Report - affpa.top/L?tag=d_4175298m_97c_PU_VE_PA_SB_MB_1XBET_PUSH&pb=7ceb261dfb824837b0d185a5d0c3c180&click

Report Overview

Visited public
2025-04-14 17:33:56
Tags
URL
affpa.top/L?tag=d_4175298m_97c_PU_VE_PA_SB_MB_1XBET_PUSH&pb=7ceb261dfb824837b0d185a5d0c3c180&click_id=wf7v2mdp899lv1593hgci6fq
Finishing URL
1xlite-077216.top/en/block
IP / ASN
83.147.205.153
#202492 Silverhill Group Holding Ltd
Title
1xBet

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
v3.traincdn.com	unknown	2022-11-10	2022-11-25	2025-04-08	35 kB	6.7 MB	185.244.209.62
1xlite-077216.top	unknown	2024-10-10	2025-04-03	2025-04-10	19 kB	967 kB	83.147.224.2
region1.analytics.google.com	unknown	1997-09-15	2022-03-17	2025-04-09	2.0 kB	1.7 kB	216.239.34.36
www.google.no	25607	2001-02-26	2012-06-26	2025-04-09	833 B	580 B	142.250.74.131
affpa.top	507683	2022-01-14	2022-01-14	2025-04-07	594 B	272 kB	83.147.205.153
radar.cedexis.com	3035	2009-01-07	2013-11-27	2025-04-07	850 B	1.4 kB	45.54.49.5
www.googletagmanager.com	75	2011-11-11	2012-10-04	2025-04-09	2.7 kB	1.9 MB	142.250.74.168
www.google.com	7	1997-09-15	2015-05-10	2025-04-09	810 B	568 B	142.250.74.68

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-04-14	medium	1xlite-077216.top	Sinkholed
2025-04-14	medium	1xlite-077216.top	Sinkholed
2025-04-14	medium	1xlite-077216.top	Sinkholed
2025-04-14	medium	1xlite-077216.top	Sinkholed
2025-04-14	medium	1xlite-077216.top	Sinkholed
2025-04-14	medium	1xlite-077216.top	Sinkholed
2025-04-14	medium	1xlite-077216.top	Sinkholed
2025-04-14	medium	1xlite-077216.top	Sinkholed
2025-04-14	medium	1xlite-077216.top	Sinkholed
2025-04-14	medium	1xlite-077216.top	Sinkholed
2025-04-14	medium	1xlite-077216.top	Sinkholed
2025-04-14	medium	1xlite-077216.top	Sinkholed
2025-04-14	medium	1xlite-077216.top	Sinkholed
2025-04-14	medium	1xlite-077216.top	Sinkholed
2025-04-14	medium	1xlite-077216.top	Sinkholed
2025-04-14	medium	1xlite-077216.top	Sinkholed
2025-04-14	medium	1xlite-077216.top	Sinkholed

ThreatFox

No alerts detected

JavaScript (53)

	URL	From	Size	First Seen	Last Seen
	1xlite-077216.top/hd-api/external/assets/hdf.js	ScriptElement	4.1 kB	2024-11-12	2025-05-14
Pretty URL 1xlite-077216.top/hd-api/external/assets/hdf.js IP 83.147.224.2 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-11-12 02:24 Last Seen2025-05-14 05:06 Times Seen660 Hash 2f26a679e9d54a65e6578e947cc5bdf2 1b984864aa7b3e28231ac7cea3c199435dbdc6bf 1e3c4bd81a1cd9ee02e42a42802d5c18cbdb3f3a11c0b2732eb11bd12263020c Loading...

	1xlite-077216.top/captcha-api/assets/hunt-captcha.js	ScriptElement	76 kB	2025-04-08	2025-04-17
Pretty URL 1xlite-077216.top/captcha-api/assets/hunt-captcha.js IP 83.147.224.2 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-08 20:36 Last Seen2025-04-17 09:18 Times Seen79 Hash dc17316c3253cb1f9b97aa0110a6acec a03cb594e0418a35aa582b01cc7fb90caa5affce d73e88a32628d646d1521035a4e2ef390f404d780cfc8e273905257bb247b71a Loading...

	1xlite-077216.top/en/block	Function	39 B	2023-04-14	2025-05-15
Pretty URL 1xlite-077216.top/en/block IP 83.147.224.2 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-04-14 16:26 Last Seen2025-05-15 01:47 Times Seen4347 Hash bc51ed8c76553717f10d58b2df60fd76 e2d03a8fd8d280074b226c288880f9df299c7cb1 bee994eaf88453f6343ba57571a069054c12c9b4e42f8cbad4f2ad75c7fb264c Loading...

	www.googletagmanager.com/gtm.js?id=GTM-KFGPRJ2V	ScriptElement	322 kB	2025-04-14	2025-04-14
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-KFGPRJ2V IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-14 16:27 Last Seen2025-04-14 17:34 Times Seen2 Hash b316d1f96622b7ba7edc80489bc47c94 f934bde1e3098bf8b8bb9535673b4cdf7a9d9ca4 af89b3a3d0185b8523b475ae5ea97a2c97410f5bf6aa0a3799446dfe147890e2 Loading...

	www.googletagmanager.com/gtag/destination?id=AW-16664555628&l=dataLayer&cx=c&gtm=45He5490v9180563600za200&tag_exp=102509682~102803279~102813109~102887800~102926062~103021830~103027016~103050889~103051953~103055465	ScriptElement	324 kB	2025-04-14	2025-04-14
Pretty URL www.googletagmanager.com/gtag/destination?id=AW-16664555628&l=dataLayer&cx=c&gtm=45He5490v9180563600za200&tag_exp=102509682~102803279~102813109~102887800~102926062~103021830~103027016~103050889~103051953~103055465 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-14 17:34 Last Seen2025-04-14 17:34 Times Seen1 Hash f79e7acc9a8d7dfc270e8fbdc3affd11 f95ee7779cba0f65729bcb2a4272380daf098749 42fc5dc12c7d004370d36cb2769513bf56c61a22a3eaa32384d1c55d6aa47185 Loading...

	v3.traincdn.com/main-static/b6a5d9e8/desktop/default/vendors/plugins.vue-js-modal-f0fbd83f.js	ScriptElement	27 kB	2025-04-09	2025-04-16
Pretty URL v3.traincdn.com/main-static/b6a5d9e8/desktop/default/vendors/plugins.vue-js-modal-f0fbd83f.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-09 23:34 Last Seen2025-04-16 06:36 Times Seen51 Hash fce98813a212a28a7876b0048e5fc78c 1180bf6f2f7a2aec1b1a3a5050d14e4aafc040e0 2617420139da8bc6c8c5217965a90c6a2ea4374ce1e5b4204c0f04fefc19c668 Loading...

	v3.traincdn.com/sys-static/shared-assets/__shared_localforage_H7M2CI7V.js	ImportedModule	30 kB	2025-03-21	2025-05-12
Pretty URL v3.traincdn.com/sys-static/shared-assets/__shared_localforage_H7M2CI7V.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2025-03-21 03:26 Last Seen2025-05-12 21:53 Times Seen245 Hash 8c858b7ed9e89233e182c6824388b15d 72b5da96c3735591317ee5d7a77733f3ee2e4f5b ff626e5d8a3bf634c1577b920a448b6da177e7e0e164a3cce4d270ff78bb7d23 Loading...

	1xlite-077216.top/en/block	Function	34 B	2023-04-14	2025-05-15
Pretty URL 1xlite-077216.top/en/block IP 83.147.224.2 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-04-14 16:26 Last Seen2025-05-15 01:47 Times Seen4354 Hash 7bcdb973ab8af8e24ab11cb554a1ba6e 24e8a10f240f2b06f81d7c173cd0a90606641fc1 916ec4eb9b485eb47f43a17fe212e84e4b72600b45eb6d4588599ad495a57fcd Loading...

	1xlite-077216.top/en/block	Function	47 B	2023-04-14	2025-05-15
Pretty URL 1xlite-077216.top/en/block IP 83.147.224.2 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-04-14 16:26 Last Seen2025-05-15 01:47 Times Seen4340 Hash a01893d8e129ad16c1e0fc5c7537f411 0e46d1bf2718f848d9d596fa269eaedb31204772 cbe7b89533bcd75b69f3e54807308551d68242ec1761e63bee1a99fc6e560175 Loading...

	www.googletagmanager.com/gtag/js?id=G-7JGWL9SV66&l=dataLayer&cx=c&gtm=45He5490v9180563600za200&tag_exp=102509682~102803279~102813109~102887800~102926062~103021830~103027016~103050889~103051953~103055465	ScriptElement	469 kB	2025-04-14	2025-04-14
Pretty URL www.googletagmanager.com/gtag/js?id=G-7JGWL9SV66&l=dataLayer&cx=c&gtm=45He5490v9180563600za200&tag_exp=102509682~102803279~102813109~102887800~102926062~103021830~103027016~103050889~103051953~103055465 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-14 17:34 Last Seen2025-04-14 17:34 Times Seen1 Hash d03c0fbc40c026f396511099304cd383 6a9cc0472a4b101573f9fa653f4a6a8c9cb78266 837415c6f939934045394f1b1c3443db021438a87595336f7b215b2b65ec2014 Loading...

	1xlite-077216.top/en/block	DomTimer	10 B	2024-09-21	2025-05-14
Pretty URL 1xlite-077216.top/en/block IP 83.147.224.2 ASN #0 Introduced by domTimer Embedded in HTML false Observations First Seen2024-09-21 15:04 Last Seen2025-05-14 05:06 Times Seen743 Hash 01f4b51b4ba7edd00ad9f0a22259f06e 00723d0eda4be61a7b1c542b0a08a94a94a60017 9fdac1c31a22f55dbb8ca225ee28c3f7e88b41cce82968af0018c9f8b3bd35ba Loading...

	v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/7d27383ea7.js	ScriptElement	5.4 kB	2025-04-09	2025-04-23
Pretty URL v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/7d27383ea7.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-09 23:34 Last Seen2025-04-23 06:07 Times Seen96 Hash 4cf3699d59c5262586f4e58456e9464f 8f5bf54dad4a1983e3fe3ffe0e263db212d43438 9b3e8981653be9419f83c8cb85e7c02772d2f3ad8c27e7743110278879eafbf9 Loading...

	v3.traincdn.com/main-static/b6a5d9e8/desktop/default/Betting.Core-549ed34a.js	ScriptElement	2.1 kB	2025-04-11	2025-04-15
Pretty URL v3.traincdn.com/main-static/b6a5d9e8/desktop/default/Betting.Core-549ed34a.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-11 16:35 Last Seen2025-04-15 10:36 Times Seen35 Hash 70cb1b2ceab898face4dffe0c216fb44 83dbba7ebd35957b2b3f8830d459fc3afe92fbb0 13b46f7c48c41eedf5fd75c35542d993b8f0804c0ca8db38293060771379493c Loading...

	v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/fcddb30a3f.js	ImportedModule	1.5 kB	2025-04-09	2025-04-23
Pretty URL v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/fcddb30a3f.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2025-04-09 23:34 Last Seen2025-04-23 06:07 Times Seen96 Hash 6d234bc3f4192fe10b434e606f2ce4e0 0be61ed82184fd96eef68a5e4380453dcfedc20d 83ae36d90f349f69e275d638432a474033dd6debb7a70919841a7cd39ae2540f Loading...

	1xlite-077216.top/en/block	Function	47 B	2023-04-14	2025-05-15
Pretty URL 1xlite-077216.top/en/block IP 83.147.224.2 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-04-14 16:26 Last Seen2025-05-15 01:47 Times Seen4343 Hash 580b3e56fc9ab6e8b4655f43ee057cc1 5dfce565e446f4a167195de9a1a5dd26163c711c 446f07b6e56de61d2c2d5b6ba408cc580b492a6d1ede8fc51cfde4ef75a2b382 Loading...

	1xlite-077216.top/en/block	ScriptElement	1.7 kB	2025-04-11	2025-04-15
Pretty URL 1xlite-077216.top/en/block IP 83.147.224.2 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2025-04-11 16:35 Last Seen2025-04-15 10:36 Times Seen29 Hash 2cb89baaa662ceeff7517b2c0d0f485a d87671002c13c5cd9d8a89bf030f1b2ab52d6061 1d20212c6878a7c89b3e138582f1ffb3fc594cf3d1c4d431e1dcb86105efc3cf Loading...

	v3.traincdn.com/main-static/b6a5d9e8/desktop/default/vendors/plugins.vue-notification-7c1925ab.js	ScriptElement	13 kB	2025-04-09	2025-04-16
Pretty URL v3.traincdn.com/main-static/b6a5d9e8/desktop/default/vendors/plugins.vue-notification-7c1925ab.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-09 23:34 Last Seen2025-04-16 06:36 Times Seen51 Hash dbbcfa47c154369e2a89581ce0f5e7b6 6fde2951f990163c3722402e2567cfd2c4b388cb ce2c7372f2209109827f34e052e06146771bbfba16fd07c560d61a1b404e9f3a Loading...

	1xlite-077216.top/en/block	Eval	335 kB	2025-04-14	2025-04-14
Pretty URL 1xlite-077216.top/en/block IP 83.147.224.2 ASN #0 Introduced by eval Embedded in HTML false Observations First Seen2025-04-14 17:34 Last Seen2025-04-14 17:34 Times Seen1 Hash 09a2e33c42ea728b40bea41afb39a053 87f3706cb1c3cb167d2748bfed60715b11d1cce8 2e6c21da34e7c3cb0d1992b1947729f15e64d9569cad1f7b301647ce899a41ba Loading...

	www.googletagmanager.com/gtag/destination?id=DC-14030178&l=dataLayer&cx=c&gtm=45He5490v9180563600za200&tag_exp=102509682~102803279~102813109~102887800~102926062~103021830~103027016~103050889~103051953~103055465	ScriptElement	278 kB	2025-04-14	2025-04-14
Pretty URL www.googletagmanager.com/gtag/destination?id=DC-14030178&l=dataLayer&cx=c&gtm=45He5490v9180563600za200&tag_exp=102509682~102803279~102813109~102887800~102926062~103021830~103027016~103050889~103051953~103055465 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-14 16:27 Last Seen2025-04-14 19:06 Times Seen3 Hash 188a71d76f69fab950749ec02865cada d3d6b3a1ee9fbbe1973ba1745b38c13e378fa8bb 3bdc4051bf1552df513f1edb51e24f37596e45098fe24e043e6c604ed98bf982 Loading...

	1xlite-077216.top/main-static/b6a5d9e8/check-ob.js	ScriptElement	219 B	2024-07-17	2025-05-14
Pretty URL 1xlite-077216.top/main-static/b6a5d9e8/check-ob.js IP 83.147.224.2 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-17 14:33 Last Seen2025-05-14 05:06 Times Seen1120 Hash c065700c9c8c493403359e1f2baa10d9 4630fe729e70bdf63fa7ba6c84ec277fd1f51030 1e61f0c82ae82ffcf503fcd4b4c8ae27b32c11e19b882d5d13f3c44364c893f4 Loading...

	v3.traincdn.com/sys-static/shared-assets/__shared_libphonenumber_js_4IISRMA4.js	ImportedModule	159 kB	2025-03-21	2025-05-12
Pretty URL v3.traincdn.com/sys-static/shared-assets/__shared_libphonenumber_js_4IISRMA4.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2025-03-21 03:26 Last Seen2025-05-12 21:53 Times Seen245 Hash 4673edf4e262d0703069c59915cde01f da52ee1e0d3f5967a58218500593537f8e33621e 4e24e1b83813d014e5a44217a142123c8f95be42d2a9594b535155630e1adf45 Loading...

	v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/34ad4c2501.js	ImportedModule	134 B	2025-04-09	2025-04-23
Pretty URL v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/34ad4c2501.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2025-04-09 23:34 Last Seen2025-04-23 06:07 Times Seen96 Hash 35977ea5daecc3aab99bf883dedfa4c8 d96e0ba0c142cccfac7a752ad2d7f025c2952e5c 5406cffa7eb1792aba2784077fabfc9a0467cd7605338d16bda43c2767fa78fd Loading...

	v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/entry-632d69e093.js	ScriptElement	28 kB	2025-04-09	2025-04-23
Pretty URL v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/entry-632d69e093.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-09 23:34 Last Seen2025-04-23 06:07 Times Seen96 Hash c0d7aa421209d79496566e4142736cea 1b9f673e50117382e5a4a21fdd187bf3ed7eb357 e43bd09bf2c676d6e1ffad2f4c134fc822a2564cbeda8901c2f788966b9fcfce Loading...

	v3.traincdn.com/sys-static/shared-assets/Desktop/__shared_base-app_9d6bef9a9e.js	ImportedModule	812 kB	2025-04-09	2025-04-23
Pretty URL v3.traincdn.com/sys-static/shared-assets/Desktop/__shared_base-app_9d6bef9a9e.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2025-04-09 23:34 Last Seen2025-04-23 06:07 Times Seen104 Hash 782eecf98bf0d4e11476905cf4eabb2a 02e11d9aed125dcc32289025881d29ee84e9efd7 f82a36946af4209846803d54f70c26f339d745ff5c490661d869538234e8223a Loading...

	v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/43d27a1005.js	ImportedModule	3.8 kB	2025-04-09	2025-04-23
Pretty URL v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/43d27a1005.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2025-04-09 23:34 Last Seen2025-04-23 06:07 Times Seen96 Hash 90f505b40c0bf80558c86ccc6b6605f2 cdfa527a479e455f440242d7fa8d04ad32321d90 f31cd11d82fe27561102b48dc1201ce56d5e46ceaff17d0e3e20cc8d9c0dc8cf Loading...

	data:text/javascript,export const meta = import.meta;	ScriptElement	32 B	2023-12-06	2025-05-14
Pretty URL data:text/javascript,export const meta = import.meta; IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-06 14:32 Last Seen2025-05-14 05:06 Times Seen2695 Hash 6d772b7d405b447ecee54ab61cdd5108 dd65fb9cd5a7cb94a40fe161f4f72303a61eb3b7 b90ff694e492935b6036fb7e878d365dab51aafa46f0afb1e33414e7ecc3307b Loading...

	1xlite-077216.top/en/block	ScriptElement	6.3 kB	2025-04-11	2025-04-15
Pretty URL 1xlite-077216.top/en/block IP 83.147.224.2 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2025-04-11 16:35 Last Seen2025-04-15 10:36 Times Seen28 Hash bb0e040632a183be27ee708536662bbc 7c1c8935d229af0f87a2ef6801a746245c60a6b9 799ac81a866ef14d3917f6073a4a955f84348b67225a6d855bec0b04d46a09ae Loading...

	v3.traincdn.com/main-static/b6a5d9e8/desktop/default/runtime-beb7d7b3.js	ScriptElement	19 kB	2025-04-11	2025-04-15
Pretty URL v3.traincdn.com/main-static/b6a5d9e8/desktop/default/runtime-beb7d7b3.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-11 16:35 Last Seen2025-04-15 10:36 Times Seen35 Hash bc1ccfefa1cdc4f9c5b87de66eeb4a00 cf838fec289900525a5c1f562b7a0e6ac450b96c f9bc807e7550d661f45f0d24cea07ed12b6e16094c4fde3df2209b42f3ee07db Loading...

	v3.traincdn.com/main-static/b6a5d9e8/desktop/default/vendors/plugins.v-tooltip-89b6fb93.js	ScriptElement	77 kB	2025-04-09	2025-04-16
Pretty URL v3.traincdn.com/main-static/b6a5d9e8/desktop/default/vendors/plugins.v-tooltip-89b6fb93.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-09 23:34 Last Seen2025-04-16 06:36 Times Seen51 Hash 7d133167cc0db6e7dc3caf1cea53aa2a 1da7a6ff67c89b1a7c96fbff57fd885acf37b311 802ddc6bfa32a3048c8b23d407b269cc302d488ca0b92dc24cbebb0923eb7ff0 Loading...

	v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/40b4a3331c.js	ImportedModule	27 kB	2025-04-09	2025-04-23
Pretty URL v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/40b4a3331c.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2025-04-09 23:34 Last Seen2025-04-23 06:07 Times Seen96 Hash 32e68eedcb043a37eda21f9240628a4d d60918ab20b32404f0b04107886bb11a70f995e8 33728db54cd2b871dc3864359709bde3b3bff6204de2c3d773827e2b8fa3afea Loading...

