Report - refpamjeql.top/L?tag=d_85563m_16303c_[]MS[]null[]null[]general[]{site_id}_d22490_l46998

Report Overview

Visited public
2025-01-25 07:29:13
Tags
URL
refpamjeql.top/L?tag=d_85563m_16303c_[]MS[]null[]null[]general[]{site_id}_d22490_l46998_clickunder&site=85563&ad=16303
Finishing URL
1xlite-032472.top/en/block
IP / ASN
45.135.120.31
#56630 Melbikomas UAB
Title
1xBet

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.googletagmanager.com	75	2011-11-11	2012-10-04	2025-01-22	2.3 kB	1.4 MB	142.250.74.168
region1.analytics.google.com	unknown	1997-09-15	2022-03-17	2025-01-22	1.9 kB	1.7 kB	216.239.32.36
www.google.no	25607	2001-02-26	2012-06-26	2025-01-22	699 B	578 B	142.250.74.131
refpamjeql.top	73932	2019-08-22	2019-08-22	2025-01-21	574 B	253 kB	45.135.120.31
www.google.com	7	1997-09-15	2015-05-10	2025-01-22	738 B	568 B	142.250.178.100
1xlite-032472.top	unknown	2024-10-10	2025-01-17	2025-01-24	14 kB	743 kB	46.32.182.119
v3.traincdn.com	unknown	2022-11-10	2022-11-25	2025-01-20	30 kB	4.5 MB	185.244.209.62
radar.cedexis.com	3035	2009-01-07	2013-11-27	2025-01-18	822 B	1.0 kB	45.54.49.5

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-01-25	medium	1xlite-032472.top	Sinkholed
2025-01-25	medium	1xlite-032472.top	Sinkholed
2025-01-25	medium	1xlite-032472.top	Sinkholed
2025-01-25	medium	1xlite-032472.top	Sinkholed
2025-01-25	medium	1xlite-032472.top	Sinkholed
2025-01-25	medium	1xlite-032472.top	Sinkholed
2025-01-25	medium	1xlite-032472.top	Sinkholed
2025-01-25	medium	1xlite-032472.top	Sinkholed
2025-01-25	medium	1xlite-032472.top	Sinkholed
2025-01-25	medium	1xlite-032472.top	Sinkholed
2025-01-25	medium	1xlite-032472.top	Sinkholed
2025-01-25	medium	1xlite-032472.top	Sinkholed
2025-01-25	medium	1xlite-032472.top	Sinkholed
2025-01-25	medium	1xlite-032472.top	Sinkholed

ThreatFox

No alerts detected

JavaScript (45)

	URL	From	Size	First Seen	Last Seen
	v3.traincdn.com/main-static/47b9c1da/desktop/default/vendors/plugins.vue-js-modal-5cca31b7.js	ScriptElement	27 kB	2025-01-24	2025-01-27
Pretty URL v3.traincdn.com/main-static/47b9c1da/desktop/default/vendors/plugins.vue-js-modal-5cca31b7.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-24 08:48 Last Seen2025-01-27 05:54 Times Seen20 Hash 3db44d2bf30809af2dcd3357d3514079 b7527b6cc5c8dcc7c0729e17f0bfca7dcf4d9c56 58a11607e8fa92823701b78dc8bcb8ff5f8e36c8ef9250666e5112c7c95c066b Loading...

	v3.traincdn.com/sys-static/shared-assets/__shared_accept_language_parser_F4H4E7NH.js	ImportedModule	1.3 kB	2024-12-07	2025-04-01
Pretty URL v3.traincdn.com/sys-static/shared-assets/__shared_accept_language_parser_F4H4E7NH.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2024-12-07 20:25 Last Seen2025-04-01 10:53 Times Seen350 Hash 268c88e3fff4b1ae77e5109cba692e17 24c1b85897ed42dc18d9fd0df1c6fd31494dc184 3e2f76fc7558357fcdec6f1ef4964f031737098953dac4a16bf8d8286f87ae2b Loading...

	v3.traincdn.com/sys-static/shared-assets/Desktop/__shared_base-app_lUiBTGbP.js	ImportedModule	779 kB	2025-01-24	2025-02-02
Pretty URL v3.traincdn.com/sys-static/shared-assets/Desktop/__shared_base-app_lUiBTGbP.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2025-01-24 08:48 Last Seen2025-02-02 15:56 Times Seen31 Hash e6dbde9f88defcc7c52d0f625309c0e2 3805f3f0033cea3b6e63a6d3de0a468b159990ab 6c9cd6ef577095fa380f89414868992c674fe4ff9e039aabd47d7701572fdbb4 Loading...

	1xlite-032472.top/hd-api/external/apps/c5e31d5915661de4393e3f1489b00ebc4497dd48/api.js	ScriptElement	595 B	2024-08-21	2025-02-23
Pretty URL 1xlite-032472.top/hd-api/external/apps/c5e31d5915661de4393e3f1489b00ebc4497dd48/api.js IP 46.32.182.119 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-21 18:09 Last Seen2025-02-23 03:19 Times Seen345 Hash bd2e3553032ba63e3b6b3200a743bc8d a15c755742b456440614377121fadba24bd3e220 66103e021ac66e5ac2a26dfa09c44b567a455096dd77bfd809295cae281e2046 Loading...

	1xlite-032472.top/hd-api/external/assets/hdf.js	ScriptElement	4.1 kB	2024-11-12	2025-05-02
Pretty URL 1xlite-032472.top/hd-api/external/assets/hdf.js IP 46.32.182.119 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-11-12 02:24 Last Seen2025-05-02 07:07 Times Seen624 Hash 2f26a679e9d54a65e6578e947cc5bdf2 1b984864aa7b3e28231ac7cea3c199435dbdc6bf 1e3c4bd81a1cd9ee02e42a42802d5c18cbdb3f3a11c0b2732eb11bd12263020c Loading...

	unknown	Function	34 B	2023-04-14	2025-05-03
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-14 16:26 Last Seen2025-05-03 02:52 Times Seen4180 Hash 7bcdb973ab8af8e24ab11cb554a1ba6e 24e8a10f240f2b06f81d7c173cd0a90606641fc1 916ec4eb9b485eb47f43a17fe212e84e4b72600b45eb6d4588599ad495a57fcd Loading...

	v3.traincdn.com/main-static/47b9c1da/desktop/default/runtime-c5698716.js	ScriptElement	24 kB	2025-01-25	2025-01-27
Pretty URL v3.traincdn.com/main-static/47b9c1da/desktop/default/runtime-c5698716.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-25 04:25 Last Seen2025-01-27 05:54 Times Seen14 Hash a12588b17862f55f6379f7973fc863be 1f5f3e490a644018222f70df8fe8b2f3fbc94807 e3df36f354c359873c50c2f8e32694d36d744f8cfd79c0eb9c3dd8d4f69a0518 Loading...

	radar.cedexis.com/1/23802/radar.js	ScriptElement	390 B	2024-02-13	2025-05-02
Pretty URL radar.cedexis.com/1/23802/radar.js IP 45.54.49.5 ASN #63911 NetActuate, Inc Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-13 14:23 Last Seen2025-05-02 07:07 Times Seen1870 Hash 82dec77fd0353c7c71ce053b8601387e fbbca95419e1d0c042e0a5fdf10f380aca66188c 39f2b7b0fa78d37d0c84d2d6618bd635d86fd683d9bcdd5729850cb2a62522f7 Loading...

	www.googletagmanager.com/gtag/js?id=G-7JGWL9SV66	ScriptElement	443 kB	2025-01-25	2025-01-25
Pretty URL www.googletagmanager.com/gtag/js?id=G-7JGWL9SV66 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-25 07:29 Last Seen2025-01-25 07:29 Times Seen1 Hash f9c4b43314c8db28ee280aa1901df54a 99ee2dfd00a920e16961d5ec2cec6766b18c55d3 df068b33b663725cf5b60852ce30fdf04522ce21f3ecc6e41c69042d8ee515ea Loading...

	v3.traincdn.com/main-static/47b9c1da/desktop/default/Betting.Core-32ad8e8f.js	ScriptElement	2.0 kB	2025-01-25	2025-01-27
Pretty URL v3.traincdn.com/main-static/47b9c1da/desktop/default/Betting.Core-32ad8e8f.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-25 04:25 Last Seen2025-01-27 05:54 Times Seen14 Hash 50857a08b29e5f846a815aae5d54fd57 c36b820e60e774f429bfe0a9419b712c5053bb53 45a166025cd11edea7ebc917a17106bebf277df68c6905ac6d802a8edf88b946 Loading...

	v3.traincdn.com/sys-static/shared-assets/__shared_popper_js_5I5UQEBA.js	ImportedModule	21 kB	2024-12-07	2025-04-01
Pretty URL v3.traincdn.com/sys-static/shared-assets/__shared_popper_js_5I5UQEBA.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2024-12-07 20:25 Last Seen2025-04-01 10:53 Times Seen349 Hash 6cb09f9375675899743ac6e31bcf0b0d 01383c415481291b1d4eeedff5a394215d84ecee b17f976b26b989ff50713207d307701334974c9c1e3b491f629adf197bc879ce Loading...

	unknown	Function	47 B	2023-04-14	2025-05-03
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-14 16:26 Last Seen2025-05-03 02:52 Times Seen4166 Hash a01893d8e129ad16c1e0fc5c7537f411 0e46d1bf2718f848d9d596fa269eaedb31204772 cbe7b89533bcd75b69f3e54807308551d68242ec1761e63bee1a99fc6e560175 Loading...

	v3.traincdn.com/main-static/47b9c1da/desktop/default/Page.Block-dc060fb4.js	ScriptElement	476 B	2025-01-24	2025-01-27
Pretty URL v3.traincdn.com/main-static/47b9c1da/desktop/default/Page.Block-dc060fb4.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-24 08:48 Last Seen2025-01-27 05:54 Times Seen20 Hash acfefbeecf242eb38145fcaf86a902dd bfa392f147e417cb67d7d27f005131c9acfcd126 e5e87499ec0a931c9b9600ff0cc6d637b5c3f570b32341412704ed4bf24344c6 Loading...

	v3.traincdn.com/main-static/47b9c1da/desktop/default/DC-d6ce9225.js	ScriptElement	2.7 kB	2025-01-24	2025-01-27
Pretty URL v3.traincdn.com/main-static/47b9c1da/desktop/default/DC-d6ce9225.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-24 08:48 Last Seen2025-01-27 05:54 Times Seen20 Hash eb58f903ab3f8f12f83f68befa090822 b9148ce3f6ee217de8d823f318c8693102cfdf25 14ae521b87eed63bc66aa13ff0a320332cdf401cfbe83e36c97014dc948f8f79 Loading...

	unknown	Function	44 B	2023-04-14	2025-05-03
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-14 16:26 Last Seen2025-05-03 02:52 Times Seen4172 Hash 00beb9884d0391b342eadd30744b539a 3124c0bd593822379d22f13d3e08e70a1bf5ea14 92394eec5690449a4f6cfc9a7f97497a69e926b2365cb9a9aad3507a844f835c Loading...

	1xlite-032472.top/main-static/47b9c1da/check-ob.js	ScriptElement	219 B	2024-07-17	2025-05-02
Pretty URL 1xlite-032472.top/main-static/47b9c1da/check-ob.js IP 46.32.182.119 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-17 14:33 Last Seen2025-05-02 07:07 Times Seen1087 Hash c065700c9c8c493403359e1f2baa10d9 4630fe729e70bdf63fa7ba6c84ec277fd1f51030 1e61f0c82ae82ffcf503fcd4b4c8ae27b32c11e19b882d5d13f3c44364c893f4 Loading...

	v3.traincdn.com/main-static/47b9c1da/desktop/default/vendors/plugins.vue-notification-2810a002.js	ScriptElement	13 kB	2025-01-24	2025-01-27
Pretty URL v3.traincdn.com/main-static/47b9c1da/desktop/default/vendors/plugins.vue-notification-2810a002.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-24 08:48 Last Seen2025-01-27 05:54 Times Seen20 Hash f6c5a202b198a4c0d45dc605993aeafd ba56ff1a95908aaffb27bfd77231740b868a1916 67fa235c7313fb686bb3eeda86b2aa35d5466c1891bb6858512bc8fcd13c2a99 Loading...

	v3.traincdn.com/sys-static/shared-assets/__shared_localforage_KSHPPCVF.js	ImportedModule	30 kB	2024-12-07	2025-04-01
Pretty URL v3.traincdn.com/sys-static/shared-assets/__shared_localforage_KSHPPCVF.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2024-12-07 20:25 Last Seen2025-04-01 10:53 Times Seen350 Hash d750d8afadf936c37b83cbcafdbba18d ec95777b14c5537b0d2576363f7591cee73a9655 f7a95c0ed0b017063d1bba414ee5097f7824d34a39c33db9f289919ee47c4f12 Loading...

	v3.traincdn.com/sys-static/shared-assets/__shared_libphonenumber_js_62MR2OUM.js	ImportedModule	159 kB	2024-12-07	2025-04-01
Pretty URL v3.traincdn.com/sys-static/shared-assets/__shared_libphonenumber_js_62MR2OUM.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2024-12-07 20:25 Last Seen2025-04-01 10:53 Times Seen349 Hash 382948808b1330a7a717d99dfd278acb e43ecb337e5dfe4613663cf0bb2b2d91ff3db39e 294b1df36207fcdeda2857f2e53154d5c383045cb70bf70d9fbaf47ff7db5cf8 Loading...

	v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/9kbgqgDA.js	ScriptElement	4.7 kB	2025-01-24	2025-02-02
Pretty URL v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/9kbgqgDA.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-24 08:48 Last Seen2025-02-02 15:56 Times Seen30 Hash 08be028667d14af0038fe725905f6727 03506f0d68352eacc6adafd73948d7191064545c 1cc826c40ba9056e8e63ca6821e4428695c54471ebd2568e5b6f69572d71126b Loading...

	www.googletagmanager.com/gtm.js?id=GTM-KFGPRJ2V	ScriptElement	304 kB	2025-01-25	2025-01-25
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-KFGPRJ2V IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-25 07:29 Last Seen2025-01-25 07:29 Times Seen1 Hash 3694dc88515d0aec8b560fae25931555 8a916474bd5de242249a125fb4395c4f6024ef4a f8f2da28bb9860501c2f082f9e56899a2d52e43026c502ab6b8a845d757131f6 Loading...

	www.googletagmanager.com/gtag/js?id=G-7JGWL9SV66&l=dataLayer&cx=c&gtm=45He51n0v9180563600za200	ScriptElement	443 kB	2025-01-25	2025-01-25
Pretty URL www.googletagmanager.com/gtag/js?id=G-7JGWL9SV66&l=dataLayer&cx=c&gtm=45He51n0v9180563600za200 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-25 07:29 Last Seen2025-01-25 07:29 Times Seen1 Hash 6ec6a7375468f4fc104e816cd29839ff 1ce23bb81ec3cb36ae4d4232e6376ba4ebef3416 64b0cd9dea6cd42afcbe1d284ec5049a9bcb2c781e541b0977b5b53a607cb34c Loading...

	v3.traincdn.com/main-static/47b9c1da/desktop/default/app-b474c513.js	ScriptElement	618 kB	2025-01-25	2025-01-27
Pretty URL v3.traincdn.com/main-static/47b9c1da/desktop/default/app-b474c513.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-25 04:25 Last Seen2025-01-27 05:54 Times Seen14 Hash d7f96e2daed89d493fe8878414e444df 8288d83078399108984c975e7c47bb5519996fb0 8e8bc8cbe2ffbc5f70ea7070e76c2be9fed2719b23d9fe0a55585613c3c3cad5 Loading...

	1xlite-032472.top/en/block	ScriptElement	1.7 kB	2025-01-25	2025-01-27
Pretty URL 1xlite-032472.top/en/block IP 46.32.182.119 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2025-01-25 04:25 Last Seen2025-01-27 05:54 Times Seen14 Hash f8759f9406c3d45008dc974d8c8816e9 1563d3c9a0df930e1871c1a382c77de77489a7ca 05f97880ddb84b8a9a8b78246a6a12eda2c531effdc694f20ac31267951ab9e8 Loading...

	1xlite-032472.top/en/block	ScriptElement	4.8 kB	2025-01-25	2025-01-27
Pretty URL 1xlite-032472.top/en/block IP 46.32.182.119 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2025-01-25 04:25 Last Seen2025-01-27 05:54 Times Seen14 Hash 5a12d4e0bb02a1315c17bb71722f1400 1046f244f35b5864901b9a36cbee07bc937a99f5 8fafa8ed6f3357671b2fe6210a678428e8356b0d29d097358fb8cf97e7bf2cc0 Loading...

	v3.traincdn.com/main-static/47b9c1da/desktop/default/vendors/app-3ab4978e.js	ScriptElement	936 kB	2025-01-24	2025-01-27
Pretty URL v3.traincdn.com/main-static/47b9c1da/desktop/default/vendors/app-3ab4978e.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-24 08:48 Last Seen2025-01-27 05:54 Times Seen20 Hash e345e1657282edab3fb12b39f05ae579 faedbca49426f54e1347ae9dfdcff1222dafb524 6b653b42dbbd05aa984f3bbc688795f84e0110378fcdb74befc2c2ca6cc7dc95 Loading...

	v3.traincdn.com/sys-static/shared-assets/__shared_chunk_6EO4CXC4.js	ImportedModule	610 B	2024-12-07	2025-05-02
Pretty URL v3.traincdn.com/sys-static/shared-assets/__shared_chunk_6EO4CXC4.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2024-12-07 20:25 Last Seen2025-05-02 07:07 Times Seen539 Hash 464c50409850b3095783d5b3b9a1b00d 7d5c3f49bd0689d72dddceee68afd229f4168ed5 71cbc8847b4abb3782fe515be3e9e1f3fb639f801b337a2a3612616151ec250d Loading...

	www.googletagmanager.com/gtag/destination?id=DC-14030178&l=dataLayer&cx=c&gtm=45He51n0v9180563600za200	ScriptElement	245 kB	2025-01-25	2025-01-25
Pretty URL www.googletagmanager.com/gtag/destination?id=DC-14030178&l=dataLayer&cx=c&gtm=45He51n0v9180563600za200 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-25 07:29 Last Seen2025-01-25 07:29 Times Seen1 Hash 1e2b94dbb64a8e1b35a57c7c8e092097 1f70004c57ef546592e1d6c10e7f0052c931ad1a b4c41cba350aa8e87a5334ae656e9515e7d3164844c5f46275eb89cd0ace488f Loading...

	unknown	Function	96 B	2023-12-06	2025-05-02
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-12-06 14:32 Last Seen2025-05-02 07:07 Times Seen2662 Hash 94361ed86ab9b2fbb8d805c2025df46a 3f428332f7a1c7196a85c93a373a966d75708c19 eee4d228a49a86625f29410cf9a23d145e821a09cbb1f7a4d7557d206872715a Loading...

	v3.traincdn.com/main-static/47b9c1da/desktop/default/commons/app-0a1c36f7.js	ScriptElement	138 kB	2025-01-24	2025-01-27
Pretty URL v3.traincdn.com/main-static/47b9c1da/desktop/default/commons/app-0a1c36f7.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-24 08:48 Last Seen2025-01-27 05:54 Times Seen20 Hash 25c3542d7571a59fc23a20d6b7193a57 81cbb9f75d57e7edfb2461bc4373f0e395b1825d 946c699f4e544aef14ff983cf0712cbe31fdb63ca61e3731eae37794ae7ef685 Loading...

	v3.traincdn.com/main-static/47b9c1da/desktop/default/vendors/plugins.v-tooltip-fbbf9263.js	ScriptElement	77 kB	2025-01-24	2025-01-27
Pretty URL v3.traincdn.com/main-static/47b9c1da/desktop/default/vendors/plugins.v-tooltip-fbbf9263.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-24 08:48 Last Seen2025-01-27 05:54 Times Seen20 Hash a685ae00f314eb051c72a7d446634d2b 67628bf924ed53e61883e6127e4b33307e8b3f06 e967fda64ea1be14948e042fdef167c8771c49f812835f318af43cdc883f7306 Loading...

	v3.traincdn.com/sys-static/shared-assets/__shared_vue_deps_PATB7KR4.js	ImportedModule	20 kB	2024-12-07	2025-02-21
Pretty URL v3.traincdn.com/sys-static/shared-assets/__shared_vue_deps_PATB7KR4.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2024-12-07 20:25 Last Seen2025-02-21 05:56 Times Seen60 Hash 219b2bf4ebab7fe0b8a06850fb28e8b3 b7fd22c6f47773c84e0535a50fd8319a0fe4537b 56f8d7d20941578cfaddddc4b0c104a165595b68a73dfcc92e4e6304f830bce7 Loading...

	v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/entry-Bthv_Gug.js	ScriptElement	50 kB	2025-01-24	2025-02-02
Pretty URL v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/entry-Bthv_Gug.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-24 08:48 Last Seen2025-02-02 15:56 Times Seen30 Hash 92d3f6d9d171d7255db9d87594c1856b 1da40c2805e3d71d764bb0b194244b9f27cc2c1a cb993eeb6e9e8fe27cefc09ae8e634b2b6cff209c79fc29256ce3bd83fbfbf74 Loading...

	v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/PKQRX_b5.js	ImportedModule	270 B	2025-01-24	2025-02-24
Pretty URL v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/PKQRX_b5.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2025-01-24 08:48 Last Seen2025-02-24 05:54 Times Seen60 Hash 21545c1b5163b1aff8e5b501a8bf0e26 8ee6a12b94c9b4081215ebab87d79677b3dd2fcd 816379d9aa04c4d364a0c0f72e985074e154d6ff6f3956acdcde97d9a3e166b4 Loading...

	unknown	Function	39 B	2023-04-14	2025-05-03
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-14 16:26 Last Seen2025-05-03 02:52 Times Seen4173 Hash bc51ed8c76553717f10d58b2df60fd76 e2d03a8fd8d280074b226c288880f9df299c7cb1 bee994eaf88453f6343ba57571a069054c12c9b4e42f8cbad4f2ad75c7fb264c Loading...

	v3.traincdn.com/main-static/47b9c1da/desktop/default/analytics-c4571eb0.js	ScriptElement	7.8 kB	2025-01-24	2025-02-06
Pretty URL v3.traincdn.com/main-static/47b9c1da/desktop/default/analytics-c4571eb0.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-24 08:48 Last Seen2025-02-06 06:58 Times Seen37 Hash 24a1947c1fdf79ab3fe41096d1094cb4 6579ce3e464b8bd9fcfa0b4f6dfe603295e7e460 f4ace4aa51ae690549f37af775909347b6b5555d3160c4cb09c77ca52816e52f Loading...

	data:text/javascript,export const meta = import.meta;	ScriptElement	32 B	2023-12-06	2025-05-02
Pretty URL data:text/javascript,export const meta = import.meta; IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-06 14:32 Last Seen2025-05-02 07:07 Times Seen2662 Hash 6d772b7d405b447ecee54ab61cdd5108 dd65fb9cd5a7cb94a40fe161f4f72303a61eb3b7 b90ff694e492935b6036fb7e878d365dab51aafa46f0afb1e33414e7ecc3307b Loading...

	v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/ywYu240b.js	ImportedModule	5.5 kB	2025-01-24	2025-02-02
Pretty URL v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/ywYu240b.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2025-01-24 08:48 Last Seen2025-02-02 15:56 Times Seen30 Hash 29317f40f64ddd062ced9e94b607702e ae6a3cdcfa58c241ac7dcaeb8660ff1ffa7e6a95 18e87f99b3dbc5451dd0c14e7c8e1e51df43d08b82c2f4b11447e09ad2a4a6bb Loading...

	unknown	Function	47 B	2023-04-14	2025-05-03
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-14 16:26 Last Seen2025-05-03 02:52 Times Seen4169 Hash 580b3e56fc9ab6e8b4655f43ee057cc1 5dfce565e446f4a167195de9a1a5dd26163c711c 446f07b6e56de61d2c2d5b6ba408cc580b492a6d1ede8fc51cfde4ef75a2b382 Loading...

	www.googletagmanager.com/gtag/destination?id=AW-16664555628&l=dataLayer&cx=c&gtm=45He51n0v9180563600za200	ScriptElement	301 kB	2025-01-25	2025-01-25
Pretty URL www.googletagmanager.com/gtag/destination?id=AW-16664555628&l=dataLayer&cx=c&gtm=45He51n0v9180563600za200 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-25 07:29 Last Seen2025-01-25 07:29 Times Seen1 Hash 9fac64520a04ffb1c58e1aff063c4eca 81ff5bab69b1070354507eb093d633989b8cc6fa cc3eb7b422ac6da4161016b7bba2952cb38dd381316b0bb15a536272e33aefd5 Loading...

	unknown	DomTimer	10 B	2024-09-21	2025-05-02
Pretty Introduced by domTimer Embedded in HTML false Observations First Seen2024-09-21 15:04 Last Seen2025-05-02 07:07 Times Seen710 Hash 01f4b51b4ba7edd00ad9f0a22259f06e 00723d0eda4be61a7b1c542b0a08a94a94a60017 9fdac1c31a22f55dbb8ca225ee28c3f7e88b41cce82968af0018c9f8b3bd35ba Loading...

	v3.traincdn.com/sys-static/shared-assets/__shared_fast_deep_equal_ORMYJPSV.js	ImportedModule	865 B	2024-12-07	2025-04-01
Pretty URL v3.traincdn.com/sys-static/shared-assets/__shared_fast_deep_equal_ORMYJPSV.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2024-12-07 20:25 Last Seen2025-04-01 10:53 Times Seen350 Hash e42d2bda0bda350e6cb507a391561910 fd6785beb70e406347acd6af79b73a609a65abb7 59e1f2ebd2ec588a043cdfb338403916451f301c50c7ace4549c0171c9659e88 Loading...

	1xlite-032472.top/en/block	ScriptElement	181 kB	2025-01-25	2025-01-25
Pretty URL 1xlite-032472.top/en/block IP 46.32.182.119 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2025-01-25 07:29 Last Seen2025-01-25 07:29 Times Seen1 Hash 3c3a7b88ab2a7345073dd5f45b04e984 eb4fd41987f48950b5baa0ef23ea67b076ae1f4d d779b400f529ffd55bcd40cb2f25401becee26dbc73c250150c92a7377411ded Loading...

		Size	First Seen	Last Seen
	#1 Eval - 9a4e2bf74953b0afbddcc4d63ef35c3c	345 kB	2025-01-25 07:29	2025-01-25 07:29
Pretty Observations First Seen2025-01-25 07:29 Last Seen2025-01-25 07:29 Times Seen1 Hash 9a4e2bf74953b0afbddcc4d63ef35c3c 42f693ae01068301b7b1eebb09fa96ecf1ea1305 29c60cc04702efc4c5dda974bd3c2b6475dc8322312742584236070833dba0cc Loading...

	#2 Eval - c18d89b758ff5e05cca281f1a41bcab9	1.2 kB	2025-01-24 08:48	2025-02-02 15:56
Pretty Observations First Seen2025-01-24 08:48 Last Seen2025-02-02 15:56 Times Seen30 Hash c18d89b758ff5e05cca281f1a41bcab9 c2b3b86e9c12c1e2b5a84969d3f8813533295d3e 5f2958ee62a72c8044d14d5eb126b4905e6b9cddc0682f4da8749d7007b39aaa Loading...

HTTP Transactions (87)

URL IP Response Size

1xlite-032472.top/en?tag=d_85563m_16303c_[]MS[]null[]null[]general[]{site_id}_d22490_l46998_clickunder

46.32.182.119

302 Found

252 kB

URL User Request GET HTTP/2
1xlite-032472.top/en?tag=d_85563m_16303c_[]MS[]null[]null[]general[]{site_id}_d22490_l46998_clickunder
IP
46.32.182.119:443
ASN
#0

Certificate
IssuerLet's Encrypt
Subject1xlite-032472.top
Fingerprint67:A5:DB:FC:AB:A3:CB:3D:16:5D:64:68:CE:5C:77:27:83:DD:D9:57
ValidityWed, 25 Dec 2024 09:21:50 GMT - Tue, 25 Mar 2025 09:21:49 GMT

File type
HTML document, ASCII text, with very long lines (58509)
Size
252 kB (252246 bytes)
Hash
3e15678e80b4d2e4c4cf74bc09d1f1a5
161a379ab9c26c6ba9d3bac9494a866bfb22ad5e
49ce1caced5118e3073e8806ed262cb2d1edd3ec085987ee6248c77399bb3d7b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /en?tag=d_85563m_16303c_[]MS[]null[]null[]general[]{site_id}_d22490_l46998_clickunder HTTP/1.1
Host: 1xlite-032472.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx
date: Sat, 25 Jan 2025 07:28:44 GMT
link: <https://v3.traincdn.com/sys-ui/2.3.48/Desktop/Default/client.css>; rel=preload; as=style; crossorigin=anonymous
location: /en/block
server-timing: dt_total;dur=0.010, total;dur=24;desc="Nuxt Server Time", wf-uht;dur=0.036
set-cookie: platform_type=desktop; Path=/; Expires=Tue, 28 Jan 2025 07:28:44 GMT; Secure; SameSite=None; Partitioned
lng=en; Path=/
cookies_agree_type=3; Path=/
tzo=1; Path=/
is12h=0; Path=/
referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_85563m_16303c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l46998_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; Path=/; Expires=Wed, 26 Mar 2025 07:28:44 GMT
reflinkid=d_85563m_16303c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l46998_clickunder; Path=/; Expires=Sat, 25 Jan 2025 08:28:44 GMT
postback_watcher=; Path=/; Expires=Sat, 25 Jan 2025 07:28:48 GMT
auid=LiC2d2eUkqxAPhpPAz0SAg==; path=/; secure; httponly; samesite=lax
x-dt: 285
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

1xlite-032472.top/main-static/47b9c1da/check-ob.js

46.32.182.119

200 OK

219 B

URL GET HTTP/2
1xlite-032472.top/main-static/47b9c1da/check-ob.js
IP
46.32.182.119:443
ASN
#0

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerLet's Encrypt
Subject1xlite-032472.top
Fingerprint67:A5:DB:FC:AB:A3:CB:3D:16:5D:64:68:CE:5C:77:27:83:DD:D9:57
ValidityWed, 25 Dec 2024 09:21:50 GMT - Tue, 25 Mar 2025 09:21:49 GMT

File type
JavaScript source, ASCII text
Size
219 B (219 bytes)
Hash
c065700c9c8c493403359e1f2baa10d9
4630fe729e70bdf63fa7ba6c84ec277fd1f51030
1e61f0c82ae82ffcf503fcd4b4c8ae27b32c11e19b882d5d13f3c44364c893f4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /main-static/47b9c1da/check-ob.js HTTP/1.1
Host: 1xlite-032472.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-032472.top/en/block
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_85563m_16303c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l46998_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_85563m_16303c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l46998_clickunder; postback_watcher=; auid=LiC2d2eUkqxAPhpPAz0SAg==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Jan 2025 07:28:44 GMT
content-type: text/javascript; charset=utf-8
content-length: 219
last-modified: Fri, 24 Jan 2025 09:03:04 GMT
etag: "c065700c9c8c493403359e1f2baa10d9"
x-amz-meta-mtime: 1737709383.919535591
expires: Sun, 26 Jan 2025 07:28:31 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/version.json

185.244.209.62

200 OK

11 B

URL GET HTTP/2
v3.traincdn.com/version.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
ASCII text
Size
11 B (11 bytes)
Hash
0c746b13eeb7506cefd57f8d03f74db2
ae7d40ed6da90275d06d5850a7f4d6c7360cf4a4
61aacc1883273b6ab0a5559d2800f603631a3ddf42807ce58e90e488c61caf00

HTTP Headers

GET /version.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-032472.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-032472.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 25 Jan 2025 07:28:44 GMT
content-type: application/json
content-length: 11
traceparent: 00-e1ea56ba930c1655aeb5fa4b8232c141-947098cebf524a1a-01
last-modified: Fri, 24 Jan 2025 09:03:04 GMT
etag: "0c746b13eeb7506cefd57f8d03f74db2"
x-amz-meta-mtime: 1737709384.603537503
expires: Fri, 24 Jan 2025 09:06:26 GMT
cache-control: max-age=60
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 28
cache: HIT
x-cached-since: 2025-01-25T07:28:16+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/CuImo7CT.css

185.244.209.62

200 OK

650 B

URL GET HTTP/2
v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/CuImo7CT.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
ASCII text, with very long lines (649)
Size
650 B (650 bytes)
Hash
2229547d50a851e3f9c39e19cdcf4751
faaf12acea401378e691df74690b6dc0eaacfa11
7cfe9ce64aa88e9db8abacc1821a7ed463e9b9aa224852291922071ea8806f47

HTTP Headers

GET /sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/CuImo7CT.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-032472.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 25 Jan 2025 07:28:44 GMT
content-type: text/css; charset=utf-8
content-length: 650
traceparent: 00-3673a415201136a5af3fce78ce5f3323-1ccb2b1cea50c339-01
last-modified: Thu, 16 Jan 2025 12:01:29 GMT
etag: "2229547d50a851e3f9c39e19cdcf4751"
x-amz-meta-mtime: 1737028741.202096736
expires: Thu, 23 Jan 2025 12:27:12 GMT
cache-control: max-age=86400
x-time-ng: 0.003
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 68451
cache: HIT
x-cached-since: 2025-01-24T12:27:53+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2

185.244.209.62

200 OK

64 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 63748, version 1.0
Size
64 kB (63748 bytes)
Hash
6887b6f24414dbc612dbf42ccdc76b70
8068d3abfbc6cbf35b55919da45b1f4d2d136238
fc5c015fc32518f1ed810fa84ca28941eb9d5a3c81acc8df69a4dbbeedef7b0c

HTTP Headers

GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-032472.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Jan 2025 07:28:45 GMT
content-type: font/woff2
content-length: 63748
traceparent: 00-7b40131de8485cfdb5ef0dad2f700ef8-7658e95607a63633-01
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "6887b6f24414dbc612dbf42ccdc76b70"
expires: Thu, 16 Jan 2025 10:32:14 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 475
cache: HIT
x-cached-since: 2025-01-25T07:20:50+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2

185.244.209.62

200 OK

64 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 63920, version 1.0
Size
64 kB (63920 bytes)
Hash
a65527fcb58f66a7cfbc0e6b160538b4
45d260e7fa343401b5bb0df982a014f53e2d253b
fb13c3a1cbac60649b76f7d7f85c1645d35ac69b85ce5f4eb0692505ecc2cd45

HTTP Headers

GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-032472.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Jan 2025 07:28:45 GMT
content-type: font/woff2
content-length: 63920
traceparent: 00-e710c1406378a06115a8536787897e7e-e1a7a13336ffeb95-01
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "a65527fcb58f66a7cfbc0e6b160538b4"
expires: Thu, 16 Jan 2025 10:45:34 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 1090
cache: HIT
x-cached-since: 2025-01-25T07:10:35+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/main-static/47b9c1da/desktop/default/Page.Block-dc060fb4.js

185.244.209.62

200 OK

476 B

URL GET HTTP/2
v3.traincdn.com/main-static/47b9c1da/desktop/default/Page.Block-dc060fb4.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (476), with no line terminators
Size
476 B (476 bytes)
Hash
acfefbeecf242eb38145fcaf86a902dd
bfa392f147e417cb67d7d27f005131c9acfcd126
e5e87499ec0a931c9b9600ff0cc6d637b5c3f570b32341412704ed4bf24344c6

HTTP Headers

GET /main-static/47b9c1da/desktop/default/Page.Block-dc060fb4.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-032472.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Jan 2025 07:28:45 GMT
content-type: text/javascript; charset=utf-8
content-length: 476
traceparent: 00-daade4c7067447c2fb8b84acfaace347-345208ba6493862a-01
last-modified: Fri, 24 Jan 2025 09:00:19 GMT
etag: "acfefbeecf242eb38145fcaf86a902dd"
x-amz-meta-mtime: 1737709217.031067955
expires: Sat, 25 Jan 2025 09:33:25 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 78891
cache: HIT
x-cached-since: 2025-01-24T09:33:54+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/b5cd9a5e87d930de856c92da15aa121e.png

185.244.209.62

200 OK

653 B

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/b5cd9a5e87d930de856c92da15aa121e.png
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
PNG image data, 32 x 32, 8-bit colormap, non-interlaced
Size
653 B (653 bytes)
Hash
e6f0766cbd95db33da44e7a9140648f2
5f196b1bfe8c3f92bd2ebcd67124e72e81ae6aaf
c0399d478788d5d483f104a2e8cb7c32f41cb40e9df0c22e831b2bfa2db63ec0

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/b5cd9a5e87d930de856c92da15aa121e.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-032472.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Jan 2025 07:28:45 GMT
content-type: image/png
content-length: 653
traceparent: 00-82724c9e76f8920602f04a7b054e3138-6fc052daecbbe585-01
last-modified: Wed, 26 Jun 2024 08:18:02 GMT
etag: "e6f0766cbd95db33da44e7a9140648f2"
expires: Thu, 16 Jan 2025 10:46:36 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 1050
cache: HIT
x-cached-since: 2025-01-25T07:11:15+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/sys-ui/2.3.48/Desktop/Default/client.css

185.244.209.62

200 OK

299 kB

URL GET HTTP/2
v3.traincdn.com/sys-ui/2.3.48/Desktop/Default/client.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
299 kB (299382 bytes)
Hash
6f3615281f45b80082a8bcd3b8a6917d
ee96d259c5498f489247fa89003e9b57d581429f
2545e7fafa923359607b790cdc7a48f523a4d77910be1cb382075897277d44ac

HTTP Headers

GET /sys-ui/2.3.48/Desktop/Default/client.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-032472.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-032472.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 25 Jan 2025 07:28:44 GMT
content-type: text/css; charset=utf-8
traceparent: 00-104d86b62238ef0361982448b0b1eccc-94e711747dae0fe3-01
last-modified: Wed, 15 Jan 2025 09:51:46 GMT
etag: W/"d037203b6db6edbc64b162b70550a1b3"
x-amz-meta-mtime: 1736934703.897720635
content-encoding: gzip
expires: Thu, 23 Jan 2025 12:27:03 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 68451
cache: HIT
x-cached-since: 2025-01-24T12:27:53+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/main-static/47b9c1da/desktop/default/vendors/app-3ab4978e.js

185.244.209.62

200 OK

319 kB

URL GET HTTP/2
v3.traincdn.com/main-static/47b9c1da/desktop/default/vendors/app-3ab4978e.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
319 kB (319248 bytes)
Hash
c37c1174a60560696bcacf1bd336a4f5
5a0890bf10a155f3c9db623040cd1f12cfc57d5c
8456aec13c5aa1870269870490b6f5c2ffee1d70f50c79710891876af80635c5

HTTP Headers

GET /main-static/47b9c1da/desktop/default/vendors/app-3ab4978e.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-032472.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Jan 2025 07:28:45 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-e72c8aa7853a09f5b8e68a320a7cb436-c7a0ccf6605d3cf6-01
last-modified: Fri, 24 Jan 2025 09:00:20 GMT
etag: W/"e345e1657282edab3fb12b39f05ae579"
x-amz-meta-mtime: 1737709217.059068033
content-encoding: gzip
expires: Sat, 25 Jan 2025 09:33:25 GMT
cache-control: max-age=86400
x-time-ng: 0.004
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 78891
cache: HIT
x-cached-since: 2025-01-24T09:33:54+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/main-static/47b9c1da/desktop/default/vendors/plugins.v-tooltip-fbbf9263.js

185.244.209.62

200 OK

26 kB

URL GET HTTP/2
v3.traincdn.com/main-static/47b9c1da/desktop/default/vendors/plugins.v-tooltip-fbbf9263.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
26 kB (26238 bytes)
Hash
b1986496da91c7c0cd11f881cef84a09
882c188e38cc555245602137a8962792c45c3754
5cca0656c99c502ef4249823516465603660736d80e1fc3f0d8e8bec7815bf51

HTTP Headers

GET /main-static/47b9c1da/desktop/default/vendors/plugins.v-tooltip-fbbf9263.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-032472.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Jan 2025 07:28:45 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-498b00f9f034c487e40734222eb8a123-31dbb8088158ca06-01
last-modified: Fri, 24 Jan 2025 09:00:20 GMT
etag: W/"a685ae00f314eb051c72a7d446634d2b"
x-amz-meta-mtime: 1737709217.059068033
content-encoding: gzip
expires: Sat, 25 Jan 2025 09:33:25 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 78890
cache: HIT
x-cached-since: 2025-01-24T09:33:55+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/main-static/47b9c1da/desktop/default/vendors/plugins.vue-notification-2810a002.js

185.244.209.62

200 OK

5.0 kB

URL GET HTTP/2
v3.traincdn.com/main-static/47b9c1da/desktop/default/vendors/plugins.vue-notification-2810a002.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
5.0 kB (5014 bytes)
Hash
cf7244f370289f3006e9d1ac95923e8b
87e1090a205a774712dd0109e19d1526af8acd51
112e0893baef3d7ba268b4f52dcb4a35297a5b5423ea912df2105ed992edf477

HTTP Headers

GET /main-static/47b9c1da/desktop/default/vendors/plugins.vue-notification-2810a002.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-032472.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Jan 2025 07:28:45 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-30e8993848b73991c3965315cec1e0c2-6077555c03896319-01
last-modified: Fri, 24 Jan 2025 09:00:20 GMT
etag: W/"f6c5a202b198a4c0d45dc605993aeafd"
x-amz-meta-mtime: 1737709217.059068033
content-encoding: gzip
expires: Sat, 25 Jan 2025 09:33:25 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 78890
cache: HIT
x-cached-since: 2025-01-24T09:33:55+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/site-admin/colors/5b2250f464951c6b1d4b2cfa25b00f4c.css

185.244.209.62

200 OK

8.2 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/site-admin/colors/5b2250f464951c6b1d4b2cfa25b00f4c.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
8.2 kB (8165 bytes)
Hash
9e29601d29350ca2d18ab70fbdf3c552
4545b73f883771dfa2672cf13fc71e0db3f24497
14a6946ceec061ac7abe7101671acdf6d1a8f97918bfe6545f171e03d92c96cc

HTTP Headers

GET /genfiles/site-admin/colors/5b2250f464951c6b1d4b2cfa25b00f4c.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-032472.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Jan 2025 07:28:45 GMT
content-type: text/css
traceparent: 00-0528b38391bf60b2f078af360427b147-a67b8e2a3574508a-01
last-modified: Fri, 24 Jan 2025 11:28:52 GMT
etag: W/"5b2250f464951c6b1d4b2cfa25b00f4c"
cache-control: max-age=3600
content-encoding: gzip
expires: Fri, 24 Jan 2025 14:12:08 GMT
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 3241
cache: HIT
x-cached-since: 2025-01-25T06:34:44+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/D1iYNtOZ.css

185.244.209.62

200 OK

4.2 kB

URL GET HTTP/2
v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/D1iYNtOZ.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
4.2 kB (4224 bytes)
Hash
bd4e988accd8dc757bf94998ddf42e3f
a970160b0692b8e40d541086c6c489e628e76f4b
a7a6ff85d9f5af78c7c30855e3fcbfb66f21fdc2bdde96a46c6d4af54d25fb71

HTTP Headers

GET /sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/D1iYNtOZ.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-032472.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 25 Jan 2025 07:28:44 GMT
content-type: text/css; charset=utf-8
traceparent: 00-33e7db12184c552bb43c0e567383b0c8-7f50e71699017e68-01
last-modified: Thu, 16 Jan 2025 12:01:29 GMT
etag: W/"a161ab64e426c2e67de9bb720e159e76"
x-amz-meta-mtime: 1737028741.202096736
content-encoding: gzip
expires: Thu, 23 Jan 2025 12:27:28 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 68451
cache: HIT
x-cached-since: 2025-01-24T12:27:53+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/7eb49f3cb95029f19a7a99d6483a332d.json

185.244.209.62

200 OK

182 B

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/7eb49f3cb95029f19a7a99d6483a332d.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
182 B (182 bytes)
Hash
e4c69ca8e3916987138c95a26642f53a
411149ef1233c191122618916dc7fa4965a30f7c
9bbbe99b83a20d3d0bd65ab0b343de560c6d437a74a4835786bbd6a58bb0e08e

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/7eb49f3cb95029f19a7a99d6483a332d.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-032472.top/
Origin: https://1xlite-032472.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Jan 2025 07:28:45 GMT
content-type: application/json
content-length: 182
traceparent: 00-7328dd1f00ef60cc49d8e7e21e8ee0fe-d733fea0df64be37-01
last-modified: Fri, 17 May 2024 06:18:09 GMT
etag: "e4c69ca8e3916987138c95a26642f53a"
expires: Thu, 16 Jan 2025 11:02:52 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 1464
cache: HIT
x-cached-since: 2025-01-25T07:04:21+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/77d274ae92641bcba2aa23003b9148b0.json

185.244.209.62

200 OK

673 B

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/77d274ae92641bcba2aa23003b9148b0.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
673 B (673 bytes)
Hash
fb89b3f86b1e1fb8bcf38c14cac3ede6
211c1b3d342a27a3c939315ed8855447ec7d9f8b
eeb252831a20e08086da75a3e7bd821a3c8585d9f84be8bb7c215cd83c9a8c9f

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/77d274ae92641bcba2aa23003b9148b0.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-032472.top/
Origin: https://1xlite-032472.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Jan 2025 07:28:45 GMT
content-type: application/json
content-length: 673
traceparent: 00-9952587f5fc0a96c5deed4beedb5352e-f84fd46be3546781-01
last-modified: Sat, 18 May 2024 04:20:46 GMT
etag: "fb89b3f86b1e1fb8bcf38c14cac3ede6"
expires: Thu, 16 Jan 2025 11:01:41 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 1464
cache: HIT
x-cached-since: 2025-01-25T07:04:21+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/98f724b77568f44429da8babd1b679b3.json

185.244.209.62

200 OK

3.7 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/98f724b77568f44429da8babd1b679b3.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
3.7 kB (3707 bytes)
Hash
75c7442c85811fa43a28790d5b86f6b9
7959d06d43187d7e314eba4e8b1983c6bcf1848e
379d785b39fb599bf0c998a0cea2ac793950306e3ec49311995dc2e46bff6d56

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/98f724b77568f44429da8babd1b679b3.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-032472.top/
Origin: https://1xlite-032472.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Jan 2025 07:28:45 GMT
content-type: application/json
traceparent: 00-13dd5148eed9d9c07ba4117aa545ca2e-7c27fd6779483e64-01
last-modified: Wed, 15 Jan 2025 12:23:16 GMT
etag: W/"676ec11eff720c830185b6d21e7c7d30"
content-encoding: gzip
expires: Thu, 16 Jan 2025 11:02:51 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 1464
cache: HIT
x-cached-since: 2025-01-25T07:04:21+00:00
X-Firefox-Spdy: h2

1xlite-032472.top/version.json?timestamp=1737790126020

46.32.182.119

200 OK

11 B

URL GET HTTP/2
1xlite-032472.top/version.json?timestamp=1737790126020
IP
46.32.182.119:443
ASN
#0

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerLet's Encrypt
Subject1xlite-032472.top
Fingerprint67:A5:DB:FC:AB:A3:CB:3D:16:5D:64:68:CE:5C:77:27:83:DD:D9:57
ValidityWed, 25 Dec 2024 09:21:50 GMT - Tue, 25 Mar 2025 09:21:49 GMT

File type
ASCII text
Size
11 B (11 bytes)
Hash
0c746b13eeb7506cefd57f8d03f74db2
ae7d40ed6da90275d06d5850a7f4d6c7360cf4a4
61aacc1883273b6ab0a5559d2800f603631a3ddf42807ce58e90e488c61caf00

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /version.json?timestamp=1737790126020 HTTP/1.1
Host: 1xlite-032472.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-032472.top/en/block
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_85563m_16303c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l46998_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_85563m_16303c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l46998_clickunder; postback_watcher=; auid=LiC2d2eUkqxAPhpPAz0SAg==; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Jan 2025 07:28:46 GMT
content-type: application/json
content-length: 11
last-modified: Fri, 24 Jan 2025 09:03:04 GMT
etag: "0c746b13eeb7506cefd57f8d03f74db2"
x-amz-meta-mtime: 1737709384.603537503
expires: Sat, 25 Jan 2025 07:29:46 GMT
cache-control: max-age=60
x-time-ng: 0.000
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.010
X-Firefox-Spdy: h2

1xlite-032472.top/seo-module-api/api/public/v1/analytics-counters?project[id]=285&domain[host]=1xlite-032472.top

46.32.182.119

200 OK

116 B

URL GET HTTP/2
1xlite-032472.top/seo-module-api/api/public/v1/analytics-counters?project[id]=285&domain[host]=1xlite-032472.top
IP
46.32.182.119:443
ASN
#0

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerLet's Encrypt
Subject1xlite-032472.top
Fingerprint67:A5:DB:FC:AB:A3:CB:3D:16:5D:64:68:CE:5C:77:27:83:DD:D9:57
ValidityWed, 25 Dec 2024 09:21:50 GMT - Tue, 25 Mar 2025 09:21:49 GMT

File type
JSON text data
Size
116 B (116 bytes)
Hash
c3b99d303306b462b1ed909b7b95987b
2d839df95274b9c85fd354e45127067095186ffa
387b26258a25650ddd79a1e7c0be2697a66584f5280152825a6605c6586d38a3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /seo-module-api/api/public/v1/analytics-counters?project[id]=285&domain[host]=1xlite-032472.top HTTP/1.1
Host: 1xlite-032472.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-032472.top/en/block
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_85563m_16303c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l46998_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_85563m_16303c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l46998_clickunder; postback_watcher=; auid=LiC2d2eUkqxAPhpPAz0SAg==; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Jan 2025 07:28:46 GMT
content-type: application/json
content-length: 116
cache-control: max-age=1200, must-revalidate, public, s-maxage=1800, stale-if-error=86400, stale-while-revalidate=300
x-content-digest: en6d0e5d6e0146a49c358c0eaad1d2ef38
age: 625
x-request-id: 4de5f79c5cde564d641b846249d544c7
x-request-guid: 4de5f79c5cde564d641b846249d544c7
content-encoding: br
x-time-ng: 0.002
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: p;dur=1.8100738525391, wf-uht;dur=0.014
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/shared-assets/__shared_fast_deep_equal_ORMYJPSV.js

185.244.209.62

200 OK

865 B

URL GET HTTP/2
v3.traincdn.com/sys-static/shared-assets/__shared_fast_deep_equal_ORMYJPSV.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (840)
Size
865 B (865 bytes)
Hash
e42d2bda0bda350e6cb507a391561910
fd6785beb70e406347acd6af79b73a609a65abb7
59e1f2ebd2ec588a043cdfb338403916451f301c50c7ace4549c0171c9659e88

HTTP Headers

GET /sys-static/shared-assets/__shared_fast_deep_equal_ORMYJPSV.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-032472.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Jan 2025 07:28:46 GMT
content-type: text/javascript; charset=utf-8
content-length: 865
traceparent: 00-b15f1f8ab575435c56560ed7a7ff02ca-2e8f84f3704b312f-01
last-modified: Fri, 24 Jan 2025 09:12:28 GMT
etag: "e42d2bda0bda350e6cb507a391561910"
x-amz-meta-mtime: 1737709765.869983787
expires: Sat, 25 Jan 2025 09:56:28 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 77538
cache: HIT
x-cached-since: 2025-01-24T09:56:28+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

1xlite-032472.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json

46.32.182.119

200 OK

23 B

URL POST HTTP/2
1xlite-032472.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json
IP
46.32.182.119:443
ASN
#0

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerLet's Encrypt
Subject1xlite-032472.top
Fingerprint67:A5:DB:FC:AB:A3:CB:3D:16:5D:64:68:CE:5C:77:27:83:DD:D9:57
ValidityWed, 25 Dec 2024 09:21:50 GMT - Tue, 25 Mar 2025 09:21:49 GMT

File type
JSON text data
Size
23 B (23 bytes)
Hash
94d0b3c9d3f27e256356324ba40d59c1
cfbf66dce321a044eac4fa7be7346b20f04ef666
4eba06fedaa0ffe860180a447a1d61546d97bb653f9b5330ae7f1c3830bb12c7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json HTTP/1.1
Host: 1xlite-032472.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-032472.top/en/block
Content-Type: application/json
X-Lang: en
X-Uuid: 4407e9b4-bf0d-4e58-8960-22531ca55cd7
Content-Length: 88
Origin: https://1xlite-032472.top
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_85563m_16303c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l46998_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_85563m_16303c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l46998_clickunder; postback_watcher=; auid=LiC2d2eUkqxAPhpPAz0SAg==; window_width=1280; che_g=74c4b154-db9d-68b1-570f-a5cf63b8156a
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Jan 2025 07:28:46 GMT
content-type: application/json
content-length: 23
x-dt: 285
x-time-ng: 0.001
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=0.010, wf-uht;dur=0.012
X-Firefox-Spdy: h2

1xlite-032472.top/checker/redirect/stat/run/

46.32.182.119

200 OK

14 B

URL GET HTTP/2
1xlite-032472.top/checker/redirect/stat/run/
IP
46.32.182.119:443
ASN
#0

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerLet's Encrypt
Subject1xlite-032472.top
Fingerprint67:A5:DB:FC:AB:A3:CB:3D:16:5D:64:68:CE:5C:77:27:83:DD:D9:57
ValidityWed, 25 Dec 2024 09:21:50 GMT - Tue, 25 Mar 2025 09:21:49 GMT

File type
JSON text data
Size
14 B (14 bytes)
Hash
2de0d0acfd684235f066bd0ec0c9e3df
68d0cb64805a42d7e40f43e8e198986b43dd6b69
9682f312f23e078bb135f23ea5a178b178e75c02d33672f20044d18c6d258928

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /checker/redirect/stat/run/ HTTP/1.1
Host: 1xlite-032472.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-032472.top/en/block
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_85563m_16303c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l46998_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_85563m_16303c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l46998_clickunder; postback_watcher=; auid=LiC2d2eUkqxAPhpPAz0SAg==; window_width=1280; che_g=74c4b154-db9d-68b1-570f-a5cf63b8156a
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Jan 2025 07:28:46 GMT
content-type: application/json
content-length: 14
x-time-ng: 0.001
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.011
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/shared-assets/__shared_libphonenumber_js_62MR2OUM.js

185.244.209.62

200 OK

52 kB

URL GET HTTP/2
v3.traincdn.com/sys-static/shared-assets/__shared_libphonenumber_js_62MR2OUM.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
52 kB (51893 bytes)
Hash
6e615f1b8bd3905fb373f59248e139e4
5b38efa906846fb1ec6078fa20152945cb460bb6
78bdc48d52651e648400c2398989a53551f236b27a1191d1d278973290e86bb0

HTTP Headers

GET /sys-static/shared-assets/__shared_libphonenumber_js_62MR2OUM.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-032472.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Jan 2025 07:28:46 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-ee9e32201b694e5777cc3d72135d80ed-c3f097618d7cff0e-01
last-modified: Fri, 24 Jan 2025 07:46:23 GMT
etag: W/"382948808b1330a7a717d99dfd278acb"
x-amz-meta-mtime: 1737704647.35954868
content-encoding: gzip
expires: Sat, 25 Jan 2025 09:56:28 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 77538
cache: HIT
x-cached-since: 2025-01-24T09:56:28+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/shared-assets/Desktop/__shared_base-app_lUiBTGbP.js

185.244.209.62

200 OK

270 kB

URL GET HTTP/2
v3.traincdn.com/sys-static/shared-assets/Desktop/__shared_base-app_lUiBTGbP.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
270 kB (269757 bytes)
Hash
4b1655b325abb1483373a14e908ba6fc
2f9b2266e792bcc0ec97bb9c3e7f0f9b8f94772f
2211e3c4b21353c8c0ec7db4adbf2a836453fd3ee521e7d2f5715db207bb3e6c

HTTP Headers

GET /sys-static/shared-assets/Desktop/__shared_base-app_lUiBTGbP.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-032472.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Jan 2025 07:28:46 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-6df8b381f3b4fab9d9748d7d85ba397b-6b33b082fa04df22-01
last-modified: Wed, 22 Jan 2025 08:09:41 GMT
etag: W/"e6dbde9f88defcc7c52d0f625309c0e2"
x-amz-meta-mtime: 1737533121.063572431
content-encoding: gzip
expires: Thu, 23 Jan 2025 12:23:10 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 68717
cache: HIT
x-cached-since: 2025-01-24T12:23:29+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/1c0cd0740fccd19a9816be06e69f0a1b.json

185.244.209.62

200 OK

473 B

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/1c0cd0740fccd19a9816be06e69f0a1b.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
473 B (473 bytes)
Hash
e67aa19ef00fd2285c7b4ecbb6018306
5b01d4786d6fbfbd5de7901eb4359a55466f434a
135c1042c31e3674d8a1b3b9e7179f4f36868048ca6058ea458ff291b8880b5e

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/1c0cd0740fccd19a9816be06e69f0a1b.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-032472.top/
Origin: https://1xlite-032472.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Jan 2025 07:28:46 GMT
content-type: application/json
content-length: 473
traceparent: 00-b8d5d721436fd65b4620371f61c494cb-add25899f82c2cb5-01
last-modified: Thu, 16 May 2024 20:41:30 GMT
etag: "e67aa19ef00fd2285c7b4ecbb6018306"
expires: Thu, 16 Jan 2025 11:19:55 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 1095
cache: HIT
x-cached-since: 2025-01-25T07:10:31+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/1b971b84fe10ebd62b918973bbbce120.json

185.244.209.62

200 OK

406 B

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/1b971b84fe10ebd62b918973bbbce120.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
406 B (406 bytes)
Hash
39fde6a5275961cbbab7d73f1235f56e
534312eec2fc8dddb0b269908fbb28075640f0af
c8407b32fc3b929906018b21f8aec25aa56f6cf49be5e0300ca52b5a2d0e9a98

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/1b971b84fe10ebd62b918973bbbce120.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-032472.top/
Origin: https://1xlite-032472.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Jan 2025 07:28:46 GMT
content-type: application/json
content-length: 406
traceparent: 00-5f8cc3d4b7537e9829eff841c5e596f0-07e3a053a9a6e07e-01
last-modified: Wed, 05 Jun 2024 07:44:12 GMT
etag: "39fde6a5275961cbbab7d73f1235f56e"
expires: Thu, 16 Jan 2025 11:19:55 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 1095
cache: HIT
x-cached-since: 2025-01-25T07:10:31+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/437a72a65fc10ef89c2833eacb513eda.json

185.244.209.62

200 OK

245 B

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/437a72a65fc10ef89c2833eacb513eda.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
245 B (245 bytes)
Hash
158d1271ad904e98b54f460bb5b828af
2098f50a727cd68e1f5e0fd8d40c0cfde88faf43
5f250d09be4bf35ac625fb35faae0f664de6bc43b9aa3525425b3f11895084bf

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/437a72a65fc10ef89c2833eacb513eda.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-032472.top/
Origin: https://1xlite-032472.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Jan 2025 07:28:46 GMT
content-type: application/json
content-length: 245
traceparent: 00-419afd8de4c9fc6456f884d53e04a0ed-60abe44f856f9369-01
last-modified: Sat, 18 May 2024 07:21:30 GMT
etag: "158d1271ad904e98b54f460bb5b828af"
expires: Thu, 16 Jan 2025 10:57:33 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 1464
cache: HIT
x-cached-since: 2025-01-25T07:04:22+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/9kbgqgDA.js

185.244.209.62

200 OK

2.4 kB

URL GET HTTP/2
v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/9kbgqgDA.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
2.4 kB (2417 bytes)
Hash
e0629f80aebc07ac072052d6082ee6ed
bea43e9686498ee00b140aa3537000d9c6f5f103
f1bb86c88509300ffa8c5fd8db27c66c25e0b1e166fa934d101d7300045bddf5

HTTP Headers

GET /sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/9kbgqgDA.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-032472.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Jan 2025 07:28:46 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-d71db59a8d6cc800f4a7864d5a6fe007-9e36059dfb56ddc4-01
last-modified: Thu, 16 Jan 2025 12:01:29 GMT
etag: W/"08be028667d14af0038fe725905f6727"
x-amz-meta-mtime: 1737028741.202096736
content-encoding: gzip
expires: Thu, 23 Jan 2025 12:28:06 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 68415
cache: HIT
x-cached-since: 2025-01-24T12:28:31+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/shared-assets/__shared_accept_language_parser_F4H4E7NH.js

185.244.209.62

200 OK

1.4 kB

URL GET HTTP/2
v3.traincdn.com/sys-static/shared-assets/__shared_accept_language_parser_F4H4E7NH.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
1.4 kB (1365 bytes)
Hash
f806f5587c01b438254335ea43525f65
e8f8742dd9cfab048f5e1f2d10f677a615cacb4f
d7aa56ad973f917d2e126209fe2b84bae2fdcafd1e9032d3eb43e68c013bab6c

HTTP Headers

GET /sys-static/shared-assets/__shared_accept_language_parser_F4H4E7NH.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-032472.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Jan 2025 07:28:46 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-bc00d4aa91973da3484d380160149506-3c985a0cb75840a0-01
last-modified: Fri, 24 Jan 2025 07:46:23 GMT
etag: W/"268c88e3fff4b1ae77e5109cba692e17"
x-amz-meta-mtime: 1737704647.358548597
content-encoding: gzip
expires: Sat, 25 Jan 2025 09:56:35 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 77531
cache: HIT
x-cached-since: 2025-01-24T09:56:35+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_block_pages/en/dictionary_2579b0e62e11dfdc9944af80a7135015.json

185.244.209.62

200 OK

12 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_block_pages/en/dictionary_2579b0e62e11dfdc9944af80a7135015.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
12 kB (11994 bytes)
Hash
0ec8b919ba8b96e81784551cc8299c01
5872bf1f9c71b8646da8e2a804a0deb1a798abf7
3afc8c17fc94ee941b8b008964446f7c7ff5ef0a44dfe8bf5d5c79f8896b734b

HTTP Headers

GET /genfiles/web-app-v2/dictionary2/v3_block_pages/en/dictionary_2579b0e62e11dfdc9944af80a7135015.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-032472.top/
Origin: https://1xlite-032472.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Jan 2025 07:28:46 GMT
content-type: application/json; charset=utf-8
traceparent: 00-d20ca5ec5c3b3055d77ccbadec54d250-a5326ad69c55da28-01
last-modified: Fri, 15 Nov 2024 09:45:51 GMT
etag: W/"69ebea31f035c654ca3d565d6a96540e"
cache-control: max-age=3600
content-encoding: gzip
expires: Thu, 16 Jan 2025 10:55:29 GMT
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 1004
cache: HIT
x-cached-since: 2025-01-25T07:12:02+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/main-static/47b9c1da/desktop/default/Betting.Core-32ad8e8f.js

185.244.209.62

200 OK

8.1 kB

URL GET HTTP/2
v3.traincdn.com/main-static/47b9c1da/desktop/default/Betting.Core-32ad8e8f.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
8.1 kB (8108 bytes)
Hash
d38cabab88444d93e26726a2bbe43a4c
9b52035b126aaee3172db1460c54d549309a2044
0bff3ee45734a89919faa36ee3d1cbd098c0a934eb8bb2b08cb9b04a578b1574

HTTP Headers

GET /main-static/47b9c1da/desktop/default/Betting.Core-32ad8e8f.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-032472.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Jan 2025 07:28:46 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-293b6ce3088a0c9830952efffbb337a3-cfb3f451c2b019a7-01
last-modified: Fri, 24 Jan 2025 09:00:19 GMT
etag: W/"50857a08b29e5f846a815aae5d54fd57"
x-amz-meta-mtime: 1737709217.023067933
content-encoding: gzip
expires: Sat, 25 Jan 2025 09:33:25 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 78890
cache: HIT
x-cached-since: 2025-01-24T09:33:56+00:00
X-Firefox-Spdy: h2

1xlite-032472.top/web-api/session

46.32.182.119

204 No Content

0 B

URL GET HTTP/2
1xlite-032472.top/web-api/session
IP
46.32.182.119:443
ASN
#0

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerLet's Encrypt
Subject1xlite-032472.top
Fingerprint67:A5:DB:FC:AB:A3:CB:3D:16:5D:64:68:CE:5C:77:27:83:DD:D9:57
ValidityWed, 25 Dec 2024 09:21:50 GMT - Tue, 25 Mar 2025 09:21:49 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /web-api/session HTTP/1.1
Host: 1xlite-032472.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-032472.top/en/block
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_85563m_16303c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l46998_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_85563m_16303c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l46998_clickunder; auid=LiC2d2eUkqxAPhpPAz0SAg==; window_width=1280; che_g=74c4b154-db9d-68b1-570f-a5cf63b8156a
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Sat, 25 Jan 2025 07:28:54 GMT
cache-control: no-cache, private
server-timing: dt_total;dur=0.019, p;dur=18.877, wf-uht;dur=0.034
set-cookie: SESSION=96103a558decc5cb03dd553817ba6fdc; path=/; secure; httponly; samesite=lax
x-dt: 285
x-time-ng: 0.020, 0.021
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

1xlite-032472.top/hd-api/external/apps/c5e31d5915661de4393e3f1489b00ebc4497dd48/api.js

46.32.182.119

200 OK

416 B

URL GET HTTP/2
1xlite-032472.top/hd-api/external/apps/c5e31d5915661de4393e3f1489b00ebc4497dd48/api.js
IP
46.32.182.119:443
ASN
#0

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerLet's Encrypt
Subject1xlite-032472.top
Fingerprint67:A5:DB:FC:AB:A3:CB:3D:16:5D:64:68:CE:5C:77:27:83:DD:D9:57
ValidityWed, 25 Dec 2024 09:21:50 GMT - Tue, 25 Mar 2025 09:21:49 GMT

File type
JavaScript source, ASCII text, with very long lines (594)
Size
416 B (416 bytes)
Hash
bd2e3553032ba63e3b6b3200a743bc8d
a15c755742b456440614377121fadba24bd3e220
66103e021ac66e5ac2a26dfa09c44b567a455096dd77bfd809295cae281e2046

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /hd-api/external/apps/c5e31d5915661de4393e3f1489b00ebc4497dd48/api.js HTTP/1.1
Host: 1xlite-032472.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-032472.top/en/block
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_85563m_16303c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l46998_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_85563m_16303c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l46998_clickunder; auid=LiC2d2eUkqxAPhpPAz0SAg==; window_width=1280; che_g=74c4b154-db9d-68b1-570f-a5cf63b8156a; SESSION=96103a558decc5cb03dd553817ba6fdc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Jan 2025 07:28:54 GMT
content-type: text/javascript; charset=utf-8
content-length: 416
cache-control: public, max-age=300
content-encoding: gzip
etag: bd2e3553032ba63e3b6b3200a743bc8d
vary: Accept-Encoding
x-dt: 285
x-request-guid: 52694fb3670626018a482b78cac55ad4
x-time-ng: 0.001
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=0.006, wf-uht;dur=0.013
accept-ranges: bytes
X-Firefox-Spdy: h2

1xlite-032472.top/hd-api/external/assets/hdf.js

46.32.182.119

200 OK

1.6 kB

URL GET HTTP/2
1xlite-032472.top/hd-api/external/assets/hdf.js
IP
46.32.182.119:443
ASN
#0

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerLet's Encrypt
Subject1xlite-032472.top
Fingerprint67:A5:DB:FC:AB:A3:CB:3D:16:5D:64:68:CE:5C:77:27:83:DD:D9:57
ValidityWed, 25 Dec 2024 09:21:50 GMT - Tue, 25 Mar 2025 09:21:49 GMT

File type
C++ source, ASCII text, with very long lines (874)
Size
1.6 kB (1622 bytes)
Hash
2f26a679e9d54a65e6578e947cc5bdf2
1b984864aa7b3e28231ac7cea3c199435dbdc6bf
1e3c4bd81a1cd9ee02e42a42802d5c18cbdb3f3a11c0b2732eb11bd12263020c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /hd-api/external/assets/hdf.js HTTP/1.1
Host: 1xlite-032472.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-032472.top/en/block
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_85563m_16303c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l46998_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_85563m_16303c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l46998_clickunder; auid=LiC2d2eUkqxAPhpPAz0SAg==; window_width=1280; che_g=74c4b154-db9d-68b1-570f-a5cf63b8156a; SESSION=96103a558decc5cb03dd553817ba6fdc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Jan 2025 07:28:54 GMT
content-type: text/javascript; charset=utf-8
content-length: 1622
cache-control: public, max-age=300
content-encoding: gzip
etag: 2f26a679e9d54a65e6578e947cc5bdf2
vary: Accept-Encoding
x-dt: 285
x-request-guid: 33ecc4fb41d94690ef86a1e0730d85ef
x-time-ng: 0.001
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=0.017, wf-uht;dur=0.013
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2

185.244.209.62

200 OK

64 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 63748, version 1.0
Size
64 kB (63748 bytes)
Hash
6887b6f24414dbc612dbf42ccdc76b70
8068d3abfbc6cbf35b55919da45b1f4d2d136238
fc5c015fc32518f1ed810fa84ca28941eb9d5a3c81acc8df69a4dbbeedef7b0c

HTTP Headers

GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-032472.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Jan 2025 07:28:54 GMT
content-type: font/woff2
content-length: 63748
traceparent: 00-f3e93b58bd7800155aa3f2ccc1d9ebaa-9671f62d9b3d71bf-01
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "6887b6f24414dbc612dbf42ccdc76b70"
expires: Thu, 16 Jan 2025 10:32:14 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 484
cache: HIT
x-cached-since: 2025-01-25T07:20:50+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/ca0b35c4fc049f15180d875f935913b8.json

185.244.209.62

200 OK

66 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/ca0b35c4fc049f15180d875f935913b8.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
66 kB (66534 bytes)
Hash
7bfd8ca29f62a7f683ffc01a7391481e
7e72f604c15cd45ee5ef0282dfd9fe1748ac38c3
4a1acb6863c836f7820f25fd68694604f84ef114cf3e8401463d4361900b68b6

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/ca0b35c4fc049f15180d875f935913b8.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-032472.top/
Origin: https://1xlite-032472.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Jan 2025 07:28:45 GMT
content-type: application/json
traceparent: 00-8e5c9f562bf3d9f159007ae005a3e946-886a8d10373e435b-01
last-modified: Wed, 20 Nov 2024 09:20:07 GMT
etag: W/"ca7f8dc261bfa0bedbe26c6196957093"
content-encoding: gzip
expires: Thu, 16 Jan 2025 10:57:42 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 1464
cache: HIT
x-cached-since: 2025-01-25T07:04:21+00:00
X-Firefox-Spdy: h2

1xlite-032472.top/hd-api/external/verify

46.32.182.119

200 OK

513 B

URL POST HTTP/2
1xlite-032472.top/hd-api/external/verify
IP
46.32.182.119:443
ASN
#0

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerLet's Encrypt
Subject1xlite-032472.top
Fingerprint67:A5:DB:FC:AB:A3:CB:3D:16:5D:64:68:CE:5C:77:27:83:DD:D9:57
ValidityWed, 25 Dec 2024 09:21:50 GMT - Tue, 25 Mar 2025 09:21:49 GMT

File type
JSON text data
Size
513 B (513 bytes)
Hash
1b6ba754ba84b723266eae91efd5191b
2ec203eb5d621c76091b65285f1b3cdb7b5d96b1
43be00f660f8ca1455a18722a0f041c82cdf91879086b4376dd65c36d42d9eb6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /hd-api/external/verify HTTP/1.1
Host: 1xlite-032472.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-032472.top/en/block
Content-Type: text/plain;charset=UTF-8
Content-Length: 74377
Origin: https://1xlite-032472.top
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_85563m_16303c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l46998_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_85563m_16303c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l46998_clickunder; auid=LiC2d2eUkqxAPhpPAz0SAg==; window_width=1280; che_g=74c4b154-db9d-68b1-570f-a5cf63b8156a; SESSION=96103a558decc5cb03dd553817ba6fdc
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Jan 2025 07:28:55 GMT
content-type: application/json
content-length: 513
content-encoding: gzip
vary: Accept-Encoding
x-dt: 285
x-request-guid: e75a38065c2a28683a8c19f1c7f14f82
x-time-ng: 0.004
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=0.021, wf-uht;dur=0.039
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_registration/en/dictionary_60c452a4b57f0b9231563ee81a5a97da.json

185.244.209.62

200 OK

112 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_registration/en/dictionary_60c452a4b57f0b9231563ee81a5a97da.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
112 kB (112345 bytes)
Hash
1bbdcc6fdd17c7f5ca5794db1f4a94b4
6ba4f3ecc8dbeb99abf97714c4d5bba582edca83
b1010049f81f5242497d3df1b05e4284f636316a56e1ee6db0a311a7e466e052

HTTP Headers

GET /genfiles/web-app-v2/dictionary2/v3_registration/en/dictionary_60c452a4b57f0b9231563ee81a5a97da.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-032472.top/
Origin: https://1xlite-032472.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Jan 2025 07:28:45 GMT
content-type: application/json; charset=utf-8
traceparent: 00-cea2b8a0f633e6aae5951dade1dc094a-50bcf1661323e951-01
last-modified: Tue, 17 Dec 2024 16:05:25 GMT
etag: W/"9bb1f5ace96285c93e391e2fbc8a2b60"
cache-control: max-age=3600
content-encoding: gzip
expires: Thu, 16 Jan 2025 10:28:31 GMT
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 2944
cache: HIT
x-cached-since: 2025-01-25T06:39:41+00:00
X-Firefox-Spdy: h2

1xlite-032472.top/hd-api/external/01949c5d-1816-7883-a43e-fa29f01b577d.js

46.32.182.119

200 OK

228 kB

URL GET HTTP/2
1xlite-032472.top/hd-api/external/01949c5d-1816-7883-a43e-fa29f01b577d.js
IP
46.32.182.119:443
ASN
#0

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerLet's Encrypt
Subject1xlite-032472.top
Fingerprint67:A5:DB:FC:AB:A3:CB:3D:16:5D:64:68:CE:5C:77:27:83:DD:D9:57
ValidityWed, 25 Dec 2024 09:21:50 GMT - Tue, 25 Mar 2025 09:21:49 GMT

File type
gzip compressed data
Size
228 kB (228347 bytes)
Hash
d0b67adf97a7a4e06b6a9dbc8d257002
a76b504b48f04d36b24fba32e07d1bd8c2b4eb23
244448ba921b94c92d69c4eb1e1bff2217309bfcbc85534b1d669fa5b12aa7a1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /hd-api/external/01949c5d-1816-7883-a43e-fa29f01b577d.js HTTP/1.1
Host: 1xlite-032472.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-032472.top/en/block
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_85563m_16303c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l46998_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_85563m_16303c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l46998_clickunder; auid=LiC2d2eUkqxAPhpPAz0SAg==; window_width=1280; che_g=74c4b154-db9d-68b1-570f-a5cf63b8156a; SESSION=96103a558decc5cb03dd553817ba6fdc
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Jan 2025 07:28:54 GMT
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=0, must-revalidate
content-encoding: gzip
vary: Accept-Encoding
x-dt: 285
x-hd-trace-id: b866cf2b-e3ed-4480-91d5-09eaea30cf86
x-request-guid: 871266d5371a40869468042bc338ecb6
x-time-ng: 0.002
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=0.019, wf-uht;dur=0.016
X-Firefox-Spdy: h2

radar.cedexis.com/1/23802/radar.js

45.54.49.5

302 Moved Temporarily

138 B

URL GET HTTP/1.1
radar.cedexis.com/1/23802/radar.js
IP
45.54.49.5:443
ASN
#63911 NetActuate, Inc

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerDigiCert Inc
Subjectradar.cedexis.com
Fingerprint33:58:79:8E:87:A5:C3:05:CA:E2:82:50:61:CF:72:83:BD:64:80:C1
ValidityFri, 29 Mar 2024 00:00:00 GMT - Fri, 28 Mar 2025 23:59:59 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
138 B (138 bytes)
Hash
aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0

HTTP Headers

GET /1/23802/radar.js HTTP/1.1
Host: radar.cedexis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-032472.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Sat, 25 Jan 2025 07:28:56 GMT
Content-Type: text/html
Content-Length: 138
Connection: keep-alive
Location: /1707728419/stub.js
Expires: Sat, 25 Jan 2025 07:38:56 GMT
Cache-Control: max-age=600
Vary: User-Agent,DNT

v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_coupon/en/dictionary_9514726ab1e70b389311f9cca2350b8c.json

185.244.209.62

200 OK

95 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_coupon/en/dictionary_9514726ab1e70b389311f9cca2350b8c.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
95 kB (95421 bytes)
Hash
7dea36e4f3202567af547809b8220918
d89ef14591f10bb9797d945cf3f7502a9ddfede4
66d042b834c6b23afa8d0e68b401af5f541edc67b2ea9413377e7b0fb72f6f87

HTTP Headers

GET /genfiles/web-app-v2/dictionary2/v3_coupon/en/dictionary_9514726ab1e70b389311f9cca2350b8c.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-032472.top/
Origin: https://1xlite-032472.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Jan 2025 07:28:45 GMT
content-type: application/json; charset=utf-8
traceparent: 00-572b36f94af667b38252d45ec896feee-1b38335efb57ab2b-01
last-modified: Tue, 14 Jan 2025 18:06:00 GMT
etag: W/"87e0b0fb7cdcc6570063fa443b80d36d"
cache-control: max-age=3600
content-encoding: gzip
expires: Thu, 16 Jan 2025 10:05:19 GMT
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 2944
cache: HIT
x-cached-since: 2025-01-25T06:39:41+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/entry-Bthv_Gug.js

185.244.209.62

200 OK

133 kB

URL GET HTTP/2
v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/entry-Bthv_Gug.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
133 kB (133333 bytes)
Hash
0dddfe02705f1ebcc0b64267e79ee3fc
75eaf61dcc0a963191da49cee1fd67cbbb500b0e
d1962a9cce6c52a319c269062c17b5105e3fb5cc24ab1407c5c7f889f370178d

HTTP Headers

GET /sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/entry-Bthv_Gug.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-032472.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-032472.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Jan 2025 07:28:46 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-e80b0c7b664350e9eefeaad3561d236a-467cce7c4ce10161-01
last-modified: Thu, 16 Jan 2025 12:01:29 GMT
etag: W/"92d3f6d9d171d7255db9d87594c1856b"
x-amz-meta-mtime: 1737028741.203096818
content-encoding: gzip
expires: Thu, 23 Jan 2025 12:28:05 GMT
cache-control: max-age=86400
x-time-ng: 0.001
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 68417
cache: HIT
x-cached-since: 2025-01-24T12:28:29+00:00
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-7JGWL9SV66&l=dataLayer&cx=c&gtm=45He51n0v9180563600za200

142.250.74.168

200 OK

141 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-7JGWL9SV66&l=dataLayer&cx=c&gtm=45He51n0v9180563600za200
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint10:26:0A:38:A4:FD:1E:F0:80:EB:EE:D7:0A:8D:41:1D:CB:DB:54:82
ValidityMon, 06 Jan 2025 08:36:08 GMT - Mon, 31 Mar 2025 08:36:07 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (12472)
Size
141 kB (140715 bytes)
Hash
6ec6a7375468f4fc104e816cd29839ff
1ce23bb81ec3cb36ae4d4232e6376ba4ebef3416
64b0cd9dea6cd42afcbe1d284ec5049a9bcb2c781e541b0977b5b53a607cb34c

HTTP Headers

GET /gtag/js?id=G-7JGWL9SV66&l=dataLayer&cx=c&gtm=45He51n0v9180563600za200 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-032472.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 25 Jan 2025 07:28:56 GMT
expires: Sat, 25 Jan 2025 07:28:56 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
server: Google Tag Manager
content-length: 140715
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

radar.cedexis.com/1707728419/stub.js

45.54.49.5

200 OK

271 B

URL GET HTTP/1.1
radar.cedexis.com/1707728419/stub.js
IP
45.54.49.5:443
ASN
#63911 NetActuate, Inc

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerDigiCert Inc
Subjectradar.cedexis.com
Fingerprint33:58:79:8E:87:A5:C3:05:CA:E2:82:50:61:CF:72:83:BD:64:80:C1
ValidityFri, 29 Mar 2024 00:00:00 GMT - Fri, 28 Mar 2025 23:59:59 GMT

File type
JavaScript source, ASCII text
Size
271 B (271 bytes)
Hash
82dec77fd0353c7c71ce053b8601387e
fbbca95419e1d0c042e0a5fdf10f380aca66188c
39f2b7b0fa78d37d0c84d2d6618bd635d86fd683d9bcdd5729850cb2a62522f7

HTTP Headers

GET /1707728419/stub.js HTTP/1.1
Host: radar.cedexis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-032472.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 25 Jan 2025 07:28:56 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 12 Feb 2024 09:50:42 GMT
Vary: Accept-Encoding
ETag: W/"65c9e9f2-186"
Expires: Sat, 08 Feb 2025 07:28:56 GMT
Cache-Control: max-age=1209600, public
Content-Encoding: gzip

region1.analytics.google.com/g/collect?v=2&tid=G-7JGWL9SV66&gtm=45je51n0v897130004za200zb9180563600&_p=1737790136162&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=102067555~102067808~102081485~102123608&cid=1903036011.1737790137&ecid=2063633784&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=AEA&_s=1&sid=1737790136&sct=1&seg=0&dl=https%3A%2F%2F1xlite-032472.top%2Fen%2Fblock&dt=1xBet&en=scroll&ep.optimize_id=GTM-5R4MT54&epn.percent_scrolled=90&upn.ref_id=1&tfd=13411

216.239.32.36

204 No Content

0 B

URL POST HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-7JGWL9SV66&gtm=45je51n0v897130004za200zb9180563600&_p=1737790136162&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=102067555~102067808~102081485~102123608&cid=1903036011.1737790137&ecid=2063633784&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=AEA&_s=1&sid=1737790136&sct=1&seg=0&dl=https%3A%2F%2F1xlite-032472.top%2Fen%2Fblock&dt=1xBet&en=scroll&ep.optimize_id=GTM-5R4MT54&epn.percent_scrolled=90&upn.ref_id=1&tfd=13411
IP
216.239.32.36:443
ASN
#15169 GOOGLE

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint10:26:0A:38:A4:FD:1E:F0:80:EB:EE:D7:0A:8D:41:1D:CB:DB:54:82
ValidityMon, 06 Jan 2025 08:36:08 GMT - Mon, 31 Mar 2025 08:36:07 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-7JGWL9SV66&gtm=45je51n0v897130004za200zb9180563600&_p=1737790136162&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=102067555~102067808~102081485~102123608&cid=1903036011.1737790137&ecid=2063633784&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=AEA&_s=1&sid=1737790136&sct=1&seg=0&dl=https%3A%2F%2F1xlite-032472.top%2Fen%2Fblock&dt=1xBet&en=scroll&ep.optimize_id=GTM-5R4MT54&epn.percent_scrolled=90&upn.ref_id=1&tfd=13411 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-032472.top/
Origin: https://1xlite-032472.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://1xlite-032472.top
date: Sat, 25 Jan 2025 07:28:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-7JGWL9SV66&gtm=45je51n0v897130004za200zb9180563600&_p=1737790136162&em=tv.1~em.ODS1igyfeIhzOTHENqwIfH1sb8t0oxg8FT6iY2YCmeo&_gaz=1&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=102067555~102067808~102081485~102123608&cid=1903036011.1737790137&ecid=2063633784&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&ec_mode=a&_s=2&sid=1737790136&sct=1&seg=0&dl=https%3A%2F%2F1xlite-032472.top%2Fen%2Fblock&dt=1xBet&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.optimize_id=GTM-5R4MT54&tfd=13411

216.239.32.36

204 No Content

0 B

URL POST HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-7JGWL9SV66&gtm=45je51n0v897130004za200zb9180563600&_p=1737790136162&em=tv.1~em.ODS1igyfeIhzOTHENqwIfH1sb8t0oxg8FT6iY2YCmeo&_gaz=1&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=102067555~102067808~102081485~102123608&cid=1903036011.1737790137&ecid=2063633784&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&ec_mode=a&_s=2&sid=1737790136&sct=1&seg=0&dl=https%3A%2F%2F1xlite-032472.top%2Fen%2Fblock&dt=1xBet&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.optimize_id=GTM-5R4MT54&tfd=13411
IP
216.239.32.36:443
ASN
#15169 GOOGLE

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint10:26:0A:38:A4:FD:1E:F0:80:EB:EE:D7:0A:8D:41:1D:CB:DB:54:82
ValidityMon, 06 Jan 2025 08:36:08 GMT - Mon, 31 Mar 2025 08:36:07 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-7JGWL9SV66&gtm=45je51n0v897130004za200zb9180563600&_p=1737790136162&em=tv.1~em.ODS1igyfeIhzOTHENqwIfH1sb8t0oxg8FT6iY2YCmeo&_gaz=1&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=102067555~102067808~102081485~102123608&cid=1903036011.1737790137&ecid=2063633784&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&ec_mode=a&_s=2&sid=1737790136&sct=1&seg=0&dl=https%3A%2F%2F1xlite-032472.top%2Fen%2Fblock&dt=1xBet&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.optimize_id=GTM-5R4MT54&tfd=13411 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-032472.top/
Origin: https://1xlite-032472.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://1xlite-032472.top
date: Sat, 25 Jan 2025 07:28:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7JGWL9SV66&cid=1903036011.1737790137&gtm=45je51n0v897130004za200zb9180563600&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=102067555~102067808~102081485~102123608&tag_exp=102067555~102067808~102081485~102123608&z=1624168462

142.250.74.131

200 OK

42 B

URL GET HTTP/2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7JGWL9SV66&cid=1903036011.1737790137&gtm=45je51n0v897130004za200zb9180563600&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=102067555~102067808~102081485~102123608&tag_exp=102067555~102067808~102081485~102123608&z=1624168462
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerGoogle Trust Services
Subject*.google.no
Fingerprint9B:87:46:80:51:F3:57:BB:58:27:17:EE:9E:AD:71:D4:7D:6D:F1:83
ValidityMon, 06 Jan 2025 08:38:56 GMT - Mon, 31 Mar 2025 08:38:55 GMT

File type
GIF image data, version 89a, 1 x 1
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7JGWL9SV66&cid=1903036011.1737790137&gtm=45je51n0v897130004za200zb9180563600&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=102067555~102067808~102081485~102123608&tag_exp=102067555~102067808~102081485~102123608&z=1624168462 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-032472.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 25 Jan 2025 07:28:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

v3.traincdn.com/main-static/47b9c1da/desktop/default/vendors/plugins.vue-js-modal-5cca31b7.js

185.244.209.62

200 OK

9.1 kB

URL GET HTTP/2
v3.traincdn.com/main-static/47b9c1da/desktop/default/vendors/plugins.vue-js-modal-5cca31b7.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (26717), with no line terminators
Size
9.1 kB (9106 bytes)
Hash
3db44d2bf30809af2dcd3357d3514079
b7527b6cc5c8dcc7c0729e17f0bfca7dcf4d9c56
58a11607e8fa92823701b78dc8bcb8ff5f8e36c8ef9250666e5112c7c95c066b

HTTP Headers

GET /main-static/47b9c1da/desktop/default/vendors/plugins.vue-js-modal-5cca31b7.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-032472.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Jan 2025 07:28:45 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-36b9ced28b2b2ef9f0ecbf437c0b8fcc-c16c01ec6ed40002-01
last-modified: Fri, 24 Jan 2025 09:00:20 GMT
etag: W/"3db44d2bf30809af2dcd3357d3514079"
x-amz-meta-mtime: 1737709217.059068033
content-encoding: gzip
expires: Sat, 25 Jan 2025 09:33:25 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 78890
cache: HIT
x-cached-since: 2025-01-24T09:33:55+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/shared-assets/__shared_popper_js_5I5UQEBA.js

185.244.209.62

200 OK

14 kB

URL GET HTTP/2
v3.traincdn.com/sys-static/shared-assets/__shared_popper_js_5I5UQEBA.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
14 kB (14153 bytes)
Hash
9e60cd3d973d43d919a0e4f9bb9e74ca
57bfb4976b71aeb6bd6af348af8edb6fcf82ece8
a66a1912675163a2f5caef805db89b6b2acdfa1de2d5db8843da6e483bc1b23a

HTTP Headers

GET /sys-static/shared-assets/__shared_popper_js_5I5UQEBA.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-032472.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Jan 2025 07:28:46 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-0140c591869e467e5469cbd8af0fa2bf-b6e327902c5bbe64-01
last-modified: Fri, 24 Jan 2025 07:46:23 GMT
etag: W/"6cb09f9375675899743ac6e31bcf0b0d"
x-amz-meta-mtime: 1737704647.360548764
content-encoding: gzip
expires: Sat, 25 Jan 2025 10:04:52 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 77034
cache: HIT
x-cached-since: 2025-01-24T10:04:52+00:00
X-Firefox-Spdy: h2

1xlite-032472.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json

46.32.182.119

200 OK

23 B

URL POST HTTP/2
1xlite-032472.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json
IP
46.32.182.119:443
ASN
#0

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerLet's Encrypt
Subject1xlite-032472.top
Fingerprint67:A5:DB:FC:AB:A3:CB:3D:16:5D:64:68:CE:5C:77:27:83:DD:D9:57
ValidityWed, 25 Dec 2024 09:21:50 GMT - Tue, 25 Mar 2025 09:21:49 GMT

File type
JSON text data
Size
23 B (23 bytes)
Hash
bf129e7ac5509aa17e7105a7f75a4770
18e9eca6bfdd6f366c4cc856e963976f36bc92a8
1cbd0707d3c9c12c3912bef1f47e617fe106f3d5c447156fc8fa40c6c86199c9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json HTTP/1.1
Host: 1xlite-032472.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-032472.top/en/block
Content-Type: application/json
X-Lang: en
X-Uuid: 4407e9b4-bf0d-4e58-8960-22531ca55cd7
Content-Length: 109
Origin: https://1xlite-032472.top
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_85563m_16303c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l46998_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_85563m_16303c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l46998_clickunder; auid=LiC2d2eUkqxAPhpPAz0SAg==; window_width=1280; che_g=74c4b154-db9d-68b1-570f-a5cf63b8156a; SESSION=96103a558decc5cb03dd553817ba6fdc; _gcl_au=1.1.711531401.1737790137; _ga_7JGWL9SV66=GS1.1.1737790136.1.0.1737790136.60.0.2063633784; _ga=GA1.1.1903036011.1737790137
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Jan 2025 07:28:57 GMT
content-type: application/json
content-length: 23
x-dt: 285
x-time-ng: 0.000
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=0.007, wf-uht;dur=0.012
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/site-admin/css_vars/f506188b04c16eaa9c664ed23f7ce58e.css

185.244.209.62

200 OK

46 B

URL GET HTTP/2
v3.traincdn.com/genfiles/site-admin/css_vars/f506188b04c16eaa9c664ed23f7ce58e.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
46 B (46 bytes)
Hash
f506188b04c16eaa9c664ed23f7ce58e
08d068d7fa5a84beb06ba924a35d84d6bfdab30a
b9bfda0e940104e190b19543b94a10d120643bd1516d3ca2d266a0af6c0966e9

HTTP Headers

GET /genfiles/site-admin/css_vars/f506188b04c16eaa9c664ed23f7ce58e.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-032472.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 25 Jan 2025 07:28:45 GMT
content-type: text/css
content-length: 46
traceparent: 00-0f1edac796c626140123471fccf5036b-10e03272f37aa182-01
last-modified: Fri, 12 Apr 2024 13:46:52 GMT
etag: "f506188b04c16eaa9c664ed23f7ce58e"
cache-control: max-age=3600
expires: Thu, 16 Jan 2025 10:51:06 GMT
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 3075
cache: HIT
x-cached-since: 2025-01-25T06:37:30+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_forgot_password/en/dictionary_28cb4e6b9a8be3afbcbc2a6b22ab3393.json

185.244.209.62

200 OK

3.5 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_forgot_password/en/dictionary_28cb4e6b9a8be3afbcbc2a6b22ab3393.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (3690), with no line terminators
Size
3.5 kB (3497 bytes)
Hash
f2e705877a451c1d6297f18a0d09b8b0
78e994cf53ef3d6ef8024eda5225926b7641e38b
ed1fea1eb8e1aa7acaa8f9feba9c7f8963cee50bbca7caf4c93fa23a38d42f93

HTTP Headers

GET /genfiles/web-app-v2/dictionary2/v3_forgot_password/en/dictionary_28cb4e6b9a8be3afbcbc2a6b22ab3393.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-032472.top/
Origin: https://1xlite-032472.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 25 Jan 2025 07:28:45 GMT
content-type: application/json; charset=utf-8
traceparent: 00-75a69082a54466f8c5cb42d7c6b04129-7642503405dbdce0-01
last-modified: Tue, 03 Dec 2024 08:05:32 GMT
etag: W/"273bec90c875f74d2f5ef70f9e32db45"
cache-control: max-age=3600
content-encoding: gzip
expires: Thu, 16 Jan 2025 10:56:28 GMT
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 2901
cache: HIT
x-cached-since: 2025-01-25T06:40:24+00:00
X-Firefox-Spdy: h2

refpamjeql.top/L?tag=d_85563m_16303c_[]MS[]null[]null[]general[]{site_id}_d22490_l46998_clickunder&site=85563&ad=16303

45.135.120.31

303 See Other

252 kB

URL User Request GET HTTP/2
refpamjeql.top/L?tag=d_85563m_16303c_[]MS[]null[]null[]general[]{site_id}_d22490_l46998_clickunder&site=85563&ad=16303
IP
45.135.120.31:443
ASN
#56630 Melbikomas UAB

Certificate
IssuerLet's Encrypt
Subjectrefpamjeql.top
FingerprintF2:46:10:14:CE:6C:49:F9:63:62:4F:95:D0:6E:AA:D5:B4:F8:DE:80
ValidityMon, 11 Nov 2024 05:17:33 GMT - Sun, 09 Feb 2025 05:17:32 GMT

File type

Size
252 kB (252246 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /L?tag=d_85563m_16303c_[]MS[]null[]null[]general[]{site_id}_d22490_l46998_clickunder&site=85563&ad=16303 HTTP/1.1
Host: refpamjeql.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 303 See Other
server: nginx
date: Sat, 25 Jan 2025 07:28:43 GMT
location: https://1xlite-032472.top:443/en?tag=d_85563m_16303c_[]MS[]null[]null[]general[]{site_id}_d22490_l46998_clickunder
set-cookie: A_16303_v=0; expires=Sun, 26 Jan 2025 07:28:43 GMT; path=/; secure
A_16303_c=1; expires=Sun, 26 Jan 2025 07:28:43 GMT; path=/; secure
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.001
X-Firefox-Spdy: h2

v3.traincdn.com/sys-ui/3.3.65/Desktop/Default/merged.css

185.244.209.62

200 OK

1.7 MB

URL GET HTTP/2
v3.traincdn.com/sys-ui/3.3.65/Desktop/Default/merged.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type

Size
1.7 MB (1712582 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sys-ui/3.3.65/Desktop/Default/merged.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-032472.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 25 Jan 2025 07:28:44 GMT
content-type: text/css; charset=utf-8
traceparent: 00-a09370fd9b7334bab8acb6fee388d00c-2c5e711bc97f4cab-01
last-modified: Fri, 24 Jan 2025 13:30:05 GMT
etag: W/"1e37b937d00f29906a6ca660e6154ac9"
x-amz-meta-mtime: 1737725311.981249513
content-encoding: gzip
expires: Sat, 25 Jan 2025 13:35:22 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 64380
cache: HIT
x-cached-since: 2025-01-24T13:35:44+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/main-static/47b9c1da/desktop/default/css/102861e6.css

185.244.209.62

200 OK

14 kB

URL GET HTTP/2
v3.traincdn.com/main-static/47b9c1da/desktop/default/css/102861e6.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
ASCII text, with very long lines (14357), with no line terminators
Size
14 kB (14357 bytes)
Hash
e2ead5760ddca3c5e44ce5ac29f9803d
b221b7815de1460df1a507df7bbbccf5a5804a80
2b250419073dd7f0fd991e6c47c9a671b64ed94dcb0e2282cb27dd6bbc1a04f8

HTTP Headers

GET /main-static/47b9c1da/desktop/default/css/102861e6.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-032472.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 25 Jan 2025 07:28:44 GMT
content-type: text/css; charset=utf-8
traceparent: 00-a115192dda58d3489dae67faf80b9ebb-ee81c647ee951a77-01
last-modified: Fri, 24 Jan 2025 09:00:20 GMT
etag: W/"e2ead5760ddca3c5e44ce5ac29f9803d"
x-amz-meta-mtime: 1737709217.039067978
content-encoding: gzip
expires: Sat, 25 Jan 2025 09:33:24 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 78891
cache: HIT
x-cached-since: 2025-01-24T09:33:53+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/main-static/47b9c1da/desktop/default/css/6c9b1c36.css

185.244.209.62

200 OK

58 kB

URL GET HTTP/2
v3.traincdn.com/main-static/47b9c1da/desktop/default/css/6c9b1c36.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
ASCII text, with very long lines (57970), with no line terminators
Size
58 kB (57970 bytes)
Hash
341a0537f0a844b0768bdc6e58378a88
1c39d8473d1ad8f85f5ae65d0e829d1c56bb1d1b
61a0998864d4e603197530c3980f2d18cd19569db8f7c020d94674baeef722be

HTTP Headers

GET /main-static/47b9c1da/desktop/default/css/6c9b1c36.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-032472.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 25 Jan 2025 07:28:44 GMT
content-type: text/css; charset=utf-8
traceparent: 00-fb146d776358a5cfe10d647bb8beb4af-922d8c02894bfd87-01
last-modified: Fri, 24 Jan 2025 09:00:20 GMT
etag: W/"341a0537f0a844b0768bdc6e58378a88"
x-amz-meta-mtime: 1737709217.039067978
content-encoding: gzip
expires: Sat, 25 Jan 2025 09:33:24 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 78890
cache: HIT
x-cached-since: 2025-01-24T09:33:54+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/main-static/47b9c1da/desktop/default/app-b474c513.js

185.244.209.62

200 OK

618 kB

URL GET HTTP/2
v3.traincdn.com/main-static/47b9c1da/desktop/default/app-b474c513.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type

Size
618 kB (617833 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /main-static/47b9c1da/desktop/default/app-b474c513.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-032472.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 25 Jan 2025 07:28:45 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-33457810d145c8b447d6cbc73f121a6c-81a6dd099560242b-01
last-modified: Fri, 24 Jan 2025 09:00:20 GMT
etag: W/"d7f96e2daed89d493fe8878414e444df"
x-amz-meta-mtime: 1737709217.035067966
content-encoding: gzip
expires: Sat, 25 Jan 2025 09:33:25 GMT
cache-control: max-age=86400
x-time-ng: 0.003
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 78891
cache: HIT
x-cached-since: 2025-01-24T09:33:54+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/shared-assets/__shared_localforage_KSHPPCVF.js

185.244.209.62

200 OK

30 kB

URL GET HTTP/2
v3.traincdn.com/sys-static/shared-assets/__shared_localforage_KSHPPCVF.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (30255)
Size
30 kB (30277 bytes)
Hash
d750d8afadf936c37b83cbcafdbba18d
ec95777b14c5537b0d2576363f7591cee73a9655
f7a95c0ed0b017063d1bba414ee5097f7824d34a39c33db9f289919ee47c4f12

HTTP Headers

GET /sys-static/shared-assets/__shared_localforage_KSHPPCVF.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-032472.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 25 Jan 2025 07:28:46 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-1b4ba9b0f0172e05d564854b2b9b9dd9-d084b261c987ce9b-01
last-modified: Fri, 24 Jan 2025 07:46:23 GMT
etag: W/"d750d8afadf936c37b83cbcafdbba18d"
x-amz-meta-mtime: 1737704647.35954868
content-encoding: gzip
expires: Sat, 25 Jan 2025 09:56:28 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 77538
cache: HIT
x-cached-since: 2025-01-24T09:56:28+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/PKQRX_b5.js

185.244.209.62

200 OK

270 B

URL GET HTTP/2
v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/PKQRX_b5.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
270 B (270 bytes)
Hash
41bfc42b774ef52359e818ad3183126f
41df2d45a39f3d54dcf5b3abdbc4d33fdc10c7d4
360e0d6beaa6f9f26dbb97f355f16e410809ebe9c7cdc3835ab7b53ed7e6c2a9

HTTP Headers

GET /sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/PKQRX_b5.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-032472.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 25 Jan 2025 07:28:46 GMT
content-type: text/javascript; charset=utf-8
content-length: 270
traceparent: 00-681019c19e1a792853025f963c60536e-aa319c329af469ed-01
last-modified: Thu, 16 Jan 2025 12:01:29 GMT
etag: "21545c1b5163b1aff8e5b501a8bf0e26"
x-amz-meta-mtime: 1737028741.202096736
expires: Thu, 23 Jan 2025 12:28:07 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 68415
cache: HIT
x-cached-since: 2025-01-24T12:28:31+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/main-static/47b9c1da/desktop/default/analytics-c4571eb0.js

185.244.209.62

200 OK

7.8 kB

URL GET HTTP/2
v3.traincdn.com/main-static/47b9c1da/desktop/default/analytics-c4571eb0.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (8037), with no line terminators
Size
7.8 kB (7765 bytes)
Hash
9de45d61b3840f892368bd9084842944
bbfc1d03582c9041982c95944417509300251586
a8bee2b3f9af624f76cbc0e768a1d345989fea6a263099fdc2fe7650dba81bdd

HTTP Headers

GET /main-static/47b9c1da/desktop/default/analytics-c4571eb0.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-032472.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 25 Jan 2025 07:28:56 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-0b1a60d57bb6305d2e300c71a5cefcd8-ec2833b4994bca9d-01
last-modified: Fri, 24 Jan 2025 09:00:19 GMT
etag: W/"24a1947c1fdf79ab3fe41096d1094cb4"
x-amz-meta-mtime: 1737709217.035067966
content-encoding: gzip
expires: Sat, 25 Jan 2025 09:33:33 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 78890
cache: HIT
x-cached-since: 2025-01-24T09:34:06+00:00
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/destination?id=DC-14030178&l=dataLayer&cx=c&gtm=45He51n0v9180563600za200

142.250.74.168

200 OK

245 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/destination?id=DC-14030178&l=dataLayer&cx=c&gtm=45He51n0v9180563600za200
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint10:26:0A:38:A4:FD:1E:F0:80:EB:EE:D7:0A:8D:41:1D:CB:DB:54:82
ValidityMon, 06 Jan 2025 08:36:08 GMT - Mon, 31 Mar 2025 08:36:07 GMT

File type
JavaScript source, ASCII text, with very long lines (5268)
Size
245 kB (244571 bytes)
Hash
1e2b94dbb64a8e1b35a57c7c8e092097
1f70004c57ef546592e1d6c10e7f0052c931ad1a
b4c41cba350aa8e87a5334ae656e9515e7d3164844c5f46275eb89cd0ace488f

HTTP Headers

GET /gtag/destination?id=DC-14030178&l=dataLayer&cx=c&gtm=45He51n0v9180563600za200 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-032472.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 25 Jan 2025 07:28:56 GMT
expires: Sat, 25 Jan 2025 07:28:56 GMT
cache-control: private, max-age=900
last-modified: Sat, 25 Jan 2025 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
server: Google Tag Manager
content-length: 87249
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_main/en/dictionary_f6dbc6e39ff73771bf13241da3516d87.json

185.244.209.62

200 OK

127 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_main/en/dictionary_f6dbc6e39ff73771bf13241da3516d87.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type

Size
127 kB (127161 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /genfiles/web-app-v2/dictionary2/v3_main/en/dictionary_f6dbc6e39ff73771bf13241da3516d87.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-032472.top/
Origin: https://1xlite-032472.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 25 Jan 2025 07:28:45 GMT
content-type: application/json; charset=utf-8
traceparent: 00-8060fd5b560089a892dc39d31f6dc67f-69e3079c09f5a85b-01
last-modified: Wed, 22 Jan 2025 16:05:49 GMT
etag: W/"98547e622a9f87869ea92e6bfe44dfc9"
cache-control: max-age=3600
content-encoding: gzip
expires: Wed, 22 Jan 2025 17:19:12 GMT
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 3282
cache: HIT
x-cached-since: 2025-01-25T06:34:03+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_express_day/en/dictionary_d33d208649ed1030df89e13e093c1b13.json

185.244.209.62

200 OK

831 B

URL GET HTTP/2
v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_express_day/en/dictionary_d33d208649ed1030df89e13e093c1b13.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (888), with no line terminators
Size
831 B (831 bytes)
Hash
4157235fcf6bda16308d18ab6113b6fb
9c83a215e38d608b4000c51585219c057aae8bf2
588e8095ca0a3883ec271e21846d3f03f210320e50ac478b9ae73813e4482cbb

HTTP Headers

GET /genfiles/web-app-v2/dictionary2/v3_express_day/en/dictionary_d33d208649ed1030df89e13e093c1b13.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-032472.top/
Origin: https://1xlite-032472.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 25 Jan 2025 07:28:45 GMT
content-type: application/json; charset=utf-8
content-length: 831
traceparent: 00-0d443bb29966cf351bbbbd64cd2fce69-422200ce7c8a80fb-01
last-modified: Wed, 24 Jan 2024 16:06:20 GMT
etag: "5d35c8a9d00341303233a231c1adecdb"
cache-control: max-age=3600
expires: Thu, 16 Jan 2025 10:56:26 GMT
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 2362
cache: HIT
x-cached-since: 2025-01-25T06:49:23+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/bf723c7b79b6ce6aa267a76dc3f0a308.json

185.244.209.62

200 OK

2.0 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/bf723c7b79b6ce6aa267a76dc3f0a308.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
ASCII text, with very long lines (2258), with no line terminators
Size
2.0 kB (2040 bytes)
Hash
384c7b75c8400678aba79bac67d057dd
8f5bb6aa11a990dc0ead3f007085c61affebeaf0
c91c3087976d2e77000749bdc41e75e7199e0d69a9fd15e3bf7a7d57521899b2

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/bf723c7b79b6ce6aa267a76dc3f0a308.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-032472.top/
Origin: https://1xlite-032472.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 25 Jan 2025 07:28:46 GMT
content-type: application/json
traceparent: 00-dbe5ea3c2ee660eac1d154f25ab7fcb4-1bdde08c7fc4a44d-01
last-modified: Wed, 15 Jan 2025 12:27:18 GMT
etag: W/"fdf7f1a656ad6df3359d2f2706bc0f1c"
content-encoding: gzip
expires: Thu, 16 Jan 2025 11:02:51 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 1464
cache: HIT
x-cached-since: 2025-01-25T07:04:22+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/main-static/47b9c1da/desktop/default/runtime-c5698716.js

185.244.209.62

200 OK

24 kB

URL GET HTTP/2
v3.traincdn.com/main-static/47b9c1da/desktop/default/runtime-c5698716.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (23551), with no line terminators
Size
24 kB (23551 bytes)
Hash
a12588b17862f55f6379f7973fc863be
1f5f3e490a644018222f70df8fe8b2f3fbc94807
e3df36f354c359873c50c2f8e32694d36d744f8cfd79c0eb9c3dd8d4f69a0518

HTTP Headers

GET /main-static/47b9c1da/desktop/default/runtime-c5698716.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-032472.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 25 Jan 2025 07:28:45 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-a5dd398d11054be5f540505373b9e078-222ea218d4588cf6-01
last-modified: Fri, 24 Jan 2025 09:00:20 GMT
etag: W/"a12588b17862f55f6379f7973fc863be"
x-amz-meta-mtime: 1737709217.055068021
content-encoding: gzip
expires: Sat, 25 Jan 2025 09:33:24 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 78891
cache: HIT
x-cached-since: 2025-01-24T09:33:54+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_game/en/dictionary_d3735ae52deabdb00e3d736326f9d798.json

185.244.209.62

200 OK

21 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_game/en/dictionary_d3735ae52deabdb00e3d736326f9d798.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type

Size
21 kB (20636 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /genfiles/web-app-v2/dictionary2/v3_game/en/dictionary_d3735ae52deabdb00e3d736326f9d798.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-032472.top/
Origin: https://1xlite-032472.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 25 Jan 2025 07:28:45 GMT
content-type: application/json; charset=utf-8
traceparent: 00-9edabfbc0d5de65bc3f6bbbc230540dc-d3da2a000c37eb99-01
last-modified: Thu, 23 Jan 2025 18:05:47 GMT
etag: W/"1bd41b39aeeba3906a1ab104ef181983"
cache-control: max-age=3600
content-encoding: gzip
expires: Thu, 23 Jan 2025 19:19:08 GMT
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 3249
cache: HIT
x-cached-since: 2025-01-25T06:34:36+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/main-static/47b9c1da/desktop/default/css/7fe5f71b.css

185.244.209.62

200 OK

3.3 kB

URL GET HTTP/2
v3.traincdn.com/main-static/47b9c1da/desktop/default/css/7fe5f71b.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
ASCII text, with very long lines (3315), with no line terminators
Size
3.3 kB (3313 bytes)
Hash
a094ae2a980f9c9b48cfc132e74ab16c
61b5d23a03be10876ee135cc656e300653dffcb9
8539c401214dafe1264f86e601c2ba0e06d5b6d23b21d7dd343f28c3e6e738b4

HTTP Headers

GET /main-static/47b9c1da/desktop/default/css/7fe5f71b.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-032472.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 25 Jan 2025 07:28:45 GMT
content-type: text/css; charset=utf-8
traceparent: 00-fa72d69bcf12e486f302d0b65424de5d-7c3b4bed786c43fb-01
last-modified: Fri, 24 Jan 2025 09:00:20 GMT
etag: W/"c610b8710368de3bf2f1c5bb581b6a3a"
x-amz-meta-mtime: 1737709217.039067978
content-encoding: gzip
expires: Sat, 25 Jan 2025 09:33:25 GMT
cache-control: max-age=86400
x-time-ng: 0.001
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 78890
cache: HIT
x-cached-since: 2025-01-24T09:33:55+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/09c57c19d4f24724ef9af0686b86845f.json

185.244.209.62

200 OK

3.6 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/09c57c19d4f24724ef9af0686b86845f.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
ASCII text, with very long lines (3907), with no line terminators
Size
3.6 kB (3557 bytes)
Hash
e2953e36428a9962227abae0f638f50f
08b2cec573c8af3a7ea882dbfa45767c22749359
1fba73584351a4187b71ec94508363d6680ef1fb20d04e55bbb4a98ce6a4bcda

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/09c57c19d4f24724ef9af0686b86845f.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-032472.top/
Origin: https://1xlite-032472.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 25 Jan 2025 07:28:46 GMT
content-type: application/json
traceparent: 00-e69ba6343bacd0fd9b6c8aeab8dbdeb9-dfeb98a21988b1f7-01
last-modified: Mon, 23 Dec 2024 11:31:03 GMT
etag: W/"20162c0068a1990d739eb07c9725864e"
content-encoding: gzip
expires: Thu, 16 Jan 2025 11:19:55 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 1095
cache: HIT
x-cached-since: 2025-01-25T07:10:31+00:00
X-Firefox-Spdy: h2

1xlite-032472.top/en/block

46.32.182.119

203 Non Authoritative

252 kB

URL User Request GET HTTP/2
1xlite-032472.top/en/block
IP
46.32.182.119:443
ASN
#0

Certificate
IssuerLet's Encrypt
Subject1xlite-032472.top
Fingerprint67:A5:DB:FC:AB:A3:CB:3D:16:5D:64:68:CE:5C:77:27:83:DD:D9:57
ValidityWed, 25 Dec 2024 09:21:50 GMT - Tue, 25 Mar 2025 09:21:49 GMT

File type

Size
252 kB (252246 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /en/block HTTP/1.1
Host: 1xlite-032472.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_85563m_16303c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l46998_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_85563m_16303c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l46998_clickunder; postback_watcher=; auid=LiC2d2eUkqxAPhpPAz0SAg==
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 203 Non Authoritative
server: nginx
date: Sat, 25 Jan 2025 07:28:44 GMT
content-type: text/html; charset=utf-8
content-length: 252246
accept-ranges: none
link: <https://v3.traincdn.com/sys-ui/2.3.48/Desktop/Default/client.css>; rel=preload; as=style; crossorigin=anonymous
server-timing: dt_total;dur=0.003, total;dur=44;desc="Nuxt Server Time"
set-cookie: lng=en; Path=/
cookies_agree_type=3; Path=/
tzo=1; Path=/
is12h=0; Path=/
x-dt: 285
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_reset_password/en/dictionary_612c6e919ca15d39cc751a619a3952c7.json

185.244.209.62

200 OK

765 B

URL GET HTTP/2
v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_reset_password/en/dictionary_612c6e919ca15d39cc751a619a3952c7.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (817), with no line terminators
Size
765 B (765 bytes)
Hash
650ef5c04f5755ace4a4b329cba51023
9bc6b9757126f90aa78c2912a387d7d5a076b357
b6b5ddad83547368d891603b76cbca90a8d575421b4fdef324696b98b5d178af

HTTP Headers

GET /genfiles/web-app-v2/dictionary2/v3_reset_password/en/dictionary_612c6e919ca15d39cc751a619a3952c7.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-032472.top/
Origin: https://1xlite-032472.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 25 Jan 2025 07:28:45 GMT
content-type: application/json; charset=utf-8
content-length: 765
traceparent: 00-35b1713844fe0bb6854f00e6e24b17e0-1e2e97335bf8d084-01
last-modified: Wed, 11 Oct 2023 12:52:53 GMT
etag: "00f980f23f1b4c1ccee99ed49e0a8feb"
cache-control: max-age=3600
expires: Thu, 16 Jan 2025 10:53:47 GMT
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 2362
cache: HIT
x-cached-since: 2025-01-25T06:49:23+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/e7f91740f4be211afac731343dc63895.json

185.244.209.62

200 OK

14 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/e7f91740f4be211afac731343dc63895.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
14 kB (14236 bytes)
Hash
5f6393bd6febc268d33cb235c7eec194
819eb4409582bcea038e527fd5859dde2d13e0e7
9ae42c0a8d88add1a2d54faab5d819c619cb2a2a1eec7595fe1029a91449efb0

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/e7f91740f4be211afac731343dc63895.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-032472.top/
Origin: https://1xlite-032472.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 25 Jan 2025 07:28:45 GMT
content-type: application/json
traceparent: 00-c57dc567f4a1c7b53432c454a5e2c09d-46f9f6464776a93b-01
last-modified: Fri, 17 May 2024 01:07:57 GMT
etag: W/"5f6393bd6febc268d33cb235c7eec194"
content-encoding: gzip
expires: Thu, 16 Jan 2025 11:02:52 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 1464
cache: HIT
x-cached-since: 2025-01-25T07:04:21+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/shared-assets/__shared_chunk_6EO4CXC4.js

185.244.209.62

200 OK

610 B

URL GET HTTP/2
v3.traincdn.com/sys-static/shared-assets/__shared_chunk_6EO4CXC4.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (621), with no line terminators
Size
610 B (610 bytes)
Hash
f5768750051a8debea17ce89837e3bf7
fa1f86f4121d91916a9657a90a189b21272ff644
178069ce2b15dde7d59f819f48a74377221ae26632a210b09af003dd6e9390bb

HTTP Headers

GET /sys-static/shared-assets/__shared_chunk_6EO4CXC4.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-032472.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 25 Jan 2025 07:28:46 GMT
content-type: text/javascript; charset=utf-8
content-length: 610
traceparent: 00-d09cd2f949668db055d7b8cb8d1b3729-8453c6adea9d1455-01
last-modified: Fri, 24 Jan 2025 09:12:28 GMT
etag: "464c50409850b3095783d5b3b9a1b00d"
x-amz-meta-mtime: 1737709765.868983707
expires: Sat, 25 Jan 2025 09:56:28 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 77538
cache: HIT
x-cached-since: 2025-01-24T09:56:28+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/main-static/47b9c1da/desktop/default/DC-d6ce9225.js

185.244.209.62

200 OK

2.7 kB

URL GET HTTP/2
v3.traincdn.com/main-static/47b9c1da/desktop/default/DC-d6ce9225.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (2676), with no line terminators
Size
2.7 kB (2654 bytes)
Hash
9e4bc64081856ae2388e9f45beaa4629
9d83ab818ebd86029231e84fe115df070a7a36f5
ea8539b02208d473183f65968524d9c3963dcc958e6f05cebfc4ab9ad83cbf33

HTTP Headers

GET /main-static/47b9c1da/desktop/default/DC-d6ce9225.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-032472.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 25 Jan 2025 07:28:46 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-f7eb48e9fc85187fd293887f6a777b00-4dbcdf38d2c06e72-01
last-modified: Fri, 24 Jan 2025 09:00:19 GMT
etag: W/"eb58f903ab3f8f12f83f68befa090822"
x-amz-meta-mtime: 1737709217.023067933
content-encoding: gzip
expires: Sat, 25 Jan 2025 09:33:25 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 78890
cache: HIT
x-cached-since: 2025-01-24T09:33:56+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/cca369af6198d7764a276e816ecf67dd.json

185.244.209.62

200 OK

12 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/cca369af6198d7764a276e816ecf67dd.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
12 kB (12519 bytes)
Hash
6a4635ef54a2476b6606f4b98ba743d0
d41e0cbe241494ff70cfc50c8e398902b6f161c1
2a5fc3f71a70d1af1966f031dfd607226dbfc4a2f8edac1e602dd30655549fc3

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/cca369af6198d7764a276e816ecf67dd.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-032472.top/
Origin: https://1xlite-032472.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 25 Jan 2025 07:28:46 GMT
content-type: application/json
traceparent: 00-98514322f30f8e03eb8bd1aa5f35ecf6-bdf93d0847ac6763-01
last-modified: Thu, 10 Oct 2024 12:42:28 GMT
etag: W/"6a4635ef54a2476b6606f4b98ba743d0"
content-encoding: gzip
expires: Thu, 16 Jan 2025 11:19:55 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 1095
cache: HIT
x-cached-since: 2025-01-25T07:10:31+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/main-static/47b9c1da/desktop/default/commons/app-0a1c36f7.js

185.244.209.62

200 OK

138 kB

URL GET HTTP/2
v3.traincdn.com/main-static/47b9c1da/desktop/default/commons/app-0a1c36f7.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type

Size
138 kB (137776 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /main-static/47b9c1da/desktop/default/commons/app-0a1c36f7.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-032472.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 25 Jan 2025 07:28:45 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-c47aa81714bbf1d01cbbb8d1ed0bcac3-f8db28164b4e6fa1-01
last-modified: Fri, 24 Jan 2025 09:00:20 GMT
etag: W/"25c3542d7571a59fc23a20d6b7193a57"
x-amz-meta-mtime: 1737709217.035067966
content-encoding: gzip
expires: Sat, 25 Jan 2025 09:33:25 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 78891
cache: HIT
x-cached-since: 2025-01-24T09:33:54+00:00
X-Firefox-Spdy: h2

1xlite-032472.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/ab.json

46.32.182.119

200 OK

2 B

URL POST HTTP/2
1xlite-032472.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/ab.json
IP
46.32.182.119:443
ASN
#0

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerLet's Encrypt
Subject1xlite-032472.top
Fingerprint67:A5:DB:FC:AB:A3:CB:3D:16:5D:64:68:CE:5C:77:27:83:DD:D9:57
ValidityWed, 25 Dec 2024 09:21:50 GMT - Tue, 25 Mar 2025 09:21:49 GMT

File type
JSON text data
Size
2 B (2 bytes)
Hash
d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/ab.json HTTP/1.1
Host: 1xlite-032472.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-032472.top/en/block
Content-Type: application/json
X-Lang: en
X-Uuid: 4407e9b4-bf0d-4e58-8960-22531ca55cd7
Content-Length: 19
Origin: https://1xlite-032472.top
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_85563m_16303c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l46998_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_85563m_16303c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D%7Bsite_id%7D_d22490_l46998_clickunder; postback_watcher=; auid=LiC2d2eUkqxAPhpPAz0SAg==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 25 Jan 2025 07:28:45 GMT
content-type: application/json
content-length: 2
x-dt: 285
x-time-ng: 0.000
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=0.015, wf-uht;dur=0.011
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-7JGWL9SV66

142.250.74.168

200 OK

443 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-7JGWL9SV66
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint10:26:0A:38:A4:FD:1E:F0:80:EB:EE:D7:0A:8D:41:1D:CB:DB:54:82
ValidityMon, 06 Jan 2025 08:36:08 GMT - Mon, 31 Mar 2025 08:36:07 GMT

File type

Size
443 kB (443300 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /gtag/js?id=G-7JGWL9SV66 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-032472.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 25 Jan 2025 07:28:56 GMT
expires: Sat, 25 Jan 2025 07:28:56 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
server: Google Tag Manager
content-length: 140716
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/destination?id=AW-16664555628&l=dataLayer&cx=c&gtm=45He51n0v9180563600za200

142.250.74.168

200 OK

301 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/destination?id=AW-16664555628&l=dataLayer&cx=c&gtm=45He51n0v9180563600za200
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint10:26:0A:38:A4:FD:1E:F0:80:EB:EE:D7:0A:8D:41:1D:CB:DB:54:82
ValidityMon, 06 Jan 2025 08:36:08 GMT - Mon, 31 Mar 2025 08:36:07 GMT

File type
JavaScript source, ASCII text, with very long lines (5268)
Size
301 kB (300775 bytes)
Hash
9fac64520a04ffb1c58e1aff063c4eca
81ff5bab69b1070354507eb093d633989b8cc6fa
cc3eb7b422ac6da4161016b7bba2952cb38dd381316b0bb15a536272e33aefd5

HTTP Headers

GET /gtag/destination?id=AW-16664555628&l=dataLayer&cx=c&gtm=45He51n0v9180563600za200 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-032472.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 25 Jan 2025 07:28:56 GMT
expires: Sat, 25 Jan 2025 07:28:56 GMT
cache-control: private, max-age=900
last-modified: Sat, 25 Jan 2025 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
server: Google Tag Manager
content-length: 103688
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

v3.traincdn.com/sys-static/shared-assets/Desktop/__shared_css_5be180.css

185.244.209.62

200 OK

5.9 kB

URL GET HTTP/2
v3.traincdn.com/sys-static/shared-assets/Desktop/__shared_css_5be180.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
ASCII text, with very long lines (5906), with no line terminators
Size
5.9 kB (5904 bytes)
Hash
f384acb0c03bc4efafdbc563760e5dc0
fc4246a7d998964ce201e853dd436b396eb6082e
6c8f1f5c4ac67399db68a199a036608aedc804ed96a5dc32733a2e9dbd074c44

HTTP Headers

GET /sys-static/shared-assets/Desktop/__shared_css_5be180.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-032472.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 25 Jan 2025 07:28:44 GMT
content-type: text/css; charset=utf-8
traceparent: 00-26ef867802cdc86ef7e19eec7e66eaf8-e334ff2fee03658a-01
last-modified: Fri, 24 Jan 2025 07:46:23 GMT
etag: W/"7c714075eb939d26157c3cb143e39676"
x-amz-meta-mtime: 1737704647.33654675
content-encoding: gzip
expires: Sat, 25 Jan 2025 10:04:17 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 77067
cache: HIT
x-cached-since: 2025-01-24T10:04:17+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/shared-assets/__shared_vue_deps_PATB7KR4.js

185.244.209.62

200 OK

20 kB

URL GET HTTP/2
v3.traincdn.com/sys-static/shared-assets/__shared_vue_deps_PATB7KR4.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type

Size
20 kB (20242 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sys-static/shared-assets/__shared_vue_deps_PATB7KR4.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-032472.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 25 Jan 2025 07:28:46 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-5471f648216188725878ecc53776ef86-74e31210d784151d-01
last-modified: Fri, 24 Jan 2025 07:46:23 GMT
etag: W/"219b2bf4ebab7fe0b8a06850fb28e8b3"
x-amz-meta-mtime: 1737704647.360548764
content-encoding: gzip
expires: Sat, 25 Jan 2025 09:56:28 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 77538
cache: HIT
x-cached-since: 2025-01-24T09:56:28+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/e3dd2d416ede1d7659584842878349f6.json

185.244.209.62

200 OK

1.1 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/e3dd2d416ede1d7659584842878349f6.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
ASCII text, with very long lines (1205), with no line terminators
Size
1.1 kB (1085 bytes)
Hash
7e57210fe3f01fd6a726a5ef7750785f
3466d373b62cd3e1c975ca7556e9ed8139f78360
b984b21e94d34c282acae49e1fd192038dd5a8cf2b1ae214fd4ac7ba86ee7048

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/e3dd2d416ede1d7659584842878349f6.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-032472.top/
Origin: https://1xlite-032472.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 25 Jan 2025 07:28:46 GMT
content-type: application/json
traceparent: 00-0da689e6e149115e254e60ead5c0ee21-bff6f49df5f96598-01
last-modified: Thu, 16 May 2024 19:05:13 GMT
etag: W/"338264fc869e8f0b86b0d6c9d92102b0"
content-encoding: gzip
expires: Thu, 16 Jan 2025 11:19:55 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 1095
cache: HIT
x-cached-since: 2025-01-25T07:10:31+00:00
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-KFGPRJ2V

142.250.74.168

200 OK

304 kB

URL GET HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-KFGPRJ2V
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint10:26:0A:38:A4:FD:1E:F0:80:EB:EE:D7:0A:8D:41:1D:CB:DB:54:82
ValidityMon, 06 Jan 2025 08:36:08 GMT - Mon, 31 Mar 2025 08:36:07 GMT

File type

Size
304 kB (303850 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /gtm.js?id=GTM-KFGPRJ2V HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-032472.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 25 Jan 2025 07:28:56 GMT
expires: Sat, 25 Jan 2025 07:28:56 GMT
cache-control: private, max-age=900
last-modified: Sat, 25 Jan 2025 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
server: Google Tag Manager
content-length: 105508
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/8192228305b202797f207eeb6842287c.png

185.244.209.62

200 OK

5.2 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/8192228305b202797f207eeb6842287c.png
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
PNG image data, 514 x 514, 8-bit colormap, non-interlaced
Size
5.2 kB (5202 bytes)
Hash
b9a636eef54b2844b571fe7de49184a7
bf653690790ced40eb3189da075a275d951d1607
001bfcdd52b658d46543a1aec889d35b73b3909b47097cc011b95e96fc9e3743

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/8192228305b202797f207eeb6842287c.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-032472.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 25 Jan 2025 07:28:46 GMT
content-type: image/png
content-length: 5202
traceparent: 00-d905d07ea16f851704c23490c44f887f-0dae68803ddd7836-01
last-modified: Wed, 26 Jun 2024 08:22:59 GMT
etag: "b9a636eef54b2844b571fe7de49184a7"
expires: Thu, 16 Jan 2025 11:18:57 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 2832
cache: HIT
x-cached-since: 2025-01-25T06:41:34+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_auth/en/dictionary_3302f5052cd12ca260cd946af7660ff0.json

185.244.209.62

200 OK

8.7 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_auth/en/dictionary_3302f5052cd12ca260cd946af7660ff0.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
troff or preprocessor input, Unicode text, UTF-8 text, with very long lines (9165), with no line terminators
Size
8.7 kB (8744 bytes)
Hash
15045e7ecd3e7ed1ec2c5dca3b78df8e
c1afeb59e486fafa5db2b03a3f616ad754299689
21030d217c9887eee14ae3038c7f943d5e876ec51d888538b2ffa049891dc9e2

HTTP Headers

GET /genfiles/web-app-v2/dictionary2/v3_auth/en/dictionary_3302f5052cd12ca260cd946af7660ff0.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-032472.top/
Origin: https://1xlite-032472.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 25 Jan 2025 07:28:45 GMT
content-type: application/json; charset=utf-8
traceparent: 00-52f8dfc08db648d3bed03ea225c6cadc-c7bec961f6cf2c7a-01
last-modified: Fri, 15 Nov 2024 12:25:26 GMT
etag: W/"c960df03c02866eb54a219e318dd1cc8"
cache-control: max-age=3600
content-encoding: gzip
expires: Thu, 16 Jan 2025 10:10:18 GMT
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 2956
cache: HIT
x-cached-since: 2025-01-25T06:39:29+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/d9842b87b9dabdc4cdc248c062355299.json

185.244.209.62

200 OK

7.3 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/d9842b87b9dabdc4cdc248c062355299.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
ASCII text, with very long lines (8082), with no line terminators
Size
7.3 kB (7321 bytes)
Hash
dc424c56188d2fb07cbb8b3cf4cf6334
d52dc8395a4dc996af20fb0e2b1ecbd62cb04120
103f4cda8ba430dbbe6a699d14ff96789d65a4e8b8f35447d4831dbca3de63ea

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/d9842b87b9dabdc4cdc248c062355299.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-032472.top/
Origin: https://1xlite-032472.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 25 Jan 2025 07:28:45 GMT
content-type: application/json
traceparent: 00-3076142589dc5090fa5db3c4f5c7955b-eac562e475eda3c6-01
last-modified: Thu, 23 Jan 2025 13:19:10 GMT
etag: W/"0614058b667e6dfa1cdecc6e0e53131c"
content-encoding: gzip
expires: Thu, 23 Jan 2025 14:50:28 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 1464
cache: HIT
x-cached-since: 2025-01-25T07:04:21+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/ywYu240b.js

185.244.209.62

200 OK

5.5 kB

URL GET HTTP/2
v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/ywYu240b.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
ASCII text, with very long lines (5650), with no line terminators
Size
5.5 kB (5515 bytes)
Hash
9806e301700caf30acd3089de303f5a8
52facbfc09cd68ccfe0068164b675343f6d3e237
9691a2a6a0812aa7816e26a6fa9c7529df10f18eb348f8a7713759fa1709f0de

HTTP Headers

GET /sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/ywYu240b.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-032472.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 25 Jan 2025 07:28:46 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-b88f4ca87a93d1ced5b648054b2759b7-cdb68b9eb05da308-01
last-modified: Thu, 16 Jan 2025 12:01:29 GMT
etag: W/"29317f40f64ddd062ced9e94b607702e"
x-amz-meta-mtime: 1737028741.203096818
content-encoding: gzip
expires: Thu, 23 Jan 2025 12:28:07 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 68415
cache: HIT
x-cached-since: 2025-01-24T12:28:31+00:00
X-Firefox-Spdy: h2

www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2F1xlite-032472.top%2Fen%2Fblock&scrsrc=www.googletagmanager.com&frm=0&rnd=638721352.1737790137&dt=1xBet&auid=711531401.1737790137&navt=n&npa=1&gtm=45He51n0v9180563600za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=102067555~102067808~102081485~102123608&tft=1737790136528&tfd=13171&apve=1

142.250.178.100

200 OK

0 B

URL POST HTTP/2
www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2F1xlite-032472.top%2Fen%2Fblock&scrsrc=www.googletagmanager.com&frm=0&rnd=638721352.1737790137&dt=1xBet&auid=711531401.1737790137&navt=n&npa=1&gtm=45He51n0v9180563600za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=102067555~102067808~102081485~102123608&tft=1737790136528&tfd=13171&apve=1
IP
142.250.178.100:443
ASN
#15169 GOOGLE

Requested by
https://1xlite-032472.top/en/block
Certificate
IssuerGoogle Trust Services
Subjectwww.google.com
Fingerprint53:F5:E3:47:F6:DC:80:83:14:A1:CE:39:7B:A1:98:61:74:03:86:E2
ValidityMon, 06 Jan 2025 08:37:56 GMT - Mon, 31 Mar 2025 08:37:55 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /ccm/collect?en=page_view&dl=https%3A%2F%2F1xlite-032472.top%2Fen%2Fblock&scrsrc=www.googletagmanager.com&frm=0&rnd=638721352.1737790137&dt=1xBet&auid=711531401.1737790137&navt=n&npa=1&gtm=45He51n0v9180563600za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=102067555~102067808~102081485~102123608&tft=1737790136528&tfd=13171&apve=1 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-032472.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-032472.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 200 OK
content-type: text/plain
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
date: Sat, 25 Jan 2025 07:28:57 GMT
pragma: no-cache
vary: Origin, X-Origin, Referer
server: scaffolding on HTTPServer2
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://1xlite-032472.top
access-control-expose-headers: date,vary,vary,vary,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (45)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL