E:70:67:B5:74:52:63
ValidityMon, 26 Aug 2024 05:19:45 GMT - Sun, 24 Nov 2024 05:19:44 GMT

File type
JSON text data
Size
82 kB (81994 bytes)
Hash
dae94b89609e34ba5fe67879d727bb52
4641afc41be95c430b9f06f99aca7b894fcbbf31
d77c9d12dc4370f9180ec7f067873ede4aa10b0957230c35d012cd15b0f1ae1a

HTTP Headers

GET /promo-frame/bff-api/config/all.json?lang=en HTTP/1.1
Host: 1xlite-81734.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/promo-frame/en/promotion/wheel-bet
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=LiC2dWbx85pu/XJbA1lWAg==; window_width=1280; SESSION=6b782ee83bdc265152338b4c7f9fa0ac; che_g=9ad65ef7-763c-8096-f8b9-3db17d9dd1f0; sh.session.id=3a1f7004-a833-43a4-ac92-af0305b442cb
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:54 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, private
x-cache-hit: 1
x-cache-expire: 680
x-time-ng: 0.005
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: bff;dur=4.90, wf-uht;dur=0.022
X-Firefox-Spdy: h2

1xlite-81734.top/static-promotion/desktop/default/c33097f5.modern.js

46.32.182.117

292 B

URL
1xlite-81734.top/static-promotion/desktop/default/c33097f5.modern.js
IP
46.32.182.117:0
ASN
#0

Certificate
IssuerLet's Encrypt
Subject1xlite-81734.top
Fingerprint0A:30:E7:1C:B7:AC:1C:34:8E:35:29:86:A0:0E:70:67:B5:74:52:63
ValidityMon, 26 Aug 2024 05:19:45 GMT - Sun, 24 Nov 2024 05:19:44 GMT

File type
JavaScript source, ASCII text, with no line terminators
Size
292 B (292 bytes)
Hash
a22932d87f5e0d8eb03aa5a2c4888343
ee52b095d11cc0910a67cf8c55b30b501235a574
41e6442576e3c3b8ffbf9ea53a2118c0876ebc0e5280ce9cdc9eb901bc2456ec

HTTP Headers

GET /static-promotion/desktop/default/c33097f5.modern.js HTTP/1.1
Host: 1xlite-81734.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/promo-frame/en/promotion/wheel-bet
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=LiC2dWbx85pu/XJbA1lWAg==; window_width=0; SESSION=6b782ee83bdc265152338b4c7f9fa0ac; che_g=9ad65ef7-763c-8096-f8b9-3db17d9dd1f0; sh.session.id=3a1f7004-a833-43a4-ac92-af0305b442cb; application_locale=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:55 GMT
content-type: application/javascript; charset=utf-8
content-length: 292
last-modified: Mon, 23 Sep 2024 13:21:08 GMT
etag: "66f16b44-124"
expires: Tue, 24 Sep 2024 23:02:55 GMT
cache-control: max-age=86400
accept-ranges: bytes
x-time-ng: 0.000, 0.001
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.009
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-7V60YW2S5H

142.250.74.168

106 kB

URL
www.googletagmanager.com/gtag/js?id=G-7V60YW2S5H
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (6855)
Size
106 kB (105949 bytes)
Hash
71f3a2244f23fc483b5f44084209e8e2
51e5b3109e228fdc7322376c28889984e27c6a97
85f905fe57ad8d0d70acb5ab0c4b5a77ff393e018166e59f81ef1952776f0771

HTTP Headers

GET /gtag/js?id=G-7V60YW2S5H HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 23 Sep 2024 23:02:55 GMT
expires: Mon, 23 Sep 2024 23:02:55 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 105949
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

1xlite-81734.top/bff-api/config/contacts.json?type=2&lang=en

46.32.182.117

200 OK

9.8 kB

URL GET HTTP/2
1xlite-81734.top/bff-api/config/contacts.json?type=2&lang=en
IP
46.32.182.117:443
ASN
#0

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerLet's Encrypt
Subject1xlite-81734.top
Fingerprint0A:30:E7:1C:B7:AC:1C:34:8E:35:29:86:A0:0E:70:67:B5:74:52:63
ValidityMon, 26 Aug 2024 05:19:45 GMT - Sun, 24 Nov 2024 05:19:44 GMT

File type
JSON text data
Size
9.8 kB (9755 bytes)
Hash
ae5d78e96147159cdc9aa106e5f920a3
f315365850df4bef8ea7a08dd31b173824714119
c01962014ec884758d5a24d5cd469f8e30241ac42a813619e289f441af62fcec

HTTP Headers

GET /bff-api/config/contacts.json?type=2&lang=en HTTP/1.1
Host: 1xlite-81734.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-81734.top/en/promotions/wheel-bet
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
x-svc-source: v3-host-app
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=LiC2dWbx85pu/XJbA1lWAg==; window_width=1280; SESSION=6b782ee83bdc265152338b4c7f9fa0ac; che_g=9ad65ef7-763c-8096-f8b9-3db17d9dd1f0; sh.session.id=3a1f7004-a833-43a4-ac92-af0305b442cb
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:54 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: br
server-timing: bff;dur=42.85, dt_total;dur=43.818, wf-uht;dur=0.057
traceparent: 00-990668b3b2d5e4424fe39822ca3e3c6b-2928c29c45b27505-01
vary: Accept-Encoding
x-dt: 285
x-time-ng: 0.043
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/coins-modal-sm.png

185.244.209.62

11 kB

URL
v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/coins-modal-sm.png
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
PNG image data, 332 x 512, 8-bit colormap, non-interlaced
Size
11 kB (10627 bytes)
Hash
36d34b10ea7db08d89197211896ff470
ec2cb625e2c2b9d131b727d90324de2564e1c393
f81d36d82c92c785e9e27891699f3fa7791b7ab343ab90b4da0ff895019bdd9e

HTTP Headers

GET /genfiles/cms/1/desktop/promotions/wheelBet/coins-modal-sm.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:56 GMT
content-type: image/png
content-length: 10627
last-modified: Wed, 15 Nov 2023 08:09:42 GMT
etag: "36d34b10ea7db08d89197211896ff470"
expires: Thu, 12 Sep 2024 11:21:21 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
age: 3192
x-cached-since: 2024-09-12T13:21:24+00:00
traceparent: 00-d9c3cce0fc1eba5fdd061c29ed000b9c-77135cbd9826d39b-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

1xlite-81734.top/paysystems/information/systems?ref_id=1&geo=NO&lang=en

46.32.182.117

9.9 kB

URL
1xlite-81734.top/paysystems/information/systems?ref_id=1&geo=NO&lang=en
IP
46.32.182.117:0
ASN
#0

Certificate
IssuerLet's Encrypt
Subject1xlite-81734.top
Fingerprint0A:30:E7:1C:B7:AC:1C:34:8E:35:29:86:A0:0E:70:67:B5:74:52:63
ValidityMon, 26 Aug 2024 05:19:45 GMT - Sun, 24 Nov 2024 05:19:44 GMT

File type
JSON text data
Size
9.9 kB (9889 bytes)
Hash
a9c9ef8815fddb9ec1ef095afc6510be
0545f241db184f7c3ba3a626b91f9f796ed3a75b
2441b7fe46dd8c201bec0dbbc6034e95e0a761c266f01ad529e86f4b1bea8623

HTTP Headers

GET /paysystems/information/systems?ref_id=1&geo=NO&lang=en HTTP/1.1
Host: 1xlite-81734.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-81734.top/en/promotions/wheel-bet
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
x-svc-source: v3-host-app
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=LiC2dWbx85pu/XJbA1lWAg==; window_width=1280; SESSION=6b782ee83bdc265152338b4c7f9fa0ac; che_g=9ad65ef7-763c-8096-f8b9-3db17d9dd1f0; sh.session.id=3a1f7004-a833-43a4-ac92-af0305b442cb
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:55 GMT
content-type: application/json
cache-control: max-age=0, must-revalidate, private
content-encoding: br
expires: Mon, 23 Sep 2024 23:02:55 GMT
set-cookie: application_locale=en; expires=Wed, 23 Oct 2024 23:02:55 GMT; Max-Age=2592000; path=/; secure; samesite=lax
traceparent: 00-45c019fd14bfb6fc09cd2ea0e2516402-ad1c87be16262792-01
vary: Accept-Encoding
x-dt: 285
x-time-ng: 0.240, 0.240
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=239.965, wf-uht;dur=0.258
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/title-line-bottom.png

185.244.209.62

26 kB

URL
v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/title-line-bottom.png
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
PNG image data, 2104 x 249, 8-bit colormap, non-interlaced
Size
26 kB (26531 bytes)
Hash
e1c1f880be5d517356a2e2abdbc1326c
665ad4fbdc9475f956d2ecd5ceb9c886fabc7812
1641213bba5de39ac324a0195060fa325a91d61fb9a71a8a00134f049ff95cb6

HTTP Headers

GET /genfiles/cms/1/desktop/promotions/wheelBet/title-line-bottom.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:56 GMT
content-type: image/png
content-length: 26531
last-modified: Wed, 15 Nov 2023 08:09:37 GMT
etag: "e1c1f880be5d517356a2e2abdbc1326c"
expires: Sun, 15 Sep 2024 08:01:51 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-891fd91502bd2d6fa5274d6a3b9444f7-491a642598807fbb-01
x-id: osix-hw-edge-gc4
cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

1xlite-81734.top/static-promotion/desktop/default/d07dd270.modern.js

46.32.182.117

45 kB

URL
1xlite-81734.top/static-promotion/desktop/default/d07dd270.modern.js
IP
46.32.182.117:0
ASN
#0

Certificate
IssuerLet's Encrypt
Subject1xlite-81734.top
Fingerprint0A:30:E7:1C:B7:AC:1C:34:8E:35:29:86:A0:0E:70:67:B5:74:52:63
ValidityMon, 26 Aug 2024 05:19:45 GMT - Sun, 24 Nov 2024 05:19:44 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
45 kB (44691 bytes)
Hash
374dace0eccd8c81e88826ce48af9d50
426d79bace2ed33f33f3c720d247520dbf28de36
1974384268afa1273d4af2fd3bd8c5216877d67bb56aef8312e3017880478ccf

HTTP Headers

GET /static-promotion/desktop/default/d07dd270.modern.js HTTP/1.1
Host: 1xlite-81734.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/promo-frame/en/promotion/wheel-bet
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=LiC2dWbx85pu/XJbA1lWAg==; window_width=0; SESSION=6b782ee83bdc265152338b4c7f9fa0ac; che_g=9ad65ef7-763c-8096-f8b9-3db17d9dd1f0; sh.session.id=3a1f7004-a833-43a4-ac92-af0305b442cb; application_locale=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:55 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 23 Sep 2024 13:21:08 GMT
vary: Accept-Encoding
etag: W/"66f16b44-15831"
expires: Tue, 24 Sep 2024 23:02:55 GMT
cache-control: max-age=86400
content-encoding: br
x-time-ng: 0.000, 0.004
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.017
X-Firefox-Spdy: h2

1xlite-81734.top/static-promotion/desktop/default/031bd335.modern.js

46.32.182.117

25 kB

URL
1xlite-81734.top/static-promotion/desktop/default/031bd335.modern.js
IP
46.32.182.117:0
ASN
#0

Certificate
IssuerLet's Encrypt
Subject1xlite-81734.top
Fingerprint0A:30:E7:1C:B7:AC:1C:34:8E:35:29:86:A0:0E:70:67:B5:74:52:63
ValidityMon, 26 Aug 2024 05:19:45 GMT - Sun, 24 Nov 2024 05:19:44 GMT

File type
JavaScript source, ASCII text, with very long lines (12093), with no line terminators
Size
25 kB (25364 bytes)
Hash
f2add6f7b88ea02d5d54988430c04e82
c875fdab0b8d61a0439e753d99459674f2cf2cac
a78fb10ded798b2afc4ef9d9c68a8ca66602aa0b8f2dc47c4784d85364891089

HTTP Headers

GET /static-promotion/desktop/default/031bd335.modern.js HTTP/1.1
Host: 1xlite-81734.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/promo-frame/en/promotion/wheel-bet
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=LiC2dWbx85pu/XJbA1lWAg==; window_width=0; SESSION=6b782ee83bdc265152338b4c7f9fa0ac; che_g=9ad65ef7-763c-8096-f8b9-3db17d9dd1f0; sh.session.id=3a1f7004-a833-43a4-ac92-af0305b442cb; application_locale=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:55 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 23 Sep 2024 13:21:08 GMT
vary: Accept-Encoding
etag: W/"66f16b44-2f3d"
expires: Tue, 24 Sep 2024 23:02:55 GMT
cache-control: max-age=86400
content-encoding: br
x-time-ng: 0.000, 0.002
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.012
X-Firefox-Spdy: h2

1xlite-81734.top/static-promotion/desktop/default/d5ae47ca.modern.js

46.32.182.117

220 kB

URL
1xlite-81734.top/static-promotion/desktop/default/d5ae47ca.modern.js
IP
46.32.182.117:0
ASN
#0

Certificate
IssuerLet's Encrypt
Subject1xlite-81734.top
Fingerprint0A:30:E7:1C:B7:AC:1C:34:8E:35:29:86:A0:0E:70:67:B5:74:52:63
ValidityMon, 26 Aug 2024 05:19:45 GMT - Sun, 24 Nov 2024 05:19:44 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65395), with no line terminators
Size
220 kB (219881 bytes)
Hash
dadefdb43c6ef716ba9d484ee465630b
d0ba3181460bfc2282d613dbe41c9745cc7ed71d
956cbcc04842d83d33c54aed3b0183734a02050e99ab8ccbf5c2cdc6b68f539f

HTTP Headers

GET /static-promotion/desktop/default/d5ae47ca.modern.js HTTP/1.1
Host: 1xlite-81734.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/promo-frame/en/promotion/wheel-bet
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=LiC2dWbx85pu/XJbA1lWAg==; window_width=1280; SESSION=6b782ee83bdc265152338b4c7f9fa0ac; che_g=9ad65ef7-763c-8096-f8b9-3db17d9dd1f0; sh.session.id=3a1f7004-a833-43a4-ac92-af0305b442cb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:54 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 23 Sep 2024 13:21:08 GMT
vary: Accept-Encoding
etag: W/"66f16b44-7266a"
expires: Tue, 24 Sep 2024 23:02:54 GMT
cache-control: max-age=86400
content-encoding: br
x-time-ng: 0.000, 0.035
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.046
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/coins-md.png

185.244.209.62

11 kB

URL
v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/coins-md.png
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
PNG image data, 473 x 411, 8-bit colormap, non-interlaced
Size
11 kB (11398 bytes)
Hash
584e5721ed6fc7ff490fcacad2c29b72
543580f66fff7a05f601940dc98c9867046277d7
0c31fd6c2f8f4212c78bf42f3e8f03bce2162ad85578502c304bb50e5d3038b4

HTTP Headers

GET /genfiles/cms/1/desktop/promotions/wheelBet/coins-md.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:56 GMT
content-type: image/png
content-length: 11398
last-modified: Wed, 15 Nov 2023 08:09:43 GMT
etag: "584e5721ed6fc7ff490fcacad2c29b72"
expires: Sun, 22 Sep 2024 00:01:05 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-485d3845453dee6b032fa1e1cf7c2a0d-cff7339db38cf0cf-01
x-id: osix-hw-edge-gc4
cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/coins-modal.png

185.244.209.62

11 kB

URL
v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/coins-modal.png
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
PNG image data, 664 x 333, 8-bit colormap, non-interlaced
Size
11 kB (10844 bytes)
Hash
f272ce9226c4d2cce4f29804ad2e67a8
902035422d3dd02a9f47518802b1dede2dd4f8e0
efc060941ecc035adf117291c5f630d8a27cb789d02d52701d50be93dbef424d

HTTP Headers

GET /genfiles/cms/1/desktop/promotions/wheelBet/coins-modal.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:56 GMT
content-type: image/png
content-length: 10844
last-modified: Wed, 15 Nov 2023 08:09:42 GMT
etag: "f272ce9226c4d2cce4f29804ad2e67a8"
expires: Thu, 12 Sep 2024 11:21:46 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
age: 3167
x-cached-since: 2024-09-12T13:21:49+00:00
traceparent: 00-17cbf2cc8a42e964a099df1b3598ba31-a9da4ac67486741b-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/coins-tab-1.png

185.244.209.62

14 kB

URL
v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/coins-tab-1.png
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
PNG image data, 1011 x 317, 8-bit colormap, non-interlaced
Size
14 kB (13616 bytes)
Hash
bfe95965feeb258fb926212928c91895
fede9c24a1dee9664827472c899884658f75a0b6
05c04cc3cc3a29421f493fbc1632f4b4df60e45849d4b1ee1edb215958660eb1

HTTP Headers

GET /genfiles/cms/1/desktop/promotions/wheelBet/coins-tab-1.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:56 GMT
content-type: image/png
content-length: 13616
last-modified: Wed, 15 Nov 2023 08:09:42 GMT
etag: "bfe95965feeb258fb926212928c91895"
expires: Sun, 22 Sep 2024 00:01:05 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-a55de22ecf06af2f084849e552637e80-1a452d8b974668fa-01
x-id: osix-hw-edge-gc4
cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/person.png

185.244.209.62

128 kB

URL
v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/person.png
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
PNG image data, 679 x 1396, 8-bit colormap, non-interlaced
Size
128 kB (128051 bytes)
Hash
3eca2e5366710fc3f2f799e00986927b
9d372c52d999396e39fb4b5c9b8fff4cacbefff9
29ee5fb61866f6d5afc908865cfa812d0e6050f5684ba33849a7714f324a0d3f

HTTP Headers

GET /genfiles/cms/1/desktop/promotions/wheelBet/person.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:56 GMT
content-type: image/png
content-length: 128051
last-modified: Wed, 15 Nov 2023 08:09:38 GMT
etag: "3eca2e5366710fc3f2f799e00986927b"
expires: Sun, 22 Sep 2024 00:01:05 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-c79da8db99a90997753fe10aa0183c83-bc54f2c9ab0fcad9-01
x-id: osix-hw-edge-gc4
cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/wheel-external-md.png

185.244.209.62

42 kB

URL
v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/wheel-external-md.png
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
PNG image data, 508 x 490, 8-bit colormap, non-interlaced
Size
42 kB (41966 bytes)
Hash
14cf7dd6b977a86820688da92be750e7
2a1f5759ce2398b0b52b2807cdf8ddf5e38a019c
a75eccad428fa865346dacd05d2dc89a5eda9de0ee5d9b292f943cbe33fd1940

HTTP Headers

GET /genfiles/cms/1/desktop/promotions/wheelBet/wheel-external-md.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:56 GMT
content-type: image/png
content-length: 41966
last-modified: Wed, 15 Nov 2023 08:08:28 GMT
etag: "14cf7dd6b977a86820688da92be750e7"
expires: Sun, 22 Sep 2024 00:01:05 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-d21c03804dd575462921bd360c8c4a1a-b416fc4123514b6b-01
x-id: osix-hw-edge-gc4
cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/wheel-inner-md.png

185.244.209.62

22 kB

URL
v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/wheel-inner-md.png
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
PNG image data, 344 x 345, 8-bit colormap, non-interlaced
Size
22 kB (21981 bytes)
Hash
5480c9459e1e9e02874f8302f2ce028a
45067ece8decc72463f568c9745495c31710f18f
30c6edd2790a05b416072aad2afc01b5524aae9b6cca9a89fd73cceb4268ff65

HTTP Headers

GET /genfiles/cms/1/desktop/promotions/wheelBet/wheel-inner-md.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:56 GMT
content-type: image/png
content-length: 21981
last-modified: Wed, 15 Nov 2023 08:08:25 GMT
etag: "5480c9459e1e9e02874f8302f2ce028a"
expires: Sun, 22 Sep 2024 00:01:05 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-0fc5f579db4b5447cf0a77b77deb6914-81be985f4c36d8ac-01
x-id: osix-hw-edge-gc4
cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/wheel-external.png

185.244.209.62

211 kB

URL
v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/wheel-external.png
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
PNG image data, 1016 x 980, 8-bit colormap, non-interlaced
Size
211 kB (210956 bytes)
Hash
0d6d5e8b177cb328e9929bbd949d7f4f
02dcde0ab126cd56705cc1da52cf277ebce5eb73
0e81d0c29d2493b98ce6e336ce30215a39995f4a6d900333df7b6bd7d01e5ee0

HTTP Headers

GET /genfiles/cms/1/desktop/promotions/wheelBet/wheel-external.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:56 GMT
content-type: image/png
content-length: 210956
last-modified: Wed, 15 Nov 2023 08:08:28 GMT
etag: "0d6d5e8b177cb328e9929bbd949d7f4f"
expires: Sun, 22 Sep 2024 00:01:05 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-a80a52e257d4abe3969c19657f38bbf0-92b075c5685dcc71-01
x-id: osix-hw-edge-gc4
cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

1xlite-81734.top/genfiles/cms/1-285/desktop/media_asset/d67594816136b197f5b80f02b86b688f.json

46.32.182.117

47 kB

URL
1xlite-81734.top/genfiles/cms/1-285/desktop/media_asset/d67594816136b197f5b80f02b86b688f.json
IP
46.32.182.117:0
ASN
#0

Certificate
IssuerLet's Encrypt
Subject1xlite-81734.top
Fingerprint0A:30:E7:1C:B7:AC:1C:34:8E:35:29:86:A0:0E:70:67:B5:74:52:63
ValidityMon, 26 Aug 2024 05:19:45 GMT - Sun, 24 Nov 2024 05:19:44 GMT

File type
JSON text data
Size
47 kB (47217 bytes)
Hash
44bab27a04bf0301239f015936c9dab4
301d19521243a87c1459fc3200509b608146de1a
cdd4c6cca2b7bdba233bbde0c217cc1d205e5dacbcc29b10d3b70c5ed5a14c01

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/d67594816136b197f5b80f02b86b688f.json HTTP/1.1
Host: 1xlite-81734.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-81734.top/en/promotions/wheel-bet
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
x-svc-source: welcome-app
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=LiC2dWbx85pu/XJbA1lWAg==; window_width=1280; SESSION=6b782ee83bdc265152338b4c7f9fa0ac; che_g=9ad65ef7-763c-8096-f8b9-3db17d9dd1f0; sh.session.id=3a1f7004-a833-43a4-ac92-af0305b442cb
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:54 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Mon, 23 Sep 2024 18:15:18 GMT
etag: W/"44bab27a04bf0301239f015936c9dab4"
content-encoding: br
expires: Tue, 24 Sep 2024 00:02:54 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.010
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/line-bottom.png

185.244.209.62

8.5 kB

URL
v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/line-bottom.png
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
PNG image data, 631 x 101, 8-bit colormap, non-interlaced
Size
8.5 kB (8530 bytes)
Hash
30d68039c4aa17eec5c6851592d09b3a
3efe06ebf6246ea1038b237f06d512dfd5a895e0
f81eabacc8b5e0cf41de56a7d177f5e1848bb5be563f4b98a3e6ebbaa4cb69cc

HTTP Headers

GET /genfiles/cms/1/desktop/promotions/wheelBet/line-bottom.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:56 GMT
content-type: image/png
content-length: 8530
last-modified: Wed, 15 Nov 2023 08:09:41 GMT
etag: "30d68039c4aa17eec5c6851592d09b3a"
expires: Sun, 15 Sep 2024 08:00:41 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-704ec4d38f06ff4d9a2841de1f313ace-fbdb9117c44e3797-01
x-id: osix-hw-edge-gc4
cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/line-modal-bottom.png

185.244.209.62

8.4 kB

URL
v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/line-modal-bottom.png
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
PNG image data, 662 x 99, 8-bit colormap, non-interlaced
Size
8.4 kB (8432 bytes)
Hash
fbc8c4ca00e2ca9e3932ef3178152748
94d32d9a2d617636044e46a337b035def017ee72
6163a56401f7b0a01bd8cb02b8c6135a58b8ceaf22543d63c790364dcb45f316

HTTP Headers

GET /genfiles/cms/1/desktop/promotions/wheelBet/line-modal-bottom.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:56 GMT
content-type: image/png
content-length: 8432
last-modified: Wed, 15 Nov 2023 08:09:41 GMT
etag: "fbc8c4ca00e2ca9e3932ef3178152748"
expires: Sun, 15 Sep 2024 08:02:35 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-083315e7b6a29b3f687de54e3f5acfbe-88f837bba5e84242-01
x-id: osix-hw-edge-gc4
cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/line-modal-top.png

185.244.209.62

8.4 kB

URL
v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/line-modal-top.png
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
PNG image data, 703 x 99, 8-bit colormap, non-interlaced
Size
8.4 kB (8393 bytes)
Hash
2bf563655f552a5c41e55847e35b5dc9
c0d20ecdd7f2d7c1ecda173913372ce5a22897cb
fc019808675fc2cc1fe86582b803a9ffbc3046b190f94869833d6c36eab73679

HTTP Headers

GET /genfiles/cms/1/desktop/promotions/wheelBet/line-modal-top.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:56 GMT
content-type: image/png
content-length: 8393
last-modified: Wed, 15 Nov 2023 08:09:40 GMT
etag: "2bf563655f552a5c41e55847e35b5dc9"
expires: Sun, 15 Sep 2024 08:00:40 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-2192267904953e1cd9b0602a1eff8087-903a0bb6ce1d1bf1-01
x-id: osix-hw-edge-gc4
cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/line-top.png

185.244.209.62

7.6 kB

URL
v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/line-top.png
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
PNG image data, 631 x 92, 8-bit colormap, non-interlaced
Size
7.6 kB (7625 bytes)
Hash
65178f3b0a19c75d64d24f22e047664f
5d1f08431e1a60f0d256937ecff6d119c8bdc832
53b9fa530ad8441d60fe627acd4f66720a0479327258df2f9d4dc241315af97a

HTTP Headers

GET /genfiles/cms/1/desktop/promotions/wheelBet/line-top.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:56 GMT
content-type: image/png
content-length: 7625
last-modified: Wed, 15 Nov 2023 08:09:40 GMT
etag: "65178f3b0a19c75d64d24f22e047664f"
expires: Sun, 15 Sep 2024 14:07:29 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-247880e78aa18db5f9f4d932d935e879-c9b7649f086f642b-01
x-id: osix-hw-edge-gc4
cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/person-md.png

185.244.209.62

38 kB

URL
v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/person-md.png
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
PNG image data, 340 x 698, 8-bit colormap, non-interlaced
Size
38 kB (37957 bytes)
Hash
ea62ce421290b849807ba3479204f22c
def98e2b2d888cc7432b803b89777899ea85ed83
d3321878900eab952b8517763d060c22f3a33b1509dbf1a5b4e6461c19868346

HTTP Headers

GET /genfiles/cms/1/desktop/promotions/wheelBet/person-md.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:56 GMT
content-type: image/png
content-length: 37957
last-modified: Wed, 15 Nov 2023 08:09:40 GMT
etag: "ea62ce421290b849807ba3479204f22c"
expires: Sun, 22 Sep 2024 00:01:05 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-2629252a1ba422befa42b2e0f838fa9d-19936af5c0f86bc0-01
x-id: osix-hw-edge-gc4
cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

1xlite-81734.top/static-promotion/desktop/default/dc2a11b1.modern.js

46.32.182.117

97 kB

URL
1xlite-81734.top/static-promotion/desktop/default/dc2a11b1.modern.js
IP
46.32.182.117:0
ASN
#0

Certificate
IssuerLet's Encrypt
Subject1xlite-81734.top
Fingerprint0A:30:E7:1C:B7:AC:1C:34:8E:35:29:86:A0:0E:70:67:B5:74:52:63
ValidityMon, 26 Aug 2024 05:19:45 GMT - Sun, 24 Nov 2024 05:19:44 GMT

File type
JavaScript source, ASCII text, with very long lines (6628), with no line terminators
Size
97 kB (97219 bytes)
Hash
6d963e0943b8af7a6e3f0ea7a389584e
6bb2559c6221b4bce0eed628e7129f8804014052
5310d18f18db3b27a6b3335f51ee63cf0923f35b8b2bc680342387899b6e5dc1

HTTP Headers

GET /static-promotion/desktop/default/dc2a11b1.modern.js HTTP/1.1
Host: 1xlite-81734.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/promo-frame/en/promotion/wheel-bet
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=LiC2dWbx85pu/XJbA1lWAg==; window_width=1280; SESSION=6b782ee83bdc265152338b4c7f9fa0ac; che_g=9ad65ef7-763c-8096-f8b9-3db17d9dd1f0; sh.session.id=3a1f7004-a833-43a4-ac92-af0305b442cb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:54 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 23 Sep 2024 13:21:08 GMT
vary: Accept-Encoding
etag: W/"66f16b44-19e4"
expires: Tue, 24 Sep 2024 23:02:54 GMT
cache-control: max-age=86400
content-encoding: br
x-time-ng: 0.000, 0.001
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.015
X-Firefox-Spdy: h2

1xlite-81734.top/static-promotion/desktop/default/08365f52.modern.js

46.32.182.117

136 kB

URL
1xlite-81734.top/static-promotion/desktop/default/08365f52.modern.js
IP
46.32.182.117:0
ASN
#0

Certificate
IssuerLet's Encrypt
Subject1xlite-81734.top
Fingerprint0A:30:E7:1C:B7:AC:1C:34:8E:35:29:86:A0:0E:70:67:B5:74:52:63
ValidityMon, 26 Aug 2024 05:19:45 GMT - Sun, 24 Nov 2024 05:19:44 GMT

File type
JavaScript source, ASCII text, with very long lines (65485)
Size
136 kB (135976 bytes)
Hash
badb92e6f176c81609dd83bccac60c7b
7a3682dae1ba0e5fae512b4212ec02fab3abe648
62e1d13134996dea59458f5283114352fab64c17f4e9dec21ba907011ea01bbd

HTTP Headers

GET /static-promotion/desktop/default/08365f52.modern.js HTTP/1.1
Host: 1xlite-81734.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/promo-frame/en/promotion/wheel-bet
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=LiC2dWbx85pu/XJbA1lWAg==; window_width=1280; SESSION=6b782ee83bdc265152338b4c7f9fa0ac; che_g=9ad65ef7-763c-8096-f8b9-3db17d9dd1f0; sh.session.id=3a1f7004-a833-43a4-ac92-af0305b442cb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:54 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 23 Sep 2024 13:21:08 GMT
vary: Accept-Encoding
etag: W/"66f16b44-283da"
expires: Tue, 24 Sep 2024 23:02:54 GMT
cache-control: max-age=86400
content-encoding: br
x-time-ng: 0.000, 0.020
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.036
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/wheel-light-md.png

185.244.209.62

13 kB

URL
v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/wheel-light-md.png
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
PNG image data, 302 x 302, 8-bit colormap, non-interlaced
Size
13 kB (13394 bytes)
Hash
5fbe7fe2d6477f6381307e8b8e205146
487e50d6f73609791fe027b3355d9dea07fe0f2c
054bdc3abb0033c9328a4a1b5223b283349555fddb35f442e5aa21b847ed434d

HTTP Headers

GET /genfiles/cms/1/desktop/promotions/wheelBet/wheel-light-md.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:56 GMT
content-type: image/png
content-length: 13394
last-modified: Wed, 15 Nov 2023 08:08:22 GMT
etag: "5fbe7fe2d6477f6381307e8b8e205146"
expires: Sun, 22 Sep 2024 00:01:05 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-c2e09914b3f005618fc2145d3b42a381-3fcdec00531c0924-01
x-id: osix-hw-edge-gc4
cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/coins-md.webp

185.244.209.62

11 kB

URL
v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/coins-md.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
RIFF (little-endian) data, Web/P image
Size
11 kB (11170 bytes)
Hash
386bde2102de14d58339c852bd38e06a
49bb599bbe5c06d537890cbb2940ab38840258bf
4695fcc638997d404d69d39badf6f480a69addb9d6be026d4a58016f24db7930

HTTP Headers

GET /genfiles/cms/1/desktop/promotions/wheelBet/coins-md.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:56 GMT
content-type: image/webp
content-length: 11170
last-modified: Wed, 15 Nov 2023 08:09:43 GMT
etag: "386bde2102de14d58339c852bd38e06a"
expires: Sun, 22 Sep 2024 00:01:05 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-2f9c5b62e358e3d72d08151a05f35c95-10bb770bb1b595fb-01
x-id: osix-hw-edge-gc4
cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/coins-tab-1.webp

185.244.209.62

12 kB

URL
v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/coins-tab-1.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
RIFF (little-endian) data, Web/P image
Size
12 kB (12430 bytes)
Hash
6d8b79282ea938ebc164543780bf6c95
b6d2d84a6848483f92def2ebbe42b2f3e0ae649b
30aae6f5426e82f3124451d70a82798d1b3d0da5066ed6b0ba29d1158988b963

HTTP Headers

GET /genfiles/cms/1/desktop/promotions/wheelBet/coins-tab-1.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:56 GMT
content-type: image/webp
content-length: 12430
last-modified: Wed, 15 Nov 2023 08:09:42 GMT
etag: "6d8b79282ea938ebc164543780bf6c95"
expires: Sun, 22 Sep 2024 00:01:05 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-171dc367950ca6a75b86a33fc7405857-a3e0c7bec094d1d3-01
x-id: osix-hw-edge-gc4
cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/bg__desc.webp

185.244.209.62

118 B

URL
v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/bg__desc.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
HTML document, ASCII text, with CRLF line terminators
Size
118 B (118 bytes)
Hash
b58d632409efb03916cfef3229576c55
c2fb66483c899f427b0354d52b080ce8bb6b47c4
b0b0fadb436530e81236a3d97058fc501d732eb24768845c5e97ac8ac3c32176

HTTP Headers

GET /genfiles/cms/1/desktop/promotions/wheelBet/bg__desc.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Mon, 23 Sep 2024 23:02:56 GMT
content-type: text/html; charset=utf-8
content-length: 118
x-time-ng: 0.001
strict-transport-security: max-age=31536000; includeSubDomains
traceparent: 00-44296f3da6d0ec076bce1abc6dc0a623-7921e4632dd0f609-01
x-id: osix-hw-edge-gc4
cache: MISS
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/wheel-inner-sm.png

185.244.209.62

49 kB

URL
v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/wheel-inner-sm.png
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
PNG image data, 345 x 345, 8-bit colormap, non-interlaced
Size
49 kB (48850 bytes)
Hash
76e616589092e2a075a2f9ef294e66b0
712cbbfd77a0d429c981efafa38c68bb53546f39
89008b1fcf47490063c1cc59004a2895af55ba57e9bf166713ab1473903712d7

HTTP Headers

GET /genfiles/cms/1/desktop/promotions/wheelBet/wheel-inner-sm.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:56 GMT
content-type: image/png
content-length: 48850
last-modified: Wed, 15 Nov 2023 08:08:25 GMT
etag: "76e616589092e2a075a2f9ef294e66b0"
expires: Sun, 22 Sep 2024 00:01:05 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-2ecebc8f08566bf09dbd585dae293aa4-e7b86889e1508b73-01
x-id: osix-hw-edge-gc4
cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/coins.webp

185.244.209.62

30 kB

URL
v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/coins.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
RIFF (little-endian) data, Web/P image
Size
30 kB (30308 bytes)
Hash
afeb21e89500b7d2f76c11e9c26db33a
1f1aeba726915f8183b9bafa4666008827f4ed6f
989c6db4825fd3d9f125a7915c07de6a672cf08b971c0e60593a1ff192101cf4

HTTP Headers

GET /genfiles/cms/1/desktop/promotions/wheelBet/coins.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:56 GMT
content-type: image/webp
content-length: 30308
last-modified: Wed, 15 Nov 2023 08:09:41 GMT
etag: "afeb21e89500b7d2f76c11e9c26db33a"
expires: Sun, 22 Sep 2024 18:20:40 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-9c9598757a7530cc333bb3203922d84c-97616e42dd9057e6-01
x-id: osix-hw-edge-gc4
cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/wheel-light.png

185.244.209.62

36 kB

URL
v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/wheel-light.png
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
PNG image data, 604 x 604, 8-bit colormap, non-interlaced
Size
36 kB (35620 bytes)
Hash
2b4eba7f5f5cc445fdb5f527787b5035
62a02ab999f211485a86432d7bf77a19a2cee01d
b9e2a1998ff9b48d5f5f32e5edded584d326abd3586cd44bfdae0ba0429ec944

HTTP Headers

GET /genfiles/cms/1/desktop/promotions/wheelBet/wheel-light.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:56 GMT
content-type: image/png
content-length: 35620
last-modified: Wed, 15 Nov 2023 08:08:23 GMT
etag: "2b4eba7f5f5cc445fdb5f527787b5035"
expires: Sun, 22 Sep 2024 00:01:05 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-318edd968b286794ce7fa0bd5a57e2f9-8de1f816953db6c5-01
x-id: osix-hw-edge-gc4
cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/person-tab.webp

185.244.209.62

86 kB

URL
v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/person-tab.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
RIFF (little-endian) data, Web/P image
Size
86 kB (85822 bytes)
Hash
2b31876239d7477574e1f6c28e9226b8
2f0aaab7061b5268da322768b7bb9e2ee4849cda
dec68c7ee18d3f0739456ec1f96edec787d39e2b0d67683eca0d537c15bcde41

HTTP Headers

GET /genfiles/cms/1/desktop/promotions/wheelBet/person-tab.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:56 GMT
content-type: image/webp
content-length: 85822
last-modified: Wed, 15 Nov 2023 08:09:39 GMT
etag: "2b31876239d7477574e1f6c28e9226b8"
expires: Sun, 22 Sep 2024 00:01:05 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-a9ec601e4bb67d186d549f069f4b94b9-c42caf5309a5b264-01
x-id: osix-hw-edge-gc4
cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/shared-assets/__shared_localforage_PLMWICWN.js

185.244.209.62

322 kB

URL
v3.traincdn.com/sys-static/shared-assets/__shared_localforage_PLMWICWN.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
gzip compressed data, max speed, from Unix
Size
322 kB (321883 bytes)
Hash
d548c23cacbfa1d1209ca8cc2b25642f
185386830581906949fed3963b19977616bac873
b35bb354375a514e83ad19db5696d2c9404dc9495dde75d8c4e77e9a3e103ece

HTTP Headers

GET /sys-static/shared-assets/__shared_localforage_PLMWICWN.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-81734.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:52 GMT
content-type: text/javascript; charset=utf-8
last-modified: Mon, 23 Sep 2024 09:54:59 GMT
etag: W/"dfa127e93d125d4f6c566203eaf225f2"
x-amz-meta-mtime: 1727085120.670038393
content-encoding: gzip
expires: Tue, 24 Sep 2024 10:21:59 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-aec875da7fbf82fca31631b9c629c049-7d3b987293f8e581-01
x-id: osix-hw-edge-gc4
age: 45444
cache: HIT
x-cached-since: 2024-09-23T10:25:28+00:00
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-131019888-1&l=dataLayer&cx=c

142.250.74.168

74 kB

URL
www.googletagmanager.com/gtag/js?id=UA-131019888-1&l=dataLayer&cx=c
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
JavaScript source, ASCII text, with very long lines (2345)
Size
74 kB (73604 bytes)
Hash
b9c3dd2bb9b7470b8cc9d12526318d9e
a6ebe24816e65f341d2b1daceef4fc4761f77177
9adba9acbf5174bbadd52a8542632ae539ed14014f92c707de09c5bf3d2547e5

HTTP Headers

GET /gtag/js?id=UA-131019888-1&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 23 Sep 2024 23:02:56 GMT
expires: Mon, 23 Sep 2024 23:02:56 GMT
cache-control: private, max-age=900
last-modified: Mon, 23 Sep 2024 22:33:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 73604
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/blik.png

185.244.209.62

1.3 kB

URL
v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/blik.png
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
PNG image data, 103 x 56, 8-bit colormap, non-interlaced
Size
1.3 kB (1277 bytes)
Hash
9a901afc44d0db8d99560f5fdeac9cd3
c4f63f282c334a0af06fcbf4f10275d3be7b9f87
11f7f4511af8fe7d6292e340517376d7fa7850153dee5953007fe68d21f92f57

HTTP Headers

GET /genfiles/cms/1/desktop/promotions/wheelBet/blik.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:56 GMT
content-type: image/png
content-length: 1277
last-modified: Wed, 15 Nov 2023 08:09:43 GMT
etag: "9a901afc44d0db8d99560f5fdeac9cd3"
expires: Sun, 22 Sep 2024 18:19:42 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-2ea7ce0187a15eb522726a3b6531ffed-819e8c6b0e5eec0e-01
x-id: osix-hw-edge-gc4
cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/person.webp

185.244.209.62

104 kB

URL
v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/person.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
RIFF (little-endian) data, Web/P image
Size
104 kB (103654 bytes)
Hash
744d3d08cbd126d56242095da9c56b37
bbd86ca9a1b7a4db623255731f4ec9c9e6a5eae3
2aef83bfe4bd2976deb730c5b892f4b95a4fe74d328b65a35d610cb7aeb3e872

HTTP Headers

GET /genfiles/cms/1/desktop/promotions/wheelBet/person.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:56 GMT
content-type: image/webp
content-length: 103654
last-modified: Wed, 15 Nov 2023 08:09:38 GMT
etag: "744d3d08cbd126d56242095da9c56b37"
expires: Sun, 22 Sep 2024 00:01:05 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-717904da9974f207c60f2be1ef992a5e-de52b0eaca24c0c0-01
x-id: osix-hw-edge-gc4
cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

1xlite-81734.top/bonus-api/page/promotion/wheel-bet?language=en&currency=NOK

46.32.182.117

64 B

URL
1xlite-81734.top/bonus-api/page/promotion/wheel-bet?language=en&currency=NOK
IP
46.32.182.117:0
ASN
#0

Certificate
IssuerLet's Encrypt
Subject1xlite-81734.top
Fingerprint0A:30:E7:1C:B7:AC:1C:34:8E:35:29:86:A0:0E:70:67:B5:74:52:63
ValidityMon, 26 Aug 2024 05:19:45 GMT - Sun, 24 Nov 2024 05:19:44 GMT

File type
JSON text data
Size
64 B (64 bytes)
Hash
d5609b4ca9b79416e5ef8933b6e60c03
92976f3cc4678c56769db99f8fb7e029d4cf1576
3cb995886cca429dcb5509bd60f0bd3fc1788fef4c452e9de4acde56e60e8c37

HTTP Headers

GET /bonus-api/page/promotion/wheel-bet?language=en&currency=NOK HTTP/1.1
Host: 1xlite-81734.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/promo-frame/en/promotion/wheel-bet
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=LiC2dWbx85pu/XJbA1lWAg==; window_width=0; SESSION=6b782ee83bdc265152338b4c7f9fa0ac; che_g=9ad65ef7-763c-8096-f8b9-3db17d9dd1f0; sh.session.id=3a1f7004-a833-43a4-ac92-af0305b442cb; application_locale=en; _ga_7V60YW2S5H=GS1.1.1727132576.1.0.1727132576.60.0.1278065544; _ga=GA1.1.1301150341.1727132576
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Mon, 23 Sep 2024 23:02:56 GMT
content-type: application/json
content-length: 64
cache-control: no-cache, private
content-encoding: br
server-timing: p;dur=8.526086807251, dt_total;dur=264.472
traceparent: 00-292b4065968b3dda65a5c9cc6caba03d-353c4b08c524b017-01
x-dt: 285
x-request-id: 0f9bcbdf9b1c6211afaab1f84e2a33c9
x-time-ng: 0.263
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

v3.traincdn.com/main-static/3245538d/desktop/default/DC-954fabdb.js

185.244.209.62

193 kB

URL
v3.traincdn.com/main-static/3245538d/desktop/default/DC-954fabdb.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
gzip compressed data, max speed, from Unix
Size
193 kB (192980 bytes)
Hash
d2e5faddf6e7d968a90ac7539c653073
fb67175d758c324afe07cb93c2c843709308dc28
1df3459f59157998124d96377227b3bf7935ee55156a52820fdf1a578f57beb2

HTTP Headers

GET /main-static/3245538d/desktop/default/DC-954fabdb.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:51 GMT
content-type: text/javascript; charset=utf-8
last-modified: Mon, 23 Sep 2024 08:15:19 GMT
etag: W/"3c3bd4f3ef8feb41b8b4d431842f923c"
x-amz-meta-mtime: 1727079317.045852039
content-encoding: gzip
expires: Tue, 24 Sep 2024 08:37:01 GMT
cache-control: max-age=86400
x-time-ng: 0.001
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-ab3e1f5f3be534483438543b1e01b488-e159897f39b03b1f-01
x-id: osix-hw-edge-gc4
age: 51682
cache: HIT
x-cached-since: 2024-09-23T08:41:29+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/wheel-inner-md.webp

185.244.209.62

7.6 kB

URL
v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/wheel-inner-md.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
RIFF (little-endian) data, Web/P image
Size
7.6 kB (7572 bytes)
Hash
354b99e0ea5d76bf522eb6515388b7c8
7f499a67542efc7faed1f7641b7290f03df3b808
0aa329b474b49084e69d41dc03298dc202a68c2e2286c154ff19eb6641bddfb8

HTTP Headers

GET /genfiles/cms/1/desktop/promotions/wheelBet/wheel-inner-md.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:56 GMT
content-type: image/webp
content-length: 7572
last-modified: Wed, 15 Nov 2023 08:08:25 GMT
etag: "354b99e0ea5d76bf522eb6515388b7c8"
expires: Sun, 22 Sep 2024 00:01:05 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-44e9485eaaaddbb328ee150647518e08-2a09bcd0ec5adbad-01
x-id: osix-hw-edge-gc4
cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

1xlite-81734.top/sys-ui/3.2.253/Desktop/Default/client.css

46.32.182.117

575 kB

URL
1xlite-81734.top/sys-ui/3.2.253/Desktop/Default/client.css
IP
46.32.182.117:0
ASN
#0

Certificate
IssuerLet's Encrypt
Subject1xlite-81734.top
Fingerprint0A:30:E7:1C:B7:AC:1C:34:8E:35:29:86:A0:0E:70:67:B5:74:52:63
ValidityMon, 26 Aug 2024 05:19:45 GMT - Sun, 24 Nov 2024 05:19:44 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
575 kB (575001 bytes)
Hash
677b42766afc1829121af3b52834821b
b113c86f5c5b78444e06721a8d86238c9957b5b4
95743b8b94406334c6844fc52509c6ba5083911488446bae18384b33ed90a3f5

HTTP Headers

GET /sys-ui/3.2.253/Desktop/Default/client.css HTTP/1.1
Host: 1xlite-81734.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/en/promotions/wheel-bet
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=LiC2dWbx85pu/XJbA1lWAg==
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:50 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
last-modified: Fri, 20 Sep 2024 14:22:55 GMT
etag: W/"677b42766afc1829121af3b52834821b"
x-amz-meta-mtime: 1726842173.188110303
content-encoding: br
expires: Tue, 24 Sep 2024 23:02:50 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.010
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/shared-assets/__shared_vue_final_modal_J3HEFUJ2.js

185.244.209.62

200 OK

56 kB

URL GET HTTP/2
v3.traincdn.com/sys-static/shared-assets/__shared_vue_final_modal_J3HEFUJ2.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
56 kB (56524 bytes)
Hash
567a665a3596704f9079c5fa3b226435
80a72a712e9d667ed8cda17bcef25bedc246dcdb
28a0172fce4aa6eea3a90288d154682b5fae8b7a32a43dc3a342214e09e0a5ea

HTTP Headers

GET /sys-static/shared-assets/__shared_vue_final_modal_J3HEFUJ2.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-81734.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:52 GMT
content-type: text/javascript; charset=utf-8
last-modified: Mon, 23 Sep 2024 09:15:31 GMT
etag: W/"57c364d5ba041e0996ba71070dcda4e1"
x-amz-meta-mtime: 1727082725.166756896
content-encoding: gzip
expires: Tue, 24 Sep 2024 10:21:59 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-9a010a51ab4990d7b6e98e489d797ec0-31ad5a6e5db8a5a6-01
x-id: osix-hw-edge-gc4
age: 45572
cache: HIT
x-cached-since: 2024-09-23T10:23:20+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/wheel-light-md.webp

185.244.209.62

17 kB

URL
v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/wheel-light-md.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
RIFF (little-endian) data, Web/P image
Size
17 kB (17374 bytes)
Hash
386e2b6405329591c3528dc854b1bcd5
029f4b2de40e7f67778b3cdb020cb6fb2c88411b
9ae570ff70b272591fe9643cf539340c177db56599cc30b9ada0016d9e3fdd66

HTTP Headers

GET /genfiles/cms/1/desktop/promotions/wheelBet/wheel-light-md.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:56 GMT
content-type: image/webp
content-length: 17374
last-modified: Fri, 15 Dec 2023 11:22:27 GMT
etag: "386e2b6405329591c3528dc854b1bcd5"
expires: Sun, 22 Sep 2024 00:01:05 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-8d88128b0a3fa3667378026857223726-930d9e31dc1e47b3-01
x-id: osix-hw-edge-gc4
cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/wheel-btn.webp

185.244.209.62

4.1 kB

URL
v3.traincdn.com/genfiles/cms/1/desktop/promotions/wheelBet/wheel-btn.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
RIFF (little-endian) data, Web/P image
Size
4.1 kB (4104 bytes)
Hash
588f3b952822319125d8a21cb3e21469
4c46b0913dfb859fbfe3266b97ef65eea094dcaa
afeee16776a05a2b85a4f244c582dcb1b096ba141f000627a7e1563160ecdbdc

HTTP Headers

GET /genfiles/cms/1/desktop/promotions/wheelBet/wheel-btn.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:56 GMT
content-type: image/webp
content-length: 4104
last-modified: Wed, 15 Nov 2023 08:08:28 GMT
etag: "588f3b952822319125d8a21cb3e21469"
expires: Sun, 15 Sep 2024 14:07:29 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-2be9ace3806684486e26b1c3a8ad8418-f5e704516af13413-01
x-id: osix-hw-edge-gc4
cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/4742b28dca4134339a3b65df750291eb.json

185.244.209.62

976 B

URL
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/4742b28dca4134339a3b65df750291eb.json
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
JSON text data
Size
976 B (976 bytes)
Hash
5004f1883be9a4a8985c93b9323311d3
3d2a8c62126da89fd84c27b59e816d27a3862e07
af74469643e07baba128bf91fdd87f0f255c8503fae04cb3d17961b600f0617d

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/4742b28dca4134339a3b65df750291eb.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-81734.top/
Origin: https://1xlite-81734.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:57 GMT
content-type: application/json
content-length: 976
last-modified: Fri, 17 May 2024 15:30:47 GMT
etag: "5004f1883be9a4a8985c93b9323311d3"
expires: Tue, 17 Sep 2024 22:55:29 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-d49e78c8f9edcc069789f3f6408e117b-9b1dc95ee0e7c3a9-01
x-id: osix-hw-edge-gc4
cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-7V60YW2S5H&gtm=45je49j0v893859730za200&_p=1727132575080&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1301150341.1727132576&ecid=1278065544&ul=en-us&sr=1280x1024&frm=1&pscdl=noapi&ec_mode=a&_s=1&sid=1727132576&sct=1&seg=0&dl=https%3A%2F%2F1xlite-81734.top%2Fpromo-frame%2Fen%2Fpromotion%2Fwheel-bet&dr=https%3A%2F%2F1xlite-81734.top%2Fen%2Fpromotions%2Fwheel-bet&dt=Site&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2134

216.239.34.36

0 B

URL
region1.analytics.google.com/g/collect?v=2&tid=G-7V60YW2S5H&gtm=45je49j0v893859730za200&_p=1727132575080&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1301150341.1727132576&ecid=1278065544&ul=en-us&sr=1280x1024&frm=1&pscdl=noapi&ec_mode=a&_s=1&sid=1727132576&sct=1&seg=0&dl=https%3A%2F%2F1xlite-81734.top%2Fpromo-frame%2Fen%2Fpromotion%2Fwheel-bet&dr=https%3A%2F%2F1xlite-81734.top%2Fen%2Fpromotions%2Fwheel-bet&dt=Site&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2134
IP
216.239.34.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-7V60YW2S5H&gtm=45je49j0v893859730za200&_p=1727132575080&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1301150341.1727132576&ecid=1278065544&ul=en-us&sr=1280x1024&frm=1&pscdl=noapi&ec_mode=a&_s=1&sid=1727132576&sct=1&seg=0&dl=https%3A%2F%2F1xlite-81734.top%2Fpromo-frame%2Fen%2Fpromotion%2Fwheel-bet&dr=https%3A%2F%2F1xlite-81734.top%2Fen%2Fpromotions%2Fwheel-bet&dt=Site&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2134 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-81734.top/
Origin: https://1xlite-81734.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://1xlite-81734.top
date: Mon, 23 Sep 2024 23:02:57 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/6c1f40db0fff1c71ad8a124f2406f431.json

185.244.209.62

515 B

URL
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/6c1f40db0fff1c71ad8a124f2406f431.json
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
gzip compressed data, max speed, from Unix
Size
515 B (515 bytes)
Hash
4452bcd00e579b37109ae65ba008d249
6c8452a0809349925b31eafa487351b2b0679ea9
b81fd994b7b14c1c912487de91af841a4eb059f6a5ef0aaaca020e2116874f83

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/6c1f40db0fff1c71ad8a124f2406f431.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-81734.top/
Origin: https://1xlite-81734.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:57 GMT
content-type: application/json
last-modified: Mon, 29 Jul 2024 11:13:21 GMT
etag: W/"54e3d956ea29d1a755596a9c50580a10"
content-encoding: gzip
expires: Wed, 18 Sep 2024 16:58:52 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-0390787faa210b0d6162719003c1c0a0-51167e7caa8e138d-01
x-id: osix-hw-edge-gc4
cache: REVALIDATED
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/121e03d66b39cad3e9b82f4f3ed0b8b4.json

185.244.209.62

200 OK

543 B

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/121e03d66b39cad3e9b82f4f3ed0b8b4.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JSON text data
Size
543 B (543 bytes)
Hash
2f999350fc2eea344d910e8a01de406d
bcfeaa8fadc7ca87115d7e36c955bd0df504b8ad
c73c55fa3a522662241013a108e6043dd4cde3fbfa2be0ed4a4940582e26ed36

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/121e03d66b39cad3e9b82f4f3ed0b8b4.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-81734.top/
Origin: https://1xlite-81734.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:57 GMT
content-type: application/json
content-length: 543
last-modified: Fri, 17 May 2024 17:15:47 GMT
etag: "2f999350fc2eea344d910e8a01de406d"
expires: Sat, 21 Sep 2024 19:27:07 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-d10550d4129cddc5e3eb22222201f0a4-2bdfef8be0c10e3d-01
x-id: osix-hw-edge-gc4
age: 2112
cache: HIT
x-cached-since: 2024-09-23T22:27:45+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/f67c330b68361ad8a91850ad5902d0c6.json

185.244.209.62

200 OK

822 B

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/f67c330b68361ad8a91850ad5902d0c6.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JSON text data
Size
822 B (822 bytes)
Hash
be781196159e458a9a157a93f6981363
54b5bb6ddb54aefb6dc1eeeab89afdf48079e959
71bf1763541ee0d4298863f03c291b09029668d448e8077518717b8810ac910f

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/f67c330b68361ad8a91850ad5902d0c6.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-81734.top/
Origin: https://1xlite-81734.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:57 GMT
content-type: application/json
content-length: 822
last-modified: Fri, 17 May 2024 02:40:39 GMT
etag: "be781196159e458a9a157a93f6981363"
expires: Sun, 15 Sep 2024 06:31:27 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-3505af67c9837c68f8fc7954b76b17a9-da944f785c94f0cd-01
x-id: osix-hw-edge-gc4
age: 2741
cache: HIT
x-cached-since: 2024-09-23T22:17:16+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/33cef9fd6306a5622323264cbe703d15.json

185.244.209.62

499 B

URL
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/33cef9fd6306a5622323264cbe703d15.json
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
JSON text data
Size
499 B (499 bytes)
Hash
e3d17d66f9e675ca9273e04470203275
e676da597ad577652921e9af98e79b986ec158ae
5c26acb3823aedc062268da24385061135d42171888bb5f5a0a8f63ba09c67d2

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/33cef9fd6306a5622323264cbe703d15.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-81734.top/
Origin: https://1xlite-81734.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:57 GMT
content-type: application/json
content-length: 499
last-modified: Fri, 17 May 2024 08:10:45 GMT
etag: "e3d17d66f9e675ca9273e04470203275"
expires: Thu, 12 Sep 2024 13:42:26 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc93
age: 3108
traceparent: 00-bfd5288f37c215b1ac0548954ecd5498-7868a79a255f54e1-01
x-id: osix-hw-edge-gc4
cache: HIT
x-cached-since: 2024-09-23T22:17:16+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/7eb49f3cb95029f19a7a99d6483a332d.json

185.244.209.62

182 B

URL
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/7eb49f3cb95029f19a7a99d6483a332d.json
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
JSON text data
Size
182 B (182 bytes)
Hash
e4c69ca8e3916987138c95a26642f53a
411149ef1233c191122618916dc7fa4965a30f7c
9bbbe99b83a20d3d0bd65ab0b343de560c6d437a74a4835786bbd6a58bb0e08e

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/7eb49f3cb95029f19a7a99d6483a332d.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-81734.top/
Origin: https://1xlite-81734.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:57 GMT
content-type: application/json
content-length: 182
last-modified: Fri, 17 May 2024 06:18:09 GMT
etag: "e4c69ca8e3916987138c95a26642f53a"
expires: Thu, 12 Sep 2024 13:42:26 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
age: 3108
traceparent: 00-ca57592a54d7c7a710d600696494a66f-1d4946f9b3d213cf-01
x-id: osix-hw-edge-gc4
cache: HIT
x-cached-since: 2024-09-23T22:17:16+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/9d33e20754c920c53f6ad0b32cc2caed.json

185.244.209.62

200 OK

958 B

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/9d33e20754c920c53f6ad0b32cc2caed.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JSON text data
Size
958 B (958 bytes)
Hash
24ec1c171afe6836881e2fba1ed559a0
588a08d22de446d484f8f51402994f37ff2527c2
a0c14f5476683e6eb7381c1820c0e914c02911ab9d24170e61548e661017f96f

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/9d33e20754c920c53f6ad0b32cc2caed.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-81734.top/
Origin: https://1xlite-81734.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:57 GMT
content-type: application/json
content-length: 958
last-modified: Fri, 17 May 2024 06:49:34 GMT
etag: "24ec1c171afe6836881e2fba1ed559a0"
expires: Thu, 12 Sep 2024 13:42:26 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
age: 3108
traceparent: 00-9c8ad82a9d150f470000723b226dcda0-cfc019427e495c8d-01
x-id: osix-hw-edge-gc4
cache: HIT
x-cached-since: 2024-09-23T22:17:16+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/04e1842520acd802834815bb101e6f46.json

185.244.209.62

313 B

URL
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/04e1842520acd802834815bb101e6f46.json
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
JSON text data
Size
313 B (313 bytes)
Hash
d199a4aeede00cd3780db038773ab636
f6884467460be96dd853ef02a45055084fccf709
7bd5787a9f567b3ebb97f957865d0f9ed9fd57644d5e5dd925fb871f5d104f39

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/04e1842520acd802834815bb101e6f46.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-81734.top/
Origin: https://1xlite-81734.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:57 GMT
content-type: application/json
content-length: 313
last-modified: Sat, 18 May 2024 09:33:33 GMT
etag: "d199a4aeede00cd3780db038773ab636"
expires: Thu, 12 Sep 2024 13:42:26 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc93
age: 3108
traceparent: 00-d4bd8d17c4e724de16cab256a34e7990-69d696367523cfc9-01
x-id: osix-hw-edge-gc4
cache: HIT
x-cached-since: 2024-09-23T22:17:16+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-promotions-and-bonuses-static/Desktop/Default/44136fa355b3/PB-3_zCK0-5O.js

185.244.209.62

200 OK

52 kB

URL GET HTTP/2
v3.traincdn.com/sys-static/sys-promotions-and-bonuses-static/Desktop/Default/44136fa355b3/PB-3_zCK0-5O.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
52 kB (52485 bytes)
Hash
47ce4b63015c82216e4fca9dc9f4307c
2e8a1a263fd746f19898437577bc59b93936f791
c4ba19a356f54b79f19b94cc0c20ddafb06765d425950139a76db373a9005aec

HTTP Headers

GET /sys-static/sys-promotions-and-bonuses-static/Desktop/Default/44136fa355b3/PB-3_zCK0-5O.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-81734.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:53 GMT
content-type: text/javascript; charset=utf-8
last-modified: Mon, 23 Sep 2024 12:59:27 GMT
etag: W/"e9af3201dd8ed51cae9ed4c4b0f60f7a"
x-amz-meta-mtime: 1727096195.593940656
content-encoding: gzip
expires: Tue, 24 Sep 2024 13:08:17 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-d444305f9001ef5dd620e52baf565e67-3da88396b20652ec-01
x-id: osix-hw-edge-gc4
age: 35618
cache: HIT
x-cached-since: 2024-09-23T13:09:15+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-welcome-app-static/Desktop/Default/44136fa355b3/DB_rZMmBy-Jf.js

185.244.209.62

200 OK

9.9 kB

URL GET HTTP/2
v3.traincdn.com/sys-static/sys-welcome-app-static/Desktop/Default/44136fa355b3/DB_rZMmBy-Jf.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
9.9 kB (9940 bytes)
Hash
148e1423e282aee9de238704b07f886a
ccbbde0c51f1e88fa8f9c340e4df83e9eb73d8a2
70cc2e6163df59a1adc238f3302c99804081bc648002f1678b78e1112a7312f3

HTTP Headers

GET /sys-static/sys-welcome-app-static/Desktop/Default/44136fa355b3/DB_rZMmBy-Jf.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-81734.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:54 GMT
content-type: text/javascript; charset=utf-8
last-modified: Thu, 19 Sep 2024 15:15:47 GMT
etag: W/"2cf980d57cdbbc1647c83ceb1cd84c0e"
x-amz-meta-mtime: 1726758816.462905823
content-encoding: gzip
expires: Sat, 21 Sep 2024 11:25:44 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-c0fa41dd460c8ada57c94a7ef0e7bddd-8c2d7c5e6794085b-01
x-id: osix-hw-edge-gc4
age: 41671
cache: HIT
x-cached-since: 2024-09-23T11:28:23+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/3f82811b5dd69160dba601c5a8c2bd86.json

185.244.209.62

184 B

URL
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/3f82811b5dd69160dba601c5a8c2bd86.json
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
JSON text data
Size
184 B (184 bytes)
Hash
36777c63209967831ddd2926e229b69b
7a59de3bd5fd0406a1becbd4fc6bdb49a996a0fa
c2087429233dc14f1ad96cf9b7d1f4ecf0f32fabab7fc37999644a488d10dbc2

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/3f82811b5dd69160dba601c5a8c2bd86.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-81734.top/
Origin: https://1xlite-81734.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:57 GMT
content-type: application/json
content-length: 184
last-modified: Sat, 18 May 2024 12:16:50 GMT
etag: "36777c63209967831ddd2926e229b69b"
expires: Thu, 12 Sep 2024 13:42:26 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
age: 3108
traceparent: 00-38fa4defb8facf5aefa08ec2f964c2aa-7187e158957b2a58-01
x-id: osix-hw-edge-gc4
cache: HIT
x-cached-since: 2024-09-23T22:17:16+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/d6bc5d32455c33849fa13958ddfdc3c3.json

185.244.209.62

200 OK

1.4 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/d6bc5d32455c33849fa13958ddfdc3c3.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
1.4 kB (1449 bytes)
Hash
0c1493bd303318b158032468b9f775d5
70c1984a6468032b3d26072d6581324157b212c6
60a8af4b0af6efeeb00d7c78e8567c10f6c4e81edcb9a23401af2f8cf7a6ecac

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/d6bc5d32455c33849fa13958ddfdc3c3.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-81734.top/
Origin: https://1xlite-81734.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:57 GMT
content-type: application/json
last-modified: Mon, 16 Sep 2024 11:53:20 GMT
etag: W/"e8f660dd33efce00cf92d9a65fd7c0a2"
content-encoding: gzip
expires: Mon, 16 Sep 2024 13:19:24 GMT
cache-control: max-age=3600
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-a2573282f6213a1476093a58d0d83b19-f21048ca9b5d1a24-01
x-id: osix-hw-edge-gc4
age: 2741
cache: HIT
x-cached-since: 2024-09-23T22:17:16+00:00
X-Firefox-Spdy: h2

1xlite-81734.top/service-api/third-party/tournaments-reader/api/TournamentClients/GetTournaments?whence=55&country=137&lng=en_GB&ref=1

46.32.182.117

3.7 kB

URL
1xlite-81734.top/service-api/third-party/tournaments-reader/api/TournamentClients/GetTournaments?whence=55&country=137&lng=en_GB&ref=1
IP
46.32.182.117:0
ASN
#0

Certificate
IssuerLet's Encrypt
Subject1xlite-81734.top
Fingerprint0A:30:E7:1C:B7:AC:1C:34:8E:35:29:86:A0:0E:70:67:B5:74:52:63
ValidityMon, 26 Aug 2024 05:19:45 GMT - Sun, 24 Nov 2024 05:19:44 GMT

File type
JSON text data
Size
3.7 kB (3732 bytes)
Hash
bf23e080313ae55d986f20ef9521959f
532bb580cdca4f1701f023d4dc163b0b7c93e2d6
80af3fa2e95e19d9ac59f2f15a6ad5450b848f36ec51b29c98b49fc0e3e58793

HTTP Headers

GET /service-api/third-party/tournaments-reader/api/TournamentClients/GetTournaments?whence=55&country=137&lng=en_GB&ref=1 HTTP/1.1
Host: 1xlite-81734.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-81734.top/en/bonus/rules
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
x-svc-source: promotions-and-bonuses
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=LiC2dWbx85pu/XJbA1lWAg==; window_width=0; SESSION=6b782ee83bdc265152338b4c7f9fa0ac; che_g=9ad65ef7-763c-8096-f8b9-3db17d9dd1f0; sh.session.id=3a1f7004-a833-43a4-ac92-af0305b442cb; application_locale=en; _ga_7V60YW2S5H=GS1.1.1727132576.1.0.1727132576.60.0.1278065544; _ga=GA1.1.1301150341.1727132576
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:57 GMT
content-type: application/json
vary: Accept-Encoding
x-request-id: 355af3894bae7da3e3f1e81149a3e72b
content-encoding: br
x-time-ng: 0.025
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.041
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-promotions-and-bonuses-static/Desktop/Default/44136fa355b3/DkHx90ZZ_zHk.js

185.244.209.62

339 B

URL
v3.traincdn.com/sys-static/sys-promotions-and-bonuses-static/Desktop/Default/44136fa355b3/DkHx90ZZ_zHk.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
ASCII text, with very long lines (338)
Size
339 B (339 bytes)
Hash
bb2674b6fca4ff867fa3e562b77ef247
e59d5489fd1b88cb391d17bdb038ff523a8831d5
81216ae248daa69ad08b01062b24791242e38b14e2e37bc34766cc3d6d44ae44

HTTP Headers

GET /sys-static/sys-promotions-and-bonuses-static/Desktop/Default/44136fa355b3/DkHx90ZZ_zHk.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-81734.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:57 GMT
content-type: text/javascript; charset=utf-8
content-length: 339
last-modified: Mon, 23 Sep 2024 12:59:27 GMT
etag: "bb2674b6fca4ff867fa3e562b77ef247"
x-amz-meta-mtime: 1727096195.597940694
expires: Tue, 24 Sep 2024 23:02:57 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-e6bcc846f6df73e5973a8932f76526ef-f50d4bbcccde2c93-01
x-id: osix-hw-edge-gc4
cache: EXPIRED
accept-ranges: bytes
X-Firefox-Spdy: h2

1xlite-81734.top/bonus-api/category?currency=NOK&language=en

46.32.182.117

200 OK

471 B

URL GET HTTP/2
1xlite-81734.top/bonus-api/category?currency=NOK&language=en
IP
46.32.182.117:443
ASN
#0

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerLet's Encrypt
Subject1xlite-81734.top
Fingerprint0A:30:E7:1C:B7:AC:1C:34:8E:35:29:86:A0:0E:70:67:B5:74:52:63
ValidityMon, 26 Aug 2024 05:19:45 GMT - Sun, 24 Nov 2024 05:19:44 GMT

File type
JSON text data
Size
471 B (471 bytes)
Hash
fe32551d715df2a3e16fbd8f42e24a36
3b22aea7b28574c50396a5fc8c5b719d19a9bfdf
cccf1c1267488ca4db719961e16f881cfbe43c7da41ee035ddcff3091688fc2e

HTTP Headers

GET /bonus-api/category?currency=NOK&language=en HTTP/1.1
Host: 1xlite-81734.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-81734.top/en/bonus/rules
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
x-svc-source: promotions-and-bonuses
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=LiC2dWbx85pu/XJbA1lWAg==; window_width=0; SESSION=6b782ee83bdc265152338b4c7f9fa0ac; che_g=9ad65ef7-763c-8096-f8b9-3db17d9dd1f0; sh.session.id=3a1f7004-a833-43a4-ac92-af0305b442cb; application_locale=en; _ga_7V60YW2S5H=GS1.1.1727132576.1.0.1727132576.60.0.1278065544; _ga=GA1.1.1301150341.1727132576
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:57 GMT
content-type: application/json
content-length: 471
cache-control: no-cache, private
content-encoding: br
server-timing: p;dur=220.73483467102, dt_total;dur=222.697, wf-uht;dur=0.233
traceparent: 00-fb00c1a911643c02d53538f74b2a18b5-0cad356b962ab7ba-01
x-dt: 285
x-request-id: 397e8d61559f1eb60f623bab685b8888
x-time-ng: 0.222
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/desktop/contact/7fab7afe8d56ad2a182d578e2ec2c470.png

185.244.209.62

68 kB

URL
v3.traincdn.com/genfiles/cms/desktop/contact/7fab7afe8d56ad2a182d578e2ec2c470.png
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
PNG image data, 1920 x 1844, 8-bit/color RGBA, non-interlaced
Size
68 kB (67697 bytes)
Hash
6998cbde1d29c8bce7fdfcb1131e888a
6d9f0850b6a2905f0dc7b87fc70341221c5d356f
7a5cb5a1401fb280e7cd2ee8247872566e81d8f9a2929300a958a62969ac8390

HTTP Headers

GET /genfiles/cms/desktop/contact/7fab7afe8d56ad2a182d578e2ec2c470.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:57 GMT
content-type: image/png
content-length: 67697
last-modified: Mon, 18 Dec 2023 13:35:07 GMT
etag: "6998cbde1d29c8bce7fdfcb1131e888a"
expires: Thu, 12 Sep 2024 11:21:49 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
age: 2713
traceparent: 00-5c41dcbae266d4ad371924f095df9a67-6fcc78842eca0c59-01
x-id: osix-hw-edge-gc4
cache: HIT
x-cached-since: 2024-09-23T22:19:52+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/desktop/contact/548a2f2803604bc1a81e763d7979393b.png

185.244.209.62

4.6 kB

URL
v3.traincdn.com/genfiles/cms/desktop/contact/548a2f2803604bc1a81e763d7979393b.png
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
PNG image data, 250 x 250, 8-bit/color RGBA, non-interlaced
Size
4.6 kB (4557 bytes)
Hash
ca5533eb56b750968e526631de2fb867
a9389152ad86bfb48ff928c2c3484ce269d279ea
3bc2432b0e578082977529ae6d392528e1684f8d2f543d86523c58cbb7f70b88

HTTP Headers

GET /genfiles/cms/desktop/contact/548a2f2803604bc1a81e763d7979393b.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:57 GMT
content-type: image/png
content-length: 4557
last-modified: Tue, 19 Dec 2023 07:28:34 GMT
etag: "ca5533eb56b750968e526631de2fb867"
expires: Thu, 12 Sep 2024 11:21:49 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
age: 3428
traceparent: 00-0726b5cf1812643691aed6add2354fbb-6a2c9a4bf084df7e-01
x-id: osix-hw-edge-gc4
cache: HIT
x-cached-since: 2024-09-23T22:07:57+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/desktop/contact/de16e6978a807c5583da69ab8ec7e8c9.png

185.244.209.62

200 OK

41 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/desktop/contact/de16e6978a807c5583da69ab8ec7e8c9.png
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
PNG image data, 250 x 250, 8-bit/color RGBA, non-interlaced
Size
41 kB (41028 bytes)
Hash
ca949849274f98921c8f4670dd2f7e4e
73b81da62c726f6b6763b57cd1b53c510f770211
25f12d69cd62e6b9bf507db96a1fc165065b113b9ee8a1fb41bdffccc5202fb3

HTTP Headers

GET /genfiles/cms/desktop/contact/de16e6978a807c5583da69ab8ec7e8c9.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:57 GMT
content-type: image/png
content-length: 41028
last-modified: Fri, 05 May 2023 05:55:50 GMT
etag: "ca949849274f98921c8f4670dd2f7e4e"
expires: Thu, 12 Sep 2024 11:21:49 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
age: 275
traceparent: 00-f8875f822855303d24b400f9903658ba-4ca735396eb4fa77-01
x-id: osix-hw-edge-gc4
cache: HIT
x-cached-since: 2024-09-23T23:00:30+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/desktop/contact/a40ffb1ea0c6911528ffe6add23d7af9.png

185.244.209.62

37 kB

URL
v3.traincdn.com/genfiles/cms/desktop/contact/a40ffb1ea0c6911528ffe6add23d7af9.png
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
PNG image data, 1612 x 2460, 8-bit/color RGBA, non-interlaced
Size
37 kB (36961 bytes)
Hash
af016d33f5cdd41c47c903c59eb6e16d
5b8afae11cd8e00a77305dccbd94b1c02c8a4a34
c27a2b0493f7e354071568caea8ca5f482ae0875c2621b69c517aa4f8bbdff24

HTTP Headers

GET /genfiles/cms/desktop/contact/a40ffb1ea0c6911528ffe6add23d7af9.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:57 GMT
content-type: image/png
content-length: 36961
last-modified: Fri, 05 May 2023 06:00:21 GMT
etag: "af016d33f5cdd41c47c903c59eb6e16d"
expires: Thu, 12 Sep 2024 11:21:49 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
age: 275
traceparent: 00-35245da1096b6b12b6ab959e6aaaefeb-f227efdf0061e4bb-01
x-id: osix-hw-edge-gc4
cache: HIT
x-cached-since: 2024-09-23T23:00:30+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/9881b71e50f167df07243688241cba6a.json

185.244.209.62

11 kB

URL
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/9881b71e50f167df07243688241cba6a.json
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
gzip compressed data, max speed, from Unix
Size
11 kB (11229 bytes)
Hash
a83389b54fdf4df75d1432d4e71dbaee
70f4f0924127bafc738e5a81a02fcc2fa4df0fd6
9f9b4022a6a9afa853dff4418a46bd4e864c91f38d8cd6e3db43f1426fedfe52

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/9881b71e50f167df07243688241cba6a.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-81734.top/
Origin: https://1xlite-81734.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:57 GMT
content-type: application/json
last-modified: Sat, 18 May 2024 21:44:59 GMT
etag: W/"2b0b25c3a5f9838780be02a69ada5225"
content-encoding: gzip
expires: Thu, 12 Sep 2024 13:42:26 GMT
cache-control: max-age=3600
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc93
age: 3108
traceparent: 00-ad2f5f1f29b3ef82f57254161a7abd64-84108e6ecfb0249b-01
x-id: osix-hw-edge-gc4
cache: HIT
x-cached-since: 2024-09-23T22:17:16+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/desktop/contact/7945ceb8b487fcbd34d47f1b736c7601.png

185.244.209.62

200 OK

119 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/desktop/contact/7945ceb8b487fcbd34d47f1b736c7601.png
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
PNG image data, 2099 x 2021, 8-bit/color RGBA, interlaced
Size
119 kB (119390 bytes)
Hash
6350df51f73122d20d933a5bdfb363d9
9e0725fac9a8de7be55b2a8c41e7fb6c3285e918
4947ddab0c28d3490553e34571df5a4e6201eab198ff0fc32ef90d86ef1ca681

HTTP Headers

GET /genfiles/cms/desktop/contact/7945ceb8b487fcbd34d47f1b736c7601.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:57 GMT
content-type: image/png
content-length: 119390
last-modified: Mon, 27 May 2024 09:37:31 GMT
etag: "6350df51f73122d20d933a5bdfb363d9"
expires: Thu, 12 Sep 2024 11:21:49 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
age: 275
traceparent: 00-5fbfbcf9be69637169bcf39a0d8d6a16-aeb60a6243f3e220-01
x-id: osix-hw-edge-gc4
cache: HIT
x-cached-since: 2024-09-23T23:00:30+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/20db2149f37c934718b9986c6408453e.json

185.244.209.62

200 OK

8.8 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/20db2149f37c934718b9986c6408453e.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
8.8 kB (8816 bytes)
Hash
4c83f6e03bb55fdbe90ab12d1c99e94b
15f2212b6b3928dbc65a5567d225d74597e604d0
8524c75a0c55daff568b510652a3bcb2a3f67e5c05db0b9ffc6be910ccb08619

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/20db2149f37c934718b9986c6408453e.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-81734.top/
Origin: https://1xlite-81734.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:57 GMT
content-type: application/json
last-modified: Mon, 23 Sep 2024 11:03:38 GMT
etag: W/"f013d161e288cd7e83d3ea2128327c89"
content-encoding: gzip
expires: Mon, 23 Sep 2024 12:06:49 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-d5a14b8d1722630cfdb85ffefd49dd04-0d26761ea85464a4-01
x-id: osix-hw-edge-gc4
age: 2112
cache: HIT
x-cached-since: 2024-09-23T22:27:45+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/desktop/contact/8ba55ed9a873b32e8fdebc14a1d07b2a.png

185.244.209.62

24 kB

URL
v3.traincdn.com/genfiles/cms/desktop/contact/8ba55ed9a873b32e8fdebc14a1d07b2a.png
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
PNG image data, 1080 x 1080, 8-bit/color RGBA, non-interlaced
Size
24 kB (23907 bytes)
Hash
81ec01ca8389043bd543f73340bfb475
27e0f9b5cfeecf9888bcbd14b9b964525d3c0039
3499931f6fddec0477b80362e8b847adeff05b3c3891e4b5ba7776e640b00fc8

HTTP Headers

GET /genfiles/cms/desktop/contact/8ba55ed9a873b32e8fdebc14a1d07b2a.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:57 GMT
content-type: image/png
content-length: 23907
last-modified: Mon, 22 Jul 2024 06:04:42 GMT
etag: "81ec01ca8389043bd543f73340bfb475"
expires: Thu, 12 Sep 2024 11:21:49 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
age: 1941
traceparent: 00-21ba2c4d7dc974cd7c9839c888bf50c7-c88ccc14c6660d97-01
x-id: osix-hw-edge-gc4
cache: HIT
x-cached-since: 2024-09-23T22:32:44+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-promotions-and-bonuses-static/Desktop/Default/44136fa355b3/D4SZR96osmMZ.js

185.244.209.62

9.9 kB

URL
v3.traincdn.com/sys-static/sys-promotions-and-bonuses-static/Desktop/Default/44136fa355b3/D4SZR96osmMZ.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
gzip compressed data, max speed, from Unix
Size
9.9 kB (9861 bytes)
Hash
55cc53fa2b117b8752a7dee4fdf641c1
53ef9585be0fd9f432a36da7362d08cad2add219
793c74a252bfeae61bbd8d2dc3f5e3332ab52d9c1188e68af7c476417ce803d3

HTTP Headers

GET /sys-static/sys-promotions-and-bonuses-static/Desktop/Default/44136fa355b3/D4SZR96osmMZ.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-81734.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:57 GMT
content-type: text/javascript; charset=utf-8
last-modified: Mon, 23 Sep 2024 12:59:27 GMT
etag: W/"966cb2154c80addd9ccf29503d2724c7"
x-amz-meta-mtime: 1727096195.589940618
content-encoding: gzip
expires: Tue, 24 Sep 2024 23:02:57 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-e762562abcb38949af1c1f2289ddab6c-83e48eeb5c4ae256-01
x-id: osix-hw-edge-gc4
cache: MISS
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/desktop/contact/2700afd177d44c340bd71701cb0e7113.png

185.244.209.62

200 OK

4.4 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/desktop/contact/2700afd177d44c340bd71701cb0e7113.png
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
PNG image data, 90 x 80, 8-bit/color RGBA, non-interlaced
Size
4.4 kB (4358 bytes)
Hash
35804fba29b8632baa80c74c37a9e5d0
61a956a86893b2860266e923eb71df544f2eff54
6769eb4c7fb8cc2bb09800a6469f580f7dd32183d03240e3206184d48b2e90d0

HTTP Headers

GET /genfiles/cms/desktop/contact/2700afd177d44c340bd71701cb0e7113.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:57 GMT
content-type: image/png
content-length: 4358
last-modified: Mon, 09 Sep 2024 06:58:18 GMT
etag: "35804fba29b8632baa80c74c37a9e5d0"
expires: Mon, 09 Sep 2024 08:06:11 GMT
cache-control: max-age=3600
x-time-ng: 0.001
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc93
age: 1800
traceparent: 00-7bf6e9bd165d8bac7b7cb48532f412b5-20d7cba6c4ce9d2c-01
x-id: osix-hw-edge-gc4
cache: HIT
x-cached-since: 2024-09-23T22:39:27+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

1xlite-81734.top/bonus-api/page?currency=NOK&language=en

46.32.182.117

2.7 kB

URL
1xlite-81734.top/bonus-api/page?currency=NOK&language=en
IP
46.32.182.117:0
ASN
#0

Certificate
IssuerLet's Encrypt
Subject1xlite-81734.top
Fingerprint0A:30:E7:1C:B7:AC:1C:34:8E:35:29:86:A0:0E:70:67:B5:74:52:63
ValidityMon, 26 Aug 2024 05:19:45 GMT - Sun, 24 Nov 2024 05:19:44 GMT

File type
JSON text data
Size
2.7 kB (2725 bytes)
Hash
67160adf58b5cd58b3c6804d9bb5b568
e6e851397b02655474f6b8a0cb827ef0f346194b
5aa3228f9f44f5c1c8969480cb92c194ce68756e9aabf4eab51231f241e0f61c

HTTP Headers

GET /bonus-api/page?currency=NOK&language=en HTTP/1.1
Host: 1xlite-81734.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-81734.top/en/bonus/rules
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
x-svc-source: promotions-and-bonuses
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=LiC2dWbx85pu/XJbA1lWAg==; window_width=0; SESSION=6b782ee83bdc265152338b4c7f9fa0ac; che_g=9ad65ef7-763c-8096-f8b9-3db17d9dd1f0; sh.session.id=3a1f7004-a833-43a4-ac92-af0305b442cb; application_locale=en; _ga_7V60YW2S5H=GS1.1.1727132576.1.0.1727132576.60.0.1278065544; _ga=GA1.1.1301150341.1727132576
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:57 GMT
content-type: application/json
content-length: 2725
cache-control: no-cache, private
content-encoding: br
server-timing: p;dur=346.84109687805, dt_total;dur=348.553, wf-uht;dur=0.361
traceparent: 00-80e885966513e1f3efea6d37a4a893d2-8016aa9601717f8c-01
x-dt: 285
x-request-id: df4168d98c08df4623b312377dbb877b
x-time-ng: 0.348
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/promo-store.jpg

185.244.209.62

49 kB

URL
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/promo-store.jpg
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 315x250, components 3
Size
49 kB (49253 bytes)
Hash
1c2fbcd07b32b9cb53fce335a61c25b3
49a90889c78c1a98157fa4f37784ed68c0923bfb
2537e87525f9f356342c592f4ed11dc54833c992f615cf0d7c4f56055908f7b0

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/promo-store.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:57 GMT
content-type: image/jpeg
content-length: 49253
last-modified: Tue, 16 May 2023 09:09:12 GMT
etag: "1c2fbcd07b32b9cb53fce335a61c25b3"
expires: Thu, 12 Sep 2024 11:22:51 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc93
age: 4784
traceparent: 00-9a225725036bfc54b4b6040f63828eb5-5afe7159f8e95236-01
x-id: osix-hw-edge-gc4
cache: HIT
x-cached-since: 2024-09-23T22:32:45+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/bonus-cms/jmXUZlP1mMcsx6FoNy32Q24bNpRo4mVV/315x250.jpg

185.244.209.62

29 kB

URL
v3.traincdn.com/genfiles/bonus-cms/jmXUZlP1mMcsx6FoNy32Q24bNpRo4mVV/315x250.jpg
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 315x250, components 3
Size
29 kB (28671 bytes)
Hash
71faaa186069fc6aaa5c5e72580edb29
d0030a07d5b25e782cf3c53423e7a76321e8efb4
9f6d4a8ad967c68542e8e624e39a6fe570f1dfd78378600da2faed0c8e5da2c0

HTTP Headers

GET /genfiles/bonus-cms/jmXUZlP1mMcsx6FoNy32Q24bNpRo4mVV/315x250.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:57 GMT
content-type: image/jpeg
content-length: 28671
last-modified: Wed, 11 Sep 2024 05:52:51 GMT
etag: "71faaa186069fc6aaa5c5e72580edb29"
expires: Fri, 13 Sep 2024 08:22:33 GMT
cache-control: max-age=3600
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
age: 2734
traceparent: 00-40a2e21d439f96464fec74680bf4927f-280a040b6293abaf-01
x-id: osix-hw-edge-gc4
cache: HIT
x-cached-since: 2024-09-23T22:32:45+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/bonus-cms/ILFHwRVBgVkpo3jvkTufQyW8hSLpOTtJ/crash-tournament.jpg

185.244.209.62

28 kB

URL
v3.traincdn.com/genfiles/bonus-cms/ILFHwRVBgVkpo3jvkTufQyW8hSLpOTtJ/crash-tournament.jpg
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 315x250, components 3
Size
28 kB (27937 bytes)
Hash
c755f9f93a687da63e8ade3588e153db
c5796a987119d34e9d2b7405aa6cb7a9a617ceb7
f2072c1284bd260182bace3bbc149e62147266e415f80b61f21315fb92f65a60

HTTP Headers

GET /genfiles/bonus-cms/ILFHwRVBgVkpo3jvkTufQyW8hSLpOTtJ/crash-tournament.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:57 GMT
content-type: image/jpeg
content-length: 27937
last-modified: Mon, 06 May 2024 11:36:02 GMT
etag: "c755f9f93a687da63e8ade3588e153db"
expires: Thu, 12 Sep 2024 11:23:15 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
age: 2590
traceparent: 00-f46e389d395449a02908c043d957b423-b01b9c388100ca5d-01
x-id: osix-hw-edge-gc4
cache: HIT
x-cached-since: 2024-09-23T22:32:45+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/sys-icons/1.0.482/285/common.svg

185.244.209.62

200 OK

64 kB

URL GET HTTP/2
v3.traincdn.com/sys-icons/1.0.482/285/common.svg
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
64 kB (64319 bytes)
Hash
920acb5b16c6044a7aba58408093f14e
5f6d17ceb8460ee7fb3a382880e30db1bce2934a
d56c0f58a30cb30f460dffc811f5aae8ecb63f0075440ad28e0df2c4cca4191d

HTTP Headers

GET /sys-icons/1.0.482/285/common.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-81734.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:57 GMT
content-type: image/svg+xml
last-modified: Thu, 19 Sep 2024 12:02:26 GMT
etag: W/"450643e14773572e36dcff4d8446553d"
x-amz-meta-mtime: 1726747341.274295753
content-encoding: gzip
expires: Sat, 21 Sep 2024 12:46:40 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-8d150149b776cae7a88fd35376e55028-3c9e606bbebae619-01
x-id: osix-hw-edge-gc4
age: 36943
cache: HIT
x-cached-since: 2024-09-23T12:47:14+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/911da2fdb475c39b5ba8f3b4ec4244d9.json

185.244.209.62

200 OK

21 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/911da2fdb475c39b5ba8f3b4ec4244d9.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
21 kB (20965 bytes)
Hash
882400a803c6108eac52d7ff229f4a48
b030dd05dc25bbc4d8b88d1b2d4dff7e1b390ca3
2dc0e54960408790789a08678805d8a81b34d5e82f6047487adb0e414a398b70

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/911da2fdb475c39b5ba8f3b4ec4244d9.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-81734.top/
Origin: https://1xlite-81734.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:57 GMT
content-type: application/json
last-modified: Wed, 04 Sep 2024 10:05:37 GMT
etag: W/"8f7980a3499294a6b74173d71d7f6de6"
content-encoding: gzip
expires: Thu, 12 Sep 2024 13:42:26 GMT
cache-control: max-age=3600
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
age: 3108
traceparent: 00-0cf1a9644504cd8686e2fec010fb33d7-395b1b35b70201e8-01
x-id: osix-hw-edge-gc4
cache: HIT
x-cached-since: 2024-09-23T22:17:16+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/bets-by-telegram.jpg

185.244.209.62

57 kB

URL
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/bets-by-telegram.jpg
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 315x250, components 3
Size
57 kB (57016 bytes)
Hash
b36c33ea87fb7182f2f9421abfb72690
580f23b173130d4a62bca8cd1407aec579a53604
3f605506d69c625bc8ea7b0be5ed54a0fa25553c8483d04a9758cbde1ed7c9f4

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/bets-by-telegram.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:57 GMT
content-type: image/jpeg
content-length: 57016
last-modified: Mon, 15 May 2023 10:48:49 GMT
etag: "b36c33ea87fb7182f2f9421abfb72690"
expires: Thu, 12 Sep 2024 11:22:51 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc93
age: 4794
traceparent: 00-368f5c4a6223a56d21b74072ae5913c7-3dc0ed4875a5674f-01
x-id: osix-hw-edge-gc4
cache: HIT
x-cached-since: 2024-09-23T22:32:45+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/bonus-cms/m2FYcbKWa3k6xRwf4vQzEF8td-Fdhu4h/315x250.webp

185.244.209.62

23 kB

URL
v3.traincdn.com/genfiles/bonus-cms/m2FYcbKWa3k6xRwf4vQzEF8td-Fdhu4h/315x250.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp
Size
23 kB (22972 bytes)
Hash
8ef4ae485873f96e255bad59532ee10e
4ff48382e18178e399871915749b201ed0085f43
d27baf27502aff39a580f7827b42cb403ddb6bbbf73e27bb45987842447120b5

HTTP Headers

GET /genfiles/bonus-cms/m2FYcbKWa3k6xRwf4vQzEF8td-Fdhu4h/315x250.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:57 GMT
content-type: image/webp
content-length: 22972
last-modified: Tue, 10 Sep 2024 06:26:47 GMT
etag: "8ef4ae485873f96e255bad59532ee10e"
expires: Mon, 23 Sep 2024 12:23:05 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-ba7b735fc6ceffd03f7cdb619eb3f5c9-bc06f73b436903b1-01
x-id: osix-hw-edge-gc4
age: 1812
cache: HIT
x-cached-since: 2024-09-23T22:32:45+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

1xlite-81734.top/web-api/bonus

46.32.182.117

50 kB

URL
1xlite-81734.top/web-api/bonus
IP
46.32.182.117:0
ASN
#0

Certificate
IssuerLet's Encrypt
Subject1xlite-81734.top
Fingerprint0A:30:E7:1C:B7:AC:1C:34:8E:35:29:86:A0:0E:70:67:B5:74:52:63
ValidityMon, 26 Aug 2024 05:19:45 GMT - Sun, 24 Nov 2024 05:19:44 GMT

File type
JSON text data
Size
50 kB (50228 bytes)
Hash
ec196c30f724076e3c26101191042f21
5296cec279d8f6d06e5c1bd2fb318f63808bf354
1bb1e1f263f2d436647c4c5743b9ec91e48941e64841eb3001d5e60b23eb1d17

HTTP Headers

GET /web-api/bonus HTTP/1.1
Host: 1xlite-81734.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-81734.top/en/bonus/rules
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
x-svc-source: promotions-and-bonuses
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=LiC2dWbx85pu/XJbA1lWAg==; window_width=0; SESSION=6b782ee83bdc265152338b4c7f9fa0ac; che_g=9ad65ef7-763c-8096-f8b9-3db17d9dd1f0; sh.session.id=3a1f7004-a833-43a4-ac92-af0305b442cb; application_locale=en; _ga_7V60YW2S5H=GS1.1.1727132576.1.0.1727132576.60.0.1278065544; _ga=GA1.1.1301150341.1727132576
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:57 GMT
content-type: application/vnd.api+json
vary: Accept-Encoding
cache-control: no-cache, private
server-timing: p;dur=181, dt_total;dur=211.828, wf-uht;dur=0.235
traceparent: 00-8ebb65a730d66962b62340a79e165944-bf8f694856e89b3a-01
x-dt: 285
x-time-ng: 0.183, 0.186
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/222334ffa93913af8cc3a636fe444896.json

185.244.209.62

36 kB

URL
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/222334ffa93913af8cc3a636fe444896.json
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
gzip compressed data, max speed, from Unix
Size
36 kB (35526 bytes)
Hash
2c050dccb6ca79f9c653085eb9d73724
097fbef86e96757a46656ce60ac23f2740aefb6b
a9475d2982a695d41acdfb721aa4fae695a5406cc8a855ec3e26866e39cebdf3

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/222334ffa93913af8cc3a636fe444896.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-81734.top/
Origin: https://1xlite-81734.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:57 GMT
content-type: application/json
last-modified: Sat, 18 May 2024 06:53:24 GMT
etag: W/"1a092ed797a1157aafa826b6ce3d0c29"
content-encoding: gzip
expires: Mon, 23 Sep 2024 13:39:55 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-512d48f3c942cc137dfc2af194f529a4-c2b947edff6cf337-01
x-id: osix-hw-edge-gc4
age: 2741
cache: HIT
x-cached-since: 2024-09-23T22:17:16+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/slot-ten-deposit.jpg

185.244.209.62

44 kB

URL
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/slot-ten-deposit.jpg
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
JPEG image data, progressive, precision 8, 315x250, components 3
Size
44 kB (43559 bytes)
Hash
c37fcadea18df30563df3801edbc452e
79ad3ca2442918aa4c8c7647e4cda21081eaaef3
f5cd0b9aff7d896d296fbca52989ef5e15c3ec075d94a08fc5cda37367325858

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/slot-ten-deposit.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:57 GMT
content-type: image/jpg
content-length: 43559
last-modified: Tue, 11 Apr 2023 17:52:48 GMT
etag: "c37fcadea18df30563df3801edbc452e"
expires: Sun, 22 Sep 2024 00:01:06 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-6f85140114f7fdb1056aa4ec082a836c-b875e634c31bb43f-01
x-id: osix-hw-edge-gc4
cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/bonus-cms/-F4AhdYV5GYOYbffoLsZVIKLXOg1ysIL/candyworks.png

185.244.209.62

176 kB

URL
v3.traincdn.com/genfiles/bonus-cms/-F4AhdYV5GYOYbffoLsZVIKLXOg1ysIL/candyworks.png
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
PNG image data, 315 x 250, 8-bit/color RGBA, non-interlaced
Size
176 kB (175925 bytes)
Hash
084a3ec73888c560ca7b67cd1ff9fb25
33bcb018258aa291ca06a15b880071c3cfd85e44
bb06d098b683ef49b5ae99d213e508a3c255f228e64903f1a17fc97e96324912

HTTP Headers

GET /genfiles/bonus-cms/-F4AhdYV5GYOYbffoLsZVIKLXOg1ysIL/candyworks.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:57 GMT
content-type: image/png
content-length: 175925
last-modified: Tue, 28 Nov 2023 14:15:18 GMT
etag: "084a3ec73888c560ca7b67cd1ff9fb25"
expires: Thu, 12 Sep 2024 11:22:50 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
age: 4794
traceparent: 00-bd09eea5149be8e07a29e9a0aea0a819-8398bed8d68a5e47-01
x-id: osix-hw-edge-gc4
cache: HIT
x-cached-since: 2024-09-23T22:32:45+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/52628b525d0167e4ec91b88c6782c53b.json

185.244.209.62

93 kB

URL
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/52628b525d0167e4ec91b88c6782c53b.json
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
gzip compressed data, max speed, from Unix
Size
93 kB (93428 bytes)
Hash
a4725443b073b9fcf15cf97bc9f9ecc7
28d7190934391d1d536e897af2dd51cb0fd2d112
6fb1f8a096c88d888cae2c50de22708a74ed0d97216c48af53e8a7dd9d176fe8

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/52628b525d0167e4ec91b88c6782c53b.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-81734.top/
Origin: https://1xlite-81734.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:57 GMT
content-type: application/json
last-modified: Fri, 17 May 2024 02:09:48 GMT
etag: W/"a60fb63e7c35ba8cdb1d0851ff960b1b"
content-encoding: gzip
expires: Thu, 12 Sep 2024 13:42:26 GMT
cache-control: max-age=3600
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc93
age: 3108
traceparent: 00-72f87bacfe4e5315cc53b820276cb482-0c8c720473d9a065-01
x-id: osix-hw-edge-gc4
cache: HIT
x-cached-since: 2024-09-23T22:17:16+00:00
X-Firefox-Spdy: h2

1xlite-81734.top/sys-static/sys-v3-host-app-static/Desktop/Default/44136fa355b3/BXuyvIFDjkMF.css

46.32.182.117

200 OK

30 kB

URL GET HTTP/2
1xlite-81734.top/sys-static/sys-v3-host-app-static/Desktop/Default/44136fa355b3/BXuyvIFDjkMF.css
IP
46.32.182.117:443
ASN
#0

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerLet's Encrypt
Subject1xlite-81734.top
Fingerprint0A:30:E7:1C:B7:AC:1C:34:8E:35:29:86:A0:0E:70:67:B5:74:52:63
ValidityMon, 26 Aug 2024 05:19:45 GMT - Sun, 24 Nov 2024 05:19:44 GMT

File type
ASCII text, with very long lines (26993)
Size
30 kB (29894 bytes)
Hash
8672f3c52e8b561f74d6241df53fce1c
e1ef03249f9389dca2e8751c1f717a1e56bd85d0
5b3e15684d77532bb4ac756935fa7c29ff4258199298e8b0daff071d72559646

HTTP Headers

GET /sys-static/sys-v3-host-app-static/Desktop/Default/44136fa355b3/BXuyvIFDjkMF.css HTTP/1.1
Host: 1xlite-81734.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/en/promotions/wheel-bet
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=LiC2dWbx85pu/XJbA1lWAg==
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:50 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
last-modified: Mon, 23 Sep 2024 12:46:25 GMT
etag: W/"8672f3c52e8b561f74d6241df53fce1c"
x-amz-meta-mtime: 1727095475.943889596
content-encoding: br
expires: Tue, 24 Sep 2024 23:02:50 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.010
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/bonus-cms/jmXUZlP1mMcsx6FoNy32Q24bNpRo4mVV/315x250.webp

185.244.209.62

18 kB

URL
v3.traincdn.com/genfiles/bonus-cms/jmXUZlP1mMcsx6FoNy32Q24bNpRo4mVV/315x250.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp
Size
18 kB (17464 bytes)
Hash
a4cffde439da4734a2a064b6dbe3d7ad
c708eec4a152d341664929a5c269fca7cdec3165
d0534ae4aea8dc4926253c74b53fea026371d325fd38a2f816023f5a73c7410b

HTTP Headers

GET /genfiles/bonus-cms/jmXUZlP1mMcsx6FoNy32Q24bNpRo4mVV/315x250.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:58 GMT
content-type: image/webp
content-length: 17464
last-modified: Wed, 11 Sep 2024 05:52:51 GMT
etag: "a4cffde439da4734a2a064b6dbe3d7ad"
expires: Fri, 13 Sep 2024 08:22:33 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
age: 2419
traceparent: 00-eb9b20ebe51b679c7debda3dc1f13efe-ea97469d13229fca-01
x-id: osix-hw-edge-gc4
cache: HIT
x-cached-since: 2024-09-23T22:32:45+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/bonus-cms/ILFHwRVBgVkpo3jvkTufQyW8hSLpOTtJ/crash-tournament.webp

185.244.209.62

21 kB

URL
v3.traincdn.com/genfiles/bonus-cms/ILFHwRVBgVkpo3jvkTufQyW8hSLpOTtJ/crash-tournament.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp
Size
21 kB (21046 bytes)
Hash
15164520928c820496d5a21d34974c88
96d49992e13fa2395f103c55a62b2778f30b79e8
cd983bcf4da9b4b5e834fd63d666d1c87d4261b92fc94c7d7503818f3f7ef576

HTTP Headers

GET /genfiles/bonus-cms/ILFHwRVBgVkpo3jvkTufQyW8hSLpOTtJ/crash-tournament.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:58 GMT
content-type: image/webp
content-length: 21046
last-modified: Mon, 06 May 2024 11:36:16 GMT
etag: "15164520928c820496d5a21d34974c88"
expires: Thu, 12 Sep 2024 11:21:23 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
age: 3628
traceparent: 00-26d01d2623e1751258b4c890cffd2b91-990003a2b0df7a31-01
x-id: osix-hw-edge-gc4
cache: HIT
x-cached-since: 2024-09-23T22:32:45+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/bonus-cms/OkhQT0n1Y64nLH9a1gWAwz5mP7ZJT5iv/dailytournament-2.webp

185.244.209.62

39 kB

URL
v3.traincdn.com/genfiles/bonus-cms/OkhQT0n1Y64nLH9a1gWAwz5mP7ZJT5iv/dailytournament-2.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp
Size
39 kB (39376 bytes)
Hash
82e48bc5a768167605a6e3001eaae7a9
8d21e4b78b6dd6f36774d7e83078deba636093a8
ba0ecf6665c1057c8a616c33eb457c83103b74184df840f70b7e9181741d21d5

HTTP Headers

GET /genfiles/bonus-cms/OkhQT0n1Y64nLH9a1gWAwz5mP7ZJT5iv/dailytournament-2.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:58 GMT
content-type: image/webp
content-length: 39376
last-modified: Fri, 28 Jun 2024 11:43:54 GMT
etag: "82e48bc5a768167605a6e3001eaae7a9"
expires: Thu, 12 Sep 2024 11:21:51 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
age: 3600
traceparent: 00-dc032bb9330c670e21e6129f91870483-f8deb57b3df53e32-01
x-id: osix-hw-edge-gc4
cache: HIT
x-cached-since: 2024-09-23T22:32:45+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/bets-by-telegram.webp

185.244.209.62

200 OK

22 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/bets-by-telegram.webp
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp
Size
22 kB (22154 bytes)
Hash
39d1dc105345cff4c37199d4ae2857d4
dbeba1282f82a8fbca0045713fee8bf48bd58098
6085511f9d0d73ae4e466fc3392ddad94f271750d945bde6b5abb4143d86d9e9

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/bets-by-telegram.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:58 GMT
content-type: image/webp
content-length: 22154
last-modified: Mon, 15 May 2023 10:48:41 GMT
etag: "39d1dc105345cff4c37199d4ae2857d4"
expires: Thu, 12 Sep 2024 11:21:51 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
age: 4001
traceparent: 00-8b8f9b9a1bac3990bb0d8c98f9623828-8c791a4b2462b553-01
x-id: osix-hw-edge-gc4
cache: HIT
x-cached-since: 2024-09-23T22:32:45+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/bonus-cms/m2FYcbKWa3k6xRwf4vQzEF8td-Fdhu4h/315x250.webp

185.244.209.62

23 kB

URL
v3.traincdn.com/genfiles/bonus-cms/m2FYcbKWa3k6xRwf4vQzEF8td-Fdhu4h/315x250.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp
Size
23 kB (22972 bytes)
Hash
8ef4ae485873f96e255bad59532ee10e
4ff48382e18178e399871915749b201ed0085f43
d27baf27502aff39a580f7827b42cb403ddb6bbbf73e27bb45987842447120b5

HTTP Headers

GET /genfiles/bonus-cms/m2FYcbKWa3k6xRwf4vQzEF8td-Fdhu4h/315x250.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:58 GMT
content-type: image/webp
content-length: 22972
last-modified: Tue, 10 Sep 2024 06:26:47 GMT
etag: "8ef4ae485873f96e255bad59532ee10e"
expires: Mon, 23 Sep 2024 12:23:05 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-f9ff69d8b94f11d23101849237ad4cdb-bb975f994524a0ac-01
x-id: osix-hw-edge-gc4
age: 1813
cache: HIT
x-cached-since: 2024-09-23T22:32:45+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/bonus-cms/NrYLPexnCMwMSdX6tC-njSau7U0Isq6k/sticker-hunt_2.webp

185.244.209.62

200 OK

32 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/bonus-cms/NrYLPexnCMwMSdX6tC-njSau7U0Isq6k/sticker-hunt_2.webp
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp
Size
32 kB (31456 bytes)
Hash
2309ffc3e56da55de775075f057ec5dd
f6a49f15c6d0c1b784cc88fd5adb338afbf81715
74425c46a8b8eee7fe43f3f13dcf80d1ab2c5f7f569296e604fb250762b8b22e

HTTP Headers

GET /genfiles/bonus-cms/NrYLPexnCMwMSdX6tC-njSau7U0Isq6k/sticker-hunt_2.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:58 GMT
content-type: image/webp
content-length: 31456
last-modified: Mon, 24 Jun 2024 07:43:01 GMT
etag: "2309ffc3e56da55de775075f057ec5dd"
expires: Thu, 12 Sep 2024 11:22:06 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
age: 3986
traceparent: 00-26059810d102040a8ac1fdfbeeef2f05-fe7c48dd79541d59-01
x-id: osix-hw-edge-gc4
cache: HIT
x-cached-since: 2024-09-23T22:32:45+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/bonus-cms/-F4AhdYV5GYOYbffoLsZVIKLXOg1ysIL/candyworks.webp

185.244.209.62

48 kB

URL
v3.traincdn.com/genfiles/bonus-cms/-F4AhdYV5GYOYbffoLsZVIKLXOg1ysIL/candyworks.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp
Size
48 kB (48058 bytes)
Hash
a0339a106d8746d304f69e1b730d2b13
3f2b1c54fda62bd6acad6c8e818ca9b0a242ca4c
0f595c354ed2f9e32665d208359fdc786b20358164171744db96644051e49f4d

HTTP Headers

GET /genfiles/bonus-cms/-F4AhdYV5GYOYbffoLsZVIKLXOg1ysIL/candyworks.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:58 GMT
content-type: image/webp
content-length: 48058
last-modified: Tue, 28 Nov 2023 14:15:19 GMT
etag: "a0339a106d8746d304f69e1b730d2b13"
expires: Thu, 12 Sep 2024 11:21:51 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
age: 4001
traceparent: 00-0c18ded4294b13dc46c3382a53ac58fd-74ae47d3e106318d-01
x-id: osix-hw-edge-gc4
cache: HIT
x-cached-since: 2024-09-23T22:32:45+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/bonus-cms/U7TFn-hTu4vZquQxGgMj69zgm6NBLyVM/lucky-friday.webp

185.244.209.62

200 OK

40 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/bonus-cms/U7TFn-hTu4vZquQxGgMj69zgm6NBLyVM/lucky-friday.webp
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp
Size
40 kB (40536 bytes)
Hash
f30518298e921d3492d57ea614d49b67
fe4954e6af514328ded06453cf67d5409e4dfe22
d0a24736577aa7c70c26b540a53242b8b2d192f583d9b675743da04f21886af5

HTTP Headers

GET /genfiles/bonus-cms/U7TFn-hTu4vZquQxGgMj69zgm6NBLyVM/lucky-friday.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:58 GMT
content-type: image/webp
content-length: 40536
last-modified: Tue, 14 May 2024 08:44:56 GMT
etag: "f30518298e921d3492d57ea614d49b67"
expires: Tue, 17 Sep 2024 13:39:10 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-1f38e1bb4f591cd8d64d30a585c05b48-b9495f60f5364a54-01
x-id: osix-hw-edge-gc4
age: 1813
cache: HIT
x-cached-since: 2024-09-23T22:32:45+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/bonus-cms/LFICyFaKYJ6xVbTBwk-hRRtuo8QrCKg1/lucky-day.webp

185.244.209.62

30 kB

URL
v3.traincdn.com/genfiles/bonus-cms/LFICyFaKYJ6xVbTBwk-hRRtuo8QrCKg1/lucky-day.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp
Size
30 kB (30120 bytes)
Hash
127f60172cf16911bf168a7fb61c7ccf
5224ba0a241715cf352c7ea5d2b54d9343cd5877
2c7adb7ce984529f91331d5f8c4d4709471b455e8275d9f8f0fcea7a1b641ee7

HTTP Headers

GET /genfiles/bonus-cms/LFICyFaKYJ6xVbTBwk-hRRtuo8QrCKg1/lucky-day.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:58 GMT
content-type: image/webp
content-length: 30120
last-modified: Thu, 04 Apr 2024 12:21:49 GMT
etag: "127f60172cf16911bf168a7fb61c7ccf"
expires: Wed, 18 Sep 2024 14:06:11 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-dd4407d12c8eef2df34a708edbb64dee-ec766ba589170c28-01
x-id: osix-hw-edge-gc4
age: 1813
cache: HIT
x-cached-since: 2024-09-23T22:32:45+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/bonus-cms/8GAp0QsXgUnjvbyWFmSaiUPFN7UQLDB8/315x250.webp

185.244.209.62

35 kB

URL
v3.traincdn.com/genfiles/bonus-cms/8GAp0QsXgUnjvbyWFmSaiUPFN7UQLDB8/315x250.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp
Size
35 kB (35426 bytes)
Hash
821d0dcf2236016caf6d910561dc3af0
11a734faf562a927a8a75b334eee3b79afe64057
576abb6804d2ee2092f7a549fd770dbc81abaab3e0f7e06403b2d83504df2349

HTTP Headers

GET /genfiles/bonus-cms/8GAp0QsXgUnjvbyWFmSaiUPFN7UQLDB8/315x250.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:58 GMT
content-type: image/webp
content-length: 35426
last-modified: Tue, 25 Jun 2024 01:13:30 GMT
etag: "821d0dcf2236016caf6d910561dc3af0"
expires: Thu, 12 Sep 2024 11:21:49 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
age: 4003
traceparent: 00-acc2826025ea154eeccdff335bb289b7-6ecaef2eb3362209-01
x-id: osix-hw-edge-gc4
cache: HIT
x-cached-since: 2024-09-23T22:32:45+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/promo-store.webp

185.244.209.62

200 OK

22 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/promo-store.webp
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp
Size
22 kB (22354 bytes)
Hash
376807f6eceb28fcc2624716e09fbbd9
baf70080537063c8b9df5d817edd6f97d2b66a37
66ccd156391c11311536fe220c908a69687ae95701c6ae2a24e139938dcb70e7

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/promo-store.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:58 GMT
content-type: image/webp
content-length: 22354
last-modified: Tue, 16 May 2023 09:09:04 GMT
etag: "376807f6eceb28fcc2624716e09fbbd9"
expires: Thu, 12 Sep 2024 11:21:23 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc93
age: 2216
x-cached-since: 2024-09-12T10:21:23+00:00
traceparent: 00-3df8bd0d9bbf6a1522e19d5060f50b65-88da39311ab3a525-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/1st/1-137.webp

185.244.209.62

118 B

URL
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/1st/1-137.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
HTML document, ASCII text, with CRLF line terminators
Size
118 B (118 bytes)
Hash
b58d632409efb03916cfef3229576c55
c2fb66483c899f427b0354d52b080ce8bb6b47c4
b0b0fadb436530e81236a3d97058fc501d732eb24768845c5e97ac8ac3c32176

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/1st/1-137.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Mon, 23 Sep 2024 23:02:58 GMT
content-type: text/html; charset=utf-8
content-length: 118
x-time-ng: 0.001
strict-transport-security: max-age=31536000; includeSubDomains
traceparent: 00-322a7dba71ad5fa6b60a2c58e2c77ea5-3aebafb7f8ebdd30-01
x-id: osix-hw-edge-gc4
cache: MISS
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/slot-first-deposit.webp

185.244.209.62

9.5 kB

URL
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/slot-first-deposit.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp
Size
9.5 kB (9528 bytes)
Hash
e74e38a96e2b86b49bce5a4ecdb2e456
8ed3fce32fa8d91d39bd0bb642e3c45516d8a9eb
f7ca5371dc68183854f2893aa3d99bba1e080f3b2d6146a99e7561f9b79dbe87

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/slot-first-deposit.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:58 GMT
content-type: image/webp
content-length: 9528
last-modified: Fri, 12 May 2023 09:54:31 GMT
etag: "e74e38a96e2b86b49bce5a4ecdb2e456"
expires: Sun, 22 Sep 2024 18:05:46 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-6a4f5e127170ba50089a07ad84b33764-019abbb32b8ce439-01
x-id: osix-hw-edge-gc4
cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/slot-ten-deposit.webp

185.244.209.62

10 kB

URL
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/slot-ten-deposit.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp
Size
10 kB (10366 bytes)
Hash
a55f6bc5288f59157c1f4b0d99200c4f
64b37d821bf692cea5cde5734b3230cecd2b1ae0
0f29e044bfb569e9205e03de27030a08d6b32de2da815a72b059dca1cfea8707

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/slot-ten-deposit.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:58 GMT
content-type: application/octet-stream
content-length: 10366
last-modified: Tue, 11 Apr 2023 17:52:48 GMT
etag: "a55f6bc5288f59157c1f4b0d99200c4f"
expires: Thu, 12 Sep 2024 11:21:31 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc93
age: 2208
x-cached-since: 2024-09-12T10:21:31+00:00
traceparent: 00-7335e9c0a78fb711629bbf0d14d74f78-4f1c0887a2877f0b-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/vip-cashback/1-137.webp

185.244.209.62

118 B

URL
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/vip-cashback/1-137.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
HTML document, ASCII text, with CRLF line terminators
Size
118 B (118 bytes)
Hash
b58d632409efb03916cfef3229576c55
c2fb66483c899f427b0354d52b080ce8bb6b47c4
b0b0fadb436530e81236a3d97058fc501d732eb24768845c5e97ac8ac3c32176

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/vip-cashback/1-137.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Mon, 23 Sep 2024 23:02:58 GMT
content-type: text/html; charset=utf-8
content-length: 118
x-time-ng: 0.001
strict-transport-security: max-age=31536000; includeSubDomains
traceparent: 00-2bf863f75bb1cf407ba42e65ec6ad505-6ce84232bc7d2e5a-01
x-id: osix-hw-edge-gc4
cache: MISS
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/promo-no-risk-bet.webp

185.244.209.62

50 kB

URL
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/promo-no-risk-bet.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
RIFF (little-endian) data, Web/P image
Size
50 kB (49656 bytes)
Hash
61884a79292df9a69ea556b9adbdb453
a925df3d537f64ded7c93d6d46719f6933eedaba
6f949e72638072f5014d3710883383047f95344febff58dbe5a6dc47c753d5ff

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/promo-no-risk-bet.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:58 GMT
content-type: image/webp
content-length: 49656
last-modified: Tue, 11 Apr 2023 17:52:46 GMT
etag: "61884a79292df9a69ea556b9adbdb453"
expires: Thu, 12 Sep 2024 11:23:12 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc93
age: 2107
x-cached-since: 2024-09-12T10:23:12+00:00
traceparent: 00-e94f02748e708bd741de72b0cccbcc3f-36dd572396931f80-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/main-static/3245538d/desktop/default/Layout.SeoModule.Lazy-9773443c.js

185.244.209.62

37 kB

URL
v3.traincdn.com/main-static/3245538d/desktop/default/Layout.SeoModule.Lazy-9773443c.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
gzip compressed data, max speed, from Unix
Size
37 kB (36805 bytes)
Hash
7438a69fe2d95383dbdc9c6c566ecd3a
1a049c018123ed624fc1757109e47a62bf12dcfb
acf7e4623fc1b583069b7f93ae40f54595383d2a82ce7934c3f0dc7ae1a9a1af

HTTP Headers

GET /main-static/3245538d/desktop/default/Layout.SeoModule.Lazy-9773443c.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:51 GMT
content-type: text/javascript; charset=utf-8
last-modified: Mon, 23 Sep 2024 08:15:19 GMT
etag: W/"f6dcdb28096393236f91bda9cb0b5d58"
x-amz-meta-mtime: 1727079317.045852039
content-encoding: gzip
expires: Tue, 24 Sep 2024 08:37:01 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-1c534f07c2a62483d7bf9e7ff78138e4-bf2ff73068fbe6fa-01
x-id: osix-hw-edge-gc4
age: 51682
cache: HIT
x-cached-since: 2024-09-23T08:41:29+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/e1e620923accd809b758306eaeac536e.json

185.244.209.62

200 OK

18 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/e1e620923accd809b758306eaeac536e.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
18 kB (17703 bytes)
Hash
518162c22c2105e6491ecc295e85faa2
6082dc259800732281d23f7223bc2419dfebc9e9
bb07ffece1f79ede4006830f7ed134fa0009a17ac89c31ca95f1e397f9d04164

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/e1e620923accd809b758306eaeac536e.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-81734.top/
Origin: https://1xlite-81734.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:57 GMT
content-type: application/json
last-modified: Sat, 18 May 2024 06:01:24 GMT
etag: W/"82be680bc6bd32b65cef0e3bda368678"
content-encoding: gzip
expires: Thu, 19 Sep 2024 12:47:53 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-a59781ef6394229e598b573b833af070-ac0546ce5e8b2d22-01
x-id: osix-hw-edge-gc4
age: 2741
cache: HIT
x-cached-since: 2024-09-23T22:17:16+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/top-bins.webp

185.244.209.62

200 OK

7.6 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/top-bins.webp
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp
Size
7.6 kB (7550 bytes)
Hash
d11c77ea0b5452913b78f4119b5dc2a6
51bd74151949ed7bfc8b75c6ff5f06695bdd3501
54b074dd43034216f6d809fd57a81c5ed43a4cee62da841ac1041cc05394cd45

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/top-bins.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:58 GMT
content-type: application/octet-stream
content-length: 7550
last-modified: Tue, 11 Apr 2023 17:52:54 GMT
etag: "d11c77ea0b5452913b78f4119b5dc2a6"
expires: Thu, 12 Sep 2024 11:23:21 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
age: 2098
x-cached-since: 2024-09-12T10:23:21+00:00
traceparent: 00-ed4aa406a95b02b65691c857d2b9c54b-30072a6a8b51f38f-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/tv-bet-jackpot.webp

185.244.209.62

200 OK

9.1 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/tv-bet-jackpot.webp
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp
Size
9.1 kB (9094 bytes)
Hash
cf73cf5ee3883706242debc9d5f1c52e
e071e466fff51b6bff7edf48405c959865bdbe28
53e6a25ee8451c110b3f96164a7917bb8e6f4dfdcf84ec373eebd5b4dc56d88c

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/tv-bet-jackpot.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:58 GMT
content-type: application/octet-stream
content-length: 9094
last-modified: Tue, 11 Apr 2023 17:52:55 GMT
etag: "cf73cf5ee3883706242debc9d5f1c52e"
expires: Thu, 12 Sep 2024 11:21:23 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc93
age: 3301
x-cached-since: 2024-09-12T10:21:23+00:00
traceparent: 00-5a7a5de434d8c662f406151ef9906a26-d2b4467484b0c56a-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/07703bc9b0671ada7b724f415a0bf665.json

185.244.209.62

28 kB

URL
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/07703bc9b0671ada7b724f415a0bf665.json
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
gzip compressed data, max speed, from Unix
Size
28 kB (27772 bytes)
Hash
990dad5d9728c602872556d34a908f82
c88ddbbff447683f36f4488a73968d85bf01fc28
6f13dff777e1647624ef8a26431069ec1d886c3e6c8595178767cc88754c1d0e

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/07703bc9b0671ada7b724f415a0bf665.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-81734.top/
Origin: https://1xlite-81734.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:57 GMT
content-type: application/json
last-modified: Sat, 18 May 2024 04:45:50 GMT
etag: W/"269ccea9c3f07d37d497b4911e5d6e0b"
content-encoding: gzip
expires: Thu, 12 Sep 2024 13:42:26 GMT
cache-control: max-age=3600
x-time-ng: 0.044
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc93
age: 3108
traceparent: 00-ec02caf5c1c8501c467de22364a3c351-62a45f2aa635f0d2-01
x-id: osix-hw-edge-gc4
cache: HIT
x-cached-since: 2024-09-23T22:17:16+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/b706b3d88e2f62f5ec2879dc5596559c.json

185.244.209.62

200 OK

20 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/b706b3d88e2f62f5ec2879dc5596559c.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
20 kB (20179 bytes)
Hash
bdf95f4871a065bc1a235779e2a1b44f
9e45ba94715a5fbd40fc481c79eeb1ebb2908ce2
e22c38b4a68006f723d64bdcb30e8b6fe081e6b3108b38b8184f320153bf8cb8

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/b706b3d88e2f62f5ec2879dc5596559c.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-81734.top/
Origin: https://1xlite-81734.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:57 GMT
content-type: application/json
last-modified: Mon, 09 Sep 2024 15:20:20 GMT
etag: W/"5c9a33cbf84dddc328685b92bfba6f40"
content-encoding: gzip
expires: Thu, 12 Sep 2024 13:42:26 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
age: 3108
traceparent: 00-e06ff0669041c8fd821b80ebe0b58fd1-01ae401013c2f812-01
x-id: osix-hw-edge-gc4
cache: HIT
x-cached-since: 2024-09-23T22:17:16+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/3a43891c15bdc54d19e50ea8cbf1b44a.json

185.244.209.62

16 kB

URL
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/3a43891c15bdc54d19e50ea8cbf1b44a.json
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
gzip compressed data, max speed, from Unix
Size
16 kB (16019 bytes)
Hash
c97ed663f990f49b6a0ac9747ea2ed15
05f3670839b55f669fd9e2c95cf264c2e59d2e25
fded2cf846c6676b3e30cf6afa87faa624f7a6827afde89837a04632098329e9

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/3a43891c15bdc54d19e50ea8cbf1b44a.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-81734.top/
Origin: https://1xlite-81734.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:57 GMT
content-type: application/json
last-modified: Fri, 17 May 2024 20:18:46 GMT
etag: W/"becb2e7c22d23ed7b8c378c346c643f1"
content-encoding: gzip
expires: Thu, 12 Sep 2024 13:42:26 GMT
cache-control: max-age=3600
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
age: 3108
traceparent: 00-53a688cb700517f16af77928063b6d2e-de995e0697b0eaf1-01
x-id: osix-hw-edge-gc4
cache: HIT
x-cached-since: 2024-09-23T22:17:16+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/bonus-cms/Po8GHGWsDOIGl8YrW1tDTXLp9jcxqxWp/Sticpay_Cashback_30-_315x250.jpg

185.244.209.62

36 kB

URL
v3.traincdn.com/genfiles/bonus-cms/Po8GHGWsDOIGl8YrW1tDTXLp9jcxqxWp/Sticpay_Cashback_30-_315x250.jpg
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 315x250, components 3
Size
36 kB (36260 bytes)
Hash
04e6aee5e9b6d815658b5b91e30f1de4
51144fc0e6763a1c9f23781d06714c9ae40f7181
3e3edfe3c41aecc6a189742c0b08d3bc4665b34afe6c61e56e68b0a35d21b9c3

HTTP Headers

GET /genfiles/bonus-cms/Po8GHGWsDOIGl8YrW1tDTXLp9jcxqxWp/Sticpay_Cashback_30-_315x250.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:57 GMT
content-type: image/jpeg
content-length: 30688
last-modified: Thu, 05 Sep 2024 07:35:57 GMT
etag: "eb297c2f2e7c36535a7ba1f14312667b"
expires: Thu, 12 Sep 2024 11:23:21 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
age: 4662
traceparent: 00-dda688efa6cc8867d9ee0decfa0ffa62-42005d56d7bf5b00-01
x-id: osix-hw-edge-gc4
cache: HIT
x-cached-since: 2024-09-23T22:32:45+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/bonus-cms/rSdLvP2aYmgvJLItLjaZg4raJt9VG51o/beat-games.jpg

185.244.209.62

6.0 kB

URL
v3.traincdn.com/genfiles/bonus-cms/rSdLvP2aYmgvJLItLjaZg4raJt9VG51o/beat-games.jpg
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp
Size
6.0 kB (6002 bytes)
Hash
25a2c8bb1250ef2eb614983566886ef4
bb0e43eeee18884437554668b5e1ad56a68e20a4
23852e0d23a0c03d4fd5e5ba37f81083212c85b4c305697ad8b32dd8cef797c1

HTTP Headers

GET /genfiles/bonus-cms/rSdLvP2aYmgvJLItLjaZg4raJt9VG51o/beat-games.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:57 GMT
content-type: image/jpeg
content-length: 20905
last-modified: Fri, 26 Apr 2024 12:20:50 GMT
etag: "70bddf4f38a1cef4c9056e41cb2754c5"
expires: Thu, 12 Sep 2024 11:23:15 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
age: 2713
traceparent: 00-dd7efd172b6c9223901ccb978fbaa620-a015529b2c90c3e4-01
x-id: osix-hw-edge-gc4
cache: HIT
x-cached-since: 2024-09-23T22:32:45+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/multiply2.webp

185.244.209.62

200 OK

7.6 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/multiply2.webp
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp
Size
7.6 kB (7566 bytes)
Hash
1d8bed36881f95d202cadc9e59f6feac
2e02cd8b9fed8a23983e3fae937046ab3bbf024d
75a1bf27b18d5a283419875af020e3b2f435aba02f1b510b76b2f76f6932c23c

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/multiply2.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:58 GMT
content-type: image/webp
content-length: 7566
last-modified: Tue, 11 Apr 2023 17:52:41 GMT
etag: "1d8bed36881f95d202cadc9e59f6feac"
expires: Thu, 12 Sep 2024 11:21:23 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc93
age: 2216
x-cached-since: 2024-09-12T10:21:23+00:00
traceparent: 00-0f978c55ad7b421a9aad634f8a3283c9-8a876e1f53d9f811-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/hyper-bonus.webp

185.244.209.62

200 OK

62 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/hyper-bonus.webp
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 315x250, components 3
Size
62 kB (61571 bytes)
Hash
5aaddf2c56dd3132a3eb40fd514309c6
74dc6650e0bc516bbefbe1da71fb5e0243e69191
5989764a0ab5e33ea4d229993ff2842fc8d9fe15e6a7ab42de32fc326e28b1c2

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/hyper-bonus.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:58 GMT
content-type: application/octet-stream
content-length: 61571
last-modified: Tue, 11 Apr 2023 17:52:34 GMT
etag: "5aaddf2c56dd3132a3eb40fd514309c6"
expires: Thu, 12 Sep 2024 11:23:24 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
age: 2095
x-cached-since: 2024-09-12T10:23:24+00:00
traceparent: 00-285f517326ce2d44bc04c2a77b34bf59-2b9022672fb57a43-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/d1c65e26ae550906c388a8a79b1c0da2.json

185.244.209.62

200 OK

27 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/d1c65e26ae550906c388a8a79b1c0da2.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
27 kB (26755 bytes)
Hash
bdc7a61a2b173fc93f77a2caa9a1ce3d
7501e6c52ed760ad285ff8c0ea39b0defb938b08
59ed8060246232737658b7504a34a9ec1bf386446ab513114d8c9c35d66f3519

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/d1c65e26ae550906c388a8a79b1c0da2.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-81734.top/
Origin: https://1xlite-81734.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:57 GMT
content-type: application/json
last-modified: Fri, 17 May 2024 03:56:46 GMT
etag: W/"dad3a9b077bc630619a2f0a6422b65ae"
content-encoding: gzip
expires: Thu, 12 Sep 2024 13:42:26 GMT
cache-control: max-age=3600
x-time-ng: 0.001
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc93
age: 3108
traceparent: 00-abe81580133ffa2b1c5e5443d9831363-311599a7ac9af63d-01
x-id: osix-hw-edge-gc4
cache: HIT
x-cached-since: 2024-09-23T22:17:16+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/main-static/3245538d/desktop/default/vendors/plugins.vue-js-modal-f7bed911.js

185.244.209.62

93 kB

URL
v3.traincdn.com/main-static/3245538d/desktop/default/vendors/plugins.vue-js-modal-f7bed911.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
gzip compressed data, max speed, from Unix
Size
93 kB (92658 bytes)
Hash
cd502919e26516850e71c46523999a78
0012b85337b23e22c9d3f0d11bad209f3231c98a
45d9f0ef944a07d85be57f37058c733db3a93fda268cf55442455a2d649ef106

HTTP Headers

GET /main-static/3245538d/desktop/default/vendors/plugins.vue-js-modal-f7bed911.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:51 GMT
content-type: text/javascript; charset=utf-8
last-modified: Mon, 23 Sep 2024 08:15:20 GMT
etag: W/"371625e11d87d7e053ac7886e4ea74d1"
x-amz-meta-mtime: 1727079317.121852271
content-encoding: gzip
expires: Tue, 24 Sep 2024 08:37:00 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-08b8e1da62917584777290c301f09f0b-382c0f5b9ce64adc-01
x-id: osix-hw-edge-gc4
age: 51683
cache: HIT
x-cached-since: 2024-09-23T08:41:28+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/shared-assets/__shared_accept_language_parser_QKZ6ULEV.js

185.244.209.62

440 kB

URL
v3.traincdn.com/sys-static/shared-assets/__shared_accept_language_parser_QKZ6ULEV.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
gzip compressed data, max speed, from Unix
Size
440 kB (439840 bytes)
Hash
f4142d5680b0d679f4ae6fc799fa2702
0bf90dd2d2d55ae2de9bd4d3935e0cdba596a40b
2abbf013c45cc0426ae6d21c2ba8275111664e87bd4a49ca8bb17f5c57ae2eca

HTTP Headers

GET /sys-static/shared-assets/__shared_accept_language_parser_QKZ6ULEV.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-81734.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:52 GMT
content-type: text/javascript; charset=utf-8
last-modified: Mon, 23 Sep 2024 08:43:56 GMT
etag: W/"518e0ae196483ada8b528a1f2b7df0a1"
x-amz-meta-mtime: 1727080818.512238094
content-encoding: gzip
expires: Tue, 24 Sep 2024 10:21:59 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-b8834c3bfc92a5dfe5a3aca5d49b2dfc-78ba361af731d64d-01
x-id: osix-hw-edge-gc4
age: 45572
cache: HIT
x-cached-since: 2024-09-23T10:23:20+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/bonus-cms/3BLE4GHchnX9muNlDl1AdjRVhwhPDFkh/become-legend-new.webp

185.244.209.62

42 kB

URL
v3.traincdn.com/genfiles/bonus-cms/3BLE4GHchnX9muNlDl1AdjRVhwhPDFkh/become-legend-new.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp
Size
42 kB (41976 bytes)
Hash
fe2a749a9137ec1048411db654e24046
2247c54626c8aa2c840ac89ad0c4e53327d1edf2
c0c98f13f065a6c17b57375e7981d09b8e5c857bc6bd7cc4d74bec79fafa50f4

HTTP Headers

GET /genfiles/bonus-cms/3BLE4GHchnX9muNlDl1AdjRVhwhPDFkh/become-legend-new.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:58 GMT
content-type: image/webp
content-length: 41976
last-modified: Wed, 26 Jun 2024 07:05:01 GMT
etag: "fe2a749a9137ec1048411db654e24046"
expires: Thu, 12 Sep 2024 11:21:49 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
age: 3275
x-cached-since: 2024-09-12T10:21:49+00:00
traceparent: 00-a2c18c658389303eb61f840d3d7cd1e1-804933f8d2837efe-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/bonus-cms/tCgrsiUvSuvHwN_auv6E3SykKja_O-DD/esportsera.webp

185.244.209.62

42 kB

URL
v3.traincdn.com/genfiles/bonus-cms/tCgrsiUvSuvHwN_auv6E3SykKja_O-DD/esportsera.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp
Size
42 kB (41936 bytes)
Hash
cc0f900ff2b11a4e46e53419737902c6
f8fd893e5ab41e28fd61751dc8fd9bda05c789e4
d0490d81410b3ca7581a6533e5866ed6fb507bfdee868caf0f399c6edefd0b4d

HTTP Headers

GET /genfiles/bonus-cms/tCgrsiUvSuvHwN_auv6E3SykKja_O-DD/esportsera.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:58 GMT
content-type: image/webp
content-length: 41936
last-modified: Wed, 26 Jun 2024 09:03:05 GMT
etag: "cc0f900ff2b11a4e46e53419737902c6"
expires: Thu, 12 Sep 2024 11:21:54 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
age: 3998
traceparent: 00-07de4cca05b759fecd6efc9797499dfb-efbb75df531e5112-01
x-id: osix-hw-edge-gc4
cache: HIT
x-cached-since: 2024-09-23T22:32:45+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

1xlite-81734.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json

46.32.182.117

200 OK

23 B

URL POST HTTP/2
1xlite-81734.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json
IP
46.32.182.117:443
ASN
#0

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerLet's Encrypt
Subject1xlite-81734.top
Fingerprint0A:30:E7:1C:B7:AC:1C:34:8E:35:29:86:A0:0E:70:67:B5:74:52:63
ValidityMon, 26 Aug 2024 05:19:45 GMT - Sun, 24 Nov 2024 05:19:44 GMT

File type
JSON text data
Size
23 B (23 bytes)
Hash
4c61f5171b0eea92c0038f6d3d6a7704
ba694bdf5fd5763c5d018336575c87d36c6f5a69
e93f1314571c75c49a052012df86cb4f64845945ea9095f7336429018c18078e

HTTP Headers

POST /fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json HTTP/1.1
Host: 1xlite-81734.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-81734.top/en/bonus/rules
Content-Type: application/json
X-Lang: en
X-Uuid: d46c0f95-e1ba-424f-b0bd-b9930ad41717
Content-Length: 113
Origin: https://1xlite-81734.top
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=LiC2dWbx85pu/XJbA1lWAg==; window_width=0; SESSION=6b782ee83bdc265152338b4c7f9fa0ac; che_g=9ad65ef7-763c-8096-f8b9-3db17d9dd1f0; sh.session.id=3a1f7004-a833-43a4-ac92-af0305b442cb; application_locale=en; _ga_7V60YW2S5H=GS1.1.1727132576.1.0.1727132576.60.0.1278065544; _ga=GA1.1.1301150341.1727132576
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:58 GMT
content-type: application/json
content-length: 23
x-time-ng: 0.000
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.013
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/bonus-cms/4Sdl04ycwsug1B7QDfaLwVBMyHnESfFO/315x250_2.webp

185.244.209.62

200 OK

25 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/bonus-cms/4Sdl04ycwsug1B7QDfaLwVBMyHnESfFO/315x250_2.webp
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp
Size
25 kB (24674 bytes)
Hash
90f9c1dd353cd10ade325a79d9c2a54a
e188eb4188b26b5610b97283fde72eb57a03ce88
9e4cbbdc345a3715cd6b67996cea756c86a308ef6c8291215c8308c123ed8d18

HTTP Headers

GET /genfiles/bonus-cms/4Sdl04ycwsug1B7QDfaLwVBMyHnESfFO/315x250_2.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:58 GMT
content-type: image/webp
content-length: 24674
last-modified: Mon, 02 Sep 2024 07:35:56 GMT
etag: "90f9c1dd353cd10ade325a79d9c2a54a"
expires: Wed, 18 Sep 2024 16:34:14 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-98a764fa83db81a3a85acebd9bf1cda7-d49785c6935b78a6-01
x-id: osix-hw-edge-gc4
age: 1813
cache: HIT
x-cached-since: 2024-09-23T22:32:45+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/formula-one-game.webp

185.244.209.62

26 kB

URL
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/formula-one-game.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp
Size
26 kB (26188 bytes)
Hash
3529a9950536352cadc5022231d76608
2883dfd254a6b2ac531e7749bd0986dd4c26b077
f9b9979b91624cafcb1f44cdf9b1a3926417ca700046a19466a94335ff8090cf

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/formula-one-game.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:58 GMT
content-type: application/octet-stream
content-length: 26188
last-modified: Tue, 11 Apr 2023 17:52:28 GMT
etag: "3529a9950536352cadc5022231d76608"
expires: Tue, 24 Sep 2024 00:01:12 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-bbb71eb2cbb274ff85625deaaa1b76f1-0248f4e0407c7be3-01
x-id: osix-hw-edge-gc4
cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/promo-store-slider.webp

185.244.209.62

30 kB

URL
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/promo-store-slider.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 945x370, Scaling: [none]x[none], YUV color, decoders should clamp
Size
30 kB (30198 bytes)
Hash
fb26390b4171564fe0781859fcceda24
06a0c7a3a55e3c6b9a8e1e57727b3c669f322679
5463e432bd75c1aae1935b19c9965dbf5723c16b73fb5d8290e97b879d8364a7

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/promo-store-slider.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:58 GMT
content-type: image/webp
content-length: 30198
last-modified: Fri, 12 May 2023 09:22:20 GMT
etag: "fb26390b4171564fe0781859fcceda24"
expires: Wed, 18 Sep 2024 19:47:54 GMT
cache-control: max-age=3600
x-time-ng: 0.001
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-ca8b35a03b4d41827e4765d0ed96e0cc-e389597cab40fc20-01
x-id: osix-hw-edge-gc4
cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/1st/1-137-slider.webp

185.244.209.62

118 B

URL
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/1st/1-137-slider.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
HTML document, ASCII text, with CRLF line terminators
Size
118 B (118 bytes)
Hash
b58d632409efb03916cfef3229576c55
c2fb66483c899f427b0354d52b080ce8bb6b47c4
b0b0fadb436530e81236a3d97058fc501d732eb24768845c5e97ac8ac3c32176

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/1st/1-137-slider.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Mon, 23 Sep 2024 23:02:58 GMT
content-type: text/html; charset=utf-8
content-length: 118
x-time-ng: 0.001
strict-transport-security: max-age=31536000; includeSubDomains
traceparent: 00-b2f3dac4bacf4d67f7d26dc1a7635b84-ba82fff13c773698-01
x-id: osix-hw-edge-gc4
cache: MISS
X-Firefox-Spdy: h2

v3.traincdn.com/main-static/3245538d/desktop/default/css/ce535f46.css

185.244.209.62

200 OK

52 kB

URL GET HTTP/2
v3.traincdn.com/main-static/3245538d/desktop/default/css/ce535f46.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
52 kB (52157 bytes)
Hash
b4d52276e3b93e7594880c507403ccf6
448eb58938dfbf30f0c7fa53f8c2d3e72b5c5bbd
b5617054fcba628e2e5299e5e0c313e84e3e50f5187b7441d8234acb83ae8eb5

HTTP Headers

GET /main-static/3245538d/desktop/default/css/ce535f46.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:50 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 23 Sep 2024 08:15:21 GMT
etag: W/"5581889cf1b855b5bc8cf2b3b03fb2dc"
x-amz-meta-mtime: 1727079317.069852113
content-encoding: gzip
expires: Tue, 24 Sep 2024 08:36:58 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-530d3cde35dd9aca7094cad7e7180d2c-b80cd3befaebf3a5-01
x-id: osix-hw-edge-gc4
age: 51684
cache: HIT
x-cached-since: 2024-09-23T08:41:26+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/third-party-files/tournaments/f90d46f6dc81ec6da938c522ebcaa027/320x1702.webp

185.244.209.62

404 Not Found

118 B

URL GET HTTP/2
v3.traincdn.com/genfiles/third-party-files/tournaments/f90d46f6dc81ec6da938c522ebcaa027/320x1702.webp
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
118 B (118 bytes)
Hash
b58d632409efb03916cfef3229576c55
c2fb66483c899f427b0354d52b080ce8bb6b47c4
b0b0fadb436530e81236a3d97058fc501d732eb24768845c5e97ac8ac3c32176

HTTP Headers

GET /genfiles/third-party-files/tournaments/f90d46f6dc81ec6da938c522ebcaa027/320x1702.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Mon, 23 Sep 2024 23:02:58 GMT
content-type: text/html; charset=utf-8
content-length: 118
x-time-ng: 0.001
strict-transport-security: max-age=31536000; includeSubDomains
traceparent: 00-01663db909e4958c697311dc09663cc3-ea494daf0b303883-01
x-id: osix-hw-edge-gc4
cache: MISS
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/bonus-cms/ILFHwRVBgVkpo3jvkTufQyW8hSLpOTtJ/crash-tournament-slider.webp

185.244.209.62

200 OK

61 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/bonus-cms/ILFHwRVBgVkpo3jvkTufQyW8hSLpOTtJ/crash-tournament-slider.webp
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 945x370, Scaling: [none]x[none], YUV color, decoders should clamp
Size
61 kB (60678 bytes)
Hash
0112bff43854f0db43146223aa7c87f8
1c8d467a1224e6baeda3b7dc56802e192a63e6cc
57dadbc23bb01f343a22ca29fc38197603475acd1c55010de8d92ac6913f8f29

HTTP Headers

GET /genfiles/bonus-cms/ILFHwRVBgVkpo3jvkTufQyW8hSLpOTtJ/crash-tournament-slider.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:58 GMT
content-type: image/webp
content-length: 60678
last-modified: Mon, 06 May 2024 11:37:01 GMT
etag: "0112bff43854f0db43146223aa7c87f8"
expires: Thu, 12 Sep 2024 11:21:23 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc93
age: 3301
x-cached-since: 2024-09-12T10:21:23+00:00
traceparent: 00-af8fdc0813e46f2798ac71078a1696e3-6303441b07cdda67-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/1st.webp

185.244.209.62

11 kB

URL
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/1st.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp
Size
11 kB (10554 bytes)
Hash
a9a36fedcff872396a9f3c7f790713a3
b401c66a5f8b5ab3422964dc1df540bdee8897c8
af610352cfbaf762bac809c78a4cd3c768e412c9bf3a3e2a8f795cded58dc474

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/1st.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:58 GMT
content-type: application/octet-stream
content-length: 10554
last-modified: Tue, 11 Apr 2023 17:52:13 GMT
etag: "a9a36fedcff872396a9f3c7f790713a3"
expires: Thu, 12 Sep 2024 11:23:12 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
age: 2107
x-cached-since: 2024-09-12T10:23:12+00:00
traceparent: 00-796566ff9b81e76d61f93e0d02882910-d0aeda219dfd1d7c-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/vip-cashback.webp

185.244.209.62

6.2 kB

URL
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/vip-cashback.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp
Size
6.2 kB (6224 bytes)
Hash
c92bc7216404cb1bc46cad557d04a4b4
3ad6adb66ed52e54ef1d7adffaec4bf03f51d6df
f652aafdaab581a7843ca7939067e4bacfb5c09255a6408c76644187470ca00b

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/vip-cashback.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:58 GMT
content-type: application/octet-stream
content-length: 6224
last-modified: Tue, 11 Apr 2023 17:52:56 GMT
etag: "c92bc7216404cb1bc46cad557d04a4b4"
expires: Fri, 09 Aug 2024 15:44:47 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
age: 2107
x-cached-since: 2024-09-12T10:23:12+00:00
traceparent: 00-12f47ac0ffba48caee1db0d88bcdbb54-af135fca60c4bd16-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/1st-slider.webp

185.244.209.62

18 kB

URL
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/1st-slider.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 945x370, Scaling: [none]x[none], YUV color, decoders should clamp
Size
18 kB (18056 bytes)
Hash
a4b243f76ff572881d54d6d590fb7cdf
dd97d6d98143012e8adecef2a7fad511f7b6c453
ea844aab8b34dab774ad139535dbdd01f9c3886736e241d34bc2088409ab1f10

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/1st-slider.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:58 GMT
content-type: application/octet-stream
content-length: 18056
last-modified: Tue, 11 Apr 2023 17:52:13 GMT
etag: "a4b243f76ff572881d54d6d590fb7cdf"
expires: Thu, 12 Sep 2024 11:21:32 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
age: 167
x-cached-since: 2024-09-12T17:29:32+00:00
traceparent: 00-f976819c996cc83cd3fbda5e951736db-f5ec56f80b5f1cb5-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/third-party-files/tournaments/f90d46f6dc81ec6da938c522ebcaa027/320x1702.png

185.244.209.62

66 kB

URL
v3.traincdn.com/genfiles/third-party-files/tournaments/f90d46f6dc81ec6da938c522ebcaa027/320x1702.png
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
PNG image data, 320 x 170, 8-bit/color RGBA, non-interlaced
Size
66 kB (66398 bytes)
Hash
3ca28854607d18647cdc64c47826e1da
d7ca05e743720cb7e0edb0a360862f25acafac2c
bce75be4669b5d4391744afdf79385929bd1d800ccc641a88c2b2d47afe90974

HTTP Headers

GET /genfiles/third-party-files/tournaments/f90d46f6dc81ec6da938c522ebcaa027/320x1702.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:58 GMT
content-type: image/png
content-length: 66398
last-modified: Wed, 24 Jul 2024 17:30:26 GMT
etag: "3ca28854607d18647cdc64c47826e1da"
expires: Thu, 12 Sep 2024 11:21:26 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
age: 2217
x-cached-since: 2024-09-12T10:21:26+00:00
traceparent: 00-74b5f5e0aabac123c61435fac06c6f84-61294881657c7a15-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

1xlite-81734.top/web-api/session

46.32.182.117

0 B

URL
1xlite-81734.top/web-api/session
IP
46.32.182.117:0
ASN
#0

Certificate
IssuerLet's Encrypt
Subject1xlite-81734.top
Fingerprint0A:30:E7:1C:B7:AC:1C:34:8E:35:29:86:A0:0E:70:67:B5:74:52:63
ValidityMon, 26 Aug 2024 05:19:45 GMT - Sun, 24 Nov 2024 05:19:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /web-api/session HTTP/1.1
Host: 1xlite-81734.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-81734.top/en/bonus/rules
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=LiC2dWbx85pu/XJbA1lWAg==; window_width=0; SESSION=6b782ee83bdc265152338b4c7f9fa0ac; che_g=9ad65ef7-763c-8096-f8b9-3db17d9dd1f0; sh.session.id=3a1f7004-a833-43a4-ac92-af0305b442cb; application_locale=en; _ga_7V60YW2S5H=GS1.1.1727132576.1.0.1727132576.60.0.1278065544; _ga=GA1.1.1301150341.1727132576
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Mon, 23 Sep 2024 23:03:00 GMT
cache-control: no-cache, private
server-timing: p;dur=15, dt_total;dur=36.514, wf-uht;dur=0.048
traceparent: 00-fb9427388ffb44233bc28a4b1d615003-d71116d9ba636f27-01
x-dt: 285
x-time-ng: 0.016, 0.031
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

1xlite-81734.top/hd-api/external/apps/c5e31d5915661de4393e3f1489b00ebc4497dd48/api.js

46.32.182.117

200 OK

416 B

URL GET HTTP/2
1xlite-81734.top/hd-api/external/apps/c5e31d5915661de4393e3f1489b00ebc4497dd48/api.js
IP
46.32.182.117:443
ASN
#0

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerLet's Encrypt
Subject1xlite-81734.top
Fingerprint0A:30:E7:1C:B7:AC:1C:34:8E:35:29:86:A0:0E:70:67:B5:74:52:63
ValidityMon, 26 Aug 2024 05:19:45 GMT - Sun, 24 Nov 2024 05:19:44 GMT

File type
JavaScript source, ASCII text, with very long lines (594)
Size
416 B (416 bytes)
Hash
bd2e3553032ba63e3b6b3200a743bc8d
a15c755742b456440614377121fadba24bd3e220
66103e021ac66e5ac2a26dfa09c44b567a455096dd77bfd809295cae281e2046

HTTP Headers

GET /hd-api/external/apps/c5e31d5915661de4393e3f1489b00ebc4497dd48/api.js HTTP/1.1
Host: 1xlite-81734.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/en/bonus/rules
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=LiC2dWbx85pu/XJbA1lWAg==; window_width=0; SESSION=6b782ee83bdc265152338b4c7f9fa0ac; che_g=9ad65ef7-763c-8096-f8b9-3db17d9dd1f0; sh.session.id=3a1f7004-a833-43a4-ac92-af0305b442cb; application_locale=en; _ga_7V60YW2S5H=GS1.1.1727132576.1.0.1727132576.60.0.1278065544; _ga=GA1.1.1301150341.1727132576
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:03:00 GMT
content-type: text/javascript; charset=utf-8
content-length: 416
cache-control: public, max-age=300
content-encoding: gzip
etag: bd2e3553032ba63e3b6b3200a743bc8d
traceparent: 00-4e440d501a918c3c009d94ce01e8ea4c-af6405ad4be93581-01
vary: Accept-Encoding
x-dt: 455
x-request-guid: e59f654e7797efdbb3d1d45dcac1e727
x-time-ng: 0.018
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=24.989, wf-uht;dur=
accept-ranges: bytes
X-Firefox-Spdy: h2

1xlite-81734.top/hd-api/external/assets/hdf.js

46.32.182.117

200 OK

1.7 kB

URL GET HTTP/2
1xlite-81734.top/hd-api/external/assets/hdf.js
IP
46.32.182.117:443
ASN
#0

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerLet's Encrypt
Subject1xlite-81734.top
Fingerprint0A:30:E7:1C:B7:AC:1C:34:8E:35:29:86:A0:0E:70:67:B5:74:52:63
ValidityMon, 26 Aug 2024 05:19:45 GMT - Sun, 24 Nov 2024 05:19:44 GMT

File type
C++ source, ASCII text, with very long lines (874)
Size
1.7 kB (1744 bytes)
Hash
4aa51d1920f0c025eb39517aeb6267cf
471a57aeefc44f60e65f6715dd71e6b13103c1d1
d7c82c2fd75bc941de69ba237fefa543f3632b5eaa09f1c18a645b3908cdf9ac

HTTP Headers

GET /hd-api/external/assets/hdf.js HTTP/1.1
Host: 1xlite-81734.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/en/bonus/rules
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=LiC2dWbx85pu/XJbA1lWAg==; window_width=0; SESSION=6b782ee83bdc265152338b4c7f9fa0ac; che_g=9ad65ef7-763c-8096-f8b9-3db17d9dd1f0; sh.session.id=3a1f7004-a833-43a4-ac92-af0305b442cb; application_locale=en; _ga_7V60YW2S5H=GS1.1.1727132576.1.0.1727132576.60.0.1278065544; _ga=GA1.1.1301150341.1727132576
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:03:00 GMT
content-type: text/javascript; charset=utf-8
content-length: 1744
cache-control: public, max-age=300
content-encoding: gzip
etag: 4aa51d1920f0c025eb39517aeb6267cf
traceparent: 00-57e0978cce630aafb03ef349527176c8-97526d021a1b1245-01
vary: Accept-Encoding
x-dt: 455
x-request-guid: 0168ba06dba261e31cfec3d03428427e
x-time-ng: 0.032
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=35.437, wf-uht;dur=
accept-ranges: bytes
X-Firefox-Spdy: h2

1xlite-81734.top/hd-api/external/0192211f-b992-7110-960f-aecb41172ce1.js

46.32.182.117

84 kB

URL
1xlite-81734.top/hd-api/external/0192211f-b992-7110-960f-aecb41172ce1.js
IP
46.32.182.117:0
ASN
#0

Certificate
IssuerLet's Encrypt
Subject1xlite-81734.top
Fingerprint0A:30:E7:1C:B7:AC:1C:34:8E:35:29:86:A0:0E:70:67:B5:74:52:63
ValidityMon, 26 Aug 2024 05:19:45 GMT - Sun, 24 Nov 2024 05:19:44 GMT

File type
gzip compressed data
Size
84 kB (84215 bytes)
Hash
a7ecf47a97e8073be1429aa53a091650
127ab79b390adb88bc62676f4e0d7a3108bc7b59
fc41828102a9fff023ba447e5458e95303bb5cffaf7237b600ed9cea26c1ce3e

HTTP Headers

GET /hd-api/external/0192211f-b992-7110-960f-aecb41172ce1.js HTTP/1.1
Host: 1xlite-81734.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-81734.top/en/bonus/rules
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=LiC2dWbx85pu/XJbA1lWAg==; window_width=0; SESSION=6b782ee83bdc265152338b4c7f9fa0ac; che_g=9ad65ef7-763c-8096-f8b9-3db17d9dd1f0; sh.session.id=3a1f7004-a833-43a4-ac92-af0305b442cb; application_locale=en; _ga_7V60YW2S5H=GS1.1.1727132576.1.0.1727132576.60.0.1278065544; _ga=GA1.1.1301150341.1727132576
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:03:00 GMT
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=0, must-revalidate
content-encoding: gzip
traceparent: 00-5a58c0de07de0425f75a10bbb97418f5-6dfd48c93b2534d4-01
vary: Accept-Encoding
x-dt: 285
x-hd-trace-id: d5070315-6256-469c-8f7c-12de0536af15
x-request-guid: 357e6bb4a7794e720e44929c24218cd9
x-time-ng: 0.004
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=4.376, wf-uht;dur=0.014
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2

185.244.209.62

200 OK

64 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 63748, version 1.0
Size
64 kB (63748 bytes)
Hash
6887b6f24414dbc612dbf42ccdc76b70
8068d3abfbc6cbf35b55919da45b1f4d2d136238
fc5c015fc32518f1ed810fa84ca28941eb9d5a3c81acc8df69a4dbbeedef7b0c

HTTP Headers

GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-81734.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:03:01 GMT
content-type: font/woff2
content-length: 63748
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "6887b6f24414dbc612dbf42ccdc76b70"
expires: Thu, 12 Sep 2024 11:21:48 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
age: 3170
traceparent: 00-d883a2d93d1a916cb3514e847f30fa87-148154d87e11615f-01
x-id: osix-hw-edge-gc4
cache: HIT
x-cached-since: 2024-09-23T22:10:15+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Medium.woff2

185.244.209.62

200 OK

65 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Medium.woff2
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 64732, version 1.0
Size
65 kB (64732 bytes)
Hash
3ac5d40d1b3966fc5eb09ecca74d9cbf
a69f32357765dd321519889aeacba5e9ca893bb0
3310766b8f58538d07abded74a2babe1acbe1a3ee820d5b8c8265da666f4fb0c

HTTP Headers

GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Medium.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-81734.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:03:01 GMT
content-type: font/woff2
content-length: 64732
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "3ac5d40d1b3966fc5eb09ecca74d9cbf"
expires: Thu, 12 Sep 2024 11:21:18 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc93
age: 3073
traceparent: 00-09df6732ebd776c7082aaacbb2b79312-594158a4910f1379-01
x-id: osix-hw-edge-gc4
cache: HIT
x-cached-since: 2024-09-23T22:12:22+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2

185.244.209.62

200 OK

64 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 63920, version 1.0
Size
64 kB (63920 bytes)
Hash
a65527fcb58f66a7cfbc0e6b160538b4
45d260e7fa343401b5bb0df982a014f53e2d253b
fb13c3a1cbac60649b76f7d7f85c1645d35ac69b85ce5f4eb0692505ecc2cd45

HTTP Headers

GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-81734.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:03:01 GMT
content-type: font/woff2
content-length: 63920
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "a65527fcb58f66a7cfbc0e6b160538b4"
expires: Thu, 12 Sep 2024 11:21:24 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
age: 3416
traceparent: 00-a8c99ca6a6f1adfcea94971ef0544e2d-129109de02cb646c-01
x-id: osix-hw-edge-gc4
cache: HIT
x-cached-since: 2024-09-23T22:06:32+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

1xlite-81734.top/hd-api/external/verify

46.32.182.117

506 B

URL
1xlite-81734.top/hd-api/external/verify
IP
46.32.182.117:0
ASN
#0

Certificate
IssuerLet's Encrypt
Subject1xlite-81734.top
Fingerprint0A:30:E7:1C:B7:AC:1C:34:8E:35:29:86:A0:0E:70:67:B5:74:52:63
ValidityMon, 26 Aug 2024 05:19:45 GMT - Sun, 24 Nov 2024 05:19:44 GMT

File type
JSON text data
Size
506 B (506 bytes)
Hash
fea7968d3c8c43cb7d64c0f9acb514c2
9aaeab66ee060ffd563263a00c32c20c023879c9
c87abb9bc89f788a7f979456130229539d2aba0a87bfb654c05172f5cec2ca66

HTTP Headers

POST /hd-api/external/verify HTTP/1.1
Host: 1xlite-81734.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-81734.top/en/bonus/rules
Content-Type: text/plain;charset=UTF-8
Content-Length: 100294
Origin: https://1xlite-81734.top
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=LiC2dWbx85pu/XJbA1lWAg==; window_width=0; SESSION=6b782ee83bdc265152338b4c7f9fa0ac; che_g=9ad65ef7-763c-8096-f8b9-3db17d9dd1f0; sh.session.id=3a1f7004-a833-43a4-ac92-af0305b442cb; application_locale=en; _ga_7V60YW2S5H=GS1.1.1727132576.1.0.1727132576.60.0.1278065544; _ga=GA1.1.1301150341.1727132576
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:03:01 GMT
content-type: application/json
content-length: 506
content-encoding: gzip
traceparent: 00-6df997e1f883958d3e77481917534ec5-55a18b6bdc812944-01
vary: Accept-Encoding
x-dt: 285
x-request-guid: b348402a6f0fee01728246da786ab8a2
x-time-ng: 0.007
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=7.926, wf-uht;dur=0.045
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-7JGWL9SV66

142.250.74.168

110 kB

URL
www.googletagmanager.com/gtag/js?id=G-7JGWL9SV66
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (12435)
Size
110 kB (109842 bytes)
Hash
48251616d412266450f351488909a868
294cbe387aaa94b38e64d9b0d5867fa019402e45
cd07f00c385705d8f485ee98cf5ba42acea24525bf7449feaf8a1dd5597c4976

HTTP Headers

GET /gtag/js?id=G-7JGWL9SV66 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 23 Sep 2024 23:03:02 GMT
expires: Mon, 23 Sep 2024 23:03:02 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 109842
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.googletagmanager.com/gtm.js?id=GTM-KFGPRJ2V

142.250.74.168

94 kB

URL
www.googletagmanager.com/gtm.js?id=GTM-KFGPRJ2V
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (4828)
Size
94 kB (93933 bytes)
Hash
2f247cf4185ba27efc944bd66a31fd37
ba0ba0e88115695e2210e2f130288706960fc635
7c54af5d5595aa62a76b73e9310f08a27b6a9b9825c9ccf5020dd2be813b4a53

HTTP Headers

GET /gtm.js?id=GTM-KFGPRJ2V HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 23 Sep 2024 23:03:02 GMT
expires: Mon, 23 Sep 2024 23:03:02 GMT
cache-control: private, max-age=900
last-modified: Mon, 23 Sep 2024 22:33:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 93933
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

radar.cedexis.com/1/23802/radar.js

45.54.49.5

154 B

URL
radar.cedexis.com/1/23802/radar.js
IP
45.54.49.5:0
ASN
#63911 NetActuate, Inc

File type
HTML document, ASCII text, with CRLF line terminators
Size
154 B (154 bytes)
Hash
cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319

HTTP Headers

GET /1/23802/radar.js HTTP/1.1
Host: radar.cedexis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Mon, 23 Sep 2024 23:03:02 GMT
Content-Type: text/html
Content-Length: 154
Connection: keep-alive
Location: /1707728419/stub.js
Expires: Mon, 23 Sep 2024 23:13:02 GMT
Cache-Control: max-age=600
Vary: User-Agent,DNT

region1.analytics.google.com/g/collect?v=2&tid=G-7JGWL9SV66&gtm=45je49j0v897130004za200&_p=1727132582609&_gaz=1&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1301150341.1727132576&ecid=1046595493&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&ec_mode=a&_s=1&sid=1727132582&sct=1&seg=0&dl=https%3A%2F%2F1xlite-81734.top%2Fen%2Fbonus%2Frules&dt=1xBet%20bonus%20%E1%90%89%20All%201xBet%20bonuses%20%E1%90%89%201xlite-81734.top&en=page_view&_fv=1&_ss=1&_ee=1&ep.optimize_id=GTM-5R4MT54&tfd=13225

216.239.34.36

0 B

URL
region1.analytics.google.com/g/collect?v=2&tid=G-7JGWL9SV66&gtm=45je49j0v897130004za200&_p=1727132582609&_gaz=1&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1301150341.1727132576&ecid=1046595493&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&ec_mode=a&_s=1&sid=1727132582&sct=1&seg=0&dl=https%3A%2F%2F1xlite-81734.top%2Fen%2Fbonus%2Frules&dt=1xBet%20bonus%20%E1%90%89%20All%201xBet%20bonuses%20%E1%90%89%201xlite-81734.top&en=page_view&_fv=1&_ss=1&_ee=1&ep.optimize_id=GTM-5R4MT54&tfd=13225
IP
216.239.34.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-7JGWL9SV66&gtm=45je49j0v897130004za200&_p=1727132582609&_gaz=1&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1301150341.1727132576&ecid=1046595493&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&ec_mode=a&_s=1&sid=1727132582&sct=1&seg=0&dl=https%3A%2F%2F1xlite-81734.top%2Fen%2Fbonus%2Frules&dt=1xBet%20bonus%20%E1%90%89%20All%201xBet%20bonuses%20%E1%90%89%201xlite-81734.top&en=page_view&_fv=1&_ss=1&_ee=1&ep.optimize_id=GTM-5R4MT54&tfd=13225 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-81734.top/
Origin: https://1xlite-81734.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
TE: trailers

HTTP/3 204 No Content
access-control-allow-origin: https://1xlite-81734.top
date: Mon, 23 Sep 2024 23:03:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7JGWL9SV66&cid=1301150341.1727132576&gtm=45je49j0v897130004za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=0&tag_exp=0&z=690069099

142.250.74.163

42 B

URL
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7JGWL9SV66&cid=1301150341.1727132576&gtm=45je49j0v897130004za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=0&tag_exp=0&z=690069099
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7JGWL9SV66&cid=1301150341.1727132576&gtm=45je49j0v897130004za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=0&tag_exp=0&z=690069099 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 23 Sep 2024 23:03:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

radar.cedexis.com/1707728419/stub.js

45.54.49.5

200 OK

271 B

URL GET HTTP/1.1
radar.cedexis.com/1707728419/stub.js
IP
45.54.49.5:443
ASN
#63911 NetActuate, Inc

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerDigiCert Inc
Subjectradar.cedexis.com
Fingerprint33:58:79:8E:87:A5:C3:05:CA:E2:82:50:61:CF:72:83:BD:64:80:C1
ValidityFri, 29 Mar 2024 00:00:00 GMT - Fri, 28 Mar 2025 23:59:59 GMT

File type
JavaScript source, ASCII text
Size
271 B (271 bytes)
Hash
82dec77fd0353c7c71ce053b8601387e
fbbca95419e1d0c042e0a5fdf10f380aca66188c
39f2b7b0fa78d37d0c84d2d6618bd635d86fd683d9bcdd5729850cb2a62522f7

HTTP Headers

GET /1707728419/stub.js HTTP/1.1
Host: radar.cedexis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-81734.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Sep 2024 23:03:02 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 12 Feb 2024 09:51:01 GMT
Vary: Accept-Encoding
ETag: W/"65c9ea05-186"
Expires: Mon, 07 Oct 2024 23:03:02 GMT
Cache-Control: max-age=1209600, public
Content-Encoding: gzip

www.googletagmanager.com/gtag/destination?id=AW-16664555628&l=dataLayer&cx=c

142.250.74.168

94 kB

URL
www.googletagmanager.com/gtag/destination?id=AW-16664555628&l=dataLayer&cx=c
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
JavaScript source, ASCII text, with very long lines (4345)
Size
94 kB (93850 bytes)
Hash
67130937bec7ca32092a9329fccc3306
66f9df01f5637a784b1995d0a16081021603c608
7427d6b9976807036453c2107b876bffb5474c6c2a1b0c8ef288d37e3f90b584

HTTP Headers

GET /gtag/destination?id=AW-16664555628&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 23 Sep 2024 23:03:03 GMT
expires: Mon, 23 Sep 2024 23:03:03 GMT
cache-control: private, max-age=900
last-modified: Mon, 23 Sep 2024 22:33:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 93850
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.googletagmanager.com/gtag/destination?id=DC-14030178&l=dataLayer&cx=c

142.250.74.168

200 OK

79 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/destination?id=DC-14030178&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint8F:FB:38:1E:52:FC:DC:A9:59:49:87:DE:AC:8B:98:2B:57:09:5D:BA
ValidityMon, 26 Aug 2024 06:33:47 GMT - Mon, 18 Nov 2024 06:33:46 GMT

File type
JavaScript source, ASCII text, with very long lines (4345)
Size
79 kB (78980 bytes)
Hash
4ca60b6f449a6f9d1874c7f12a0e28ca
e80bd82ce26a02d2c065a25cd6eca9e88718dd6f
ab8ec0b8532e38dde26197b3cbe8fbb51dd355346b9800000f7eb0d1e6dc4631

HTTP Headers

GET /gtag/destination?id=DC-14030178&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 23 Sep 2024 23:03:03 GMT
expires: Mon, 23 Sep 2024 23:03:03 GMT
cache-control: private, max-age=900
last-modified: Mon, 23 Sep 2024 22:33:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 78980
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

1xlite-81734.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json

46.32.182.117

200 OK

23 B

URL POST HTTP/2
1xlite-81734.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json
IP
46.32.182.117:443
ASN
#0

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerLet's Encrypt
Subject1xlite-81734.top
Fingerprint0A:30:E7:1C:B7:AC:1C:34:8E:35:29:86:A0:0E:70:67:B5:74:52:63
ValidityMon, 26 Aug 2024 05:19:45 GMT - Sun, 24 Nov 2024 05:19:44 GMT

File type
JSON text data
Size
23 B (23 bytes)
Hash
596171d594272258388839a492ce4500
52fca88ed445441bc1c559debf2cccb9f675b7f6
10b08498f7faf1e601e32722f5325ba26ee8def2d0b08370efc2a8bc06a7019e

HTTP Headers

POST /fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json HTTP/1.1
Host: 1xlite-81734.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-81734.top/en/bonus/rules
Content-Type: application/json
X-Lang: en
X-Uuid: d46c0f95-e1ba-424f-b0bd-b9930ad41717
Content-Length: 109
Origin: https://1xlite-81734.top
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=LiC2dWbx85pu/XJbA1lWAg==; window_width=0; SESSION=6b782ee83bdc265152338b4c7f9fa0ac; che_g=9ad65ef7-763c-8096-f8b9-3db17d9dd1f0; sh.session.id=3a1f7004-a833-43a4-ac92-af0305b442cb; application_locale=en; _ga_7V60YW2S5H=GS1.1.1727132576.1.0.1727132576.60.0.1278065544; _ga=GA1.1.1301150341.1727132576; _ga_7JGWL9SV66=GS1.1.1727132582.1.0.1727132582.60.0.1046595493; _gcl_au=1.1.1546288255.1727132583
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:03:04 GMT
content-type: application/json
content-length: 23
x-time-ng: 0.001
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.016
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/e7f91740f4be211afac731343dc63895.json

185.244.209.62

37 kB

URL
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/e7f91740f4be211afac731343dc63895.json
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
gzip compressed data, max speed, from Unix
Size
37 kB (36771 bytes)
Hash
13d3e351935707633e066290a2035ac5
8f783fa05f1f763c701ae5548274252839f8d6a5
9d8934d72aef317c11f1251bd7e91ef5ff8cef3d0986ff15b769a4b2fa0c77d2

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/e7f91740f4be211afac731343dc63895.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-81734.top/
Origin: https://1xlite-81734.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:57 GMT
content-type: application/json
last-modified: Fri, 17 May 2024 01:07:57 GMT
etag: W/"5f6393bd6febc268d33cb235c7eec194"
content-encoding: gzip
expires: Thu, 12 Sep 2024 13:42:26 GMT
cache-control: max-age=3600
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
age: 3108
traceparent: 00-cbf79a9cc4503fd5a9ad88bc98eee545-6a9fddf2f7b802c5-01
x-id: osix-hw-edge-gc4
cache: HIT
x-cached-since: 2024-09-23T22:17:16+00:00
X-Firefox-Spdy: h2

services.addons.mozilla.org/api/v4/addons/search/?guid=default-theme%40mozilla.org%2Caddons-search-detection%40mozilla.com%2Cgoogle%40search.mozilla.org%2Cwikipedia%40search.mozilla.org%2Cbing%40search.mozilla.org%2Cddg%40search.mozilla.org%2Cfirefox-compact-light%40mozilla.org%2Cfirefox-compact-dark%40mozilla.org%2Cfirefox-alpenglow%40mozilla.org%2Camazon%40search.mozilla.org&lang=en-US

18.165.122.81

82 B

URL
services.addons.mozilla.org/api/v4/addons/search/?guid=default-theme%40mozilla.org%2Caddons-search-detection%40mozilla.com%2Cgoogle%40search.mozilla.org%2Cwikipedia%40search.mozilla.org%2Cbing%40search.mozilla.org%2Cddg%40search.mozilla.org%2Cfirefox-compact-light%40mozilla.org%2Cfirefox-compact-dark%40mozilla.org%2Cfirefox-alpenglow%40mozilla.org%2Camazon%40search.mozilla.org&lang=en-US
IP
18.165.122.81:0
ASN
#16509 AMAZON-02

File type
JSON text data
Size
82 B (82 bytes)
Hash
4f822d39c269d2c47e3174b6c6bad3b7
d56bd07959c766e9c18faa9cf1070548f9236b65
cda00e555c758b1c13b6cbd17049ca8471057d16c60f08f551dbc331308eecf3

HTTP Headers

GET /api/v4/addons/search/?guid=default-theme%40mozilla.org%2Caddons-search-detection%40mozilla.com%2Cgoogle%40search.mozilla.org%2Cwikipedia%40search.mozilla.org%2Cbing%40search.mozilla.org%2Cddg%40search.mozilla.org%2Cfirefox-compact-light%40mozilla.org%2Cfirefox-compact-dark%40mozilla.org%2Cfirefox-alpenglow%40mozilla.org%2Camazon%40search.mozilla.org&lang=en-US HTTP/1.1
Host: services.addons.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/json
content-length: 82
server: openresty
date: Mon, 23 Sep 2024 22:45:48 GMT
allow: GET, HEAD, OPTIONS
x-amo-request-id: 26be625685944445a8e0e1450f612bb0
content-security-policy: font-src 'self' https://addons.mozilla.org/static-server/; child-src https://www.recaptcha.net/recaptcha/; form-action 'self'; connect-src 'self' https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com; script-src https://*.google-analytics.com https://*.googletagmanager.com https://www.recaptcha.net/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://addons.mozilla.org/static-server/; img-src 'self' blob: data: https://addons.mozilla.org/static-server/ https://addons.mozilla.org/user-media/ https://*.google-analytics.com https://*.googletagmanager.com; frame-src https://www.recaptcha.net/recaptcha/; default-src 'none'; media-src https://videos.cdn.mozilla.net; object-src 'none'; style-src 'unsafe-inline' https://addons.mozilla.org/static-server/; report-uri /__cspreport__, default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; object-src 'none'; report-uri /__cspreport__
x-frame-options: DENY, deny
strict-transport-security: max-age=31536000
x-content-type-options: nosniff, nosniff
referrer-policy: same-origin
cross-origin-opener-policy: same-origin
cache-control: max-age=3600
x-xss-protection: 0
via: 1.1 google, 1.1 de653d123fa07848c46ed3defe8375b6.cloudfront.net (CloudFront)
etag: "4f822d39c269d2c47e3174b6c6bad3b7"
vary: origin,X-Country-Code,Accept-Language
x-cache: Hit from cloudfront
x-amz-cf-pop: HEL51-P2
x-amz-cf-id: XfUDU-1jpYpuPlMIZscRbIFuiS8qnlTOPhC5T6qDeV_srPA93qjezQ==
age: 1050
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/slot-ten-deposit-slider.webp

185.244.209.62

29 kB

URL
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/slot-ten-deposit-slider.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 945x370, Scaling: [none]x[none], YUV color, decoders should clamp
Size
29 kB (29294 bytes)
Hash
69e08eb4707e2b55f7a4b0d61b671acd
ec908bf196e04dc6300a6eafe0a7f8154eaf134f
a35c75862eabf6ecb98f298f765eedaa830e221cea1b1a3e2b1c5bc55dc9ef67

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/slot-ten-deposit-slider.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:03:18 GMT
content-type: application/octet-stream
content-length: 29294
last-modified: Tue, 11 Apr 2023 17:52:48 GMT
etag: "69e08eb4707e2b55f7a4b0d61b671acd"
expires: Sun, 22 Sep 2024 00:01:27 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-134d0e59511d27d6258374f3501409f8-521e274f1db0ac37-01
x-id: osix-hw-edge-gc4
cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

aus5.mozilla.org/update/3/SystemAddons/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml

35.244.181.201

42 B

URL
aus5.mozilla.org/update/3/SystemAddons/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml
IP
35.244.181.201:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
XML 1.0 document, ASCII text
Size
42 B (42 bytes)
Hash
f8f24fa0c857d8f2ee493e131b85ab62
cb6049f830a54d14a19d4104fc0bb5ab5fdedbe6
e0dadbc9cd1f1bd8ce3118cc3383e0d0f6d147f055265d498d99deea956ba00f

HTTP Headers

GET /update/3/SystemAddons/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:03:18 GMT
content-type: text/xml; charset=utf-8
content-length: 42
rule-id: unknown
rule-data-version: unknown
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: MISS
via: 1.1 google
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/bonus-cms/jmXUZlP1mMcsx6FoNy32Q24bNpRo4mVV/945x370.webp

185.244.209.62

200 OK

47 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/bonus-cms/jmXUZlP1mMcsx6FoNy32Q24bNpRo4mVV/945x370.webp
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 945x370, Scaling: [none]x[none], YUV color, decoders should clamp
Size
47 kB (46988 bytes)
Hash
7f4bd27e00e90fba8bf93face8fc23b2
ec6b6bd3ffb3a5f3b835ba6befb3d3724fd6455a
b2b0448a4dd73215fb8fe04599ca4a0bd9f44b19626277e16c1e6c9fd3d8cb01

HTTP Headers

GET /genfiles/bonus-cms/jmXUZlP1mMcsx6FoNy32Q24bNpRo4mVV/945x370.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:58 GMT
content-type: image/webp
content-length: 46988
last-modified: Wed, 11 Sep 2024 05:53:00 GMT
etag: "7f4bd27e00e90fba8bf93face8fc23b2"
expires: Fri, 13 Sep 2024 08:22:34 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc93
age: 847
x-cached-since: 2024-09-13T10:23:43+00:00
traceparent: 00-8c1ea3bb4a052307e2fedb8fdbeeb650-8c05ae6616498c1f-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

1xlite-81734.top/sys-welcome-app-front/en/promotions/wheel-bet

46.32.182.117

200 OK

214 kB

URL GET HTTP/2
1xlite-81734.top/sys-welcome-app-front/en/promotions/wheel-bet
IP
46.32.182.117:443
ASN
#0

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerLet's Encrypt
Subject1xlite-81734.top
Fingerprint0A:30:E7:1C:B7:AC:1C:34:8E:35:29:86:A0:0E:70:67:B5:74:52:63
ValidityMon, 26 Aug 2024 05:19:45 GMT - Sun, 24 Nov 2024 05:19:44 GMT

File type

Size
214 kB (214464 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sys-welcome-app-front/en/promotions/wheel-bet HTTP/1.1
Host: 1xlite-81734.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-81734.top/en/promotions/wheel-bet
content-type: application/json
x-requested-with: XMLHttpRequest
mf-render-mode: json
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=LiC2dWbx85pu/XJbA1lWAg==; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:52 GMT
content-type: application/json
server-timing: total;dur=16;desc="Total __WELCOME_APP__", dt_total;dur=17.471, wf-uht;dur=0.034
set-cookie: tzo=2; Path=/
vary: Accept-Encoding, Accept-Encoding
x-dt: 285
content-encoding: br
x-time-ng: 0.019
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

widget.suphelper.top/injector.js

172.64.148.184

200 OK

211 kB

URL GET HTTP/2
widget.suphelper.top/injector.js
IP
172.64.148.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerGoogle Trust Services
Subjectsuphelper.top
FingerprintE2:14:13:A8:92:BD:2F:EA:C0:71:F7:82:96:F9:E3:DC:19:7F:68:97
ValidityThu, 19 Sep 2024 08:52:18 GMT - Wed, 18 Dec 2024 08:52:17 GMT

File type

Size
211 kB (210899 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /injector.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 23 Sep 2024 23:02:52 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=31536000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=14400
last-modified: Wed, 11 Sep 2024 04:40:44 GMT
etag: W/"337d3-191df624401"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 20
expires: Tue, 24 Sep 2024 03:02:52 GMT
server: cloudflare
cf-ray: 8c7e2a3169cb56c1-OSL
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/edec104c0b68dddefc691f673df67227.json

185.244.209.62

200 OK

963 B

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/edec104c0b68dddefc691f673df67227.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (1060), with no line terminators
Size
963 B (963 bytes)
Hash
eafcd365a5fd6a86e1f442bc9f7186b2
5d9373ba91e8128c224478a0803b7e3de8a27a04
5927b4603cb8e987751c9d9bd6dfdf913166ab2c67326f313d08b50577076b40

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/edec104c0b68dddefc691f673df67227.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-81734.top/
Origin: https://1xlite-81734.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:57 GMT
content-type: application/json
content-length: 963
last-modified: Sat, 18 May 2024 11:50:23 GMT
etag: "ec2577e9fce5bd6c2feedb0274aba812"
expires: Thu, 12 Sep 2024 13:42:26 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
age: 3108
traceparent: 00-ff92714792075626040e9a0c8684ff63-23824ce651b38c68-01
x-id: osix-hw-edge-gc4
cache: HIT
x-cached-since: 2024-09-23T22:17:16+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-welcome-app-static/Desktop/Default/44136fa355b3/DNatjDJDjbd3.js

185.244.209.62

200 OK

16 kB

URL GET HTTP/2
v3.traincdn.com/sys-static/sys-welcome-app-static/Desktop/Default/44136fa355b3/DNatjDJDjbd3.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (15551)
Size
16 kB (15552 bytes)
Hash
29af30b5d8c5be6fccbc99c24fccb1fb
35f5522ae2c5cc332ad93fb4e8e65a5f29836cd3
094530eb4dfb0594c8fce49534c75401ef165af459bb7091ae77b1d973301e44

HTTP Headers

GET /sys-static/sys-welcome-app-static/Desktop/Default/44136fa355b3/DNatjDJDjbd3.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-81734.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:55 GMT
content-type: text/javascript; charset=utf-8
last-modified: Thu, 19 Sep 2024 15:15:47 GMT
etag: W/"29af30b5d8c5be6fccbc99c24fccb1fb"
x-amz-meta-mtime: 1726758816.48290587
content-encoding: gzip
expires: Sat, 21 Sep 2024 10:45:03 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-f9ea650344b095673353df58baafb473-bb7dcb08b689c159-01
x-id: osix-hw-edge-gc4
age: 43945
cache: HIT
x-cached-since: 2024-09-23T10:50:30+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/bonus-cms/o0Lc4Um7qhsMnfmxaC-2P2UzTwY-CCgy/goalless-football.webp

185.244.209.62

200 OK

42 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/bonus-cms/o0Lc4Um7qhsMnfmxaC-2P2UzTwY-CCgy/goalless-football.webp
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp
Size
42 kB (42384 bytes)
Hash
0d9a9490e40c80bb76926e7404a6bf07
c7d2af47279601aaf947a8d704593ee3142fe4ed
575d757cae49624374e230313b625976172f934a36b1c57c80fd2a51f1087048

HTTP Headers

GET /genfiles/bonus-cms/o0Lc4Um7qhsMnfmxaC-2P2UzTwY-CCgy/goalless-football.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:58 GMT
content-type: image/webp
content-length: 42384
last-modified: Fri, 24 May 2024 11:15:57 GMT
etag: "0d9a9490e40c80bb76926e7404a6bf07"
expires: Thu, 19 Sep 2024 20:54:53 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-236004ec5a27b6b84596f63783777b15-768d99a67632564d-01
x-id: osix-hw-edge-gc4
age: 1813
cache: HIT
x-cached-since: 2024-09-23T22:32:45+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

1xlite-81734.top/genfiles/cms/1-285/desktop/media_asset/aa61db5feb0a949dcfac0b46b138ae67.json

46.32.182.117

200 OK

3.6 kB

URL GET HTTP/2
1xlite-81734.top/genfiles/cms/1-285/desktop/media_asset/aa61db5feb0a949dcfac0b46b138ae67.json
IP
46.32.182.117:443
ASN
#0

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerLet's Encrypt
Subject1xlite-81734.top
Fingerprint0A:30:E7:1C:B7:AC:1C:34:8E:35:29:86:A0:0E:70:67:B5:74:52:63
ValidityMon, 26 Aug 2024 05:19:45 GMT - Sun, 24 Nov 2024 05:19:44 GMT

File type
ASCII text, with very long lines (3939), with no line terminators
Size
3.6 kB (3589 bytes)
Hash
63410960415707be85f93cecd28c3060
fab5b470488950fc6e1cdd3ebc1754250cd40794
873afc0bf3ded599ba39eddbbfde5cd702b335db947f3ee8463688519f8d4207

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/aa61db5feb0a949dcfac0b46b138ae67.json HTTP/1.1
Host: 1xlite-81734.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-81734.top/en/promotions/wheel-bet
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
x-svc-source: welcome-app
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=LiC2dWbx85pu/XJbA1lWAg==; window_width=1280; SESSION=6b782ee83bdc265152338b4c7f9fa0ac; che_g=9ad65ef7-763c-8096-f8b9-3db17d9dd1f0; sh.session.id=3a1f7004-a833-43a4-ac92-af0305b442cb
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:54 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Fri, 21 Jun 2024 12:59:31 GMT
etag: W/"9698af3a595411f2b2a9817cc6754004"
content-encoding: br
expires: Tue, 24 Sep 2024 00:02:54 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.010
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/percentage.jpg

0.0.0.0

0 B

URL GET
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/percentage.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/percentage.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

v3.traincdn.com/genfiles/cms/desktop/media_asset/607b54e01a9d00e79177cde0e561ef08.svg

185.244.209.62

200 OK

9.5 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/desktop/media_asset/607b54e01a9d00e79177cde0e561ef08.svg
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
9.5 kB (9453 bytes)
Hash
75ebfbcfbb3034fe37df9c844463b730
cbc734efc7bd221a284d2cc860685141ee213878
82f185eac004c3d8cdbbdef6885c1306da3634579bc7a666d10e0308c15c6ddc

HTTP Headers

GET /genfiles/cms/desktop/media_asset/607b54e01a9d00e79177cde0e561ef08.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:53 GMT
content-type: image/svg+xml
last-modified: Thu, 05 Sep 2024 08:13:39 GMT
etag: W/"bbbe8442429413a0c31608ae08d3c63f"
content-encoding: gzip
expires: Thu, 12 Sep 2024 11:21:48 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
age: 934
traceparent: 00-83298f0d4376fb61854f483ddf74af0e-f5eb1c883d42d8b4-01
x-id: osix-hw-edge-gc4
cache: HIT
x-cached-since: 2024-09-23T22:53:13+00:00
X-Firefox-Spdy: h2

widget.suphelper.top/_next/static/d1710da4/_buildManifest.js

172.64.148.184

200 OK

519 B

URL GET HTTP/2
widget.suphelper.top/_next/static/d1710da4/_buildManifest.js
IP
172.64.148.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://widget.suphelper.top/
Certificate
IssuerGoogle Trust Services
Subjectsuphelper.top
FingerprintE2:14:13:A8:92:BD:2F:EA:C0:71:F7:82:96:F9:E3:DC:19:7F:68:97
ValidityThu, 19 Sep 2024 08:52:18 GMT - Wed, 18 Dec 2024 08:52:17 GMT

File type
ASCII text, with very long lines (547), with no line terminators
Size
519 B (519 bytes)
Hash
1a17ba311339d50af673ca2352a16c62
e136bc08764d521d4187b9c5035a3a48e01f0ff8
8c81a490adcca4bb5c07bb5134e74b524cb646798fe0fbdb9c7567540a0dda10

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/d1710da4/_buildManifest.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 23 Sep 2024 23:02:53 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Wed, 11 Sep 2024 04:40:45 GMT
etag: W/"207-191df624591"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
age: 1096302
expires: Tue, 23 Sep 2025 23:02:53 GMT
server: cloudflare
cf-ray: 8c7e2a35ef0356c1-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/desktop/contact/146a3f0ea589812198d646192e522088.png

185.244.209.62

200 OK

8.4 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/desktop/contact/146a3f0ea589812198d646192e522088.png
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
PNG image data, 90 x 80, 8-bit/color RGBA, non-interlaced
Size
8.4 kB (8399 bytes)
Hash
1790ef029090c49237be19f326f98d20
2c727bff6a57526d3064fb0912bb4ecab708fc07
31b64339db0deddc22916032bb19b71fc7ee1a3885560f39de271df5dca91449

HTTP Headers

GET /genfiles/cms/desktop/contact/146a3f0ea589812198d646192e522088.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:57 GMT
content-type: image/png
content-length: 8399
last-modified: Mon, 09 Sep 2024 06:55:45 GMT
etag: "1790ef029090c49237be19f326f98d20"
expires: Mon, 09 Sep 2024 08:06:11 GMT
cache-control: max-age=3600
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
age: 537
traceparent: 00-963986fe7489f5e01f582bc810cfe011-c59953927f3f79d8-01
x-id: osix-hw-edge-gc4
cache: HIT
x-cached-since: 2024-09-23T23:00:30+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/birthday.jpg

0.0.0.0

0 B

URL GET
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/birthday.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/birthday.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

widget.suphelper.top/_next/static/chunks/1743016e-d00d67a74426f155.js

172.64.148.184

200 OK

481 kB

URL GET HTTP/2
widget.suphelper.top/_next/static/chunks/1743016e-d00d67a74426f155.js
IP
172.64.148.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://widget.suphelper.top/
Certificate
IssuerGoogle Trust Services
Subjectsuphelper.top
FingerprintE2:14:13:A8:92:BD:2F:EA:C0:71:F7:82:96:F9:E3:DC:19:7F:68:97
ValidityThu, 19 Sep 2024 08:52:18 GMT - Wed, 18 Dec 2024 08:52:17 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
481 kB (480579 bytes)
Hash
46260bb46d51262abee818c0c3bcf1c6
fe3be222aec74704fad1fa2559788b1fa287094a
20700e65659e04d422580d9c792ba811b7b76de4ec1b3163c284af83bd5a7d6c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/1743016e-d00d67a74426f155.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 23 Sep 2024 23:02:53 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Wed, 17 Jan 2024 06:19:55 GMT
etag: W/"75543-18d161388b8"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 8865456
expires: Tue, 23 Sep 2025 23:02:53 GMT
server: cloudflare
cf-ray: 8c7e2a35ded856c1-OSL
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-v3-host-app-static/Desktop/Default/44136fa355b3/B11IYZpWEsTn.css

185.244.209.62

200 OK

1.5 kB

URL GET HTTP/2
v3.traincdn.com/sys-static/sys-v3-host-app-static/Desktop/Default/44136fa355b3/B11IYZpWEsTn.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (1505), with no line terminators
Size
1.5 kB (1504 bytes)
Hash
61d4a92d15e75fdb20cdaf08fcf707b5
efc8897557a9726fa5e71884cba19ba96ad06ee0
1161142faa525a10706abae4326d0c51fbbb6daa991a107d7ffd34daa795d364

HTTP Headers

GET /sys-static/sys-v3-host-app-static/Desktop/Default/44136fa355b3/B11IYZpWEsTn.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:53 GMT
content-type: text/css; charset=utf-8
last-modified: Fri, 20 Sep 2024 12:07:48 GMT
etag: W/"d2229d094da043a177fdce7c1860ed1f"
x-amz-meta-mtime: 1726833869.307249167
content-encoding: gzip
expires: Sun, 22 Sep 2024 10:31:48 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-420dce5887546096d0167a410e7eeb7e-e89c36774924bbe8-01
x-id: osix-hw-edge-gc4
age: 44861
cache: HIT
x-cached-since: 2024-09-23T10:35:12+00:00
X-Firefox-Spdy: h2

1xlite-81734.top/genfiles/cms/1-285/desktop/media_asset/1b971b84fe10ebd62b918973bbbce120.json

46.32.182.117

200 OK

406 B

URL GET HTTP/2
1xlite-81734.top/genfiles/cms/1-285/desktop/media_asset/1b971b84fe10ebd62b918973bbbce120.json
IP
46.32.182.117:443
ASN
#0

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerLet's Encrypt
Subject1xlite-81734.top
Fingerprint0A:30:E7:1C:B7:AC:1C:34:8E:35:29:86:A0:0E:70:67:B5:74:52:63
ValidityMon, 26 Aug 2024 05:19:45 GMT - Sun, 24 Nov 2024 05:19:44 GMT

File type
ASCII text, with very long lines (448), with no line terminators
Size
406 B (406 bytes)
Hash
b03e27529cf4744deb0b02c09afaaadb
c978f024470dc7c8d7d5d13a2d52ecf8fad291da
eb793dab621b90af9cbe649e359928fe5d9517390e9d20c66d9be5f7e0305e12

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/1b971b84fe10ebd62b918973bbbce120.json HTTP/1.1
Host: 1xlite-81734.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-81734.top/en/promotions/wheel-bet
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
x-svc-source: welcome-app
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=LiC2dWbx85pu/XJbA1lWAg==; window_width=1280; SESSION=6b782ee83bdc265152338b4c7f9fa0ac; che_g=9ad65ef7-763c-8096-f8b9-3db17d9dd1f0; sh.session.id=3a1f7004-a833-43a4-ac92-af0305b442cb
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:54 GMT
content-type: application/json
content-length: 406
last-modified: Wed, 05 Jun 2024 07:44:12 GMT
etag: "39fde6a5275961cbbab7d73f1235f56e"
expires: Tue, 24 Sep 2024 00:02:54 GMT
cache-control: max-age=3600
x-time-ng: 0.000
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.010
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/bonus-cms/ILFHwRVBgVkpo3jvkTufQyW8hSLpOTtJ/crash-tournament-slider.jpg

0.0.0.0

0 B

URL GET
v3.traincdn.com/genfiles/bonus-cms/ILFHwRVBgVkpo3jvkTufQyW8hSLpOTtJ/crash-tournament-slider.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /genfiles/bonus-cms/ILFHwRVBgVkpo3jvkTufQyW8hSLpOTtJ/crash-tournament-slider.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/1404bac27dd67699df607a17fe47ef42.json

185.244.209.62

200 OK

884 B

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/1404bac27dd67699df607a17fe47ef42.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (974), with no line terminators
Size
884 B (884 bytes)
Hash
73177e72cd29dd7ce6b1b687d5e81dc0
5ae507604a9e46ffa8a9eec733d41ff4e77441b9
1de297b5b2bc3a2d536ab86a5f6629798f5e26712d3ce377b272e8badb8ba5c5

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/1404bac27dd67699df607a17fe47ef42.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-81734.top/
Origin: https://1xlite-81734.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:57 GMT
content-type: application/json
content-length: 884
last-modified: Thu, 16 May 2024 20:10:14 GMT
etag: "c2eb16bc46aea587d16e3eb8bff889ad"
expires: Thu, 12 Sep 2024 13:42:26 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
age: 3367
traceparent: 00-9280322844c9aeffc07cfb6dd0e059e9-dc216a5b323348a5-01
x-id: osix-hw-edge-gc4
cache: HIT
x-cached-since: 2024-09-23T22:28:05+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-v3-host-app-static/Desktop/Default/44136fa355b3/Cl5-fHQqz6Ie.js

185.244.209.62

200 OK

37 kB

URL GET HTTP/2
v3.traincdn.com/sys-static/sys-v3-host-app-static/Desktop/Default/44136fa355b3/Cl5-fHQqz6Ie.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type

Size
37 kB (36950 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sys-static/sys-v3-host-app-static/Desktop/Default/44136fa355b3/Cl5-fHQqz6Ie.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-81734.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:53 GMT
content-type: text/javascript; charset=utf-8
last-modified: Mon, 23 Sep 2024 12:46:26 GMT
etag: W/"89d1826d8cc83f81e68d9591119866cf"
x-amz-meta-mtime: 1727095475.943889596
content-encoding: gzip
expires: Tue, 24 Sep 2024 12:58:32 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-7344130206b5e867b8f00f7fbdfdc697-e77438c87fc9dd6b-01
x-id: osix-hw-edge-gc4
age: 35951
cache: HIT
x-cached-since: 2024-09-23T13:03:42+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/express.webp

185.244.209.62

200 OK

26 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/express.webp
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp
Size
26 kB (26210 bytes)
Hash
76f4f94caeacb3ea3e799f76517c2e77
e4532a2e775a346d81f16c0964b9bfc8cb679842
ac636f011f118593e402c29660bda51edb682670d22b82ca018d05faf7f1e18d

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/express.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:58 GMT
content-type: image/webp
content-length: 26210
last-modified: Fri, 12 May 2023 08:45:56 GMT
etag: "76f4f94caeacb3ea3e799f76517c2e77"
expires: Thu, 12 Sep 2024 11:23:23 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc93
age: 2096
x-cached-since: 2024-09-12T10:23:23+00:00
traceparent: 00-e75a73217e9aef2ad63a326946d43889-cfa11ae23baf32c1-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/shared-assets/__shared_chunk_Y7BFQXXC.js

185.244.209.62

200 OK

1.0 kB

URL GET HTTP/2
v3.traincdn.com/sys-static/shared-assets/__shared_chunk_Y7BFQXXC.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (1036), with no line terminators
Size
1.0 kB (1025 bytes)
Hash
305de1535e3f2a45efa2f1dd096f496e
9fd79178b39d8a196f9f3640758cc5285f5914fd
9b0fc84933536e9c4ca4b8013f656f393c6073e746901340133cbc11059aec46

HTTP Headers

GET /sys-static/shared-assets/__shared_chunk_Y7BFQXXC.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-81734.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:52 GMT
content-type: text/javascript; charset=utf-8
last-modified: Mon, 23 Sep 2024 08:43:56 GMT
etag: W/"8fecd56fc5520134f3c39b17431fe0c2"
x-amz-meta-mtime: 1727080818.512238094
content-encoding: gzip
expires: Tue, 24 Sep 2024 10:21:59 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-a987ee4aff3f525d18f4863aeb04e2ed-d5ca72a0c983bb8b-01
x-id: osix-hw-edge-gc4
age: 45444
cache: HIT
x-cached-since: 2024-09-23T10:25:28+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-v3-host-app-static/Desktop/Default/44136fa355b3/BXuyvIFDjkMF.css

185.244.209.62

200 OK

27 kB

URL GET HTTP/2
v3.traincdn.com/sys-static/sys-v3-host-app-static/Desktop/Default/44136fa355b3/BXuyvIFDjkMF.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (26993)
Size
27 kB (26994 bytes)
Hash
8672f3c52e8b561f74d6241df53fce1c
e1ef03249f9389dca2e8751c1f717a1e56bd85d0
5b3e15684d77532bb4ac756935fa7c29ff4258199298e8b0daff071d72559646

HTTP Headers

GET /sys-static/sys-v3-host-app-static/Desktop/Default/44136fa355b3/BXuyvIFDjkMF.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:52 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 23 Sep 2024 12:46:25 GMT
etag: W/"8672f3c52e8b561f74d6241df53fce1c"
x-amz-meta-mtime: 1727095475.943889596
content-encoding: gzip
expires: Tue, 24 Sep 2024 12:58:23 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-55c80c49c8dceadbe5887f4f56fd29be-fe91bc773b4491ba-01
x-id: osix-hw-edge-gc4
age: 36201
cache: HIT
x-cached-since: 2024-09-23T12:59:31+00:00
X-Firefox-Spdy: h2

widget.suphelper.top/_next/static/chunks/main-39d1bca7561ea264.js

172.64.148.184

200 OK

114 kB

URL GET HTTP/2
widget.suphelper.top/_next/static/chunks/main-39d1bca7561ea264.js
IP
172.64.148.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://widget.suphelper.top/
Certificate
IssuerGoogle Trust Services
Subjectsuphelper.top
FingerprintE2:14:13:A8:92:BD:2F:EA:C0:71:F7:82:96:F9:E3:DC:19:7F:68:97
ValidityThu, 19 Sep 2024 08:52:18 GMT - Wed, 18 Dec 2024 08:52:17 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
114 kB (113867 bytes)
Hash
e35b5ea2a5ec21d28d01a32a1f37f315
207e8d27407432cc613e316575516469a03a44a7
6934a20100be7289ed7058aa80d771c08913c52cf94b4dc979dca9f31bad67f8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/main-39d1bca7561ea264.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 23 Sep 2024 23:02:53 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Thu, 13 Jun 2024 16:30:36 GMT
etag: W/"1bccb-190126fd09d"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
age: 6961904
expires: Tue, 23 Sep 2025 23:02:53 GMT
server: cloudflare
cf-ray: 8c7e2a35ced256c1-OSL
X-Firefox-Spdy: h2

1xlite-81734.top/seo-module-api/api/v1/visual?language=en&domain=1xlite-81734.top&timezone=2&stream=bonus&section=rules&project[id]=285

46.32.182.117

200 OK

4.1 kB

URL GET HTTP/2
1xlite-81734.top/seo-module-api/api/v1/visual?language=en&domain=1xlite-81734.top&timezone=2&stream=bonus&section=rules&project[id]=285
IP
46.32.182.117:443
ASN
#0

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerLet's Encrypt
Subject1xlite-81734.top
Fingerprint0A:30:E7:1C:B7:AC:1C:34:8E:35:29:86:A0:0E:70:67:B5:74:52:63
ValidityMon, 26 Aug 2024 05:19:45 GMT - Sun, 24 Nov 2024 05:19:44 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (4111), with no line terminators
Size
4.1 kB (4096 bytes)
Hash
49b4c3e12c8ffa771a6787f447acd2c5
bdb9a2e873e396ae8575ad2b2dc32e8d661c0ffc
1f5330e51afb5636003ef54c82e8d610c605ed1c6d21292978756a0331d6b256

HTTP Headers

GET /seo-module-api/api/v1/visual?language=en&domain=1xlite-81734.top&timezone=2&stream=bonus&section=rules&project[id]=285 HTTP/1.1
Host: 1xlite-81734.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-81734.top/en/bonus/rules
content-type: application/json
x-requested-with: XMLHttpRequest
x-geoip2-country-code: ru
sub-request-id: adfcc1fa157d492f902eb947cebf0ec8
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=LiC2dWbx85pu/XJbA1lWAg==; window_width=0; SESSION=6b782ee83bdc265152338b4c7f9fa0ac; che_g=9ad65ef7-763c-8096-f8b9-3db17d9dd1f0; sh.session.id=3a1f7004-a833-43a4-ac92-af0305b442cb; application_locale=en; _ga_7V60YW2S5H=GS1.1.1727132576.1.0.1727132576.60.0.1278065544; _ga=GA1.1.1301150341.1727132576
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:57 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: max-age=2400, must-revalidate, public, s-maxage=3600, stale-if-error=86400, stale-while-revalidate=300
x-content-digest: enbd438ef2450f2d85ef58169a99c85ec0
age: 0
x-request-id: 16d2229584089a9f424304d5a624fd39
x-request-guid: 16d2229584089a9f424304d5a624fd39
x-time-ng: 0.009
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: p;dur=8.7399482727051, wf-uht;dur=0.018
X-Firefox-Spdy: h2

1xlite-81734.top/sys-v3-host-app-front/en/promotions/wheel-bet

46.32.182.117

200 OK

160 kB

URL GET HTTP/2
1xlite-81734.top/sys-v3-host-app-front/en/promotions/wheel-bet
IP
46.32.182.117:443
ASN
#0

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerLet's Encrypt
Subject1xlite-81734.top
Fingerprint0A:30:E7:1C:B7:AC:1C:34:8E:35:29:86:A0:0E:70:67:B5:74:52:63
ValidityMon, 26 Aug 2024 05:19:45 GMT - Sun, 24 Nov 2024 05:19:44 GMT

File type

Size
160 kB (159607 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sys-v3-host-app-front/en/promotions/wheel-bet HTTP/1.1
Host: 1xlite-81734.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-81734.top/en/promotions/wheel-bet
content-type: application/json
x-requested-with: XMLHttpRequest
mf-render-mode: json
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=LiC2dWbx85pu/XJbA1lWAg==; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:52 GMT
content-type: application/json
server-timing: total;dur=22;desc="Total __V3_HOST_APP__", dt_total;dur=23.641, wf-uht;dur=0.044
set-cookie: tzo=2; Path=/
vary: Accept-Encoding, Accept-Encoding
x-dt: 285
content-encoding: br
x-time-ng: 0.025
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

widget.suphelper.top/_next/static/chunks/7413e8b9-8adee4b5b5407a55.js

172.64.148.184

200 OK

78 kB

URL GET HTTP/2
widget.suphelper.top/_next/static/chunks/7413e8b9-8adee4b5b5407a55.js
IP
172.64.148.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://widget.suphelper.top/
Certificate
IssuerGoogle Trust Services
Subjectsuphelper.top
FingerprintE2:14:13:A8:92:BD:2F:EA:C0:71:F7:82:96:F9:E3:DC:19:7F:68:97
ValidityThu, 19 Sep 2024 08:52:18 GMT - Wed, 18 Dec 2024 08:52:17 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
78 kB (77801 bytes)
Hash
dc6852529f28802d37affa5953d07260
4edd220fe8df4b009a1775ebe57f19d40999659f
4aefb18221e4fb46818b0f52302b7c7717e45701e26990726cce645d8c80ed84

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/7413e8b9-8adee4b5b5407a55.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 23 Sep 2024 23:02:53 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Mon, 22 Jan 2024 07:49:06 GMT
etag: W/"12fe9-18d3024f9c4"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 6961904
expires: Tue, 23 Sep 2025 23:02:53 GMT
server: cloudflare
cf-ray: 8c7e2a35deda56c1-OSL
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/multiply2.jpg

0.0.0.0

0 B

URL GET
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/multiply2.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/multiply2.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

v3.traincdn.com/sys-static/sys-v3-host-app-static/Desktop/Default/44136fa355b3/Cij4nvDaSL9v.js

185.244.209.62

200 OK

5.6 kB

URL GET HTTP/2
v3.traincdn.com/sys-static/sys-v3-host-app-static/Desktop/Default/44136fa355b3/Cij4nvDaSL9v.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (5666), with no line terminators
Size
5.6 kB (5607 bytes)
Hash
8a9247076587303725e694b61f908a8f
b4521c989ac8f3882bb122f1c51f555e61402a8d
f30a23d1738e850fd789a3f340e5a1ee43397319ba1d1b2bfb58a0a6947050af

HTTP Headers

GET /sys-static/sys-v3-host-app-static/Desktop/Default/44136fa355b3/Cij4nvDaSL9v.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-81734.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:54 GMT
content-type: text/javascript; charset=utf-8
last-modified: Mon, 23 Sep 2024 12:46:25 GMT
etag: W/"4651cb5599cadf4ac19809f0cad0d8b1"
x-amz-meta-mtime: 1727095475.943889596
content-encoding: gzip
expires: Tue, 24 Sep 2024 12:58:32 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-3badcbd61f15703b29bee540e3bcc35b-422e6029b96b1be8-01
x-id: osix-hw-edge-gc4
age: 36198
cache: HIT
x-cached-since: 2024-09-23T12:59:36+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/toto-free.webp

185.244.209.62

200 OK

15 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/toto-free.webp
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp
Size
15 kB (15338 bytes)
Hash
d1c9cf33b4078a369a2ec162bbc4ec00
8b3a2ec69ed7f3dc2bc597cd49cc4e149c016930
d1dd361e05319a43656238aeb770d4b179ac281cfcbacc4b1f250517fabb442f

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/toto-free.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:58 GMT
content-type: image/webp
content-length: 15338
last-modified: Thu, 29 Jun 2023 09:22:43 GMT
etag: "d1c9cf33b4078a369a2ec162bbc4ec00"
expires: Thu, 12 Sep 2024 11:21:23 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
age: 2216
x-cached-since: 2024-09-12T10:21:23+00:00
traceparent: 00-4585ceb3409cf76a204e8bb4db6f2a6e-dce9b4c36b0cbae6-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

widget.suphelper.top/_next/static/chunks/pages/_app-e933266831ae8be2.js

172.64.148.184

200 OK

967 kB

URL GET HTTP/2
widget.suphelper.top/_next/static/chunks/pages/_app-e933266831ae8be2.js
IP
172.64.148.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://widget.suphelper.top/
Certificate
IssuerGoogle Trust Services
Subjectsuphelper.top
FingerprintE2:14:13:A8:92:BD:2F:EA:C0:71:F7:82:96:F9:E3:DC:19:7F:68:97
ValidityThu, 19 Sep 2024 08:52:18 GMT - Wed, 18 Dec 2024 08:52:17 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
967 kB (967243 bytes)
Hash
d7f6cf37ec6dd8ff2db3476162fed010
0cf9c6fd3fee47aafa44c9ed9cc8a3c4d6d77b4c
f3dc63c6596dd8744bfabbe28bd3c65cc9fb0bd4de894b060f8d69844f524e09

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/pages/_app-e933266831ae8be2.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 23 Sep 2024 23:02:53 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Wed, 11 Sep 2024 04:40:45 GMT
etag: W/"ec24b-191df624591"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
age: 1096285
expires: Tue, 23 Sep 2025 23:02:53 GMT
server: cloudflare
cf-ray: 8c7e2a35ced556c1-OSL
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/2e87e0e551bcdfea3510c6fa90a32e02.json

185.244.209.62

200 OK

3.9 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/2e87e0e551bcdfea3510c6fa90a32e02.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (4283), with no line terminators
Size
3.9 kB (3887 bytes)
Hash
4952d1e435abb3aef965b16b331ff58e
d9da78536d10669aca31cb77537ce621eaf5ab55
60c3b87e4b2a926e257b48b58c9c78d999e41c060cd8d94e245b0ad142de55db

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/2e87e0e551bcdfea3510c6fa90a32e02.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-81734.top/
Origin: https://1xlite-81734.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:52 GMT
content-type: application/json
last-modified: Thu, 05 Sep 2024 13:16:34 GMT
etag: W/"0a41e28a05df5d2ccef52516c647bb59"
content-encoding: gzip
expires: Thu, 12 Sep 2024 13:42:11 GMT
cache-control: max-age=3600
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
age: 5893
traceparent: 00-52c72b9bb5cdccfb09f97e394b172cf4-86ee48d3a0da1a2d-01
x-id: osix-hw-edge-gc4
cache: HIT
x-cached-since: 2024-09-23T22:17:18+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-welcome-app-static/Desktop/Default/44136fa355b3/Bid74MqbobEd.js

185.244.209.62

200 OK

3.9 kB

URL GET HTTP/2
v3.traincdn.com/sys-static/sys-welcome-app-static/Desktop/Default/44136fa355b3/Bid74MqbobEd.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (4028), with no line terminators
Size
3.9 kB (3878 bytes)
Hash
5fc2ecb89816dd0a7f2fa8c8ecbd26df
2882692ac937ddd1fde85ce82a7f64a001792414
dd2fb0da87cbacb517d760ce76a74d5fd59296a54ef1a2c5ada84eff136702f7

HTTP Headers

GET /sys-static/sys-welcome-app-static/Desktop/Default/44136fa355b3/Bid74MqbobEd.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-81734.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:55 GMT
content-type: text/javascript; charset=utf-8
last-modified: Thu, 19 Sep 2024 15:15:47 GMT
etag: W/"a90cba07af77f93da2a574d523da0428"
x-amz-meta-mtime: 1726758816.458905813
content-encoding: gzip
expires: Sat, 21 Sep 2024 09:44:33 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-078b89fa2f568de143bc7eef7bd1e8d6-c1aba6e223b4dade-01
x-id: osix-hw-edge-gc4
age: 46547
cache: HIT
x-cached-since: 2024-09-23T10:07:08+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-welcome-app-static/Desktop/Default/44136fa355b3/DJj1CGvAFBuN.js

185.244.209.62

200 OK

1.4 kB

URL GET HTTP/2
v3.traincdn.com/sys-static/sys-welcome-app-static/Desktop/Default/44136fa355b3/DJj1CGvAFBuN.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (1459), with no line terminators
Size
1.4 kB (1410 bytes)
Hash
b39faf43faa3d696bbf7d7297e92b49f
43a7ecc88465c725addc26a7a4f014a99a829025
b92258e31be1fc92383c75f59c8f6268cbdbfeec8cc7cef98b860f266b62ec2b

HTTP Headers

GET /sys-static/sys-welcome-app-static/Desktop/Default/44136fa355b3/DJj1CGvAFBuN.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-81734.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:55 GMT
content-type: text/javascript; charset=utf-8
last-modified: Thu, 19 Sep 2024 15:15:47 GMT
etag: W/"d002dd7240d156878dd0aef4ca07502c"
x-amz-meta-mtime: 1726758816.474905851
content-encoding: gzip
expires: Sat, 21 Sep 2024 09:57:44 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-312215c8f7140091bc701f644c017627-6e1f054314b5ea5e-01
x-id: osix-hw-edge-gc4
age: 46547
cache: HIT
x-cached-since: 2024-09-23T10:07:08+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/race.webp

185.244.209.62

200 OK

20 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/race.webp
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp
Size
20 kB (19644 bytes)
Hash
ec7e490ee95bbfcbe0960d591252044e
5436d493fbcf370a21f5c3dde65d24d4fd535e9a
8d40342db2cb8b1792f7833eb91a9f7f29f8ce0a5136b2bb944b7e2d2db69722

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/race.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:58 GMT
content-type: image/webp
content-length: 19644
last-modified: Tue, 04 Jul 2023 07:12:14 GMT
etag: "ec7e490ee95bbfcbe0960d591252044e"
expires: Thu, 12 Sep 2024 11:23:12 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc93
age: 2107
x-cached-since: 2024-09-12T10:23:12+00:00
traceparent: 00-9681798b3f8cc8f3b0676818abf103ba-1c471256ce4094f0-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-welcome-app-static/Desktop/Default/44136fa355b3/MAykKkuE6NfU.css

185.244.209.62

200 OK

40 kB

URL GET HTTP/2
v3.traincdn.com/sys-static/sys-welcome-app-static/Desktop/Default/44136fa355b3/MAykKkuE6NfU.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (39986)
Size
40 kB (39987 bytes)
Hash
d9d269e5745b31aea63f1af8aa2e00b5
c5e507011a66b644cc7e9f08f8a82d463d68bb1c
869c208c449eb7989cd95f5dd0f447c17d641346e44e6eca99b3ec1cd29a8927

HTTP Headers

GET /sys-static/sys-welcome-app-static/Desktop/Default/44136fa355b3/MAykKkuE6NfU.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:52 GMT
content-type: text/css; charset=utf-8
last-modified: Thu, 19 Sep 2024 15:15:47 GMT
etag: W/"d9d269e5745b31aea63f1af8aa2e00b5"
x-amz-meta-mtime: 1726758816.478905861
content-encoding: gzip
expires: Sat, 21 Sep 2024 10:44:44 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-5a82f2859df6a42b5a3bc0386d5d0c32-7a0eca7e5bc4b93e-01
x-id: osix-hw-edge-gc4
age: 43944
cache: HIT
x-cached-since: 2024-09-23T10:50:28+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-welcome-app-static/Desktop/Default/44136fa355b3/BHDubfAE-1MM.js

185.244.209.62

200 OK

31 kB

URL GET HTTP/2
v3.traincdn.com/sys-static/sys-welcome-app-static/Desktop/Default/44136fa355b3/BHDubfAE-1MM.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type

Size
31 kB (30661 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sys-static/sys-welcome-app-static/Desktop/Default/44136fa355b3/BHDubfAE-1MM.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-81734.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:55 GMT
content-type: text/javascript; charset=utf-8
last-modified: Thu, 19 Sep 2024 15:15:47 GMT
etag: W/"2f939e01593633f8ccfe711d271f86e8"
x-amz-meta-mtime: 1726758816.446905785
content-encoding: gzip
expires: Sat, 21 Sep 2024 10:45:01 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-70977c43014a1dd9acd186091ebea9a1-ccaccc9daaa40898-01
x-id: osix-hw-edge-gc4
age: 43945
cache: HIT
x-cached-since: 2024-09-23T10:50:30+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/express.jpg

0.0.0.0

0 B

URL GET
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/express.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/express.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

v3.traincdn.com/sys-static/sys-welcome-app-static/Desktop/Default/44136fa355b3/LpKMx-vCQpqW.js

185.244.209.62

200 OK

39 kB

URL GET HTTP/2
v3.traincdn.com/sys-static/sys-welcome-app-static/Desktop/Default/44136fa355b3/LpKMx-vCQpqW.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type

Size
39 kB (38982 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sys-static/sys-welcome-app-static/Desktop/Default/44136fa355b3/LpKMx-vCQpqW.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-81734.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:55 GMT
content-type: text/javascript; charset=utf-8
last-modified: Thu, 19 Sep 2024 15:15:47 GMT
etag: W/"07a652bf449c814ae60d894415daa198"
x-amz-meta-mtime: 1726758816.478905861
content-encoding: gzip
expires: Sat, 21 Sep 2024 09:57:44 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-b37ad066ac002a8dcd4ceca077b991ae-98aec305ebb29465-01
x-id: osix-hw-edge-gc4
age: 46547
cache: HIT
x-cached-since: 2024-09-23T10:07:08+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-welcome-app-static/Desktop/Default/44136fa355b3/LSnbPbic1-6E.js

185.244.209.62

200 OK

32 kB

URL GET HTTP/2
v3.traincdn.com/sys-static/sys-welcome-app-static/Desktop/Default/44136fa355b3/LSnbPbic1-6E.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type

Size
32 kB (32242 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sys-static/sys-welcome-app-static/Desktop/Default/44136fa355b3/LSnbPbic1-6E.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-81734.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:55 GMT
content-type: text/javascript; charset=utf-8
last-modified: Thu, 19 Sep 2024 15:15:47 GMT
etag: W/"9cbef5ed26e4c09b6574d8f0f2683f4d"
x-amz-meta-mtime: 1726758816.478905861
content-encoding: gzip
expires: Sat, 21 Sep 2024 09:57:09 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-6c93d5b74e8ef83d7d94861a3e5c9089-1d03c54b070b5e69-01
x-id: osix-hw-edge-gc4
age: 46547
cache: HIT
x-cached-since: 2024-09-23T10:07:08+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/bonus-cms/rSdLvP2aYmgvJLItLjaZg4raJt9VG51o/beat-games.webp

185.244.209.62

200 OK

44 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/bonus-cms/rSdLvP2aYmgvJLItLjaZg4raJt9VG51o/beat-games.webp
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp
Size
44 kB (43882 bytes)
Hash
20dedacf640c564c853760715b3b8f6a
5ab41134eebb79c619625020640f672c45914314
4775f6fbc8ab511be3e1ea9f83f1d2a3ecd982608f2314b62971c47042476995

HTTP Headers

GET /genfiles/bonus-cms/rSdLvP2aYmgvJLItLjaZg4raJt9VG51o/beat-games.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:58 GMT
content-type: image/webp
content-length: 43882
last-modified: Fri, 26 Apr 2024 12:21:50 GMT
etag: "20dedacf640c564c853760715b3b8f6a"
expires: Thu, 12 Sep 2024 11:21:23 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
age: 4029
traceparent: 00-c40b7dbeb340b8cd2aaf97093f112c81-faadbec1183b8265-01
x-id: osix-hw-edge-gc4
cache: HIT
x-cached-since: 2024-09-23T22:32:45+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-v3-host-app-static/Desktop/Default/44136fa355b3/9695PIq6D6Ym.css

185.244.209.62

200 OK

1.3 kB

URL GET HTTP/2
v3.traincdn.com/sys-static/sys-v3-host-app-static/Desktop/Default/44136fa355b3/9695PIq6D6Ym.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (1268), with no line terminators
Size
1.3 kB (1267 bytes)
Hash
e99c5db150223a2992d7a91d766cb87d
4570324cacdd40fc9d43fded4bf4bf206df055df
4f4f72b5051e3b017d45c08919cde68e7244b03e14212b5e8b3e9e6045ffd1c5

HTTP Headers

GET /sys-static/sys-v3-host-app-static/Desktop/Default/44136fa355b3/9695PIq6D6Ym.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:53 GMT
content-type: text/css; charset=utf-8
last-modified: Fri, 20 Sep 2024 12:07:48 GMT
etag: W/"b5f230ad2e5081f16d932becd4925319"
x-amz-meta-mtime: 1726833869.307249167
content-encoding: gzip
expires: Sun, 22 Sep 2024 09:58:02 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-72ce293048047e04a87641729a42ebef-5d05d45d24ecd583-01
x-id: osix-hw-edge-gc4
age: 46549
cache: HIT
x-cached-since: 2024-09-23T10:07:04+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/loss20.jpg

0.0.0.0

0 B

URL GET
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/loss20.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/loss20.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/hyper-bonus.jpg

0.0.0.0

0 B

URL GET
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/hyper-bonus.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/hyper-bonus.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

v3.traincdn.com/genfiles/cms/desktop/contact/10267a74361118a4ee8c5a10e136f87c.png

185.244.209.62

200 OK

7.4 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/desktop/contact/10267a74361118a4ee8c5a10e136f87c.png
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
PNG image data, 169 x 183, 8-bit colormap, non-interlaced
Size
7.4 kB (7420 bytes)
Hash
8ea23d2a7c2e152564a43453425b3301
f6e61dbb4b90ab17f23130d79af095a1267b01c3
e193b50c6e3a1657a7c7e1100b941a43c90eeda8f9d56763318ac624eeba2cbd

HTTP Headers

GET /genfiles/cms/desktop/contact/10267a74361118a4ee8c5a10e136f87c.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:57 GMT
content-type: image/png
content-length: 7420
last-modified: Tue, 11 Apr 2023 22:45:53 GMT
etag: "8ea23d2a7c2e152564a43453425b3301"
expires: Thu, 12 Sep 2024 11:21:49 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc93
age: 3393
traceparent: 00-282d0a13df98fbed573832541899c4f6-69d19f18261b0dca-01
x-id: osix-hw-edge-gc4
cache: HIT
x-cached-since: 2024-09-23T22:19:52+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/bonus-cms/tCgrsiUvSuvHwN_auv6E3SykKja_O-DD/esportsera.jpg

185.244.209.62

200 OK

0 B

URL GET HTTP/2
v3.traincdn.com/genfiles/bonus-cms/tCgrsiUvSuvHwN_auv6E3SykKja_O-DD/esportsera.jpg
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /genfiles/bonus-cms/tCgrsiUvSuvHwN_auv6E3SykKja_O-DD/esportsera.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:57 GMT
content-type: image/jpeg
content-length: 25018
last-modified: Wed, 26 Jun 2024 09:03:05 GMT
etag: "80dc5f61a1f17f54cf681b301cd5bef8"
expires: Thu, 12 Sep 2024 11:21:33 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc93
age: 4828
traceparent: 00-86478e706afb7ea40166cb328f0301ed-93d58ced20af4f70-01
x-id: osix-hw-edge-gc4
cache: HIT
x-cached-since: 2024-09-23T22:32:45+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

1xlite-81734.top/session-api/sessions/user

46.32.182.117

200 OK

16 B

URL GET HTTP/2
1xlite-81734.top/session-api/sessions/user
IP
46.32.182.117:443
ASN
#0

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerLet's Encrypt
Subject1xlite-81734.top
Fingerprint0A:30:E7:1C:B7:AC:1C:34:8E:35:29:86:A0:0E:70:67:B5:74:52:63
ValidityMon, 26 Aug 2024 05:19:45 GMT - Sun, 24 Nov 2024 05:19:44 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
16 B (16 bytes)
Hash
e859dc444ba1b16d61fc7ef4d49f6221
74b64b844cd3ee1f6f10af45d48f903d19eb5de8
463f5d8eda71b0f5a5e583250b44d7c0d2b5bb5a85621310f05d3c3e8b2e94e6

HTTP Headers

GET /session-api/sessions/user HTTP/1.1
Host: 1xlite-81734.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-81734.top/en/promotions/wheel-bet
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=LiC2dWbx85pu/XJbA1lWAg==; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:52 GMT
content-type: application/json
vary: Accept-Encoding
set-cookie: SESSION=5935ae93848e8e7ed981ae709fb51266; path=/; secure; HttpOnly; SameSite=Lax
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-encoding: br
x-time-ng: 0.001, 0.001
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.011
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/shared-assets/__shared_sweetalert2_X3CQ7PJQ.js

185.244.209.62

200 OK

69 kB

URL GET HTTP/2
v3.traincdn.com/sys-static/shared-assets/__shared_sweetalert2_X3CQ7PJQ.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (32238)
Size
69 kB (68856 bytes)
Hash
138de5d55ee831195dd90bbf5c557926
4413082980942643803d8d4567df2f8395c0e868
55a6d9d38b0c68a21367ae7ae43333bfa61e2eddd38b2376eb5b192f0a0383cd

HTTP Headers

GET /sys-static/shared-assets/__shared_sweetalert2_X3CQ7PJQ.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-81734.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:52 GMT
content-type: text/javascript; charset=utf-8
last-modified: Mon, 23 Sep 2024 09:22:45 GMT
etag: W/"138de5d55ee831195dd90bbf5c557926"
x-amz-meta-mtime: 1727083237.631739032
content-encoding: gzip
expires: Tue, 24 Sep 2024 10:21:59 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-798e0a5921e7fd54710afc73e3b47b2a-c3bdd5f36d68e1af-01
x-id: osix-hw-edge-gc4
age: 45444
cache: HIT
x-cached-since: 2024-09-23T10:25:28+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/1ad4c6c0565909337ccda98b53b0811c.json

185.244.209.62

200 OK

2.6 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/1ad4c6c0565909337ccda98b53b0811c.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (2849), with no line terminators
Size
2.6 kB (2603 bytes)
Hash
972e9830a40ef5fa8fc0f237497a0579
b56daf1f4ff1d0b52fba7aebdff506b9f84f36d8
6287511d64574cbdf7351d011239140e8ca01cf52ae0742c78e02687ba387ad1

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/1ad4c6c0565909337ccda98b53b0811c.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-81734.top/
Origin: https://1xlite-81734.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:57 GMT
content-type: application/json
last-modified: Wed, 12 Jun 2024 19:33:44 GMT
etag: W/"f8b7e9574634c9f5e31df9b371e7eb06"
content-encoding: gzip
expires: Thu, 12 Sep 2024 13:42:26 GMT
cache-control: max-age=3600
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
age: 3108
traceparent: 00-867ac3fe2a1f7ea2f228c1b612cb3071-c413d339aa69d705-01
x-id: osix-hw-edge-gc4
cache: HIT
x-cached-since: 2024-09-23T22:17:16+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-welcome-app-static/Desktop/Default/44136fa355b3/DBGw6of3MIsl.css

185.244.209.62

200 OK

460 B

URL GET HTTP/2
v3.traincdn.com/sys-static/sys-welcome-app-static/Desktop/Default/44136fa355b3/DBGw6of3MIsl.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (461), with no line terminators
Size
460 B (460 bytes)
Hash
ba7b2e2cbd347e588fd8e10076b9eeee
b91d5bba042b8faf34cbb53d514f90e47baa19fe
7f57f2d233077f11a4fc5214bddf496aa2a643820c4c37fbffd73370dac8ed53

HTTP Headers

GET /sys-static/sys-welcome-app-static/Desktop/Default/44136fa355b3/DBGw6of3MIsl.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:54 GMT
content-type: text/css; charset=utf-8
content-length: 460
last-modified: Fri, 20 Sep 2024 11:42:34 GMT
etag: "acd26c8fc447471361434a2c8c1f8388"
x-amz-meta-mtime: 1726832449.159374987
expires: Sun, 22 Sep 2024 10:04:48 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-a201f869347ac60744aa274b8ce9c1c5-34b530b2c121b1be-01
x-id: osix-hw-edge-gc4
age: 46546
cache: HIT
x-cached-since: 2024-09-23T10:07:08+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/tv-bet-jackpot.jpg

0.0.0.0

0 B

URL GET
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/tv-bet-jackpot.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/tv-bet-jackpot.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/birthday.webp

185.244.209.62

200 OK

12 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/birthday.webp
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-81734.top/en/promotions/wheel-bet
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp
Size
12 kB (11684 bytes)
Hash
9a12fd308fdcacc0adb16d2476e2efe9
fac9675ec0a1041f757f11413fe0c359edd0b141
f7da0fac7df7744f1812cebabe061252bf8e8cb786e066ad76b48f96f1a17b64

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/birthday.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-81734.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 23 Sep 2024 23:02:58 GMT
content-type: image/webp
content-length: 11684
last-modified: Tue, 11 Apr 2023 17:52:19 GMT
etag: "9a12fd308fdcacc0adb16d2476e2efe9"
expires: Wed, 18 Sep 2024 06:13:33 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
traceparent: 00-6bed54d9e2762208cf8be12829046507-ed4bd0f31ce0a8a6-01
x-id: osix-hw-edge-gc4
cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (91)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by