	1xlite-077216.top/hd-api/external/apps/c5e31d5915661de4393e3f1489b00ebc4497dd48/api.js	ScriptElement	753 B	2025-02-26	2025-05-14
Pretty URL 1xlite-077216.top/hd-api/external/apps/c5e31d5915661de4393e3f1489b00ebc4497dd48/api.js IP 83.147.224.2 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-26 21:56 Last Seen2025-05-14 05:06 Times Seen466 Hash f004562bde4d48fb0987e200eb06f3af 6ce4bb1f9a61802bc2b28d084810a6a752af30a6 ba2a7d9626d02a36d5c599c2e0f24594f47e2624d8fa93f6944056722e31f20f Loading...

	v3.traincdn.com/main-static/b6a5d9e8/desktop/default/analytics-dfadc62d.js	ScriptElement	7.8 kB	2025-04-09	2025-04-16
Pretty URL v3.traincdn.com/main-static/b6a5d9e8/desktop/default/analytics-dfadc62d.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-09 23:34 Last Seen2025-04-16 06:36 Times Seen46 Hash 6ce84e63fcb523c199a4243eda399f56 2b968663a2d3a36ce0c42ec49c6be9f41fb10464 6a93e0a58241575648cdf050e8092b68f75e33bae9e85378039865252357cbef Loading...

	v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/6d337b1903.js	ImportedModule	2.0 kB	2025-04-09	2025-04-23
Pretty URL v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/6d337b1903.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2025-04-09 23:34 Last Seen2025-04-23 06:07 Times Seen96 Hash e175ddbabb055a9efa48e5cb27296b7a 3e92ac9aac69ad3b79ffc5bf24f26f7d77f4ac11 ba1f6bbc92f5ac78349511c5de4709fdaf4433f5b0f7b6d6cc1df783b4a7a11b Loading...

	1xlite-077216.top/en/block	Function	74 kB	2025-04-08	2025-04-17
Pretty URL 1xlite-077216.top/en/block IP 83.147.224.2 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2025-04-08 22:54 Last Seen2025-04-17 09:18 Times Seen73 Hash 77d932610a790a4895c1d524741daa55 536c929a8b132b487f5b423a1e3b3b2b85d66793 a6bdd11675d894d5a486016dd0769b380664d9b772a270ea2a80debac378f9db Loading...

	v3.traincdn.com/sys-static/shared-assets/__shared_chunk_KSBWA3N2.js	ImportedModule	610 B	2024-12-07	2025-05-12
Pretty URL v3.traincdn.com/sys-static/shared-assets/__shared_chunk_KSBWA3N2.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2024-12-07 20:25 Last Seen2025-05-12 21:53 Times Seen570 Hash 464c50409850b3095783d5b3b9a1b00d 7d5c3f49bd0689d72dddceee68afd229f4168ed5 71cbc8847b4abb3782fe515be3e9e1f3fb639f801b337a2a3612616151ec250d Loading...

	v3.traincdn.com/sys-static/shared-assets/__shared_vue_deps_2XBAXGLI.js	ImportedModule	21 kB	2025-04-09	2025-04-28
Pretty URL v3.traincdn.com/sys-static/shared-assets/__shared_vue_deps_2XBAXGLI.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2025-04-09 23:34 Last Seen2025-04-28 03:17 Times Seen123 Hash 196202ebc273fa2629d520f82609ff83 856ddcb0774fed7e97eb1a84adc1ac815a7a9eab efa670ff26f34e4620077e3a18380a33e94ef16b7cd3736cbd353f7f503b4fb4 Loading...

	v3.traincdn.com/sys-static/shared-assets/__shared_popper_js_EEH7JIJK.js	ImportedModule	21 kB	2025-03-21	2025-05-12
Pretty URL v3.traincdn.com/sys-static/shared-assets/__shared_popper_js_EEH7JIJK.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2025-03-21 03:26 Last Seen2025-05-12 21:53 Times Seen245 Hash 65baa1e0e10c3b0e4763d35e76999e25 a21b6807691f637324b24296803e05b64fc4c694 610516103d1262a5c7d3f5481f3f54328723386634607085bf0cfc631ad0ab3f Loading...

	1xlite-077216.top/en/block	Function	44 B	2023-04-14	2025-05-15
Pretty URL 1xlite-077216.top/en/block IP 83.147.224.2 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-04-14 16:26 Last Seen2025-05-15 01:47 Times Seen4346 Hash 00beb9884d0391b342eadd30744b539a 3124c0bd593822379d22f13d3e08e70a1bf5ea14 92394eec5690449a4f6cfc9a7f97497a69e926b2365cb9a9aad3507a844f835c Loading...

	v3.traincdn.com/sys-static/shared-assets/__shared_fast_deep_equal_4DKQVMAE.js	ImportedModule	865 B	2025-03-21	2025-05-12
Pretty URL v3.traincdn.com/sys-static/shared-assets/__shared_fast_deep_equal_4DKQVMAE.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2025-03-21 03:26 Last Seen2025-05-12 21:53 Times Seen245 Hash b83f09e2c933f2aafd2e97f88f23d81f c5c5ff5f8b7cd801781559b42c365a16e6839800 f584585b1dce860bf95b8270b60680af7022244f6723ed8f01fe3967780c6aae Loading...

	1xlite-077216.top/en/block	Function	96 B	2023-12-06	2025-05-14
Pretty URL 1xlite-077216.top/en/block IP 83.147.224.2 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-12-06 14:32 Last Seen2025-05-14 05:06 Times Seen2695 Hash 94361ed86ab9b2fbb8d805c2025df46a 3f428332f7a1c7196a85c93a373a966d75708c19 eee4d228a49a86625f29410cf9a23d145e821a09cbb1f7a4d7557d206872715a Loading...

	v3.traincdn.com/main-static/b6a5d9e8/desktop/default/app-d8d8e08e.js	ScriptElement	508 kB	2025-04-11	2025-04-15
Pretty URL v3.traincdn.com/main-static/b6a5d9e8/desktop/default/app-d8d8e08e.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-11 16:35 Last Seen2025-04-15 10:36 Times Seen35 Hash 6ce9d21398f663a517142a1229e7a4d9 6431198732332a946dc347520f09504b5453e13b 9c114651516f17b4405bd95a536acb795cbf80533b472544fbc73d010ec95fac Loading...

	v3.traincdn.com/main-static/b6a5d9e8/desktop/default/vendors/app-731be458.js	ScriptElement	935 kB	2025-04-09	2025-04-16
Pretty URL v3.traincdn.com/main-static/b6a5d9e8/desktop/default/vendors/app-731be458.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-09 23:34 Last Seen2025-04-16 06:36 Times Seen51 Hash 839701f3c944d445a002a3d431da321d 68eaa97569908dcd2da17ad808a82585e7aa33b2 1f704b273308e5a4ce7485a4d7da0d862597fd6413fdf01407c4f16f300db1b0 Loading...

	v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/9e771668f4.js	ScriptElement	1.3 kB	2025-04-09	2025-04-23
Pretty URL v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/9e771668f4.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-09 23:34 Last Seen2025-04-23 06:07 Times Seen96 Hash 1c0d081fb1cc7abda416f4f77ed90ea8 0e9bae1c19bb2acfd1443d7adeb34a4df5207678 792c5b53781b320886638ca4fa6ad09ef57f9cba680940688364c1066dc79162 Loading...

	radar.cedexis.com/1/23802/radar.js	ScriptElement	390 B	2024-02-13	2025-05-14
Pretty URL radar.cedexis.com/1/23802/radar.js IP 45.54.49.5 ASN #63911 NetActuate, Inc Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-13 14:23 Last Seen2025-05-14 05:06 Times Seen1904 Hash 82dec77fd0353c7c71ce053b8601387e fbbca95419e1d0c042e0a5fdf10f380aca66188c 39f2b7b0fa78d37d0c84d2d6618bd635d86fd683d9bcdd5729850cb2a62522f7 Loading...

	v3.traincdn.com/main-static/b6a5d9e8/desktop/default/commons/app-5a29b260.js	ScriptElement	138 kB	2025-04-09	2025-04-16
Pretty URL v3.traincdn.com/main-static/b6a5d9e8/desktop/default/commons/app-5a29b260.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-09 23:34 Last Seen2025-04-16 06:36 Times Seen51 Hash a0bf7f4c320b5b14406c4922c80291a5 7ba1acc944dc705b1a783cdeeeeb0c395564ade2 f60a77d849fd2a43b8a96c4ce7b81e0908246fcd887f4b539e59b790f0276070 Loading...

	v3.traincdn.com/main-static/b6a5d9e8/desktop/default/DC-3cc0f3e1.js	ScriptElement	2.7 kB	2025-04-09	2025-04-16
Pretty URL v3.traincdn.com/main-static/b6a5d9e8/desktop/default/DC-3cc0f3e1.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-09 23:34 Last Seen2025-04-16 06:36 Times Seen51 Hash 7c28a537b21cbad3025c5937b76159a1 1403a9ef1813208365fef3b87adf4df34fc76c73 c9d49797a542f3419a354296abb1a6faf8571bab5101aba4778fa97fc267d662 Loading...

	1xlite-077216.top/en/block	ScriptElement	200 kB	2025-04-14	2025-04-14
Pretty URL 1xlite-077216.top/en/block IP 83.147.224.2 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2025-04-14 17:34 Last Seen2025-04-14 17:34 Times Seen1 Hash 5576fbe9b47a8c816e4fb185720a55b7 f57dc4bf09847d9f9c82b8be4394887a0400ef16 3a12ba0c5443d9beeab6a04cf49d88fcf0025509902531e7e9ef89d211c905f8 Loading...

	v3.traincdn.com/main-static/b6a5d9e8/desktop/default/Page.Block-b0fdbc4e.js	ScriptElement	476 B	2025-04-09	2025-04-16
Pretty URL v3.traincdn.com/main-static/b6a5d9e8/desktop/default/Page.Block-b0fdbc4e.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-09 23:34 Last Seen2025-04-16 06:36 Times Seen49 Hash 462d676b0a8a256557d6a23db60a6e1e fc8fedb7dcfff78a9b0ec050f1e31301a979258a c94b55a494c76eddaf2d922b68f01f95b389a61b6f9f10a0b7cbd5b8e6aabe87 Loading...

	v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/de6c784b1c.js	ImportedModule	1.2 kB	2025-04-09	2025-04-23
Pretty URL v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/de6c784b1c.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2025-04-09 23:34 Last Seen2025-04-23 06:07 Times Seen96 Hash 96575218da31267ca985a9d914db573a 8119968a9c2141eae94604d4599657defb427bca c7a76ababe5e5814750a81219e4ba4b6f61efe6fb34e5deec00cbce2e747ec34 Loading...

	v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/769f3f0fc4.js	ImportedModule	2.5 kB	2025-04-09	2025-04-23
Pretty URL v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/769f3f0fc4.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2025-04-09 23:34 Last Seen2025-04-23 06:07 Times Seen96 Hash 073625c15752bc2cf869f42e47560fd6 8d4a1f3e926186aadb0357152c07bb55a64d7018 be9d8c336f17cda2e6b71d4a0f3085bf75f6d98387095e2a574c4cf29a0c4f84 Loading...

	www.googletagmanager.com/gtag/js?id=G-7JGWL9SV66	ScriptElement	469 kB	2025-04-14	2025-04-14
Pretty URL www.googletagmanager.com/gtag/js?id=G-7JGWL9SV66 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-14 17:34 Last Seen2025-04-14 19:06 Times Seen2 Hash cbd43c8eb0adee4cc177026ef2c4a7f3 7ea9bbbfadde777f672cb15bb3c6848968c302f3 1489a98acf1ac36ac8d0145f751b1299ac280d8ae029b97f46246db4ce948689 Loading...

	1xlite-077216.top/en/block	Eval	2.5 kB	2025-04-09	2025-04-23
Pretty URL 1xlite-077216.top/en/block IP 83.147.224.2 ASN #0 Introduced by eval Embedded in HTML false Observations First Seen2025-04-09 23:34 Last Seen2025-04-23 06:07 Times Seen94 Hash 6c957894b29681c1b9f7c1a2ec51a0da d4cbb3c8e08120321b52012d32db8c130af3910c 24195591b84a96faa92b576aaf13652e13aef8d7f0447918ec129fc5db0c3967 Loading...

	v3.traincdn.com/sys-static/shared-assets/__shared_accept_language_parser_FZZ6RWIK.js	ImportedModule	1.3 kB	2025-03-21	2025-05-12
Pretty URL v3.traincdn.com/sys-static/shared-assets/__shared_accept_language_parser_FZZ6RWIK.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2025-03-21 03:26 Last Seen2025-05-12 21:53 Times Seen245 Hash fc1c44ae9e4954ae02c484125b7a6a1e 484eb92dd5bb166e7a06c1cf2dce2400bb3055e3 fa015c22854d009fd3436cac0b3958a3616d67d9c633c61d0ae309c114ab9f04 Loading...

HTTP Transactions (99)

URL IP Response Size

v3.traincdn.com/main-static/b6a5d9e8/desktop/default/vendors/app-731be458.js

185.244.209.62

200 OK

935 kB

URL GET
v3.traincdn.com/main-static/b6a5d9e8/desktop/default/vendors/app-731be458.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (63296)
Size
935 kB (934800 bytes)
Hash
839701f3c944d445a002a3d431da321d
68eaa97569908dcd2da17ad808a82585e7aa33b2
1f704b273308e5a4ce7485a4d7da0d862597fd6413fdf01407c4f16f300db1b0

HTTP Headers

GET /main-static/b6a5d9e8/desktop/default/vendors/app-731be458.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-077216.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:31 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-27d94fc2b17a45962335bcb7be2cd28b-b0d0ba24e1399e56-01
last-modified: Fri, 11 Apr 2025 12:05:26 GMT
etag: W/"839701f3c944d445a002a3d431da321d"
x-amz-meta-mtime: 1744373125.231880202
content-encoding: gzip
expires: Sat, 12 Apr 2025 12:21:06 GMT
cache-control: max-age=86400
x-time-ng: 0.003
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 18405
cache: HIT
x-cached-since: 2025-04-14T12:26:46+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/main-static/b6a5d9e8/desktop/default/vendors/plugins.vue-notification-7c1925ab.js

185.244.209.62

200 OK

13 kB

URL GET
v3.traincdn.com/main-static/b6a5d9e8/desktop/default/vendors/plugins.vue-notification-7c1925ab.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (12563), with no line terminators
Size
13 kB (12563 bytes)
Hash
dbbcfa47c154369e2a89581ce0f5e7b6
6fde2951f990163c3722402e2567cfd2c4b388cb
ce2c7372f2209109827f34e052e06146771bbfba16fd07c560d61a1b404e9f3a

HTTP Headers

GET /main-static/b6a5d9e8/desktop/default/vendors/plugins.vue-notification-7c1925ab.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-077216.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:33 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-1bc969ceb7336ed8f1bdd2fc1512bd68-d5e574f416500e5f-01
last-modified: Fri, 11 Apr 2025 12:05:26 GMT
etag: W/"dbbcfa47c154369e2a89581ce0f5e7b6"
x-amz-meta-mtime: 1744373125.231880202
content-encoding: gzip
expires: Sat, 12 Apr 2025 12:21:08 GMT
cache-control: max-age=86400
x-time-ng: 0.001
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 18405
cache: HIT
x-cached-since: 2025-04-14T12:26:48+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/shared-assets/__shared_libphonenumber_js_4IISRMA4.js

185.244.209.62

200 OK

159 kB

URL GET
v3.traincdn.com/sys-static/shared-assets/__shared_libphonenumber_js_4IISRMA4.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
ASCII text, with very long lines (65509)
Size
159 kB (158815 bytes)
Hash
4673edf4e262d0703069c59915cde01f
da52ee1e0d3f5967a58218500593537f8e33621e
4e24e1b83813d014e5a44217a142123c8f95be42d2a9594b535155630e1adf45

HTTP Headers

GET /sys-static/shared-assets/__shared_libphonenumber_js_4IISRMA4.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-077216.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:34 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-a9bc05074d76e8c4f07f1eea541cbbb4-87543e1e67e07115-01
last-modified: Mon, 14 Apr 2025 08:43:09 GMT
etag: W/"4673edf4e262d0703069c59915cde01f"
x-amz-meta-mtime: 1744619956.057291279
content-encoding: gzip
expires: Tue, 15 Apr 2025 10:58:32 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 23702
cache: HIT
x-cached-since: 2025-04-14T10:58:32+00:00
X-Firefox-Spdy: h2

1xlite-077216.top/en?tag=d_4175298m_97c_PU_VE_PA_SB_MB_1XBET_PUSH&pb=7ceb261dfb824837b0d185a5d0c3c180&click_id=wf7v2mdp899lv1593hgci6fq

83.147.224.2

302 Found

271 kB

URL User Request GET
1xlite-077216.top/en?tag=d_4175298m_97c_PU_VE_PA_SB_MB_1XBET_PUSH&pb=7ceb261dfb824837b0d185a5d0c3c180&click_id=wf7v2mdp899lv1593hgci6fq
IP
83.147.224.2:443
ASN
#0

Certificate
IssuerLet's Encrypt
Subject1xlite-077216.top
Fingerprint1B:5A:D9:82:17:44:CF:93:9C:43:C1:58:12:A0:E9:1D:AE:93:92:1B
ValidityTue, 11 Mar 2025 05:20:06 GMT - Mon, 09 Jun 2025 05:20:05 GMT

File type

Size
271 kB (271217 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /en?tag=d_4175298m_97c_PU_VE_PA_SB_MB_1XBET_PUSH&pb=7ceb261dfb824837b0d185a5d0c3c180&click_id=wf7v2mdp899lv1593hgci6fq HTTP/1.1
Host: 1xlite-077216.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx
date: Mon, 14 Apr 2025 17:33:30 GMT
link: <https://v3.traincdn.com/sys-ui/2.3.144/Desktop/Default/client.css>; rel=preload; as=style; crossorigin=anonymous
location: /en/block
server-timing: dt_total;dur=0.009, total;dur=19;desc="Nuxt Server Time", wf-uht;dur=0.028
set-cookie: platform_type=desktop; Path=/; Expires=Thu, 17 Apr 2025 17:33:30 GMT; Secure; SameSite=None; Partitioned
gw-mm=; Path=/; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Secure; SameSite=None; Partitioned
lng=en; Path=/
cookies_agree_type=3; Path=/
tzo=2; Path=/
is12h=0; Path=/
referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_4175298m_97c_PU_VE_PA_SB_MB_1XBET_PUSH%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; Path=/; Expires=Fri, 13 Jun 2025 17:33:30 GMT
reflinkid=d_4175298m_97c_PU_VE_PA_SB_MB_1XBET_PUSH; Path=/; Expires=Mon, 14 Apr 2025 18:33:30 GMT
postback_watcher=%7B%22tag%22%3A%22d_4175298m_97c_PU_VE_PA_SB_MB_1XBET_PUSH%22%2C%22pb%22%3A%227ceb261dfb824837b0d185a5d0c3c180%22%2C%22click_id%22%3A%22wf7v2mdp899lv1593hgci6fq%22%7D; Path=/; Expires=Wed, 14 May 2025 17:33:30 GMT
auid=U5PgAmf9RuqfrpWMAyNtAg==; path=/; secure; httponly; samesite=lax
x-dt: 285
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

v3.traincdn.com/main-static/b6a5d9e8/desktop/default/css/684d7545.css

185.244.209.62

200 OK

14 kB

URL GET
v3.traincdn.com/main-static/b6a5d9e8/desktop/default/css/684d7545.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
ASCII text, with very long lines (14391), with no line terminators
Size
14 kB (14391 bytes)
Hash
a552d5db890b7f16e370b33cc587e807
a9dc47737b3e1d8ef6fcbb48c7c0b026c6fda545
0d7e00204297499711ae1da574d4635b31d8238ab4a663b382c44d850d24f3ec

HTTP Headers

GET /main-static/b6a5d9e8/desktop/default/css/684d7545.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-077216.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:31 GMT
content-type: text/css; charset=utf-8
traceparent: 00-0bcbcb4ade8b1fec0103ca4e333ac49e-8b4e7822f387ebb8-01
last-modified: Fri, 11 Apr 2025 12:05:26 GMT
etag: W/"a552d5db890b7f16e370b33cc587e807"
x-amz-meta-mtime: 1744373125.227880166
content-encoding: gzip
expires: Sat, 12 Apr 2025 12:21:05 GMT
cache-control: max-age=86400
x-time-ng: 0.001
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 18407
cache: HIT
x-cached-since: 2025-04-14T12:26:44+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/sys-ui/2.3.144/Desktop/Default/client.css

185.244.209.62

200 OK

618 kB

URL GET
v3.traincdn.com/sys-ui/2.3.144/Desktop/Default/client.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
618 kB (618170 bytes)
Hash
dceafd3db151a193aeaefaab141bf11d
8f561ffd898e8ccabf26a6be66b10017fcb99347
f63f8a0830e5e8207d03aad889f5aca512096bc83d3268591d5828f84721db89

HTTP Headers

GET /sys-ui/2.3.144/Desktop/Default/client.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-077216.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:31 GMT
content-type: text/css; charset=utf-8
traceparent: 00-87480d99dc3c1041f90aab0b2a26777a-aea11b5cce49d3f5-01
last-modified: Mon, 31 Mar 2025 06:54:35 GMT
etag: W/"dceafd3db151a193aeaefaab141bf11d"
x-amz-meta-mtime: 1743404071.991761778
content-encoding: gzip
expires: Thu, 10 Apr 2025 08:14:42 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 33438
cache: HIT
x-cached-since: 2025-04-14T08:16:13+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/shared-assets/Desktop/__shared_css_70b61b.css

185.244.209.62

200 OK

5.0 kB

URL GET
v3.traincdn.com/sys-static/shared-assets/Desktop/__shared_css_70b61b.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
ASCII text, with very long lines (4607)
Size
5.0 kB (5030 bytes)
Hash
064d36a85b8911d9926b21ec13e966f3
0298facd7cd5090cb40d79d4d62b1c63746d7cf3
70b61bbf786b5f580fdbaec0101febdaf23a9e595e8baffa5cb9286ee6c29c80

HTTP Headers

GET /sys-static/shared-assets/Desktop/__shared_css_70b61b.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-077216.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:31 GMT
content-type: text/css; charset=utf-8
traceparent: 00-0be9115dfd25c0d6dae8ba8d6004524f-962363802ad65322-01
last-modified: Mon, 14 Apr 2025 07:47:49 GMT
etag: W/"064d36a85b8911d9926b21ec13e966f3"
x-amz-meta-mtime: 1744616719.57714122
content-encoding: gzip
expires: Tue, 15 Apr 2025 10:53:58 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 23293
cache: HIT
x-cached-since: 2025-04-14T11:05:18+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/version.json

185.244.209.62

200 OK

11 B

URL GET
v3.traincdn.com/version.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
ASCII text
Size
11 B (11 bytes)
Hash
8cdf30eb6240e22c9cfed3e5b58c7982
e7414b231fa342026c1e4ca17ee3e0a653c85d94
550c6491186f6bd9a81ffb3c913e7db462b9edaa954b1b615eea8c257e73bc1a

HTTP Headers

GET /version.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-077216.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-077216.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:31 GMT
content-type: application/json
content-length: 11
traceparent: 00-4ae77a80a18317286d30b3aea2326b0e-57d0ba0dd86962d3-01
last-modified: Fri, 11 Apr 2025 12:10:11 GMT
etag: "8cdf30eb6240e22c9cfed3e5b58c7982"
x-amz-meta-mtime: 1744373411.084160116
expires: Fri, 11 Apr 2025 12:13:41 GMT
cache-control: max-age=60
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/6d337b1903.js

185.244.209.62

200 OK

2.0 kB

URL GET
v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/6d337b1903.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
ASCII text, with very long lines (1435)
Size
2.0 kB (2047 bytes)
Hash
e175ddbabb055a9efa48e5cb27296b7a
3e92ac9aac69ad3b79ffc5bf24f26f7d77f4ac11
ba1f6bbc92f5ac78349511c5de4709fdaf4433f5b0f7b6d6cc1df783b4a7a11b

HTTP Headers

GET /sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/6d337b1903.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-077216.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:35 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-871216ba8ff6f328dac1f13dfb97c961-0ed758668d91d11c-01
last-modified: Wed, 09 Apr 2025 12:22:18 GMT
etag: W/"e175ddbabb055a9efa48e5cb27296b7a"
x-amz-meta-mtime: 1744200997.879436683
content-encoding: gzip
expires: Thu, 10 Apr 2025 12:27:28 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 17692
cache: HIT
x-cached-since: 2025-04-14T12:38:43+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/40b4a3331c.js

185.244.209.62

200 OK

27 kB

URL GET
v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/40b4a3331c.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
ASCII text, with very long lines (12766)
Size
27 kB (27228 bytes)
Hash
32e68eedcb043a37eda21f9240628a4d
d60918ab20b32404f0b04107886bb11a70f995e8
33728db54cd2b871dc3864359709bde3b3bff6204de2c3d773827e2b8fa3afea

HTTP Headers

GET /sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/40b4a3331c.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-077216.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:35 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-d3073445c41225756d2440166fe52288-6937325bd8d12d9c-01
last-modified: Wed, 09 Apr 2025 12:22:18 GMT
etag: W/"32e68eedcb043a37eda21f9240628a4d"
x-amz-meta-mtime: 1744200997.874436483
content-encoding: gzip
expires: Thu, 10 Apr 2025 12:27:29 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 17689
cache: HIT
x-cached-since: 2025-04-14T12:38:46+00:00
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-7JGWL9SV66&gtm=45je5490v897130004za200zb9180563600&_p=1744652025077&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=102509682~102803279~102813109~102887800~102926062~103021830~103027016~103050889~103051953~103055465&cid=1692956508.1744652026&ecid=1891032561&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=AEAAAAI&_s=1&sid=1744652026&sct=1&seg=0&dl=https%3A%2F%2F1xlite-077216.top%2Fen%2Fblock&dt=1xBet&en=scroll&ep.optimize_id=GTM-5R4MT54&epn.percent_scrolled=90&upn.ref_id=1&tfd=17249

216.239.34.36

204 No Content

0 B

URL POST
region1.analytics.google.com/g/collect?v=2&tid=G-7JGWL9SV66&gtm=45je5490v897130004za200zb9180563600&_p=1744652025077&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=102509682~102803279~102813109~102887800~102926062~103021830~103027016~103050889~103051953~103055465&cid=1692956508.1744652026&ecid=1891032561&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=AEAAAAI&_s=1&sid=1744652026&sct=1&seg=0&dl=https%3A%2F%2F1xlite-077216.top%2Fen%2Fblock&dt=1xBet&en=scroll&ep.optimize_id=GTM-5R4MT54&epn.percent_scrolled=90&upn.ref_id=1&tfd=17249
IP
216.239.34.36:443
ASN
#15169 GOOGLE

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint88:85:26:A3:0A:0B:44:C6:92:DD:7B:0B:D1:14:38:BA:26:B9:EF:D9
ValidityThu, 20 Mar 2025 11:18:39 GMT - Thu, 12 Jun 2025 11:18:38 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-7JGWL9SV66&gtm=45je5490v897130004za200zb9180563600&_p=1744652025077&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=102509682~102803279~102813109~102887800~102926062~103021830~103027016~103050889~103051953~103055465&cid=1692956508.1744652026&ecid=1891032561&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=AEAAAAI&_s=1&sid=1744652026&sct=1&seg=0&dl=https%3A%2F%2F1xlite-077216.top%2Fen%2Fblock&dt=1xBet&en=scroll&ep.optimize_id=GTM-5R4MT54&epn.percent_scrolled=90&upn.ref_id=1&tfd=17249 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-077216.top/
Origin: https://1xlite-077216.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://1xlite-077216.top
date: Mon, 14 Apr 2025 17:33:46 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:153:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:153:0
report-to: {"group":"ascnsrsggc:153:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:153:0"}],}
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

v3.traincdn.com/main-static/b6a5d9e8/desktop/default/runtime-beb7d7b3.js

185.244.209.62

200 OK

19 kB

URL GET
v3.traincdn.com/main-static/b6a5d9e8/desktop/default/runtime-beb7d7b3.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (19300), with no line terminators
Size
19 kB (19300 bytes)
Hash
bc1ccfefa1cdc4f9c5b87de66eeb4a00
cf838fec289900525a5c1f562b7a0e6ac450b96c
f9bc807e7550d661f45f0d24cea07ed12b6e16094c4fde3df2209b42f3ee07db

HTTP Headers

GET /main-static/b6a5d9e8/desktop/default/runtime-beb7d7b3.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-077216.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:31 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-90c849ce8159e2fe756409550f2aab0b-b57146fa4ba0d54a-01
last-modified: Fri, 11 Apr 2025 12:05:26 GMT
etag: W/"bc1ccfefa1cdc4f9c5b87de66eeb4a00"
x-amz-meta-mtime: 1744373125.223880129
content-encoding: gzip
expires: Sat, 12 Apr 2025 12:21:06 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 18406
cache: HIT
x-cached-since: 2025-04-14T12:26:45+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/fcddb30a3f.js

185.244.209.62

200 OK

1.5 kB

URL GET
v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/fcddb30a3f.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
ASCII text, with very long lines (512)
Size
1.5 kB (1500 bytes)
Hash
6d234bc3f4192fe10b434e606f2ce4e0
0be61ed82184fd96eef68a5e4380453dcfedc20d
83ae36d90f349f69e275d638432a474033dd6debb7a70919841a7cd39ae2540f

HTTP Headers

GET /sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/fcddb30a3f.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-077216.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:35 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-f356fa8d2b4cea29cc8c3562223f6a8d-d9b44c405fac8c34-01
last-modified: Wed, 09 Apr 2025 12:22:18 GMT
etag: W/"6d234bc3f4192fe10b434e606f2ce4e0"
x-amz-meta-mtime: 1744200997.90543772
content-encoding: gzip
expires: Thu, 10 Apr 2025 12:27:29 GMT
cache-control: max-age=86400
x-time-ng: 0.001
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 17689
cache: HIT
x-cached-since: 2025-04-14T12:38:46+00:00
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7JGWL9SV66&cid=1692956508.1744652026&gtm=45je5490v897130004za200zb9180563600&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=102509682~102803279~102813109~102887800~102926062~103021830~103027016~103050889~103051953~103055465&tag_exp=102509682~102803279~102813109~102887800~102926062~103021830~103027016~103050889~103051953~103055465&z=2115054786

142.250.74.131

200 OK

42 B

URL GET
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7JGWL9SV66&cid=1692956508.1744652026&gtm=45je5490v897130004za200zb9180563600&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=102509682~102803279~102813109~102887800~102926062~103021830~103027016~103050889~103051953~103055465&tag_exp=102509682~102803279~102813109~102887800~102926062~103021830~103027016~103050889~103051953~103055465&z=2115054786
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerGoogle Trust Services
Subject*.google.no
Fingerprint9A:A1:61:22:E4:39:37:BB:8A:D5:7B:0F:F9:95:18:78:6A:FF:67:B0
ValidityThu, 20 Mar 2025 11:21:32 GMT - Thu, 12 Jun 2025 11:21:31 GMT

File type
GIF image data, version 89a, 1 x 1
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7JGWL9SV66&cid=1692956508.1744652026&gtm=45je5490v897130004za200zb9180563600&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=102509682~102803279~102813109~102887800~102926062~103021830~103027016~103050889~103051953~103055465&tag_exp=102509682~102803279~102813109~102887800~102926062~103021830~103027016~103050889~103051953~103055465&z=2115054786 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-077216.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 14 Apr 2025 17:33:46 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/e3dd2d416ede1d7659584842878349f6.json

185.244.209.62

200 OK

1.1 kB

URL GET
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/e3dd2d416ede1d7659584842878349f6.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
1.1 kB (1085 bytes)
Hash
338264fc869e8f0b86b0d6c9d92102b0
83b4d35816df0e1486b766251e74d23f28b77824
015355a44429f40dd63b566dd1e9b1b76af3dfa28dcd25a43e82820ba0847b8d

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/e3dd2d416ede1d7659584842878349f6.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-077216.top/
Origin: https://1xlite-077216.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:34 GMT
content-type: application/json
traceparent: 00-ca0135985434178bed9ce7f308ab977a-10b26fb5e5fe7c6a-01
last-modified: Thu, 16 May 2024 19:05:13 GMT
etag: W/"338264fc869e8f0b86b0d6c9d92102b0"
content-encoding: gzip
expires: Thu, 16 Jan 2025 11:19:55 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 3480
cache: HIT
x-cached-since: 2025-04-14T16:35:34+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/60608cbba85ee2e8946c25b55281a0bc.json

185.244.209.62

200 OK

328 B

URL GET
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/60608cbba85ee2e8946c25b55281a0bc.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
328 B (328 bytes)
Hash
4347fc050ebe622e30a7bf78a213b5a0
c05b3b571980b01ff9f07e6adc1c29c58be70bd1
ed1b1193a248bf273141c31b7f74dd1224416b3757e5a71f2e7d579c50d65d57

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/60608cbba85ee2e8946c25b55281a0bc.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-077216.top/
Origin: https://1xlite-077216.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:34 GMT
content-type: application/json
content-length: 328
traceparent: 00-a07ccfc88b84fa49d8fe39691e41fbf7-e0a4dac3f5dce461-01
last-modified: Thu, 27 Feb 2025 10:51:50 GMT
etag: "4347fc050ebe622e30a7bf78a213b5a0"
expires: Thu, 27 Feb 2025 12:17:56 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 1036
cache: HIT
x-cached-since: 2025-04-14T17:16:18+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

1xlite-077216.top/captcha-api/assets/hunt-captcha.js

83.147.224.2

200 OK

76 kB

URL GET
1xlite-077216.top/captcha-api/assets/hunt-captcha.js
IP
83.147.224.2:443
ASN
#0

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerLet's Encrypt
Subject1xlite-077216.top
Fingerprint1B:5A:D9:82:17:44:CF:93:9C:43:C1:58:12:A0:E9:1D:AE:93:92:1B
ValidityTue, 11 Mar 2025 05:20:06 GMT - Mon, 09 Jun 2025 05:20:05 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
76 kB (75476 bytes)
Hash
dc17316c3253cb1f9b97aa0110a6acec
a03cb594e0418a35aa582b01cc7fb90caa5affce
d73e88a32628d646d1521035a4e2ef390f404d780cfc8e273905257bb247b71a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /captcha-api/assets/hunt-captcha.js HTTP/1.1
Host: 1xlite-077216.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-077216.top/en/block
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_4175298m_97c_PU_VE_PA_SB_MB_1XBET_PUSH%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_4175298m_97c_PU_VE_PA_SB_MB_1XBET_PUSH; postback_watcher=%7B%22tag%22%3A%22d_4175298m_97c_PU_VE_PA_SB_MB_1XBET_PUSH%22%2C%22pb%22%3A%227ceb261dfb824837b0d185a5d0c3c180%22%2C%22click_id%22%3A%22wf7v2mdp899lv1593hgci6fq%22%7D; auid=U5PgAmf9RuqfrpWMAyNtAg==; window_width=1280; che_g=b8f5ae6a-7ed3-3118-4d8c-708221b781c6; SESSION=b5a1e8ee78f67a1d90178a8fa2335f39
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:42 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=300
content-encoding: br
vary: Accept-Encoding
x-dt: 285
x-request-id: 9d2ec35e37e4270335d6c5f9d427c66d
x-time-ng: 0.001
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=0.085, wf-uht;dur=0.022
X-Firefox-Spdy: h2

affpa.top/L?tag=d_4175298m_97c_PU_VE_PA_SB_MB_1XBET_PUSH&pb=7ceb261dfb824837b0d185a5d0c3c180&click_id=wf7v2mdp899lv1593hgci6fq

83.147.205.153

303 See Other

271 kB

URL User Request GET
affpa.top/L?tag=d_4175298m_97c_PU_VE_PA_SB_MB_1XBET_PUSH&pb=7ceb261dfb824837b0d185a5d0c3c180&click_id=wf7v2mdp899lv1593hgci6fq
IP
83.147.205.153:443
ASN
#202492 Silverhill Group Holding Ltd

Certificate
IssuerLet's Encrypt
Subjectaffpa.top
Fingerprint15:B9:7F:C7:CF:9F:B7:D1:8D:6D:64:8F:ED:4E:FB:91:7E:E3:8C:C7
ValidityMon, 03 Mar 2025 05:20:51 GMT - Sun, 01 Jun 2025 05:20:50 GMT

File type

Size
271 kB (271217 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /L?tag=d_4175298m_97c_PU_VE_PA_SB_MB_1XBET_PUSH&pb=7ceb261dfb824837b0d185a5d0c3c180&click_id=wf7v2mdp899lv1593hgci6fq HTTP/1.1
Host: affpa.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 303 See Other
server: nginx
date: Mon, 14 Apr 2025 17:33:29 GMT
location: https://1xlite-077216.top:443/en?tag=d_4175298m_97c_PU_VE_PA_SB_MB_1XBET_PUSH&pb=7ceb261dfb824837b0d185a5d0c3c180&click_id=wf7v2mdp899lv1593hgci6fq
set-cookie: A_97_v=0; expires=Tue, 15 Apr 2025 17:33:29 GMT; path=/; secure
A_97_c=1; expires=Tue, 15 Apr 2025 17:33:29 GMT; path=/; secure
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.010
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_auth/en/dictionary_6fd808fb8bddfa34e1b8690979746ec1.json

185.244.209.62

200 OK

9.1 kB

URL GET
v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_auth/en/dictionary_6fd808fb8bddfa34e1b8690979746ec1.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
9.1 kB (9060 bytes)
Hash
549f5ea53f251dc23280ebb060f74d1c
61365431838a0dcfa16cc713641a583bf9c4783c
ab96a452ca36608c8b750d00413cf6b38080c24fcb473adbbe13aa033d3aca38

HTTP Headers

GET /genfiles/web-app-v2/dictionary2/v3_auth/en/dictionary_6fd808fb8bddfa34e1b8690979746ec1.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-077216.top/
Origin: https://1xlite-077216.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:33 GMT
content-type: application/json; charset=utf-8
traceparent: 00-0a0f85117229309d1a62ed9b4152bc19-af996c726de6e470-01
last-modified: Fri, 28 Mar 2025 10:05:50 GMT
etag: W/"549f5ea53f251dc23280ebb060f74d1c"
cache-control: max-age=3600
content-encoding: gzip
expires: Fri, 28 Mar 2025 11:35:17 GMT
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 3080
cache: HIT
x-cached-since: 2025-04-14T16:42:13+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/8192228305b202797f207eeb6842287c.png

185.244.209.62

200 OK

5.2 kB

URL GET
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/8192228305b202797f207eeb6842287c.png
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
PNG image data, 514 x 514, 8-bit colormap, non-interlaced
Size
5.2 kB (5202 bytes)
Hash
b9a636eef54b2844b571fe7de49184a7
bf653690790ced40eb3189da075a275d951d1607
001bfcdd52b658d46543a1aec889d35b73b3909b47097cc011b95e96fc9e3743

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/8192228305b202797f207eeb6842287c.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-077216.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:34 GMT
content-type: image/png
content-length: 5202
traceparent: 00-ff2c55aef37f8cfe4ed67db94ff53c14-452c4c3f5fbab3b9-01
last-modified: Wed, 26 Jun 2024 08:22:59 GMT
etag: "b9a636eef54b2844b571fe7de49184a7"
expires: Thu, 16 Jan 2025 11:18:57 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/shared-assets/__shared_fast_deep_equal_4DKQVMAE.js

185.244.209.62

200 OK

865 B

URL GET
v3.traincdn.com/sys-static/shared-assets/__shared_fast_deep_equal_4DKQVMAE.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (840)
Size
865 B (865 bytes)
Hash
b83f09e2c933f2aafd2e97f88f23d81f
c5c5ff5f8b7cd801781559b42c365a16e6839800
f584585b1dce860bf95b8270b60680af7022244f6723ed8f01fe3967780c6aae

HTTP Headers

GET /sys-static/shared-assets/__shared_fast_deep_equal_4DKQVMAE.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-077216.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:34 GMT
content-type: text/javascript; charset=utf-8
content-length: 865
traceparent: 00-167b9a7500bc3d5b932def80f93bcd08-16dfa7f67e4982b0-01
last-modified: Mon, 14 Apr 2025 10:09:26 GMT
etag: "b83f09e2c933f2aafd2e97f88f23d81f"
x-amz-meta-mtime: 1744624991.426910684
expires: Tue, 15 Apr 2025 10:58:32 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 23702
cache: HIT
x-cached-since: 2025-04-14T10:58:32+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/shared-assets/__shared_popper_js_EEH7JIJK.js

185.244.209.62

200 OK

21 kB

URL GET
v3.traincdn.com/sys-static/shared-assets/__shared_popper_js_EEH7JIJK.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (21232)
Size
21 kB (21252 bytes)
Hash
65baa1e0e10c3b0e4763d35e76999e25
a21b6807691f637324b24296803e05b64fc4c694
610516103d1262a5c7d3f5481f3f54328723386634607085bf0cfc631ad0ab3f

HTTP Headers

GET /sys-static/shared-assets/__shared_popper_js_EEH7JIJK.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-077216.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:34 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-3d729bdc587d5182c90b68d88cb99995-7d81d0c17fc09644-01
last-modified: Mon, 14 Apr 2025 10:38:03 GMT
etag: W/"65baa1e0e10c3b0e4763d35e76999e25"
x-amz-meta-mtime: 1744626774.630237916
content-encoding: gzip
expires: Tue, 15 Apr 2025 12:21:26 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 18728
cache: HIT
x-cached-since: 2025-04-14T12:21:26+00:00
X-Firefox-Spdy: h2

1xlite-077216.top/hd-api/external/0196355d-31b8-733c-91cd-25fa9e4dbcca.js

83.147.224.2

200 OK

335 kB

URL GET
1xlite-077216.top/hd-api/external/0196355d-31b8-733c-91cd-25fa9e4dbcca.js
IP
83.147.224.2:443
ASN
#0

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerLet's Encrypt
Subject1xlite-077216.top
Fingerprint1B:5A:D9:82:17:44:CF:93:9C:43:C1:58:12:A0:E9:1D:AE:93:92:1B
ValidityTue, 11 Mar 2025 05:20:06 GMT - Mon, 09 Jun 2025 05:20:05 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
335 kB (335410 bytes)
Hash
09a2e33c42ea728b40bea41afb39a053
87f3706cb1c3cb167d2748bfed60715b11d1cce8
2e6c21da34e7c3cb0d1992b1947729f15e64d9569cad1f7b301647ce899a41ba

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /hd-api/external/0196355d-31b8-733c-91cd-25fa9e4dbcca.js HTTP/1.1
Host: 1xlite-077216.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-077216.top/en/block
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_4175298m_97c_PU_VE_PA_SB_MB_1XBET_PUSH%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_4175298m_97c_PU_VE_PA_SB_MB_1XBET_PUSH; postback_watcher=%7B%22tag%22%3A%22d_4175298m_97c_PU_VE_PA_SB_MB_1XBET_PUSH%22%2C%22pb%22%3A%227ceb261dfb824837b0d185a5d0c3c180%22%2C%22click_id%22%3A%22wf7v2mdp899lv1593hgci6fq%22%7D; auid=U5PgAmf9RuqfrpWMAyNtAg==; window_width=1280; che_g=b8f5ae6a-7ed3-3118-4d8c-708221b781c6; SESSION=b5a1e8ee78f67a1d90178a8fa2335f39
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:42 GMT
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=0, must-revalidate
content-encoding: gzip
vary: Accept-Encoding
x-dt: 285
x-hd-trace-id: fcefe563-be4b-4139-973e-336ab982ffdc
x-request-guid: 57e5077452451514bcf225a7135d6e87
x-time-ng: 0.002
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=0.009, wf-uht;dur=0.017
X-Firefox-Spdy: h2

radar.cedexis.com/1707728419/stub.js

45.54.49.5

200 OK

390 B

URL GET
radar.cedexis.com/1707728419/stub.js
IP
45.54.49.5:443
ASN
#63911 NetActuate, Inc

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerDigiCert Inc
Subjectradar.cedexis.com
FingerprintA2:3E:30:19:D5:41:3A:11:81:58:E3:B1:6F:F4:D2:78:0B:44:6F:D0
ValidityFri, 07 Mar 2025 00:00:00 GMT - Fri, 06 Mar 2026 23:59:59 GMT

File type
JavaScript source, ASCII text
Size
390 B (390 bytes)
Hash
82dec77fd0353c7c71ce053b8601387e
fbbca95419e1d0c042e0a5fdf10f380aca66188c
39f2b7b0fa78d37d0c84d2d6618bd635d86fd683d9bcdd5729850cb2a62522f7

HTTP Headers

GET /1707728419/stub.js HTTP/1.1
Host: radar.cedexis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-077216.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 14 Apr 2025 17:33:45 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 12 Feb 2024 09:51:14 GMT
Vary: Accept-Encoding
ETag: W/"65c9ea12-186"
Expires: Mon, 28 Apr 2025 17:33:45 GMT
Cache-Control: max-age=1209600, public
Content-Encoding: gzip

1xlite-077216.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json

83.147.224.2

200 OK

23 B

URL POST
1xlite-077216.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json
IP
83.147.224.2:443
ASN
#0

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerLet's Encrypt
Subject1xlite-077216.top
Fingerprint1B:5A:D9:82:17:44:CF:93:9C:43:C1:58:12:A0:E9:1D:AE:93:92:1B
ValidityTue, 11 Mar 2025 05:20:06 GMT - Mon, 09 Jun 2025 05:20:05 GMT

File type
JSON text data
Size
23 B (23 bytes)
Hash
6fb9ecb2735ad5dc49467089cb17d501
f1ce3b90a6e8ad19cf157bf8e1249040676d1aad
d8d541e48731ec69145aff79667a25dc4a2a335e33cc7553715fb1e5c9bbcc0c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json HTTP/1.1
Host: 1xlite-077216.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-077216.top/en/block
Content-Type: application/json
X-Lang: en
X-Uuid: ab510b0b-b7de-4267-866c-fa9b379e3709
Content-Length: 72
Origin: https://1xlite-077216.top
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_4175298m_97c_PU_VE_PA_SB_MB_1XBET_PUSH%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_4175298m_97c_PU_VE_PA_SB_MB_1XBET_PUSH; postback_watcher=%7B%22tag%22%3A%22d_4175298m_97c_PU_VE_PA_SB_MB_1XBET_PUSH%22%2C%22pb%22%3A%227ceb261dfb824837b0d185a5d0c3c180%22%2C%22click_id%22%3A%22wf7v2mdp899lv1593hgci6fq%22%7D; auid=U5PgAmf9RuqfrpWMAyNtAg==; window_width=1280; che_g=b8f5ae6a-7ed3-3118-4d8c-708221b781c6
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:35 GMT
content-type: application/json
content-length: 23
x-dt: 285
x-time-ng: 0.000
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=0.086, wf-uht;dur=0.008
X-Firefox-Spdy: h2

1xlite-077216.top/web-api/session

83.147.224.2

204 No Content

0 B

URL GET
1xlite-077216.top/web-api/session
IP
83.147.224.2:443
ASN
#0

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerLet's Encrypt
Subject1xlite-077216.top
Fingerprint1B:5A:D9:82:17:44:CF:93:9C:43:C1:58:12:A0:E9:1D:AE:93:92:1B
ValidityTue, 11 Mar 2025 05:20:06 GMT - Mon, 09 Jun 2025 05:20:05 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /web-api/session HTTP/1.1
Host: 1xlite-077216.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-077216.top/en/block
content-type: application/json
x-requested-with: XMLHttpRequest
x-app-n: v3-nuxt2
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_4175298m_97c_PU_VE_PA_SB_MB_1XBET_PUSH%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_4175298m_97c_PU_VE_PA_SB_MB_1XBET_PUSH; postback_watcher=%7B%22tag%22%3A%22d_4175298m_97c_PU_VE_PA_SB_MB_1XBET_PUSH%22%2C%22pb%22%3A%227ceb261dfb824837b0d185a5d0c3c180%22%2C%22click_id%22%3A%22wf7v2mdp899lv1593hgci6fq%22%7D; auid=U5PgAmf9RuqfrpWMAyNtAg==; window_width=1280; che_g=b8f5ae6a-7ed3-3118-4d8c-708221b781c6
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
server: nginx
date: Mon, 14 Apr 2025 17:33:42 GMT
cache-control: no-cache, private
server-timing: dt_total;dur=0.107, p;dur=15.27, wf-uht;dur=0.027
set-cookie: ua=deleted; expires=Thu, 01 Jan 1970 00:00:01 GMT; Max-Age=0; path=/
SESSION=b5a1e8ee78f67a1d90178a8fa2335f39; path=/; secure; httponly; samesite=lax
x-dt: 285
x-time-ng: 0.017, 0.017
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

1xlite-077216.top/hd-api/external/apps/c5e31d5915661de4393e3f1489b00ebc4497dd48/api.js

83.147.224.2

200 OK

753 B

URL GET
1xlite-077216.top/hd-api/external/apps/c5e31d5915661de4393e3f1489b00ebc4497dd48/api.js
IP
83.147.224.2:443
ASN
#0

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerLet's Encrypt
Subject1xlite-077216.top
Fingerprint1B:5A:D9:82:17:44:CF:93:9C:43:C1:58:12:A0:E9:1D:AE:93:92:1B
ValidityTue, 11 Mar 2025 05:20:06 GMT - Mon, 09 Jun 2025 05:20:05 GMT

File type
JavaScript source, ASCII text, with very long lines (752)
Size
753 B (753 bytes)
Hash
f004562bde4d48fb0987e200eb06f3af
6ce4bb1f9a61802bc2b28d084810a6a752af30a6
ba2a7d9626d02a36d5c599c2e0f24594f47e2624d8fa93f6944056722e31f20f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /hd-api/external/apps/c5e31d5915661de4393e3f1489b00ebc4497dd48/api.js HTTP/1.1
Host: 1xlite-077216.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-077216.top/en/block
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_4175298m_97c_PU_VE_PA_SB_MB_1XBET_PUSH%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_4175298m_97c_PU_VE_PA_SB_MB_1XBET_PUSH; postback_watcher=%7B%22tag%22%3A%22d_4175298m_97c_PU_VE_PA_SB_MB_1XBET_PUSH%22%2C%22pb%22%3A%227ceb261dfb824837b0d185a5d0c3c180%22%2C%22click_id%22%3A%22wf7v2mdp899lv1593hgci6fq%22%7D; auid=U5PgAmf9RuqfrpWMAyNtAg==; window_width=1280; che_g=b8f5ae6a-7ed3-3118-4d8c-708221b781c6; SESSION=b5a1e8ee78f67a1d90178a8fa2335f39
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:42 GMT
content-type: text/javascript; charset=utf-8
content-length: 490
cache-control: public, max-age=300
content-encoding: gzip
etag: f004562bde4d48fb0987e200eb06f3af
vary: Accept-Encoding
x-dt: 285
x-request-guid: ece46aabb409ad2ed525b337c8826084
x-time-ng: 0.021
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=0.104, wf-uht;dur=0.036
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/main-static/b6a5d9e8/desktop/default/css/5f988cb6.css

185.244.209.62

200 OK

62 kB

URL GET
v3.traincdn.com/main-static/b6a5d9e8/desktop/default/css/5f988cb6.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
ASCII text, with very long lines (61962), with no line terminators
Size
62 kB (61962 bytes)
Hash
068aee57159546ad05cb4dcbb5169c78
8114a6a4a261053b3e5069f98949d7b444796ea2
9e249fa781e2736da397ebe4cb14726748c7a1031da21ff41c079397dcf1fbf9

HTTP Headers

GET /main-static/b6a5d9e8/desktop/default/css/5f988cb6.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-077216.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:30 GMT
content-type: text/css; charset=utf-8
traceparent: 00-65609254441da5739949e754488040f6-569e065b9891d2e3-01
last-modified: Fri, 11 Apr 2025 12:05:26 GMT
etag: W/"068aee57159546ad05cb4dcbb5169c78"
x-amz-meta-mtime: 1744373125.227880166
content-encoding: gzip
expires: Sat, 12 Apr 2025 12:21:05 GMT
cache-control: max-age=86400
x-time-ng: 0.001
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 18406
cache: HIT
x-cached-since: 2025-04-14T12:26:44+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/main-static/b6a5d9e8/desktop/default/Page.Block-b0fdbc4e.js

185.244.209.62

200 OK

476 B

URL GET
v3.traincdn.com/main-static/b6a5d9e8/desktop/default/Page.Block-b0fdbc4e.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (476), with no line terminators
Size
476 B (476 bytes)
Hash
462d676b0a8a256557d6a23db60a6e1e
fc8fedb7dcfff78a9b0ec050f1e31301a979258a
c94b55a494c76eddaf2d922b68f01f95b389a61b6f9f10a0b7cbd5b8e6aabe87

HTTP Headers

GET /main-static/b6a5d9e8/desktop/default/Page.Block-b0fdbc4e.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-077216.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:31 GMT
content-type: text/javascript; charset=utf-8
content-length: 476
traceparent: 00-ac74e33ccfce189410578109597efc46-c9e9cd2ab2b92e78-01
last-modified: Fri, 11 Apr 2025 12:05:26 GMT
etag: "462d676b0a8a256557d6a23db60a6e1e"
x-amz-meta-mtime: 1744373125.203879946
expires: Sat, 12 Apr 2025 12:21:27 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 18406
cache: HIT
x-cached-since: 2025-04-14T12:26:45+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/b5cd9a5e87d930de856c92da15aa121e.png

185.244.209.62

200 OK

653 B

URL GET
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/b5cd9a5e87d930de856c92da15aa121e.png
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
PNG image data, 32 x 32, 8-bit colormap, non-interlaced
Size
653 B (653 bytes)
Hash
e6f0766cbd95db33da44e7a9140648f2
5f196b1bfe8c3f92bd2ebcd67124e72e81ae6aaf
c0399d478788d5d483f104a2e8cb7c32f41cb40e9df0c22e831b2bfa2db63ec0

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/b5cd9a5e87d930de856c92da15aa121e.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-077216.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:32 GMT
content-type: image/png
content-length: 653
traceparent: 00-3ae76324aa8f89f1f4dbdf597734ea52-6f019d86efcbd731-01
last-modified: Wed, 26 Jun 2024 08:18:02 GMT
etag: "e6f0766cbd95db33da44e7a9140648f2"
expires: Thu, 16 Jan 2025 10:46:36 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 70
cache: HIT
x-cached-since: 2025-04-14T17:32:22+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_forgot_password/en/dictionary_28cb4e6b9a8be3afbcbc2a6b22ab3393.json

185.244.209.62

200 OK

3.5 kB

URL GET
v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_forgot_password/en/dictionary_28cb4e6b9a8be3afbcbc2a6b22ab3393.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
3.5 kB (3497 bytes)
Hash
273bec90c875f74d2f5ef70f9e32db45
f46d2fe53dbb25c9b9ddc3cabb5731ca38f8f1e7
cd0f959ce14dedb8fd75b1844e40ba237d747c2bb83a87dcabd0d71564eaed21

HTTP Headers

GET /genfiles/web-app-v2/dictionary2/v3_forgot_password/en/dictionary_28cb4e6b9a8be3afbcbc2a6b22ab3393.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-077216.top/
Origin: https://1xlite-077216.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:33 GMT
content-type: application/json; charset=utf-8
traceparent: 00-e6cf7a392a2cb53cf01d276f60213208-92e0de307cd2a8c4-01
last-modified: Tue, 03 Dec 2024 08:05:32 GMT
etag: W/"273bec90c875f74d2f5ef70f9e32db45"
cache-control: max-age=3600
content-encoding: gzip
expires: Thu, 16 Jan 2025 10:56:28 GMT
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 1422
cache: HIT
x-cached-since: 2025-04-14T17:09:51+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_block_pages/en/dictionary_2579b0e62e11dfdc9944af80a7135015.json

185.244.209.62

200 OK

2.0 kB

URL GET
v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_block_pages/en/dictionary_2579b0e62e11dfdc9944af80a7135015.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
2.0 kB (1994 bytes)
Hash
69ebea31f035c654ca3d565d6a96540e
b7df11010a364288379567ffda91c3c3e72ed421
cfb58a8e56d58b8624167a718d6b6c5a0f4c0d596d1c4f26d669297c7b25d677

HTTP Headers

GET /genfiles/web-app-v2/dictionary2/v3_block_pages/en/dictionary_2579b0e62e11dfdc9944af80a7135015.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-077216.top/
Origin: https://1xlite-077216.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:34 GMT
content-type: application/json; charset=utf-8
traceparent: 00-514f008e1de2dc7cf2375b3604d82e2b-106f4969147710bd-01
last-modified: Fri, 15 Nov 2024 09:45:51 GMT
etag: W/"69ebea31f035c654ca3d565d6a96540e"
cache-control: max-age=3600
content-encoding: gzip
expires: Thu, 16 Jan 2025 10:55:29 GMT
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
cache: REVALIDATED
X-Firefox-Spdy: h2

radar.cedexis.com/1/23802/radar.js

45.54.49.5

302 Moved Temporarily

390 B

URL GET
radar.cedexis.com/1/23802/radar.js
IP
45.54.49.5:443
ASN
#63911 NetActuate, Inc

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerDigiCert Inc
Subjectradar.cedexis.com
FingerprintA2:3E:30:19:D5:41:3A:11:81:58:E3:B1:6F:F4:D2:78:0B:44:6F:D0
ValidityFri, 07 Mar 2025 00:00:00 GMT - Fri, 06 Mar 2026 23:59:59 GMT

File type

Size
390 B (390 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /1/23802/radar.js HTTP/1.1
Host: radar.cedexis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-077216.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Mon, 14 Apr 2025 17:33:45 GMT
Content-Type: text/html
Content-Length: 138
Connection: keep-alive
Location: /1707728419/stub.js
Expires: Mon, 14 Apr 2025 17:43:45 GMT
Cache-Control: max-age=600
Vary: User-Agent,DNT

v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2

185.244.209.62

200 OK

64 kB

URL GET
v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 63748, version 1.0
Size
64 kB (63748 bytes)
Hash
6887b6f24414dbc612dbf42ccdc76b70
8068d3abfbc6cbf35b55919da45b1f4d2d136238
fc5c015fc32518f1ed810fa84ca28941eb9d5a3c81acc8df69a4dbbeedef7b0c

HTTP Headers

GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-077216.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:43 GMT
content-type: font/woff2
content-length: 63748
traceparent: 00-3e33693c3f573e9056b0a0a57853b411-c433a110793e9a60-01
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "6887b6f24414dbc612dbf42ccdc76b70"
expires: Thu, 16 Jan 2025 10:32:14 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 1514
cache: HIT
x-cached-since: 2025-04-14T17:08:29+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_coupon/en/dictionary_2d0cf60e9fb212756a63d2a980175e55.json

185.244.209.62

200 OK

24 kB

URL GET
v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_coupon/en/dictionary_2d0cf60e9fb212756a63d2a980175e55.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
24 kB (24458 bytes)
Hash
b6cd7b4ae0bb70c8585f44428a447174
9785d8e5877057dcd9c789132332f9cbe04d87dd
59517fef5354e27746712247067406f6c8bd52a7d8e0bad52e14cffdbaa5df26

HTTP Headers

GET /genfiles/web-app-v2/dictionary2/v3_coupon/en/dictionary_2d0cf60e9fb212756a63d2a980175e55.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-077216.top/
Origin: https://1xlite-077216.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:33 GMT
content-type: application/json; charset=utf-8
traceparent: 00-2c52951b18479c82e41765418cd1a6ef-84b653abd045ccdd-01
last-modified: Tue, 08 Apr 2025 10:06:05 GMT
etag: W/"b6cd7b4ae0bb70c8585f44428a447174"
cache-control: max-age=3600
content-encoding: gzip
expires: Tue, 08 Apr 2025 11:21:27 GMT
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 2718
cache: HIT
x-cached-since: 2025-04-14T16:48:15+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_reset_password/en/dictionary_612c6e919ca15d39cc751a619a3952c7.json

185.244.209.62

200 OK

765 B

URL GET
v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_reset_password/en/dictionary_612c6e919ca15d39cc751a619a3952c7.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
765 B (765 bytes)
Hash
00f980f23f1b4c1ccee99ed49e0a8feb
4cb07094de9bffff1bf81d94446280b91013b660
bb3be3377fbb8e66a4b5a8a3866dfd865a37cb4a96482ab2f439981e03b57cea

HTTP Headers

GET /genfiles/web-app-v2/dictionary2/v3_reset_password/en/dictionary_612c6e919ca15d39cc751a619a3952c7.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-077216.top/
Origin: https://1xlite-077216.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:33 GMT
content-type: application/json; charset=utf-8
content-length: 765
traceparent: 00-be5be0785d29d3f65852dd8d77c79052-8cd378f305f4a157-01
last-modified: Wed, 11 Oct 2023 12:52:53 GMT
etag: "00f980f23f1b4c1ccee99ed49e0a8feb"
cache-control: max-age=3600
expires: Thu, 16 Jan 2025 10:53:47 GMT
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/ca0b35c4fc049f15180d875f935913b8.json

185.244.209.62

200 OK

9.3 kB

URL GET
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/ca0b35c4fc049f15180d875f935913b8.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
9.3 kB (9330 bytes)
Hash
ca7f8dc261bfa0bedbe26c6196957093
201939c20640df2ad6fbe79bc165b2e2d19bc65b
9d7da7f9fd8b6eb344298507d3e2afd038623c0e46dee2a018c0e3ecd667f203

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/ca0b35c4fc049f15180d875f935913b8.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-077216.top/
Origin: https://1xlite-077216.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:33 GMT
content-type: application/json
traceparent: 00-8d6a5cc0f5ee238a0f2204b8f81d70d0-a68ed5688186e2ee-01
last-modified: Wed, 20 Nov 2024 09:20:07 GMT
etag: W/"ca7f8dc261bfa0bedbe26c6196957093"
content-encoding: gzip
expires: Thu, 16 Jan 2025 10:57:42 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 1041
cache: HIT
x-cached-since: 2025-04-14T17:16:12+00:00
X-Firefox-Spdy: h2

1xlite-077216.top/checker/redirect/stat/run/

83.147.224.2

200 OK

14 B

URL GET
1xlite-077216.top/checker/redirect/stat/run/
IP
83.147.224.2:443
ASN
#0

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerLet's Encrypt
Subject1xlite-077216.top
Fingerprint1B:5A:D9:82:17:44:CF:93:9C:43:C1:58:12:A0:E9:1D:AE:93:92:1B
ValidityTue, 11 Mar 2025 05:20:06 GMT - Mon, 09 Jun 2025 05:20:05 GMT

File type
JSON text data
Size
14 B (14 bytes)
Hash
2de0d0acfd684235f066bd0ec0c9e3df
68d0cb64805a42d7e40f43e8e198986b43dd6b69
9682f312f23e078bb135f23ea5a178b178e75c02d33672f20044d18c6d258928

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /checker/redirect/stat/run/ HTTP/1.1
Host: 1xlite-077216.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-077216.top/en/block
content-type: application/json
x-requested-with: XMLHttpRequest
x-app-n: v3-nuxt2
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_4175298m_97c_PU_VE_PA_SB_MB_1XBET_PUSH%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_4175298m_97c_PU_VE_PA_SB_MB_1XBET_PUSH; postback_watcher=%7B%22tag%22%3A%22d_4175298m_97c_PU_VE_PA_SB_MB_1XBET_PUSH%22%2C%22pb%22%3A%227ceb261dfb824837b0d185a5d0c3c180%22%2C%22click_id%22%3A%22wf7v2mdp899lv1593hgci6fq%22%7D; auid=U5PgAmf9RuqfrpWMAyNtAg==; window_width=1280; che_g=b8f5ae6a-7ed3-3118-4d8c-708221b781c6
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:34 GMT
content-type: application/json
content-length: 14
x-time-ng: 0.000
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.008
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/56f58c6d078ff0e8f698576f33bb478d.json

185.244.209.62

200 OK

3.6 kB

URL GET
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/56f58c6d078ff0e8f698576f33bb478d.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
3.6 kB (3557 bytes)
Hash
4b08975411699bcd7464f49777e866bf
2a9b0a0f3eadf5f3e1ef688bacd9560dd59c73d2
b6208d18413f8988db2e0040ff72516c0cb5e06d3d9692b5b098808ab46fc378

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/56f58c6d078ff0e8f698576f33bb478d.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-077216.top/
Origin: https://1xlite-077216.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:34 GMT
content-type: application/json
traceparent: 00-5bebfe3674e600f8c1a2eccf8564fdac-548624c2aec12cbd-01
last-modified: Thu, 27 Feb 2025 09:06:12 GMT
etag: W/"4b08975411699bcd7464f49777e866bf"
content-encoding: gzip
expires: Thu, 27 Feb 2025 10:17:14 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 1036
cache: HIT
x-cached-since: 2025-04-14T17:16:18+00:00
X-Firefox-Spdy: h2

1xlite-077216.top/hd-api/external/verify

83.147.224.2

200 OK

721 B

URL POST
1xlite-077216.top/hd-api/external/verify
IP
83.147.224.2:443
ASN
#0

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerLet's Encrypt
Subject1xlite-077216.top
Fingerprint1B:5A:D9:82:17:44:CF:93:9C:43:C1:58:12:A0:E9:1D:AE:93:92:1B
ValidityTue, 11 Mar 2025 05:20:06 GMT - Mon, 09 Jun 2025 05:20:05 GMT

File type
JSON text data
Size
721 B (721 bytes)
Hash
521b5c8025081e5a64ec6a20cc650f54
a219edfb8709da050aa8ed3c4360e420770a3dab
5d6faaafad1acbe5a37c1a01344024383b45e915a7ab345a29bad874dc216a71

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /hd-api/external/verify HTTP/1.1
Host: 1xlite-077216.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-077216.top/en/block
Content-Type: text/plain;charset=UTF-8
Content-Length: 108565
Origin: https://1xlite-077216.top
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_4175298m_97c_PU_VE_PA_SB_MB_1XBET_PUSH%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_4175298m_97c_PU_VE_PA_SB_MB_1XBET_PUSH; postback_watcher=%7B%22tag%22%3A%22d_4175298m_97c_PU_VE_PA_SB_MB_1XBET_PUSH%22%2C%22pb%22%3A%227ceb261dfb824837b0d185a5d0c3c180%22%2C%22click_id%22%3A%22wf7v2mdp899lv1593hgci6fq%22%7D; auid=U5PgAmf9RuqfrpWMAyNtAg==; window_width=1280; che_g=b8f5ae6a-7ed3-3118-4d8c-708221b781c6; SESSION=b5a1e8ee78f67a1d90178a8fa2335f39
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:45 GMT
content-type: application/json
content-length: 597
content-encoding: gzip
vary: Accept-Encoding
x-dt: 285
x-request-guid: e1d14458f0f8f263646bf3967b460002
x-time-ng: 0.009
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=0.013, wf-uht;dur=0.038
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/destination?id=DC-14030178&l=dataLayer&cx=c&gtm=45He5490v9180563600za200&tag_exp=102509682~102803279~102813109~102887800~102926062~103021830~103027016~103050889~103051953~103055465

142.250.74.168

200 OK

278 kB

URL GET
www.googletagmanager.com/gtag/destination?id=DC-14030178&l=dataLayer&cx=c&gtm=45He5490v9180563600za200&tag_exp=102509682~102803279~102813109~102887800~102926062~103021830~103027016~103050889~103051953~103055465
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint88:85:26:A3:0A:0B:44:C6:92:DD:7B:0B:D1:14:38:BA:26:B9:EF:D9
ValidityThu, 20 Mar 2025 11:18:39 GMT - Thu, 12 Jun 2025 11:18:38 GMT

File type
JavaScript source, ASCII text, with very long lines (5436)
Size
278 kB (277999 bytes)
Hash
188a71d76f69fab950749ec02865cada
d3d6b3a1ee9fbbe1973ba1745b38c13e378fa8bb
3bdc4051bf1552df513f1edb51e24f37596e45098fe24e043e6c604ed98bf982

HTTP Headers

GET /gtag/destination?id=DC-14030178&l=dataLayer&cx=c&gtm=45He5490v9180563600za200&tag_exp=102509682~102803279~102813109~102887800~102926062~103021830~103027016~103050889~103051953~103055465 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-077216.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 14 Apr 2025 17:33:46 GMT
expires: Mon, 14 Apr 2025 17:33:46 GMT
cache-control: private, max-age=900
last-modified: Mon, 14 Apr 2025 17:04:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcysghrgc:42:0
report-to: {"group":"ascgcysghrgc:42:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
server: Google Tag Manager
content-length: 98774
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

region1.analytics.google.com/g/collect?v=2&tid=G-7JGWL9SV66&gtm=45je5490v897130004za200zb9180563600&_p=1744652025077&em=tv.1~em.ODS1igyfeIhzOTHENqwIfH1sb8t0oxg8FT6iY2YCmeo&_gaz=1&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=102509682~102803279~102813109~102887800~102926062~103021830~103027016~103050889~103051953~103055465&cid=1692956508.1744652026&ecid=1891032561&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&ec_mode=a&_s=2&sid=1744652026&sct=1&seg=0&dl=https%3A%2F%2F1xlite-077216.top%2Fen%2Fblock&dt=1xBet&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.optimize_id=GTM-5R4MT54&tfd=17251

216.239.34.36

204 No Content

0 B

URL POST
region1.analytics.google.com/g/collect?v=2&tid=G-7JGWL9SV66&gtm=45je5490v897130004za200zb9180563600&_p=1744652025077&em=tv.1~em.ODS1igyfeIhzOTHENqwIfH1sb8t0oxg8FT6iY2YCmeo&_gaz=1&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=102509682~102803279~102813109~102887800~102926062~103021830~103027016~103050889~103051953~103055465&cid=1692956508.1744652026&ecid=1891032561&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&ec_mode=a&_s=2&sid=1744652026&sct=1&seg=0&dl=https%3A%2F%2F1xlite-077216.top%2Fen%2Fblock&dt=1xBet&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.optimize_id=GTM-5R4MT54&tfd=17251
IP
216.239.34.36:443
ASN
#15169 GOOGLE

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint88:85:26:A3:0A:0B:44:C6:92:DD:7B:0B:D1:14:38:BA:26:B9:EF:D9
ValidityThu, 20 Mar 2025 11:18:39 GMT - Thu, 12 Jun 2025 11:18:38 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-7JGWL9SV66&gtm=45je5490v897130004za200zb9180563600&_p=1744652025077&em=tv.1~em.ODS1igyfeIhzOTHENqwIfH1sb8t0oxg8FT6iY2YCmeo&_gaz=1&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=102509682~102803279~102813109~102887800~102926062~103021830~103027016~103050889~103051953~103055465&cid=1692956508.1744652026&ecid=1891032561&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&ec_mode=a&_s=2&sid=1744652026&sct=1&seg=0&dl=https%3A%2F%2F1xlite-077216.top%2Fen%2Fblock&dt=1xBet&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.optimize_id=GTM-5R4MT54&tfd=17251 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-077216.top/
Origin: https://1xlite-077216.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://1xlite-077216.top
date: Mon, 14 Apr 2025 17:33:46 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:153:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:153:0
report-to: {"group":"ascnsrsggc:153:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:153:0"}],}
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

1xlite-077216.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json

83.147.224.2

200 OK

23 B

URL POST
1xlite-077216.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json
IP
83.147.224.2:443
ASN
#0

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerLet's Encrypt
Subject1xlite-077216.top
Fingerprint1B:5A:D9:82:17:44:CF:93:9C:43:C1:58:12:A0:E9:1D:AE:93:92:1B
ValidityTue, 11 Mar 2025 05:20:06 GMT - Mon, 09 Jun 2025 05:20:05 GMT

File type
JSON text data
Size
23 B (23 bytes)
Hash
7d767ed097d59e6f79a70058d7172bf5
11feaae9c2ac0dcff801dc2e8dc5d30e0639290e
7c3f3706d0d8e1c2585783c32f4b93c854b1930d37bc95df71230d4259c25d8b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json HTTP/1.1
Host: 1xlite-077216.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-077216.top/en/block
Content-Type: application/json
X-Lang: en
X-Uuid: ab510b0b-b7de-4267-866c-fa9b379e3709
Content-Length: 48
Origin: https://1xlite-077216.top
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_4175298m_97c_PU_VE_PA_SB_MB_1XBET_PUSH%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_4175298m_97c_PU_VE_PA_SB_MB_1XBET_PUSH; postback_watcher=%7B%22tag%22%3A%22d_4175298m_97c_PU_VE_PA_SB_MB_1XBET_PUSH%22%2C%22pb%22%3A%227ceb261dfb824837b0d185a5d0c3c180%22%2C%22click_id%22%3A%22wf7v2mdp899lv1593hgci6fq%22%7D; auid=U5PgAmf9RuqfrpWMAyNtAg==; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:33 GMT
content-type: application/json
content-length: 23
x-dt: 285
x-time-ng: 0.000
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=0.111, wf-uht;dur=0.012
X-Firefox-Spdy: h2

v3.traincdn.com/main-static/b6a5d9e8/desktop/default/DC-3cc0f3e1.js

185.244.209.62

200 OK

2.7 kB

URL GET
v3.traincdn.com/main-static/b6a5d9e8/desktop/default/DC-3cc0f3e1.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (2654), with no line terminators
Size
2.7 kB (2654 bytes)
Hash
7c28a537b21cbad3025c5937b76159a1
1403a9ef1813208365fef3b87adf4df34fc76c73
c9d49797a542f3419a354296abb1a6faf8571bab5101aba4778fa97fc267d662

HTTP Headers

GET /main-static/b6a5d9e8/desktop/default/DC-3cc0f3e1.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-077216.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:33 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-d2988b3e87595defff4edd47451c18ed-e19de49a0d04e781-01
last-modified: Fri, 11 Apr 2025 12:05:26 GMT
etag: W/"7c28a537b21cbad3025c5937b76159a1"
x-amz-meta-mtime: 1744373125.203879946
content-encoding: gzip
expires: Sat, 12 Apr 2025 12:21:09 GMT
cache-control: max-age=86400
x-time-ng: 0.001
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 18403
cache: HIT
x-cached-since: 2025-04-14T12:26:50+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/shared-assets/Desktop/__shared_base-app_9d6bef9a9e.js

185.244.209.62

200 OK

812 kB

URL GET
v3.traincdn.com/sys-static/shared-assets/Desktop/__shared_base-app_9d6bef9a9e.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (22765)
Size
812 kB (811679 bytes)
Hash
782eecf98bf0d4e11476905cf4eabb2a
02e11d9aed125dcc32289025881d29ee84e9efd7
f82a36946af4209846803d54f70c26f339d745ff5c490661d869538234e8223a

HTTP Headers

GET /sys-static/shared-assets/Desktop/__shared_base-app_9d6bef9a9e.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-077216.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:34 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-244c57aaeccf59e38b36627862e1c55d-f42e38b127272f8f-01
last-modified: Wed, 09 Apr 2025 12:22:23 GMT
etag: W/"782eecf98bf0d4e11476905cf4eabb2a"
x-amz-meta-mtime: 1744200998.214450048
content-encoding: gzip
expires: Thu, 10 Apr 2025 21:10:04 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 72658
cache: HIT
x-cached-since: 2025-04-13T21:22:36+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/1c0cd0740fccd19a9816be06e69f0a1b.json

185.244.209.62

200 OK

473 B

URL GET
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/1c0cd0740fccd19a9816be06e69f0a1b.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
473 B (473 bytes)
Hash
e67aa19ef00fd2285c7b4ecbb6018306
5b01d4786d6fbfbd5de7901eb4359a55466f434a
135c1042c31e3674d8a1b3b9e7179f4f36868048ca6058ea458ff291b8880b5e

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/1c0cd0740fccd19a9816be06e69f0a1b.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-077216.top/
Origin: https://1xlite-077216.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:34 GMT
content-type: application/json
content-length: 473
traceparent: 00-2029a22cd8793dfb726f26fa82885e20-c152f1fc46fa2eaa-01
last-modified: Thu, 16 May 2024 20:41:30 GMT
etag: "e67aa19ef00fd2285c7b4ecbb6018306"
expires: Thu, 16 Jan 2025 11:19:55 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 1036
cache: HIT
x-cached-since: 2025-04-14T17:16:18+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

1xlite-077216.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json

83.147.224.2

200 OK

23 B

URL POST
1xlite-077216.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json
IP
83.147.224.2:443
ASN
#0

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerLet's Encrypt
Subject1xlite-077216.top
Fingerprint1B:5A:D9:82:17:44:CF:93:9C:43:C1:58:12:A0:E9:1D:AE:93:92:1B
ValidityTue, 11 Mar 2025 05:20:06 GMT - Mon, 09 Jun 2025 05:20:05 GMT

File type
JSON text data
Size
23 B (23 bytes)
Hash
8407b5442d46b5264e39134caa4f315f
397c64a0f2822aa5147cc05d98ec2f75a8503d26
8bcba256e4208936688b6b648594255fb3e80a7327a2c8c9ad99a878efca79a2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json HTTP/1.1
Host: 1xlite-077216.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-077216.top/en/block
Content-Type: application/json
X-Lang: en
X-Uuid: ab510b0b-b7de-4267-866c-fa9b379e3709
Content-Length: 109
Origin: https://1xlite-077216.top
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_4175298m_97c_PU_VE_PA_SB_MB_1XBET_PUSH%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_4175298m_97c_PU_VE_PA_SB_MB_1XBET_PUSH; postback_watcher=%7B%22tag%22%3A%22d_4175298m_97c_PU_VE_PA_SB_MB_1XBET_PUSH%22%2C%22pb%22%3A%227ceb261dfb824837b0d185a5d0c3c180%22%2C%22click_id%22%3A%22wf7v2mdp899lv1593hgci6fq%22%7D; auid=U5PgAmf9RuqfrpWMAyNtAg==; window_width=1280; che_g=b8f5ae6a-7ed3-3118-4d8c-708221b781c6; SESSION=b5a1e8ee78f67a1d90178a8fa2335f39
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:45 GMT
content-type: application/json
content-length: 23
x-dt: 285
x-time-ng: 0.001
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=0.008, wf-uht;dur=0.009
X-Firefox-Spdy: h2

v3.traincdn.com/sys-ui/3.3.161/Desktop/Default/merged.css

185.244.209.62

200 OK

1.9 MB

URL GET
v3.traincdn.com/sys-ui/3.3.161/Desktop/Default/merged.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
1.9 MB (1879187 bytes)
Hash
634b74510e2bdba409368f9bae642d99
99b6f25c2cffbacf0f16cbb93ed95a315392eb4a
6294ce153b10dc3c05411637031aa0218b3af174e308133208c6a1377e05aab1

HTTP Headers

GET /sys-ui/3.3.161/Desktop/Default/merged.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-077216.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:31 GMT
content-type: text/css; charset=utf-8
traceparent: 00-5e83605edca7f46cfd982cb153372a8c-aa401789a16e70aa-01
last-modified: Mon, 14 Apr 2025 12:48:14 GMT
etag: W/"634b74510e2bdba409368f9bae642d99"
x-amz-meta-mtime: 1744634799.477139434
content-encoding: gzip
expires: Tue, 15 Apr 2025 12:50:25 GMT
cache-control: max-age=86400
x-time-ng: 0.004
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 16682
cache: HIT
x-cached-since: 2025-04-14T12:55:29+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/main-static/b6a5d9e8/desktop/default/css/7fe5f71b.css

185.244.209.62

200 OK

3.3 kB

URL GET
v3.traincdn.com/main-static/b6a5d9e8/desktop/default/css/7fe5f71b.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
ASCII text, with very long lines (3313), with no line terminators
Size
3.3 kB (3313 bytes)
Hash
c610b8710368de3bf2f1c5bb581b6a3a
f67bc86785d434adb2e81a356a7926b8818ac567
fad7111846310042401990719146401178f22e2618abf2b058e641b6495e8eba

HTTP Headers

GET /main-static/b6a5d9e8/desktop/default/css/7fe5f71b.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-077216.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:33 GMT
content-type: text/css; charset=utf-8
traceparent: 00-1f4a0e1111bfb20262271662e6ce29f3-9b8b96224ceeaebe-01
last-modified: Fri, 11 Apr 2025 12:05:26 GMT
etag: W/"c610b8710368de3bf2f1c5bb581b6a3a"
x-amz-meta-mtime: 1744373125.227880166
content-encoding: gzip
expires: Sat, 12 Apr 2025 12:21:08 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 18405
cache: HIT
x-cached-since: 2025-04-14T12:26:48+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/9e771668f4.js

185.244.209.62

200 OK

1.3 kB

URL GET
v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/9e771668f4.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
ASCII text, with very long lines (542)
Size
1.3 kB (1299 bytes)
Hash
1c0d081fb1cc7abda416f4f77ed90ea8
0e9bae1c19bb2acfd1443d7adeb34a4df5207678
792c5b53781b320886638ca4fa6ad09ef57f9cba680940688364c1066dc79162

HTTP Headers

GET /sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/9e771668f4.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-077216.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:34 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-9b7b3410502229531e3beb79e249625d-0e6e8a77c5d1584b-01
last-modified: Wed, 09 Apr 2025 12:22:18 GMT
etag: W/"1c0d081fb1cc7abda416f4f77ed90ea8"
x-amz-meta-mtime: 1744200997.887437002
content-encoding: gzip
expires: Thu, 10 Apr 2025 12:27:28 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 17696
cache: HIT
x-cached-since: 2025-04-14T12:38:38+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/7e13f41f3e.css

185.244.209.62

200 OK

650 B

URL GET
v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/7e13f41f3e.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
ASCII text, with very long lines (649)
Size
650 B (650 bytes)
Hash
2229547d50a851e3f9c39e19cdcf4751
faaf12acea401378e691df74690b6dc0eaacfa11
7cfe9ce64aa88e9db8abacc1821a7ed463e9b9aa224852291922071ea8806f47

HTTP Headers

GET /sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/7e13f41f3e.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-077216.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:30 GMT
content-type: text/css; charset=utf-8
content-length: 650
traceparent: 00-f2aa7195a4ce872d0d4bc8b665321b26-3b4784a29bfabce6-01
last-modified: Wed, 09 Apr 2025 12:22:18 GMT
etag: "2229547d50a851e3f9c39e19cdcf4751"
x-amz-meta-mtime: 1744200997.881436763
expires: Fri, 11 Apr 2025 09:44:30 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 27603
cache: HIT
x-cached-since: 2025-04-14T09:53:27+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/main-static/b6a5d9e8/desktop/default/vendors/plugins.v-tooltip-89b6fb93.js

185.244.209.62

200 OK

77 kB

URL GET
v3.traincdn.com/main-static/b6a5d9e8/desktop/default/vendors/plugins.v-tooltip-89b6fb93.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65476)
Size
77 kB (76856 bytes)
Hash
7d133167cc0db6e7dc3caf1cea53aa2a
1da7a6ff67c89b1a7c96fbff57fd885acf37b311
802ddc6bfa32a3048c8b23d407b269cc302d488ca0b92dc24cbebb0923eb7ff0

HTTP Headers

GET /main-static/b6a5d9e8/desktop/default/vendors/plugins.v-tooltip-89b6fb93.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-077216.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:32 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-8ac131f6f87538b8a792dd40d66b1823-e2afb2b61a784edf-01
last-modified: Fri, 11 Apr 2025 12:05:26 GMT
etag: W/"7d133167cc0db6e7dc3caf1cea53aa2a"
x-amz-meta-mtime: 1744373125.231880202
content-encoding: gzip
expires: Sat, 12 Apr 2025 12:21:08 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 18404
cache: HIT
x-cached-since: 2025-04-14T12:26:48+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/entry-632d69e093.js

185.244.209.62

200 OK

28 kB

URL GET
v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/entry-632d69e093.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (2969)
Size
28 kB (27589 bytes)
Hash
c0d7aa421209d79496566e4142736cea
1b9f673e50117382e5a4a21fdd187bf3ed7eb357
e43bd09bf2c676d6e1ffad2f4c134fc822a2564cbeda8901c2f788966b9fcfce

HTTP Headers

GET /sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/entry-632d69e093.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-077216.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-077216.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:33 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-880c4f9f1bbbf3c3471dd1353c9b9918-a75178f059015658-01
last-modified: Wed, 09 Apr 2025 12:22:18 GMT
etag: W/"c0d7aa421209d79496566e4142736cea"
x-amz-meta-mtime: 1744200997.90343764
content-encoding: gzip
expires: Thu, 10 Apr 2025 12:27:08 GMT
cache-control: max-age=86400
x-time-ng: 0.003
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 17696
cache: HIT
x-cached-since: 2025-04-14T12:38:37+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/34ad4c2501.js

185.244.209.62

200 OK

134 B

URL GET
v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/34ad4c2501.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
Java source, ASCII text
Size
134 B (134 bytes)
Hash
35977ea5daecc3aab99bf883dedfa4c8
d96e0ba0c142cccfac7a752ad2d7f025c2952e5c
5406cffa7eb1792aba2784077fabfc9a0467cd7605338d16bda43c2767fa78fd

HTTP Headers

GET /sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/34ad4c2501.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-077216.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:35 GMT
content-type: text/javascript; charset=utf-8
content-length: 134
traceparent: 00-840ba718013de45ab362d285ab88ef41-4d00c098b3507605-01
last-modified: Wed, 09 Apr 2025 12:22:18 GMT
etag: "35977ea5daecc3aab99bf883dedfa4c8"
x-amz-meta-mtime: 1744200997.874436483
expires: Thu, 10 Apr 2025 12:27:29 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 17692
cache: HIT
x-cached-since: 2025-04-14T12:38:43+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2

185.244.209.62

200 OK

64 kB

URL GET
v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 63920, version 1.0
Size
64 kB (63920 bytes)
Hash
a65527fcb58f66a7cfbc0e6b160538b4
45d260e7fa343401b5bb0df982a014f53e2d253b
fb13c3a1cbac60649b76f7d7f85c1645d35ac69b85ce5f4eb0692505ecc2cd45

HTTP Headers

GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-077216.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:31 GMT
content-type: font/woff2
content-length: 63920
traceparent: 00-6f25ac9312545fcdd14cb1165cf7c7f9-81bc43fb023b1b87-01
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "a65527fcb58f66a7cfbc0e6b160538b4"
expires: Thu, 16 Jan 2025 10:45:34 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 2790
cache: HIT
x-cached-since: 2025-04-14T16:47:01+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/af72478ef380e9832ceeb89ff239c105.json

185.244.209.62

200 OK

2.6 kB

URL GET
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/af72478ef380e9832ceeb89ff239c105.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
2.6 kB (2619 bytes)
Hash
37570a18cf2b5036cde573bc602ffca6
b291a81808a55fec78bde32a98259623778d50df
26bca68a5ce30ed4b03bba1ae6ee6380b3d34836a4efb869cada70c5cd48120c

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/af72478ef380e9832ceeb89ff239c105.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-077216.top/
Origin: https://1xlite-077216.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:35 GMT
content-type: application/json
traceparent: 00-6f9213d96c2022c486c4fdf6bf692d33-bdf23a6edca4dd01-01
last-modified: Wed, 26 Mar 2025 06:48:32 GMT
etag: W/"37570a18cf2b5036cde573bc602ffca6"
content-encoding: gzip
expires: Wed, 26 Mar 2025 07:52:03 GMT
cache-control: max-age=3600
x-time-ng: 0.047
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 1037
cache: HIT
x-cached-since: 2025-04-14T17:16:18+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/769f3f0fc4.js

185.244.209.62

200 OK

2.5 kB

URL GET
v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/769f3f0fc4.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
ASCII text, with very long lines (1064)
Size
2.5 kB (2483 bytes)
Hash
073625c15752bc2cf869f42e47560fd6
8d4a1f3e926186aadb0357152c07bb55a64d7018
be9d8c336f17cda2e6b71d4a0f3085bf75f6d98387095e2a574c4cf29a0c4f84

HTTP Headers

GET /sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/769f3f0fc4.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-077216.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:35 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-5b837e5a870c199746162703684447b7-14f73fa6f7a5d3f7-01
last-modified: Wed, 09 Apr 2025 12:22:18 GMT
etag: W/"073625c15752bc2cf869f42e47560fd6"
x-amz-meta-mtime: 1744200997.880436723
content-encoding: gzip
expires: Thu, 10 Apr 2025 12:27:29 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 17692
cache: HIT
x-cached-since: 2025-04-14T12:38:43+00:00
X-Firefox-Spdy: h2

1xlite-077216.top/en/block

83.147.224.2

203 Non Authoritative

271 kB

URL User Request GET
1xlite-077216.top/en/block
IP
83.147.224.2:443
ASN
#0

Certificate
IssuerLet's Encrypt
Subject1xlite-077216.top
Fingerprint1B:5A:D9:82:17:44:CF:93:9C:43:C1:58:12:A0:E9:1D:AE:93:92:1B
ValidityTue, 11 Mar 2025 05:20:06 GMT - Mon, 09 Jun 2025 05:20:05 GMT

File type
HTML document, ASCII text, with very long lines (57799)
Size
271 kB (271217 bytes)
Hash
a9d39e34fa58cdfc23ad4b9c5d833b31
178ec447374f38bf22006b9b30307b51f3636794
7d3acf30d769ba935bbbd88365bcf9388e4ef4a4fa2f85298bd6af66f4c185ff

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /en/block HTTP/1.1
Host: 1xlite-077216.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_4175298m_97c_PU_VE_PA_SB_MB_1XBET_PUSH%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_4175298m_97c_PU_VE_PA_SB_MB_1XBET_PUSH; postback_watcher=%7B%22tag%22%3A%22d_4175298m_97c_PU_VE_PA_SB_MB_1XBET_PUSH%22%2C%22pb%22%3A%227ceb261dfb824837b0d185a5d0c3c180%22%2C%22click_id%22%3A%22wf7v2mdp899lv1593hgci6fq%22%7D; auid=U5PgAmf9RuqfrpWMAyNtAg==
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 203 Non Authoritative
server: nginx
date: Mon, 14 Apr 2025 17:33:30 GMT
content-type: text/html; charset=utf-8
content-length: 271217
accept-ranges: none
link: <https://v3.traincdn.com/sys-ui/2.3.144/Desktop/Default/client.css>; rel=preload; as=style; crossorigin=anonymous
server-timing: dt_total;dur=0.003, total;dur=72;desc="Nuxt Server Time"
set-cookie: gw-mm=; Path=/; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Secure; SameSite=None; Partitioned
lng=en; Path=/
cookies_agree_type=3; Path=/
tzo=2; Path=/
is12h=0; Path=/
x-dt: 285
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/bfa3e9fd30e7d63c0906602f42c13468.json

185.244.209.62

200 OK

182 B

URL GET
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/bfa3e9fd30e7d63c0906602f42c13468.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
182 B (182 bytes)
Hash
0a64a07e9a34e8a5b5e97e80a10888c5
82545cbc39b7dcc031dd10dea841a0b3698243d6
7201497e7e8cdf9d35bf6998e43dcde5feea535f9828ce3ee98785781016126c

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/bfa3e9fd30e7d63c0906602f42c13468.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-077216.top/
Origin: https://1xlite-077216.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:33 GMT
content-type: application/json
content-length: 182
traceparent: 00-09acdebffce00327a47070b0f4cdb22f-98e186c3058477b4-01
last-modified: Thu, 27 Feb 2025 08:55:26 GMT
etag: "0a64a07e9a34e8a5b5e97e80a10888c5"
expires: Thu, 27 Feb 2025 10:17:13 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 1041
cache: HIT
x-cached-since: 2025-04-14T17:16:12+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/8b4e10c31932a559912f415b65fba92c.json

185.244.209.62

200 OK

1.3 kB

URL GET
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/8b4e10c31932a559912f415b65fba92c.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
1.3 kB (1342 bytes)
Hash
499d57f89b2bf5fed52d984d865fd72c
f3dd138886f2c1e257d3ac2214b7e3cba57e56b2
9467cf5576ce2a97d9e44e53915a9c4ae529c134cc1ea5a3c62ea304eebda0c8

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/8b4e10c31932a559912f415b65fba92c.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-077216.top/
Origin: https://1xlite-077216.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:35 GMT
content-type: application/json
traceparent: 00-693f07067ae8ed01765eef07f9f9367b-54cf018c87fe3938-01
last-modified: Thu, 27 Feb 2025 08:17:13 GMT
etag: W/"499d57f89b2bf5fed52d984d865fd72c"
content-encoding: gzip
expires: Thu, 27 Feb 2025 11:06:29 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 1037
cache: HIT
x-cached-since: 2025-04-14T17:16:18+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/7d27383ea7.js

185.244.209.62

200 OK

5.4 kB

URL GET
v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/7d27383ea7.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
ASCII text, with very long lines (2264)
Size
5.4 kB (5426 bytes)
Hash
4cf3699d59c5262586f4e58456e9464f
8f5bf54dad4a1983e3fe3ffe0e263db212d43438
9b3e8981653be9419f83c8cb85e7c02772d2f3ad8c27e7743110278879eafbf9

HTTP Headers

GET /sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/7d27383ea7.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-077216.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:35 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-a5a11f7829fc965a06b5dea0e3de4a6e-1fe18a8cdb099b43-01
last-modified: Wed, 09 Apr 2025 12:22:18 GMT
etag: W/"4cf3699d59c5262586f4e58456e9464f"
x-amz-meta-mtime: 1744200997.881436763
content-encoding: gzip
expires: Thu, 10 Apr 2025 12:27:28 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 17692
cache: HIT
x-cached-since: 2025-04-14T12:38:43+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/de6c784b1c.js

185.244.209.62

200 OK

1.2 kB

URL GET
v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/de6c784b1c.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
ASCII text, with very long lines (839)
Size
1.2 kB (1208 bytes)
Hash
96575218da31267ca985a9d914db573a
8119968a9c2141eae94604d4599657defb427bca
c7a76ababe5e5814750a81219e4ba4b6f61efe6fb34e5deec00cbce2e747ec34

HTTP Headers

GET /sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/de6c784b1c.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-077216.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:35 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-ba17d4ce48fdd5d0293e23ab8f2fb384-71c11674538931b7-01
last-modified: Wed, 09 Apr 2025 12:22:18 GMT
etag: W/"96575218da31267ca985a9d914db573a"
x-amz-meta-mtime: 1744200997.895437321
content-encoding: gzip
expires: Thu, 10 Apr 2025 12:27:28 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 17692
cache: HIT
x-cached-since: 2025-04-14T12:38:43+00:00
X-Firefox-Spdy: h2

1xlite-077216.top/main-static/b6a5d9e8/check-ob.js

83.147.224.2

200 OK

219 B

URL GET
1xlite-077216.top/main-static/b6a5d9e8/check-ob.js
IP
83.147.224.2:443
ASN
#0

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerLet's Encrypt
Subject1xlite-077216.top
Fingerprint1B:5A:D9:82:17:44:CF:93:9C:43:C1:58:12:A0:E9:1D:AE:93:92:1B
ValidityTue, 11 Mar 2025 05:20:06 GMT - Mon, 09 Jun 2025 05:20:05 GMT

File type
JavaScript source, ASCII text
Size
219 B (219 bytes)
Hash
c065700c9c8c493403359e1f2baa10d9
4630fe729e70bdf63fa7ba6c84ec277fd1f51030
1e61f0c82ae82ffcf503fcd4b4c8ae27b32c11e19b882d5d13f3c44364c893f4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /main-static/b6a5d9e8/check-ob.js HTTP/1.1
Host: 1xlite-077216.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-077216.top/en/block
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_4175298m_97c_PU_VE_PA_SB_MB_1XBET_PUSH%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_4175298m_97c_PU_VE_PA_SB_MB_1XBET_PUSH; postback_watcher=%7B%22tag%22%3A%22d_4175298m_97c_PU_VE_PA_SB_MB_1XBET_PUSH%22%2C%22pb%22%3A%227ceb261dfb824837b0d185a5d0c3c180%22%2C%22click_id%22%3A%22wf7v2mdp899lv1593hgci6fq%22%7D; auid=U5PgAmf9RuqfrpWMAyNtAg==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:30 GMT
content-type: text/javascript; charset=utf-8
content-length: 219
last-modified: Fri, 11 Apr 2025 12:10:11 GMT
etag: "c065700c9c8c493403359e1f2baa10d9"
x-amz-meta-mtime: 1744373410.036157099
expires: Tue, 15 Apr 2025 17:29:15 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/ac02f639a86763a884adc5615fe65e72.json

185.244.209.62

200 OK

14 kB

URL GET
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/ac02f639a86763a884adc5615fe65e72.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
14 kB (14232 bytes)
Hash
811ce3b7877d19901e45430cb6523d62
16a905115a678fdef3923f91c6f76cbab613e84d
10fbb74dbac63abfe9c4f5a77abc03757ef3527a479d4ae70dc977b515eec8cb

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/ac02f639a86763a884adc5615fe65e72.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-077216.top/
Origin: https://1xlite-077216.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:33 GMT
content-type: application/json
traceparent: 00-f9e2de5d7d3118ea8ee009720a101c73-7872747fe8cb6638-01
last-modified: Thu, 27 Feb 2025 09:04:01 GMT
etag: W/"811ce3b7877d19901e45430cb6523d62"
content-encoding: gzip
expires: Thu, 27 Feb 2025 10:17:13 GMT
cache-control: max-age=3600
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 1041
cache: HIT
x-cached-since: 2025-04-14T17:16:12+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/fc03516ae4c718991727836d377493ff.json

185.244.209.62

200 OK

13 kB

URL GET
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/fc03516ae4c718991727836d377493ff.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
13 kB (13278 bytes)
Hash
2b474bcc2f009b70e64e2b5a95dd50a4
1fd5ee2d54da7dfbf61e67efd938a89c548fc866
f86d880575f3f65ddaaf9e8a0e3746bbbefcefe7e6c0c4441e9e20ceffdca237

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/fc03516ae4c718991727836d377493ff.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-077216.top/
Origin: https://1xlite-077216.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:34 GMT
content-type: application/json
traceparent: 00-bd2616694af894628ed0cd5128a446bc-36ea638bfc98839d-01
last-modified: Wed, 12 Mar 2025 09:35:22 GMT
etag: W/"2b474bcc2f009b70e64e2b5a95dd50a4"
content-encoding: gzip
expires: Wed, 12 Mar 2025 11:03:31 GMT
cache-control: max-age=3600
x-time-ng: 0.001
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 1036
cache: HIT
x-cached-since: 2025-04-14T17:16:18+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/main-static/b6a5d9e8/desktop/default/commons/app-5a29b260.js

185.244.209.62

200 OK

138 kB

URL GET
v3.traincdn.com/main-static/b6a5d9e8/desktop/default/commons/app-5a29b260.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65476)
Size
138 kB (137775 bytes)
Hash
a0bf7f4c320b5b14406c4922c80291a5
7ba1acc944dc705b1a783cdeeeeb0c395564ade2
f60a77d849fd2a43b8a96c4ce7b81e0908246fcd887f4b539e59b790f0276070

HTTP Headers

GET /main-static/b6a5d9e8/desktop/default/commons/app-5a29b260.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-077216.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:31 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-44fae650a2e1cde37a507e682dae05c0-901011b22d83f4a2-01
last-modified: Fri, 11 Apr 2025 12:05:26 GMT
etag: W/"a0bf7f4c320b5b14406c4922c80291a5"
x-amz-meta-mtime: 1744373125.227880166
content-encoding: gzip
expires: Sat, 12 Apr 2025 12:21:06 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 18406
cache: HIT
x-cached-since: 2025-04-14T12:26:45+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_express_day/en/dictionary_d33d208649ed1030df89e13e093c1b13.json

185.244.209.62

200 OK

831 B

URL GET
v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_express_day/en/dictionary_d33d208649ed1030df89e13e093c1b13.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
831 B (831 bytes)
Hash
5d35c8a9d00341303233a231c1adecdb
868de72ab2e64dbfd609751d6783c978826b39dd
fe97545e2ddeb8d2e24ebc21daaea02500fa15d9a5b8914b86884ad0ad1419a5

HTTP Headers

GET /genfiles/web-app-v2/dictionary2/v3_express_day/en/dictionary_d33d208649ed1030df89e13e093c1b13.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-077216.top/
Origin: https://1xlite-077216.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:33 GMT
content-type: application/json; charset=utf-8
content-length: 831
traceparent: 00-31a83b1fa0666ef5c7d1ef51c990d85e-9c40e3ff62538dcc-01
last-modified: Wed, 24 Jan 2024 16:06:20 GMT
etag: "5d35c8a9d00341303233a231c1adecdb"
cache-control: max-age=3600
expires: Thu, 16 Jan 2025 10:56:26 GMT
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 1603
cache: HIT
x-cached-since: 2025-04-14T17:06:50+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/d9842b87b9dabdc4cdc248c062355299.json

185.244.209.62

200 OK

7.3 kB

URL GET
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/d9842b87b9dabdc4cdc248c062355299.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
7.3 kB (7321 bytes)
Hash
0614058b667e6dfa1cdecc6e0e53131c
4f20f88c436fb5cbd82cf1dcfeaa14e52195a369
be16474b0f19b7536ebdd3d0f8867b151eaa4638411ddb46845f887a5d51a653

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/d9842b87b9dabdc4cdc248c062355299.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-077216.top/
Origin: https://1xlite-077216.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:33 GMT
content-type: application/json
traceparent: 00-4ce6edb1140703d407f8d5379ee13720-746c1efe2c612a4f-01
last-modified: Thu, 23 Jan 2025 13:19:10 GMT
etag: W/"0614058b667e6dfa1cdecc6e0e53131c"
content-encoding: gzip
expires: Thu, 23 Jan 2025 14:50:28 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 1041
cache: HIT
x-cached-since: 2025-04-14T17:16:12+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/main-static/b6a5d9e8/desktop/default/Betting.Core-549ed34a.js

185.244.209.62

200 OK

2.1 kB

URL GET
v3.traincdn.com/main-static/b6a5d9e8/desktop/default/Betting.Core-549ed34a.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (2081), with no line terminators
Size
2.1 kB (2081 bytes)
Hash
70cb1b2ceab898face4dffe0c216fb44
83dbba7ebd35957b2b3f8830d459fc3afe92fbb0
13b46f7c48c41eedf5fd75c35542d993b8f0804c0ca8db38293060771379493c

HTTP Headers

GET /main-static/b6a5d9e8/desktop/default/Betting.Core-549ed34a.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-077216.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:33 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-d83e791c18898ea31c02bbd4dcaf7d65-393a9a6f6ca32099-01
last-modified: Fri, 11 Apr 2025 12:05:26 GMT
etag: W/"70cb1b2ceab898face4dffe0c216fb44"
x-amz-meta-mtime: 1744373125.203879946
content-encoding: gzip
expires: Sat, 12 Apr 2025 12:21:10 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 18403
cache: HIT
x-cached-since: 2025-04-14T12:26:50+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/shared-assets/__shared_chunk_KSBWA3N2.js

185.244.209.62

200 OK

610 B

URL GET
v3.traincdn.com/sys-static/shared-assets/__shared_chunk_KSBWA3N2.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (609)
Size
610 B (610 bytes)
Hash
464c50409850b3095783d5b3b9a1b00d
7d5c3f49bd0689d72dddceee68afd229f4168ed5
71cbc8847b4abb3782fe515be3e9e1f3fb639f801b337a2a3612616151ec250d

HTTP Headers

GET /sys-static/shared-assets/__shared_chunk_KSBWA3N2.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-077216.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:34 GMT
content-type: text/javascript; charset=utf-8
content-length: 610
traceparent: 00-5be6dedb32ca056de35d96a0c236defa-0d7a369b77e26379-01
last-modified: Mon, 14 Apr 2025 10:09:26 GMT
etag: "464c50409850b3095783d5b3b9a1b00d"
x-amz-meta-mtime: 1744624991.426910684
expires: Tue, 15 Apr 2025 10:45:03 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 23702
cache: HIT
x-cached-since: 2025-04-14T10:58:32+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

1xlite-077216.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/ab.json

83.147.224.2

200 OK

2 B

URL POST
1xlite-077216.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/ab.json
IP
83.147.224.2:443
ASN
#0

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerLet's Encrypt
Subject1xlite-077216.top
Fingerprint1B:5A:D9:82:17:44:CF:93:9C:43:C1:58:12:A0:E9:1D:AE:93:92:1B
ValidityTue, 11 Mar 2025 05:20:06 GMT - Mon, 09 Jun 2025 05:20:05 GMT

File type
JSON text data
Size
2 B (2 bytes)
Hash
d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/ab.json HTTP/1.1
Host: 1xlite-077216.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-077216.top/en/block
Content-Type: application/json
X-Lang: en
X-Uuid: ab510b0b-b7de-4267-866c-fa9b379e3709
Content-Length: 19
Origin: https://1xlite-077216.top
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_4175298m_97c_PU_VE_PA_SB_MB_1XBET_PUSH%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_4175298m_97c_PU_VE_PA_SB_MB_1XBET_PUSH; postback_watcher=%7B%22tag%22%3A%22d_4175298m_97c_PU_VE_PA_SB_MB_1XBET_PUSH%22%2C%22pb%22%3A%227ceb261dfb824837b0d185a5d0c3c180%22%2C%22click_id%22%3A%22wf7v2mdp899lv1593hgci6fq%22%7D; auid=U5PgAmf9RuqfrpWMAyNtAg==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:33 GMT
content-type: application/json
content-length: 2
x-dt: 285
x-time-ng: 0.000
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=0.074, wf-uht;dur=0.012
X-Firefox-Spdy: h2

1xlite-077216.top/bff-api/config/group/get?groups=d.technical&lang=en

83.147.224.2

200 OK

74 B

URL GET
1xlite-077216.top/bff-api/config/group/get?groups=d.technical&lang=en
IP
83.147.224.2:443
ASN
#0

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerLet's Encrypt
Subject1xlite-077216.top
Fingerprint1B:5A:D9:82:17:44:CF:93:9C:43:C1:58:12:A0:E9:1D:AE:93:92:1B
ValidityTue, 11 Mar 2025 05:20:06 GMT - Mon, 09 Jun 2025 05:20:05 GMT

File type
JSON text data
Size
74 B (74 bytes)
Hash
d07d3049600764e057b39a0c74514371
4fe4cd913d0ac488da985dace4a60838f4c86260
2d59cf38716e88e993cced16134ff807cb3fdbfb547db140f999547b47cd92ea

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /bff-api/config/group/get?groups=d.technical&lang=en HTTP/1.1
Host: 1xlite-077216.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-077216.top/en/block
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
x-svc-source: __TECHNICAL_PAGES_APP__
x-app-n: __TECHNICAL_PAGES_APP__
x-geoip2-country-code: ru
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_4175298m_97c_PU_VE_PA_SB_MB_1XBET_PUSH%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_4175298m_97c_PU_VE_PA_SB_MB_1XBET_PUSH; postback_watcher=%7B%22tag%22%3A%22d_4175298m_97c_PU_VE_PA_SB_MB_1XBET_PUSH%22%2C%22pb%22%3A%227ceb261dfb824837b0d185a5d0c3c180%22%2C%22click_id%22%3A%22wf7v2mdp899lv1593hgci6fq%22%7D; auid=U5PgAmf9RuqfrpWMAyNtAg==; window_width=1920; che_g=b8f5ae6a-7ed3-3118-4d8c-708221b781c6
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:34 GMT
content-type: application/json
content-length: 74
cache-control: no-cache, private
server-timing: dt_total;dur=0.108, bff;dur=0.79, wf-uht;dur=0.022
x-cache-expire: 605
x-cache-hit: 1
x-dt: 285
x-pod: R-thftx
x-time-ng: 0.005
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

1xlite-077216.top/hd-api/external/assets/hdf.js

83.147.224.2

200 OK

4.1 kB

URL GET
1xlite-077216.top/hd-api/external/assets/hdf.js
IP
83.147.224.2:443
ASN
#0

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerLet's Encrypt
Subject1xlite-077216.top
Fingerprint1B:5A:D9:82:17:44:CF:93:9C:43:C1:58:12:A0:E9:1D:AE:93:92:1B
ValidityTue, 11 Mar 2025 05:20:06 GMT - Mon, 09 Jun 2025 05:20:05 GMT

File type
C++ source, ASCII text, with very long lines (874)
Size
4.1 kB (4078 bytes)
Hash
2f26a679e9d54a65e6578e947cc5bdf2
1b984864aa7b3e28231ac7cea3c199435dbdc6bf
1e3c4bd81a1cd9ee02e42a42802d5c18cbdb3f3a11c0b2732eb11bd12263020c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /hd-api/external/assets/hdf.js HTTP/1.1
Host: 1xlite-077216.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-077216.top/en/block
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_4175298m_97c_PU_VE_PA_SB_MB_1XBET_PUSH%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_4175298m_97c_PU_VE_PA_SB_MB_1XBET_PUSH; postback_watcher=%7B%22tag%22%3A%22d_4175298m_97c_PU_VE_PA_SB_MB_1XBET_PUSH%22%2C%22pb%22%3A%227ceb261dfb824837b0d185a5d0c3c180%22%2C%22click_id%22%3A%22wf7v2mdp899lv1593hgci6fq%22%7D; auid=U5PgAmf9RuqfrpWMAyNtAg==; window_width=1280; che_g=b8f5ae6a-7ed3-3118-4d8c-708221b781c6; SESSION=b5a1e8ee78f67a1d90178a8fa2335f39
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:42 GMT
content-type: text/javascript; charset=utf-8
content-length: 1622
cache-control: public, max-age=300
content-encoding: gzip
etag: 2f26a679e9d54a65e6578e947cc5bdf2
vary: Accept-Encoding
x-dt: 285
x-request-guid: 114dc1147851e1c89659c94d99b60884
x-time-ng: 0.000
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=0.100, wf-uht;dur=0.011
accept-ranges: bytes
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-7JGWL9SV66&l=dataLayer&cx=c&gtm=45He5490v9180563600za200&tag_exp=102509682~102803279~102813109~102887800~102926062~103021830~103027016~103050889~103051953~103055465

142.250.74.168

200 OK

469 kB

URL GET
www.googletagmanager.com/gtag/js?id=G-7JGWL9SV66&l=dataLayer&cx=c&gtm=45He5490v9180563600za200&tag_exp=102509682~102803279~102813109~102887800~102926062~103021830~103027016~103050889~103051953~103055465
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint88:85:26:A3:0A:0B:44:C6:92:DD:7B:0B:D1:14:38:BA:26:B9:EF:D9
ValidityThu, 20 Mar 2025 11:18:39 GMT - Thu, 12 Jun 2025 11:18:38 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (12571)
Size
469 kB (468677 bytes)
Hash
d03c0fbc40c026f396511099304cd383
6a9cc0472a4b101573f9fa653f4a6a8c9cb78266
837415c6f939934045394f1b1c3443db021438a87595336f7b215b2b65ec2014

HTTP Headers

GET /gtag/js?id=G-7JGWL9SV66&l=dataLayer&cx=c&gtm=45He5490v9180563600za200&tag_exp=102509682~102803279~102813109~102887800~102926062~103021830~103027016~103050889~103051953~103055465 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-077216.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 14 Apr 2025 17:33:46 GMT
expires: Mon, 14 Apr 2025 17:33:46 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1020:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1020:0
report-to: {"group":"ascgcycc:1020:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1020:0"}],}
server: Google Tag Manager
content-length: 149477
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

v3.traincdn.com/sys-static/shared-assets/__shared_localforage_H7M2CI7V.js

185.244.209.62

200 OK

30 kB

URL GET
v3.traincdn.com/sys-static/shared-assets/__shared_localforage_H7M2CI7V.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (30255)
Size
30 kB (30277 bytes)
Hash
8c858b7ed9e89233e182c6824388b15d
72b5da96c3735591317ee5d7a77733f3ee2e4f5b
ff626e5d8a3bf634c1577b920a448b6da177e7e0e164a3cce4d270ff78bb7d23

HTTP Headers

GET /sys-static/shared-assets/__shared_localforage_H7M2CI7V.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-077216.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:34 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-b51ec44190daad5e3e9b776ae44cd0bd-289213483cf3fc60-01
last-modified: Mon, 14 Apr 2025 08:43:09 GMT
etag: W/"8c858b7ed9e89233e182c6824388b15d"
x-amz-meta-mtime: 1744619956.057291279
content-encoding: gzip
expires: Tue, 15 Apr 2025 10:45:05 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 23702
cache: HIT
x-cached-since: 2025-04-14T10:58:32+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/sys-ui/2.3.144/Desktop/Default/client.css

185.244.209.62

200 OK

618 kB

URL GET
v3.traincdn.com/sys-ui/2.3.144/Desktop/Default/client.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
618 kB (618170 bytes)
Hash
dceafd3db151a193aeaefaab141bf11d
8f561ffd898e8ccabf26a6be66b10017fcb99347
f63f8a0830e5e8207d03aad889f5aca512096bc83d3268591d5828f84721db89

HTTP Headers

GET /sys-ui/2.3.144/Desktop/Default/client.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-077216.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-077216.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:30 GMT
content-type: text/css; charset=utf-8
traceparent: 00-2da0efcf575dde680e8a99da9f3deee1-d91ad53ad7b78aac-01
last-modified: Mon, 31 Mar 2025 06:54:35 GMT
etag: W/"dceafd3db151a193aeaefaab141bf11d"
x-amz-meta-mtime: 1743404071.991761778
content-encoding: gzip
expires: Thu, 10 Apr 2025 08:14:42 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 33437
cache: HIT
x-cached-since: 2025-04-14T08:16:13+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/main-static/b6a5d9e8/desktop/default/app-d8d8e08e.js

185.244.209.62

200 OK

508 kB

URL GET
v3.traincdn.com/main-static/b6a5d9e8/desktop/default/app-d8d8e08e.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
508 kB (507945 bytes)
Hash
6ce9d21398f663a517142a1229e7a4d9
6431198732332a946dc347520f09504b5453e13b
9c114651516f17b4405bd95a536acb795cbf80533b472544fbc73d010ec95fac

HTTP Headers

GET /main-static/b6a5d9e8/desktop/default/app-d8d8e08e.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-077216.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:31 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-6661abe82d86dfe3aadf9b4d9f8cd24f-888eefc43c39c092-01
last-modified: Fri, 11 Apr 2025 12:05:26 GMT
etag: W/"6ce9d21398f663a517142a1229e7a4d9"
x-amz-meta-mtime: 1744373125.219880092
content-encoding: gzip
expires: Sat, 12 Apr 2025 12:21:06 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 18405
cache: HIT
x-cached-since: 2025-04-14T12:26:46+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/main-static/b6a5d9e8/desktop/default/vendors/plugins.vue-js-modal-f0fbd83f.js

185.244.209.62

200 OK

27 kB

URL GET
v3.traincdn.com/main-static/b6a5d9e8/desktop/default/vendors/plugins.vue-js-modal-f0fbd83f.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (26717), with no line terminators
Size
27 kB (26717 bytes)
Hash
fce98813a212a28a7876b0048e5fc78c
1180bf6f2f7a2aec1b1a3a5050d14e4aafc040e0
2617420139da8bc6c8c5217965a90c6a2ea4374ce1e5b4204c0f04fefc19c668

HTTP Headers

GET /main-static/b6a5d9e8/desktop/default/vendors/plugins.vue-js-modal-f0fbd83f.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-077216.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:33 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-b3771cacbead8e7c5c4db72a7ea94b38-4c7dbe5434dd98f4-01
last-modified: Fri, 11 Apr 2025 12:05:26 GMT
etag: W/"fce98813a212a28a7876b0048e5fc78c"
x-amz-meta-mtime: 1744373125.231880202
content-encoding: gzip
expires: Sat, 12 Apr 2025 12:21:08 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 18404
cache: HIT
x-cached-since: 2025-04-14T12:26:49+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/d2a8c4ebc200da04eca5be3707440755.json

185.244.209.62

200 OK

22 kB

URL GET
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/d2a8c4ebc200da04eca5be3707440755.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
22 kB (21583 bytes)
Hash
9ace894c8e32451ee41a90fcefda444e
d96ee30b943484d7388fb35a254cf56a380b6fe8
8c6be639b6f6d42ce3aed5ba40c6e0776d423dced56b15383509a8102588e2ea

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/d2a8c4ebc200da04eca5be3707440755.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-077216.top/
Origin: https://1xlite-077216.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:33 GMT
content-type: application/json
traceparent: 00-ee769147b477b1eb39e3939c82fce349-4d7f77b17ff2f114-01
last-modified: Wed, 02 Apr 2025 12:45:23 GMT
etag: W/"9ace894c8e32451ee41a90fcefda444e"
content-encoding: gzip
expires: Wed, 02 Apr 2025 13:49:10 GMT
cache-control: max-age=3600
x-time-ng: 0.001
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 1041
cache: HIT
x-cached-since: 2025-04-14T17:16:12+00:00
X-Firefox-Spdy: h2

1xlite-077216.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json

83.147.224.2

200 OK

23 B

URL POST
1xlite-077216.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json
IP
83.147.224.2:443
ASN
#0

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerLet's Encrypt
Subject1xlite-077216.top
Fingerprint1B:5A:D9:82:17:44:CF:93:9C:43:C1:58:12:A0:E9:1D:AE:93:92:1B
ValidityTue, 11 Mar 2025 05:20:06 GMT - Mon, 09 Jun 2025 05:20:05 GMT

File type
JSON text data
Size
23 B (23 bytes)
Hash
65c7c90345ce57bdbffaafe92baad993
d5731c71cd955f5a33d6a652fb575daa9dc1325c
845dbacbe8c4d756930ba0b93afbfc45ba6da5e92bfdc0c0f26dcadee2d7f0f1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json HTTP/1.1
Host: 1xlite-077216.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-077216.top/en/block
Content-Type: application/json
X-Lang: en
X-Uuid: ab510b0b-b7de-4267-866c-fa9b379e3709
Content-Length: 88
Origin: https://1xlite-077216.top
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_4175298m_97c_PU_VE_PA_SB_MB_1XBET_PUSH%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_4175298m_97c_PU_VE_PA_SB_MB_1XBET_PUSH; postback_watcher=%7B%22tag%22%3A%22d_4175298m_97c_PU_VE_PA_SB_MB_1XBET_PUSH%22%2C%22pb%22%3A%227ceb261dfb824837b0d185a5d0c3c180%22%2C%22click_id%22%3A%22wf7v2mdp899lv1593hgci6fq%22%7D; auid=U5PgAmf9RuqfrpWMAyNtAg==; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:33 GMT
content-type: application/json
content-length: 23
x-dt: 285
x-time-ng: 0.000
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=0.081, wf-uht;dur=0.008
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/46fe3f96f4140750e81ded48911f3e30.json

185.244.209.62

200 OK

747 B

URL GET
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/46fe3f96f4140750e81ded48911f3e30.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
747 B (747 bytes)
Hash
f4e90636ec9cff061c4301b3cefdd0d6
c506efe9c3672c58434ea10021dab0ad81b1ad98
30666f138ccc12735e2f8a6405ddce4a3d8756b9445e3b2732fa2970f14dbcea

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/46fe3f96f4140750e81ded48911f3e30.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-077216.top/
Origin: https://1xlite-077216.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:33 GMT
content-type: application/json
content-length: 747
traceparent: 00-5d06ed08755122e9e0d949d2730a883c-9c14b56a095a3933-01
last-modified: Thu, 27 Feb 2025 13:26:35 GMT
etag: "f4e90636ec9cff061c4301b3cefdd0d6"
expires: Thu, 27 Feb 2025 15:00:05 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 1041
cache: HIT
x-cached-since: 2025-04-14T17:16:12+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/shared-assets/__shared_vue_deps_2XBAXGLI.js

185.244.209.62

200 OK

21 kB

URL GET
v3.traincdn.com/sys-static/shared-assets/__shared_vue_deps_2XBAXGLI.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20427)
Size
21 kB (20555 bytes)
Hash
196202ebc273fa2629d520f82609ff83
856ddcb0774fed7e97eb1a84adc1ac815a7a9eab
efa670ff26f34e4620077e3a18380a33e94ef16b7cd3736cbd353f7f503b4fb4

HTTP Headers

GET /sys-static/shared-assets/__shared_vue_deps_2XBAXGLI.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-077216.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:34 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-aa701eee0084e85a391df37b7294b7f8-3e6fd4e84173a3d0-01
last-modified: Mon, 14 Apr 2025 11:39:41 GMT
etag: W/"196202ebc273fa2629d520f82609ff83"
x-amz-meta-mtime: 1744630575.759314594
content-encoding: gzip
expires: Tue, 15 Apr 2025 17:28:38 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 296
cache: HIT
x-cached-since: 2025-04-14T17:28:38+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/shared-assets/__shared_accept_language_parser_FZZ6RWIK.js

185.244.209.62

200 OK

1.3 kB

URL GET
v3.traincdn.com/sys-static/shared-assets/__shared_accept_language_parser_FZZ6RWIK.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (1265)
Size
1.3 kB (1297 bytes)
Hash
fc1c44ae9e4954ae02c484125b7a6a1e
484eb92dd5bb166e7a06c1cf2dce2400bb3055e3
fa015c22854d009fd3436cac0b3958a3616d67d9c633c61d0ae309c114ab9f04

HTTP Headers

GET /sys-static/shared-assets/__shared_accept_language_parser_FZZ6RWIK.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-077216.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:34 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-d77a2c26118d48fa029605e66878e499-5a3a894285d9035f-01
last-modified: Mon, 14 Apr 2025 10:09:26 GMT
etag: W/"fc1c44ae9e4954ae02c484125b7a6a1e"
x-amz-meta-mtime: 1744624991.424910642
content-encoding: gzip
expires: Tue, 15 Apr 2025 10:45:07 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 23702
cache: HIT
x-cached-since: 2025-04-14T10:58:32+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2

185.244.209.62

200 OK

64 kB

URL GET
v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 63748, version 1.0
Size
64 kB (63748 bytes)
Hash
6887b6f24414dbc612dbf42ccdc76b70
8068d3abfbc6cbf35b55919da45b1f4d2d136238
fc5c015fc32518f1ed810fa84ca28941eb9d5a3c81acc8df69a4dbbeedef7b0c

HTTP Headers

GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-077216.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:31 GMT
content-type: font/woff2
content-length: 63748
traceparent: 00-7aedeeb728bdf6817a2cd98dbd1206eb-842c1a66884b46dd-01
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "6887b6f24414dbc612dbf42ccdc76b70"
expires: Thu, 16 Jan 2025 10:32:14 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 1502
cache: HIT
x-cached-since: 2025-04-14T17:08:29+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/site-admin/colors/73c1e50506faab2d495c95d31b820a22.css

185.244.209.62

200 OK

40 kB

URL GET
v3.traincdn.com/genfiles/site-admin/colors/73c1e50506faab2d495c95d31b820a22.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
ASCII text, with very long lines (39662), with no line terminators
Size
40 kB (39662 bytes)
Hash
73c1e50506faab2d495c95d31b820a22
c0f2744dc4b187b6667f6aa6a9b4013cf1f0dcd3
4ea05001192895400e75d7cd8c07c56ed203c40a1aed77be2534e7bd42135566

HTTP Headers

GET /genfiles/site-admin/colors/73c1e50506faab2d495c95d31b820a22.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-077216.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:33 GMT
content-type: text/css
traceparent: 00-b2ea670c1ea786a5895e4cd025f4d3a9-81d2d701d89f1112-01
last-modified: Mon, 14 Apr 2025 09:51:00 GMT
etag: W/"73c1e50506faab2d495c95d31b820a22"
cache-control: max-age=3600
content-encoding: gzip
expires: Mon, 14 Apr 2025 11:30:34 GMT
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 1667
cache: HIT
x-cached-since: 2025-04-14T17:05:46+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_main/en/dictionary_b3c032cd5f9585db60b8a51283e548b6.json

185.244.209.62

200 OK

134 kB

URL GET
v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_main/en/dictionary_b3c032cd5f9585db60b8a51283e548b6.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
134 kB (133497 bytes)
Hash
bb7bbcacc934e39f7b27f9ae18c0f9b9
38514552ffb5155ef3f090c68d47ff436231df6c
81f97dd00a6be654792e7bce0ef61ca0aa991f620d3b1ee4acbdc15145e5ba0f

HTTP Headers

GET /genfiles/web-app-v2/dictionary2/v3_main/en/dictionary_b3c032cd5f9585db60b8a51283e548b6.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-077216.top/
Origin: https://1xlite-077216.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:33 GMT
content-type: application/json; charset=utf-8
traceparent: 00-d58d6046a48626b82257b7fcaae8ce31-11dc6864dcd4c0e4-01
last-modified: Mon, 14 Apr 2025 14:06:22 GMT
etag: W/"bb7bbcacc934e39f7b27f9ae18c0f9b9"
cache-control: max-age=3600
content-encoding: gzip
expires: Mon, 14 Apr 2025 15:20:22 GMT
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 671
cache: HIT
x-cached-since: 2025-04-14T17:22:22+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_game/en/dictionary_df7c057ef2694749b39eb77cc32fbf70.json

185.244.209.62

200 OK

21 kB

URL GET
v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_game/en/dictionary_df7c057ef2694749b39eb77cc32fbf70.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (20996), with no line terminators
Size
21 kB (21170 bytes)
Hash
ebc682baaed9e060c3434da5a2a3e24c
054dc96a3cb94605aaf9e019e2434eb296e7bb8d
7ed64becacb5bfacc2ad898d7b40d37ea978b721d745df72c326d7b05aaac197

HTTP Headers

GET /genfiles/web-app-v2/dictionary2/v3_game/en/dictionary_df7c057ef2694749b39eb77cc32fbf70.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-077216.top/
Origin: https://1xlite-077216.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:33 GMT
content-type: application/json; charset=utf-8
traceparent: 00-63d57186cf640b31ac2aa56e3459d7a1-ecfa60df99cfaff6-01
last-modified: Wed, 09 Apr 2025 16:06:01 GMT
etag: W/"5d2cdaf4aa9b4b46413e3df5a230a422"
cache-control: max-age=3600
content-encoding: gzip
expires: Wed, 09 Apr 2025 17:21:20 GMT
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 623
cache: HIT
x-cached-since: 2025-04-14T17:23:10+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_registration/en/dictionary_508cd106486a019e979f64bdcdf6fbc8.json

185.244.209.62

200 OK

19 kB

URL GET
v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_registration/en/dictionary_508cd106486a019e979f64bdcdf6fbc8.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (18399), with no line terminators
Size
19 kB (18852 bytes)
Hash
ab3e2fb7fba001507b877d15d42f2058
75fc461705ae63f60443a5a1199295aeab2385f9
af9d11eded31f8434a0b1a54a46ebf8529f81de03efd2c81d5165821fd94fb74

HTTP Headers

GET /genfiles/web-app-v2/dictionary2/v3_registration/en/dictionary_508cd106486a019e979f64bdcdf6fbc8.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-077216.top/
Origin: https://1xlite-077216.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:33 GMT
content-type: application/json; charset=utf-8
traceparent: 00-dcaa9add830c8660fd1f250b12804338-109d7654a558d22e-01
last-modified: Mon, 07 Apr 2025 16:06:25 GMT
etag: W/"2ad14999ee9d15f11397a18353a70dc4"
cache-control: max-age=3600
content-encoding: gzip
expires: Mon, 07 Apr 2025 17:21:19 GMT
x-time-ng: 0.001
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 2226
cache: HIT
x-cached-since: 2025-04-14T16:56:27+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/593f1a6d4223015f3145bf447897f4f2.json

185.244.209.62

200 OK

241 B

URL GET
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/593f1a6d4223015f3145bf447897f4f2.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
241 B (241 bytes)
Hash
39257fbb62736206d5245e08925d7b60
4c11e3cb6a16b884772b88acdba30a2ad98e86b8
3a3cf0f5c60899ffb49d9825516aec475fd7b78cea8ae0b5b58dfb4e658f041e

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/593f1a6d4223015f3145bf447897f4f2.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-077216.top/
Origin: https://1xlite-077216.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:35 GMT
content-type: application/json
content-length: 241
traceparent: 00-73077de9c387fad5c2801ffd646e521f-a1eea2d49b01c6ad-01
last-modified: Thu, 27 Feb 2025 13:24:25 GMT
etag: "39257fbb62736206d5245e08925d7b60"
expires: Thu, 27 Feb 2025 14:48:35 GMT
cache-control: max-age=3600
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 1037
cache: HIT
x-cached-since: 2025-04-14T17:16:18+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/main-static/b6a5d9e8/desktop/default/analytics-dfadc62d.js

185.244.209.62

200 OK

7.8 kB

URL GET
v3.traincdn.com/main-static/b6a5d9e8/desktop/default/analytics-dfadc62d.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (7765), with no line terminators
Size
7.8 kB (7765 bytes)
Hash
6ce84e63fcb523c199a4243eda399f56
2b968663a2d3a36ce0c42ec49c6be9f41fb10464
6a93e0a58241575648cdf050e8092b68f75e33bae9e85378039865252357cbef

HTTP Headers

GET /main-static/b6a5d9e8/desktop/default/analytics-dfadc62d.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-077216.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:44 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-ba650d6cd83f9f678e0b6d3b864d6294-4d2e0c99a90df4b2-01
last-modified: Fri, 11 Apr 2025 12:05:26 GMT
etag: W/"6ce84e63fcb523c199a4243eda399f56"
x-amz-meta-mtime: 1744373125.219880092
content-encoding: gzip
expires: Sat, 12 Apr 2025 12:21:18 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 18188
cache: HIT
x-cached-since: 2025-04-14T12:30:36+00:00
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-7JGWL9SV66

142.250.74.168

200 OK

469 kB

URL GET
www.googletagmanager.com/gtag/js?id=G-7JGWL9SV66
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint88:85:26:A3:0A:0B:44:C6:92:DD:7B:0B:D1:14:38:BA:26:B9:EF:D9
ValidityThu, 20 Mar 2025 11:18:39 GMT - Thu, 12 Jun 2025 11:18:38 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (12571)
Size
469 kB (468669 bytes)
Hash
cbd43c8eb0adee4cc177026ef2c4a7f3
7ea9bbbfadde777f672cb15bb3c6848968c302f3
1489a98acf1ac36ac8d0145f751b1299ac280d8ae029b97f46246db4ce948689

HTTP Headers

GET /gtag/js?id=G-7JGWL9SV66 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-077216.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 14 Apr 2025 17:33:45 GMT
expires: Mon, 14 Apr 2025 17:33:45 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1020:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1020:0
report-to: {"group":"ascgcycc:1020:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1020:0"}],}
server: Google Tag Manager
content-length: 149473
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/destination?id=AW-16664555628&l=dataLayer&cx=c&gtm=45He5490v9180563600za200&tag_exp=102509682~102803279~102813109~102887800~102926062~103021830~103027016~103050889~103051953~103055465

142.250.74.168

200 OK

324 kB

URL GET
www.googletagmanager.com/gtag/destination?id=AW-16664555628&l=dataLayer&cx=c&gtm=45He5490v9180563600za200&tag_exp=102509682~102803279~102813109~102887800~102926062~103021830~103027016~103050889~103051953~103055465
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint88:85:26:A3:0A:0B:44:C6:92:DD:7B:0B:D1:14:38:BA:26:B9:EF:D9
ValidityThu, 20 Mar 2025 11:18:39 GMT - Thu, 12 Jun 2025 11:18:38 GMT

File type
JavaScript source, ASCII text, with very long lines (5436)
Size
324 kB (323841 bytes)
Hash
f79e7acc9a8d7dfc270e8fbdc3affd11
f95ee7779cba0f65729bcb2a4272380daf098749
42fc5dc12c7d004370d36cb2769513bf56c61a22a3eaa32384d1c55d6aa47185

HTTP Headers

GET /gtag/destination?id=AW-16664555628&l=dataLayer&cx=c&gtm=45He5490v9180563600za200&tag_exp=102509682~102803279~102813109~102887800~102926062~103021830~103027016~103050889~103051953~103055465 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-077216.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 14 Apr 2025 17:33:46 GMT
expires: Mon, 14 Apr 2025 17:33:46 GMT
cache-control: private, max-age=900
last-modified: Mon, 14 Apr 2025 17:04:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcysghrgc:42:0
report-to: {"group":"ascgcysghrgc:42:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
server: Google Tag Manager
content-length: 112144
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.googletagmanager.com/gtm.js?id=GTM-KFGPRJ2V

142.250.74.168

200 OK

322 kB

URL GET
www.googletagmanager.com/gtm.js?id=GTM-KFGPRJ2V
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint88:85:26:A3:0A:0B:44:C6:92:DD:7B:0B:D1:14:38:BA:26:B9:EF:D9
ValidityThu, 20 Mar 2025 11:18:39 GMT - Thu, 12 Jun 2025 11:18:38 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (4828)
Size
322 kB (321736 bytes)
Hash
b316d1f96622b7ba7edc80489bc47c94
f934bde1e3098bf8b8bb9535673b4cdf7a9d9ca4
af89b3a3d0185b8523b475ae5ea97a2c97410f5bf6aa0a3799446dfe147890e2

HTTP Headers

GET /gtm.js?id=GTM-KFGPRJ2V HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-077216.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 14 Apr 2025 17:33:45 GMT
expires: Mon, 14 Apr 2025 17:33:45 GMT
cache-control: private, max-age=900
last-modified: Mon, 14 Apr 2025 17:04:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1262:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1262:0
report-to: {"group":"ascgcycc:1262:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1262:0"}],}
server: Google Tag Manager
content-length: 111996
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2F1xlite-077216.top%2Fen%2Fblock&scrsrc=www.googletagmanager.com&frm=0&rnd=1475081840.1744652026&dt=1xBet&auid=63476535.1744652026&navt=n&npa=1&gtm=45He5490v9180563600za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=102509682~102803279~102813109~102887800~102926062~103021830~103027016~103050889~103051953~103055465&tft=1744652025994&tfd=16475&apve=1

142.250.74.68

200 OK

0 B

URL POST
www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2F1xlite-077216.top%2Fen%2Fblock&scrsrc=www.googletagmanager.com&frm=0&rnd=1475081840.1744652026&dt=1xBet&auid=63476535.1744652026&navt=n&npa=1&gtm=45He5490v9180563600za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=102509682~102803279~102813109~102887800~102926062~103021830~103027016~103050889~103051953~103055465&tft=1744652025994&tfd=16475&apve=1
IP
142.250.74.68:443
ASN
#15169 GOOGLE

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerGoogle Trust Services
Subjectwww.google.com
Fingerprint40:5C:81:99:DA:01:36:FE:E4:60:2B:67:51:3D:C2:62:8D:9A:38:47
ValidityThu, 20 Mar 2025 11:20:31 GMT - Thu, 12 Jun 2025 11:20:30 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /ccm/collect?en=page_view&dl=https%3A%2F%2F1xlite-077216.top%2Fen%2Fblock&scrsrc=www.googletagmanager.com&frm=0&rnd=1475081840.1744652026&dt=1xBet&auid=63476535.1744652026&navt=n&npa=1&gtm=45He5490v9180563600za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=102509682~102803279~102813109~102887800~102926062~103021830~103027016~103050889~103051953~103055465&tft=1744652025994&tfd=16475&apve=1 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-077216.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-077216.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 200 OK
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT
content-type: text/plain
date: Mon, 14 Apr 2025 17:33:47 GMT
vary: Origin, X-Origin, Referer
server: scaffolding on HTTPServer2
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://1xlite-077216.top
access-control-expose-headers: date,vary,vary,vary,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/19f05ee466.css

185.244.209.62

200 OK

15 kB

URL GET
v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/19f05ee466.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
ASCII text, with very long lines (15082)
Size
15 kB (15083 bytes)
Hash
967ea13abafaa256ab87710daeab15e3
c35d006df7e93184905785ddd0780675dbf5ea14
21a68512f65cb824cf777ebddc9aa65f5922defc4dfbc969c3c0e37f74636eda

HTTP Headers

GET /sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/19f05ee466.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-077216.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:30 GMT
content-type: text/css; charset=utf-8
traceparent: 00-10f68b57761c3c877637dbbfa48b6260-94b1adc8c7830623-01
last-modified: Wed, 09 Apr 2025 12:22:18 GMT
etag: W/"967ea13abafaa256ab87710daeab15e3"
x-amz-meta-mtime: 1744200997.868436244
content-encoding: gzip
expires: Fri, 11 Apr 2025 09:44:30 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 27603
cache: HIT
x-cached-since: 2025-04-14T09:53:27+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/site-admin/css_vars/29b5cda95fa390c124de39b6aeca6d24.css

185.244.209.62

200 OK

46 B

URL GET
v3.traincdn.com/genfiles/site-admin/css_vars/29b5cda95fa390c124de39b6aeca6d24.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
46 B (46 bytes)
Hash
29b5cda95fa390c124de39b6aeca6d24
46f68f69533c1fdc737eb36e8e7af7672178e610
6021ec0aede22eadcb8401fe945d345202320437c7be01b157f0cb282ebe7c88

HTTP Headers

GET /genfiles/site-admin/css_vars/29b5cda95fa390c124de39b6aeca6d24.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-077216.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:33 GMT
content-type: text/css
content-length: 46
traceparent: 00-3b6c311ae04da180e9bb76cc220538c6-1ac45856aed9529a-01
last-modified: Thu, 20 Mar 2025 13:29:31 GMT
etag: "29b5cda95fa390c124de39b6aeca6d24"
cache-control: max-age=3600
expires: Thu, 20 Mar 2025 14:32:37 GMT
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 506
cache: HIT
x-cached-since: 2025-04-14T17:25:07+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/43d27a1005.js

185.244.209.62

200 OK

3.8 kB

URL GET
v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/43d27a1005.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
ASCII text, with very long lines (1194)
Size
3.8 kB (3791 bytes)
Hash
90f505b40c0bf80558c86ccc6b6605f2
cdfa527a479e455f440242d7fa8d04ad32321d90
f31cd11d82fe27561102b48dc1201ce56d5e46ceaff17d0e3e20cc8d9c0dc8cf

HTTP Headers

GET /sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/43d27a1005.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-077216.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:35 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-5994dd64c53a4dd235e5d041986f6388-77c928c1e9b9929c-01
last-modified: Wed, 09 Apr 2025 12:22:18 GMT
etag: W/"90f505b40c0bf80558c86ccc6b6605f2"
x-amz-meta-mtime: 1744200997.880436723
content-encoding: gzip
expires: Thu, 10 Apr 2025 12:27:29 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 17692
cache: HIT
x-cached-since: 2025-04-14T12:38:43+00:00
X-Firefox-Spdy: h2

1xlite-077216.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/ab.json

83.147.224.2

200 OK

2 B

URL POST
1xlite-077216.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/ab.json
IP
83.147.224.2:443
ASN
#0

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerLet's Encrypt
Subject1xlite-077216.top
Fingerprint1B:5A:D9:82:17:44:CF:93:9C:43:C1:58:12:A0:E9:1D:AE:93:92:1B
ValidityTue, 11 Mar 2025 05:20:06 GMT - Mon, 09 Jun 2025 05:20:05 GMT

File type
JSON text data
Size
2 B (2 bytes)
Hash
d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/ab.json HTTP/1.1
Host: 1xlite-077216.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-077216.top/en/block
Content-Type: application/json
X-Lang: en
X-Uuid: ab510b0b-b7de-4267-866c-fa9b379e3709
Content-Length: 19
Origin: https://1xlite-077216.top
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_4175298m_97c_PU_VE_PA_SB_MB_1XBET_PUSH%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_4175298m_97c_PU_VE_PA_SB_MB_1XBET_PUSH; postback_watcher=%7B%22tag%22%3A%22d_4175298m_97c_PU_VE_PA_SB_MB_1XBET_PUSH%22%2C%22pb%22%3A%227ceb261dfb824837b0d185a5d0c3c180%22%2C%22click_id%22%3A%22wf7v2mdp899lv1593hgci6fq%22%7D; auid=U5PgAmf9RuqfrpWMAyNtAg==; window_width=1280; che_g=b8f5ae6a-7ed3-3118-4d8c-708221b781c6
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:35 GMT
content-type: application/json
content-length: 2
x-dt: 285
x-time-ng: 0.001
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=0.126, wf-uht;dur=0.013
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2

185.244.209.62

200 OK

64 kB

URL GET
v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-077216.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 63920, version 1.0
Size
64 kB (63920 bytes)
Hash
a65527fcb58f66a7cfbc0e6b160538b4
45d260e7fa343401b5bb0df982a014f53e2d253b
fb13c3a1cbac60649b76f7d7f85c1645d35ac69b85ce5f4eb0692505ecc2cd45

HTTP Headers

GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-077216.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 14 Apr 2025 17:33:43 GMT
content-type: font/woff2
content-length: 63920
traceparent: 00-2e8bdb99c6a13f0d374956ba5577ba8a-7708629c98b86f02-01
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "a65527fcb58f66a7cfbc0e6b160538b4"
expires: Thu, 16 Jan 2025 10:45:34 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 2802
cache: HIT
x-cached-since: 2025-04-14T16:47:01+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (53)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML