Report - movenivalcrooffer.com/cde93dc0-fe82-4786-9705-578f3bac729f?zoneid=3350468&bannerid=23459034&zonetype={zone_type}&campaignid=9304976&device=other&region=70&isp=bestcjsc&useragent=Mozilla/5.0(Linux;Android10;K)AppleWebKit/537.36(KHTML,likeGecko)SamsungBrowser/28.0Chrome/130.0.0.0MobileSafari/537.36&language=be&connectiontype=oc12&cost=0.002000&visitor

Report Overview

Visited public
2025-04-28 02:06:15
Tags
URL
movenivalcrooffer.com/cde93dc0-fe82-4786-9705-578f3bac729f?zoneid=3350468&bannerid=23459034&zonetype={zone_type}&campaignid=9304976&device=other&region=70&isp=bestcjsc&useragent=Mozilla/5.0(Linux;Android10;K)AppleWebKit/537.36(KHTML,likeGecko)SamsungBrowser/28.0Chrome/130.0.0.0MobileSafari/537.36&language=be&connectiontype=oc12&cost=0.002000&visitor_id=940539964368625664
Finishing URL
1xlite-545087.top/en/block
IP / ASN
3.167.2.46
#0
Title
1xBet

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.google.no	25607	2001-02-26	2012-06-26	2025-04-23	1.0 kB	580 B	142.250.178.99
movenivalcrooffer.com	unknown	2024-06-21	2024-07-05	2025-04-24	841 B	244 kB	3.167.2.43
1xlite-545087.top	unknown	2024-10-10	2025-04-16	2025-04-23	20 kB	929 kB	83.147.224.3
region1.analytics.google.com	unknown	1997-09-15	2022-03-17	2025-04-23	2.2 kB	1.7 kB	216.239.34.36
affpa.top	507683	2022-01-14	2022-01-14	2025-04-23	598 B	243 kB	83.147.205.153
radar.cedexis.com	3035	2009-01-07	2013-11-27	2025-04-22	850 B	1.4 kB	45.54.49.5
www.google.com	7	1997-09-15	2015-05-10	2025-04-23	801 B	568 B	142.250.178.68
v3.traincdn.com	unknown	2022-11-10	2022-11-25	2025-04-23	35 kB	6.8 MB	185.244.209.62
www.googletagmanager.com	75	2011-11-11	2012-10-04	2025-04-23	2.6 kB	1.9 MB	142.250.74.168

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-04-27	medium	1xlite-545087.top	Sinkholed
2025-04-27	medium	1xlite-545087.top	Sinkholed
2025-04-27	medium	1xlite-545087.top	Sinkholed
2025-04-27	medium	1xlite-545087.top	Sinkholed
2025-04-27	medium	1xlite-545087.top	Sinkholed
2025-04-27	medium	1xlite-545087.top	Sinkholed
2025-04-27	medium	1xlite-545087.top	Sinkholed
2025-04-27	medium	1xlite-545087.top	Sinkholed
2025-04-27	medium	1xlite-545087.top	Sinkholed
2025-04-27	medium	1xlite-545087.top	Sinkholed
2025-04-27	medium	1xlite-545087.top	Sinkholed
2025-04-27	medium	1xlite-545087.top	Sinkholed
2025-04-27	medium	1xlite-545087.top	Sinkholed
2025-04-27	medium	1xlite-545087.top	Sinkholed
2025-04-27	medium	1xlite-545087.top	Sinkholed
2025-04-27	medium	1xlite-545087.top	Sinkholed
2025-04-27	medium	1xlite-545087.top	Sinkholed
2025-04-27	medium	1xlite-545087.top	Sinkholed

ThreatFox

No alerts detected

JavaScript (53)

	URL	From	Size	First Seen	Last Seen
	v3.traincdn.com/main-static/337b990b/desktop/default/vendors/app-caec72e7.js	ScriptElement	925 kB	2025-04-23	2025-04-28
Pretty URL v3.traincdn.com/main-static/337b990b/desktop/default/vendors/app-caec72e7.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-23 15:46 Last Seen2025-04-28 07:04 Times Seen26 Hash aeecbb282817e7b7f53f38241e40dc64 dfe62996dfcaf0d57f18fbdcf223666a7efba330 0d73f838d048437de1d6ca5a103bb7889f061c9753e1c083f238176f7650f996 Loading...

	1xlite-545087.top/en/block	Function	47 B	2023-04-14	2025-06-09
Pretty URL 1xlite-545087.top/en/block IP 83.147.224.3 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-04-14 16:26 Last Seen2025-06-09 03:33 Times Seen5091 Hash 580b3e56fc9ab6e8b4655f43ee057cc1 5dfce565e446f4a167195de9a1a5dd26163c711c 446f07b6e56de61d2c2d5b6ba408cc580b492a6d1ede8fc51cfde4ef75a2b382 Loading...

	1xlite-545087.top/en/block	Function	39 B	2023-04-14	2025-06-09
Pretty URL 1xlite-545087.top/en/block IP 83.147.224.3 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-04-14 16:26 Last Seen2025-06-09 03:33 Times Seen5096 Hash bc51ed8c76553717f10d58b2df60fd76 e2d03a8fd8d280074b226c288880f9df299c7cb1 bee994eaf88453f6343ba57571a069054c12c9b4e42f8cbad4f2ad75c7fb264c Loading...

	radar.cedexis.com/1/23802/radar.js	ScriptElement	390 B	2024-02-13	2025-06-09
Pretty URL radar.cedexis.com/1/23802/radar.js IP 45.54.49.5 ASN #63911 NetActuate, Inc Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-13 14:23 Last Seen2025-06-09 03:33 Times Seen2280 Hash 82dec77fd0353c7c71ce053b8601387e fbbca95419e1d0c042e0a5fdf10f380aca66188c 39f2b7b0fa78d37d0c84d2d6618bd635d86fd683d9bcdd5729850cb2a62522f7 Loading...

	1xlite-545087.top/main-static/337b990b/check-ob.js	ScriptElement	219 B	2024-07-17	2025-06-09
Pretty URL 1xlite-545087.top/main-static/337b990b/check-ob.js IP 83.147.224.3 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-17 14:33 Last Seen2025-06-09 03:33 Times Seen1495 Hash c065700c9c8c493403359e1f2baa10d9 4630fe729e70bdf63fa7ba6c84ec277fd1f51030 1e61f0c82ae82ffcf503fcd4b4c8ae27b32c11e19b882d5d13f3c44364c893f4 Loading...

	v3.traincdn.com/sys-static/shared-assets/__shared_vue_deps_SVMMEEZF.js	ImportedModule	21 kB	2025-04-23	2025-05-12
Pretty URL v3.traincdn.com/sys-static/shared-assets/__shared_vue_deps_SVMMEEZF.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2025-04-23 15:46 Last Seen2025-05-12 21:07 Times Seen64 Hash b3ce9215487c615dbe0e474955e1dd39 64d50e6020e3cdfe3156bf52d46c176dfd098fd9 e3c9c6a51511916a872d65993ad41d579fd580f3dd688335924153613e295d43 Loading...

	v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/813e8388f0.js	ImportedModule	3.8 kB	2025-04-23	2025-04-28
Pretty URL v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/813e8388f0.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2025-04-23 15:46 Last Seen2025-04-28 07:04 Times Seen26 Hash e482a4b4636f380636d9dfddea4a1747 af47fa46121e53c27f16738f72e495a6225f76ba 36894c041d0dcd718fb0852db3f160ed631e426c9f977f7b1d93df1909816809 Loading...

	1xlite-545087.top/en/block	Function	44 B	2023-04-14	2025-06-09
Pretty URL 1xlite-545087.top/en/block IP 83.147.224.3 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-04-14 16:26 Last Seen2025-06-09 03:33 Times Seen5094 Hash 00beb9884d0391b342eadd30744b539a 3124c0bd593822379d22f13d3e08e70a1bf5ea14 92394eec5690449a4f6cfc9a7f97497a69e926b2365cb9a9aad3507a844f835c Loading...

	www.googletagmanager.com/gtm.js?id=GTM-KFGPRJ2V	ScriptElement	330 kB	2025-04-28	2025-04-28
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-KFGPRJ2V IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-28 02:06 Last Seen2025-04-28 02:06 Times Seen1 Hash 5b2256d8892c8bd019399e017cfa9905 78cff5519122a868e859c1e132833985214ddd3f d357e4d9fd07de2cec0b4e0d723341d1fb0eeef9f37fdb59deeadef03a678981 Loading...

	v3.traincdn.com/main-static/337b990b/desktop/default/app-bb2199dd.js	ScriptElement	509 kB	2025-04-26	2025-04-28
Pretty URL v3.traincdn.com/main-static/337b990b/desktop/default/app-bb2199dd.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-26 00:25 Last Seen2025-04-28 07:04 Times Seen18 Hash d92869654b7c06b53a68ceb09e1929c6 193f6de3299ea0d291d9ce56b3df58209e092fa0 3e04eaa1112c5c5edbfea6bba853d180266702a7ce22b7e3ff483df382c41b99 Loading...

	v3.traincdn.com/main-static/337b990b/desktop/default/vendors/plugins.vue-js-modal-c2cf1c12.js	ScriptElement	27 kB	2025-04-23	2025-04-28
Pretty URL v3.traincdn.com/main-static/337b990b/desktop/default/vendors/plugins.vue-js-modal-c2cf1c12.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-23 15:46 Last Seen2025-04-28 07:04 Times Seen26 Hash cf8b06baeb7ae8f2ac91e5786d61e146 625e7cac0cbf5c55ca40df6c229af389687c0d34 8c297d5dda72c0cc5d6fce3dabc93773c1b435c9dfd2f3d37bdb4f42c34f436b Loading...

	v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/7deb41e6a6.js	ImportedModule	2.0 kB	2025-04-23	2025-04-28
Pretty URL v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/7deb41e6a6.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2025-04-23 15:46 Last Seen2025-04-28 07:04 Times Seen26 Hash 59bbd7c7c12c2bfa5463fec581cf285b c886f6e91e463988b39c7694105aa90f5b30bdad 15e186205c9f78c5ca0e368125fe2850e25d6acccf7f902cfc5df7a01586e1bc Loading...

	www.googletagmanager.com/gtag/destination?id=AW-16664555628&l=dataLayer&cx=c&gtm=45He54n0v9180563600za200&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001	ScriptElement	334 kB	2025-04-28	2025-04-28
Pretty URL www.googletagmanager.com/gtag/destination?id=AW-16664555628&l=dataLayer&cx=c&gtm=45He54n0v9180563600za200&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-28 02:06 Last Seen2025-04-28 02:06 Times Seen1 Hash 6b5a06889ceee85953ab30431db3c473 735d90f5eb261ef5cfa05b24d741f7bf07b82b82 5f2afba83d0a14fb9aabf57d99ad13b574f9db0a2c00ab54110d20d17789a6f4 Loading...

	v3.traincdn.com/sys-static/shared-assets/__shared_chunk_KSBWA3N2.js	ImportedModule	610 B	2024-12-07	2025-05-20
Pretty URL v3.traincdn.com/sys-static/shared-assets/__shared_chunk_KSBWA3N2.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2024-12-07 20:25 Last Seen2025-05-20 22:14 Times Seen572 Hash 464c50409850b3095783d5b3b9a1b00d 7d5c3f49bd0689d72dddceee68afd229f4168ed5 71cbc8847b4abb3782fe515be3e9e1f3fb639f801b337a2a3612616151ec250d Loading...

	1xlite-545087.top/en/block	Eval	341 kB	2025-04-28	2025-04-28
Pretty URL 1xlite-545087.top/en/block IP 83.147.224.3 ASN #0 Introduced by eval Embedded in HTML false Observations First Seen2025-04-28 02:06 Last Seen2025-04-28 02:06 Times Seen1 Hash 69bf60e00bad219a4cbc592745625920 b662627cb33bc173d95621d8f79883919279f07f 57b54d4c43cde7ccedb1d9984b065255ffec24ae6cdeae5229a782ac8db67993 Loading...

	1xlite-545087.top/en/block	DomTimer	10 B	2024-09-21	2025-06-09
Pretty URL 1xlite-545087.top/en/block IP 83.147.224.3 ASN #0 Introduced by domTimer Embedded in HTML false Observations First Seen2024-09-21 15:04 Last Seen2025-06-09 03:33 Times Seen1116 Hash 01f4b51b4ba7edd00ad9f0a22259f06e 00723d0eda4be61a7b1c542b0a08a94a94a60017 9fdac1c31a22f55dbb8ca225ee28c3f7e88b41cce82968af0018c9f8b3bd35ba Loading...

	v3.traincdn.com/sys-static/shared-assets/__shared_localforage_H7M2CI7V.js	ImportedModule	30 kB	2025-03-21	2025-05-20
Pretty URL v3.traincdn.com/sys-static/shared-assets/__shared_localforage_H7M2CI7V.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2025-03-21 03:26 Last Seen2025-05-20 22:14 Times Seen247 Hash 8c858b7ed9e89233e182c6824388b15d 72b5da96c3735591317ee5d7a77733f3ee2e4f5b ff626e5d8a3bf634c1577b920a448b6da177e7e0e164a3cce4d270ff78bb7d23 Loading...

	1xlite-545087.top/hd-api/external/apps/c5e31d5915661de4393e3f1489b00ebc4497dd48/api.js	ScriptElement	753 B	2025-02-26	2025-05-20
Pretty URL 1xlite-545087.top/hd-api/external/apps/c5e31d5915661de4393e3f1489b00ebc4497dd48/api.js IP 83.147.224.3 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-26 21:56 Last Seen2025-05-20 22:14 Times Seen513 Hash f004562bde4d48fb0987e200eb06f3af 6ce4bb1f9a61802bc2b28d084810a6a752af30a6 ba2a7d9626d02a36d5c599c2e0f24594f47e2624d8fa93f6944056722e31f20f Loading...

	v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/3f30456910.js	ImportedModule	134 B	2025-04-23	2025-04-28
Pretty URL v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/3f30456910.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2025-04-23 15:46 Last Seen2025-04-28 07:04 Times Seen26 Hash 834095d96bc70d6775eea00ac7f66ee5 40d18957a683b25c8c27a9762821c22e51df1dac 3aedb8ddb0a940d381125c90208d4c5c4334b19f7e1183a994fa20eb4ba719e5 Loading...

	1xlite-545087.top/en/block	ScriptElement	1.7 kB	2025-04-26	2025-04-28
Pretty URL 1xlite-545087.top/en/block IP 83.147.224.3 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2025-04-26 00:25 Last Seen2025-04-28 07:04 Times Seen18 Hash e016d808acf015bf16d36ca306799dd1 fcfd9d4f607f23f9ef8a915076bfbd3db366b41c c8a6fcf0a943ebb06af6604db6e0803185afae2ca25592f1fd80378762735595 Loading...

	v3.traincdn.com/sys-static/shared-assets/__shared_popper_js_EEH7JIJK.js	ImportedModule	21 kB	2025-03-21	2025-05-20
Pretty URL v3.traincdn.com/sys-static/shared-assets/__shared_popper_js_EEH7JIJK.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2025-03-21 03:26 Last Seen2025-05-20 22:14 Times Seen247 Hash 65baa1e0e10c3b0e4763d35e76999e25 a21b6807691f637324b24296803e05b64fc4c694 610516103d1262a5c7d3f5481f3f54328723386634607085bf0cfc631ad0ab3f Loading...

	v3.traincdn.com/sys-static/shared-assets/Desktop/__shared_base-app_d2c2bd4088.js	ImportedModule	801 kB	2025-04-23	2025-04-28
Pretty URL v3.traincdn.com/sys-static/shared-assets/Desktop/__shared_base-app_d2c2bd4088.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2025-04-23 15:46 Last Seen2025-04-28 07:04 Times Seen31 Hash dd3f6c27f89b359dec9ecbd1ff243eb2 bf91e8d155787c18182fca8e8ea7d2abd264dbe4 ef4b0170b6cd09d7eb6e496de41de62aad5c6dacc609f651fea6ea999568fc8c Loading...

	v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/e17f24c13b.js	ImportedModule	1.2 kB	2025-04-23	2025-04-28
Pretty URL v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/e17f24c13b.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2025-04-23 15:46 Last Seen2025-04-28 07:04 Times Seen26 Hash 84b0fa02c6fb01a238017a59f653ca22 ee86a08f3dfb1ef32c02aba766a00174a74ef190 a9998600aaf3d1d0c7f55929cb61a90aa3a49f9ec5eedfa09b69a66617d3e38f Loading...

	1xlite-545087.top/en/block	Function	47 B	2023-04-14	2025-06-09
Pretty URL 1xlite-545087.top/en/block IP 83.147.224.3 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-04-14 16:26 Last Seen2025-06-09 03:33 Times Seen5089 Hash a01893d8e129ad16c1e0fc5c7537f411 0e46d1bf2718f848d9d596fa269eaedb31204772 cbe7b89533bcd75b69f3e54807308551d68242ec1761e63bee1a99fc6e560175 Loading...

	v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/b9639b3b1e.js	ImportedModule	27 kB	2025-04-23	2025-04-28
Pretty URL v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/b9639b3b1e.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2025-04-23 15:46 Last Seen2025-04-28 07:04 Times Seen26 Hash 2eec0d70786483601bb3ee005c6104a3 2e81319d87e36af13c16e5417d5b4049cd6968d2 67d7ebca2ec18eb0302193de83058b8c5381bd0aebb355308e4283b3b6b2c780 Loading...

	1xlite-545087.top/captcha-api/assets/hunt-captcha.js	ScriptElement	88 kB	2025-04-18	2025-04-28
Pretty URL 1xlite-545087.top/captcha-api/assets/hunt-captcha.js IP 83.147.224.3 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-18 10:06 Last Seen2025-04-28 07:04 Times Seen72 Hash 20f08fd85a92e1de3cfff42f5e37c0ae 6bbaf2e69b14e1c9467366d73c721a99456280c2 03453fb10ff9c919192aef883af120f1e5b88f9bbbba28c5e5344e910a77ede7 Loading...

	www.googletagmanager.com/gtag/destination?id=DC-14030178&l=dataLayer&cx=c&gtm=45He54n0v9180563600za200&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001	ScriptElement	288 kB	2025-04-27	2025-04-28
Pretty URL www.googletagmanager.com/gtag/destination?id=DC-14030178&l=dataLayer&cx=c&gtm=45He54n0v9180563600za200&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-27 07:32 Last Seen2025-04-28 02:06 Times Seen2 Hash e359619372f8e111166a03aab1891809 0ac40024d97a2d80b23456d9408962cbca86c2ca 93024b3c54cee181509bb9d70fc6f57f284873c01989d5f89005057fd3adcf93 Loading...

	1xlite-545087.top/hd-api/external/assets/hdf.js	ScriptElement	4.1 kB	2024-11-12	2025-05-20
Pretty URL 1xlite-545087.top/hd-api/external/assets/hdf.js IP 83.147.224.3 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-11-12 02:24 Last Seen2025-05-20 22:14 Times Seen708 Hash 2f26a679e9d54a65e6578e947cc5bdf2 1b984864aa7b3e28231ac7cea3c199435dbdc6bf 1e3c4bd81a1cd9ee02e42a42802d5c18cbdb3f3a11c0b2732eb11bd12263020c Loading...

	1xlite-545087.top/en/block	Function	96 B	2023-12-06	2025-06-09
Pretty URL 1xlite-545087.top/en/block IP 83.147.224.3 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-12-06 14:32 Last Seen2025-06-09 03:33 Times Seen3070 Hash 94361ed86ab9b2fbb8d805c2025df46a 3f428332f7a1c7196a85c93a373a966d75708c19 eee4d228a49a86625f29410cf9a23d145e821a09cbb1f7a4d7557d206872715a Loading...

	data:text/javascript,export const meta = import.meta;	ScriptElement	32 B	2023-12-06	2025-06-09
Pretty URL data:text/javascript,export const meta = import.meta; IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-06 14:32 Last Seen2025-06-09 03:33 Times Seen3070 Hash 6d772b7d405b447ecee54ab61cdd5108 dd65fb9cd5a7cb94a40fe161f4f72303a61eb3b7 b90ff694e492935b6036fb7e878d365dab51aafa46f0afb1e33414e7ecc3307b Loading...

	v3.traincdn.com/main-static/337b990b/desktop/default/vendors/plugins.vue-notification-38fbfa56.js	ScriptElement	13 kB	2025-04-23	2025-04-28
Pretty URL v3.traincdn.com/main-static/337b990b/desktop/default/vendors/plugins.vue-notification-38fbfa56.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-23 15:46 Last Seen2025-04-28 07:04 Times Seen26 Hash cd711867320f42c6286f5b1ee5bfbc7d abe742504bf172f9c7d68864178049a09ae00b59 1f07ad009ccc6be8cd5bf278b42ec06df35fea23f62b772e313f2b566bb78d10 Loading...

	v3.traincdn.com/main-static/337b990b/desktop/default/commons/app-4500f575.js	ScriptElement	138 kB	2025-04-23	2025-05-02
Pretty URL v3.traincdn.com/main-static/337b990b/desktop/default/commons/app-4500f575.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-23 15:46 Last Seen2025-05-02 07:07 Times Seen32 Hash 0f44966ce907b0675f4cf269c12e0555 32cb356f3b9c7c629afb78fda6fb0a834eec0da1 a55e4e1bff13398aeb28d6cddefefa11a9784475c9a72251e0c65db34c50363e Loading...

	v3.traincdn.com/sys-static/shared-assets/__shared_libphonenumber_js_4IISRMA4.js	ImportedModule	159 kB	2025-03-21	2025-05-20
Pretty URL v3.traincdn.com/sys-static/shared-assets/__shared_libphonenumber_js_4IISRMA4.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2025-03-21 03:26 Last Seen2025-05-20 22:14 Times Seen247 Hash 4673edf4e262d0703069c59915cde01f da52ee1e0d3f5967a58218500593537f8e33621e 4e24e1b83813d014e5a44217a142123c8f95be42d2a9594b535155630e1adf45 Loading...

	v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/403f7acf2d.js	ImportedModule	1.4 kB	2025-04-23	2025-04-28
Pretty URL v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/403f7acf2d.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2025-04-23 15:46 Last Seen2025-04-28 07:04 Times Seen26 Hash 4a184b0acdec02ef966d6bd67de40cb9 f00fe96fa5a80c9ddbb0a4d961484e2a05f8bdc6 89c804ff4e56cec5e528a71bfc6c194680b12aff25c9c05bccfffb6c940b531c Loading...

	v3.traincdn.com/main-static/337b990b/desktop/default/Page.Block-8fcdc097.js	ScriptElement	476 B	2025-04-23	2025-04-28
Pretty URL v3.traincdn.com/main-static/337b990b/desktop/default/Page.Block-8fcdc097.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-23 15:46 Last Seen2025-04-28 07:04 Times Seen26 Hash dfabe94120b17112be34dcd2281710bb 1a884b34728c539990c17986d5dcceffe83630b4 bce080b724d67603ee605bc5862fffa7d1459683323f8d952753044a833db8af Loading...

	v3.traincdn.com/sys-static/shared-assets/__shared_accept_language_parser_FZZ6RWIK.js	ImportedModule	1.3 kB	2025-03-21	2025-05-20
Pretty URL v3.traincdn.com/sys-static/shared-assets/__shared_accept_language_parser_FZZ6RWIK.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2025-03-21 03:26 Last Seen2025-05-20 22:14 Times Seen247 Hash fc1c44ae9e4954ae02c484125b7a6a1e 484eb92dd5bb166e7a06c1cf2dce2400bb3055e3 fa015c22854d009fd3436cac0b3958a3616d67d9c633c61d0ae309c114ab9f04 Loading...

	v3.traincdn.com/sys-static/shared-assets/__shared_fast_deep_equal_4DKQVMAE.js	ImportedModule	865 B	2025-03-21	2025-05-20
Pretty URL v3.traincdn.com/sys-static/shared-assets/__shared_fast_deep_equal_4DKQVMAE.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2025-03-21 03:26 Last Seen2025-05-20 22:14 Times Seen247 Hash b83f09e2c933f2aafd2e97f88f23d81f c5c5ff5f8b7cd801781559b42c365a16e6839800 f584585b1dce860bf95b8270b60680af7022244f6723ed8f01fe3967780c6aae Loading...

	v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/9fc790f0ab.js	ScriptElement	1.3 kB	2025-04-23	2025-04-28
Pretty URL v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/9fc790f0ab.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-23 15:46 Last Seen2025-04-28 07:04 Times Seen26 Hash c2ae2e3447ddec5081a99f3a27cc8a3e 4c4c356d6918e683b1ad4a53b093a039156c0212 6983aa528110a1b26a6afe9f266bf7e8f0e79e4862350c306e133dbf34f86456 Loading...

	www.googletagmanager.com/gtag/js?id=G-7JGWL9SV66	ScriptElement	458 kB	2025-04-28	2025-04-28
Pretty URL www.googletagmanager.com/gtag/js?id=G-7JGWL9SV66 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-28 02:06 Last Seen2025-04-28 02:06 Times Seen1 Hash b49cbe31c1509127a727c9f1f0115b9a 8bb57773b065c587032f9d3d2f5d5fafbb88562d 98db76efdac3be171cb689d1118e88e78af33c502e78509a28a7b06edcdb2ebf Loading...

	1xlite-545087.top/en/block	Eval	2.6 kB	2025-04-23	2025-04-28
Pretty URL 1xlite-545087.top/en/block IP 83.147.224.3 ASN #0 Introduced by eval Embedded in HTML false Observations First Seen2025-04-23 15:46 Last Seen2025-04-28 07:04 Times Seen26 Hash 5c07cb7ca02436ee81406895fb2aef2d 9f950aafa19ba37a7b4d76f2d44fd2795ca01967 8d7d503836f2dd6e204540729d2c6d56b61fa521ec701744d9dbaf6751831641 Loading...

	1xlite-545087.top/en/block	Function	86 kB	2025-04-18	2025-04-28
Pretty URL 1xlite-545087.top/en/block IP 83.147.224.3 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2025-04-18 10:06 Last Seen2025-04-28 07:04 Times Seen66 Hash 01f7df2479f229274f97034f4951fe48 a284c3afb26c9eaa872af12dcadddecdf4cd2420 76d6d93d626f9c9aa6b947154e9e3075532762afa4d6cb2ecf9f1342d23d243b Loading...

	v3.traincdn.com/main-static/337b990b/desktop/default/analytics-53855c77.js	ScriptElement	7.8 kB	2025-04-23	2025-05-02
Pretty URL v3.traincdn.com/main-static/337b990b/desktop/default/analytics-53855c77.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-23 15:46 Last Seen2025-05-02 07:07 Times Seen32 Hash 4ae220f11ce63cc49a00ac484e5dadf8 93e3b73cdf408c4daa0005c3c3a13afab084f3b1 ac9494e2f87fe7c316ba9d68e01bc56e7c05b8796fb0c2669d706eb151083a61 Loading...

	v3.traincdn.com/main-static/337b990b/desktop/default/Betting.Core-654a842c.js	ScriptElement	2.1 kB	2025-04-26	2025-04-28
Pretty URL v3.traincdn.com/main-static/337b990b/desktop/default/Betting.Core-654a842c.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-26 00:25 Last Seen2025-04-28 07:04 Times Seen18 Hash f2c019d5a3e74992053fd541c2111906 16530bb0585c8392e1eca8c6ab08cec9335cd93a 80d7ce974ba191478c07e3a46fdbefec6722d14f1dbf890953015df74bfab7a1 Loading...

	v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/cf5743ab5e.js	ImportedModule	2.5 kB	2025-04-23	2025-04-28
Pretty URL v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/cf5743ab5e.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2025-04-23 15:46 Last Seen2025-04-28 07:04 Times Seen26 Hash cc03a41eac717c1ed4e095be6f8edaa9 6808d797ed81c447639c104a2c905a8e1c69590b 33b1834b9ceecacdd3bd72826b542ba6a3a0e1d0006bb84e32159185d2da4d0d Loading...

	1xlite-545087.top/en/block	ScriptElement	6.3 kB	2025-04-26	2025-04-28
Pretty URL 1xlite-545087.top/en/block IP 83.147.224.3 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2025-04-26 00:25 Last Seen2025-04-28 07:04 Times Seen17 Hash ec74ccca4e18aa1efafe5d0d6944090e da26387ec04f88666b7dec45bd3277ec35823017 40f0ea784681822135c13b5c2589a7a802c7a25c0450dc20159e66fc77741231 Loading...

	v3.traincdn.com/main-static/337b990b/desktop/default/DC-7f6e33b2.js	ScriptElement	2.7 kB	2025-04-23	2025-04-28
Pretty URL v3.traincdn.com/main-static/337b990b/desktop/default/DC-7f6e33b2.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-23 15:46 Last Seen2025-04-28 07:04 Times Seen26 Hash 4cf9881e0957b4a895f76227be33f9ee b14ddb1476e113194eb9abbbd83e1c13cc4a3a25 c1feb4ad40a0292b32a2aa3d450558e792d2927817db4f02df535dbeb842d119 Loading...

	v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/entry-dd3c004aa9.js	ScriptElement	28 kB	2025-04-23	2025-04-28
Pretty URL v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/entry-dd3c004aa9.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-23 15:46 Last Seen2025-04-28 07:04 Times Seen26 Hash 9f0802c0fdde1c0d4dde4f4e8d30897d fa12c4858dd660b8a1b7bc49ae49d3821e1391fd 9cfd6db131ebae893fe41a493ce7df8f92e13db8b59b42fe82094a69e1bc47bc Loading...

	1xlite-545087.top/en/block	ScriptElement	171 kB	2025-04-28	2025-04-28
Pretty URL 1xlite-545087.top/en/block IP 83.147.224.3 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2025-04-28 02:06 Last Seen2025-04-28 02:06 Times Seen1 Hash 835cf7706247c1e809baea2f268c1204 6ddc44ca03d421ffd647e3a049e5837dce28afa1 79abaa93a9ffa440ffe3361c3925022199dc827b6e78a3b762d9add9977cebf3 Loading...

	v3.traincdn.com/main-static/337b990b/desktop/default/runtime-50cb9a3d.js	ScriptElement	20 kB	2025-04-26	2025-04-28
Pretty URL v3.traincdn.com/main-static/337b990b/desktop/default/runtime-50cb9a3d.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-26 00:25 Last Seen2025-04-28 07:04 Times Seen18 Hash a5b1a724f0e162cb7c75cbf0cb27b3b6 929e2ad16f6976d8169eecda6b377a45b6faa2ff b9c80224d8a525cf2af9df291b385517d79ca01f23b18405ecf9f1a8f189cfe3 Loading...

	v3.traincdn.com/main-static/337b990b/desktop/default/vendors/plugins.v-tooltip-b66f9922.js	ScriptElement	77 kB	2025-04-23	2025-04-28
Pretty URL v3.traincdn.com/main-static/337b990b/desktop/default/vendors/plugins.v-tooltip-b66f9922.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-23 15:46 Last Seen2025-04-28 07:04 Times Seen26 Hash a24547bf1ffe97f41579d8a7e7800c4b 0193336c6b51d7b94ff4cd0da8ef8e0284772ede 0b855db85d3885dd172c263a92fde745ad01a78c16a77d43e57a5dfa1d6313fb Loading...

	v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/e7d0d99c09.js	ScriptElement	5.3 kB	2025-04-23	2025-04-28
Pretty URL v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/e7d0d99c09.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-23 15:46 Last Seen2025-04-28 07:04 Times Seen26 Hash b0a4cbc9f85d216634bbfbd65106a360 1a0c63c254447a9e41274ea5a09f64e6651f452b 1c796e285f06e59281af9cf6d4ac414087979cfc2c5c034864641d4dc120fbac Loading...

	1xlite-545087.top/en/block	Function	34 B	2023-04-14	2025-06-09
Pretty URL 1xlite-545087.top/en/block IP 83.147.224.3 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-04-14 16:26 Last Seen2025-06-09 03:33 Times Seen5103 Hash 7bcdb973ab8af8e24ab11cb554a1ba6e 24e8a10f240f2b06f81d7c173cd0a90606641fc1 916ec4eb9b485eb47f43a17fe212e84e4b72600b45eb6d4588599ad495a57fcd Loading...

	www.googletagmanager.com/gtag/js?id=G-7JGWL9SV66&l=dataLayer&cx=c&gtm=45He54n0v9180563600za200&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001	ScriptElement	458 kB	2025-04-28	2025-04-28
Pretty URL www.googletagmanager.com/gtag/js?id=G-7JGWL9SV66&l=dataLayer&cx=c&gtm=45He54n0v9180563600za200&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-28 02:06 Last Seen2025-04-28 02:06 Times Seen1 Hash e0425085d1693dccda0c513e0b7984d4 350fbfd82d3b6ddbc15cf87e53280af58a3f4cbf 401ff733f7184a53b7e7850c5f4bb5cff2b9d7e2d26cb72f404a145bbc7f5606 Loading...

HTTP Transactions (101)

URL IP Response Size

v3.traincdn.com/genfiles/site-admin/css_vars/29b5cda95fa390c124de39b6aeca6d24.css

185.244.209.62

200 OK

46 B

URL GET
v3.traincdn.com/genfiles/site-admin/css_vars/29b5cda95fa390c124de39b6aeca6d24.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
46 B (46 bytes)
Hash
29b5cda95fa390c124de39b6aeca6d24
46f68f69533c1fdc737eb36e8e7af7672178e610
6021ec0aede22eadcb8401fe945d345202320437c7be01b157f0cb282ebe7c88

HTTP Headers

GET /genfiles/site-admin/css_vars/29b5cda95fa390c124de39b6aeca6d24.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-545087.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:53 GMT
content-type: text/css
content-length: 46
traceparent: 00-abc5e1172616d840fa0211c394f7dd06-c38d072d26920f4b-01
last-modified: Thu, 20 Mar 2025 13:29:31 GMT
etag: "29b5cda95fa390c124de39b6aeca6d24"
cache-control: max-age=3600
expires: Thu, 20 Mar 2025 14:32:37 GMT
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 1201
cache: HIT
x-cached-since: 2025-04-28T01:45:52+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/main-static/337b990b/desktop/default/runtime-50cb9a3d.js

185.244.209.62

200 OK

20 kB

URL GET
v3.traincdn.com/main-static/337b990b/desktop/default/runtime-50cb9a3d.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (19562), with no line terminators
Size
20 kB (19562 bytes)
Hash
a5b1a724f0e162cb7c75cbf0cb27b3b6
929e2ad16f6976d8169eecda6b377a45b6faa2ff
b9c80224d8a525cf2af9df291b385517d79ca01f23b18405ecf9f1a8f189cfe3

HTTP Headers

GET /main-static/337b990b/desktop/default/runtime-50cb9a3d.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-545087.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:52 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-2ed439003f74333627b98464361b0266-b346e99e7f2a694a-01
last-modified: Fri, 25 Apr 2025 14:23:48 GMT
etag: W/"a5b1a724f0e162cb7c75cbf0cb27b3b6"
x-amz-meta-mtime: 1745591027.413715007
content-encoding: gzip
expires: Sat, 26 Apr 2025 14:31:27 GMT
cache-control: max-age=86400
x-time-ng: 0.001
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 41424
cache: HIT
x-cached-since: 2025-04-27T14:35:28+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/site-admin/colors/73c1e50506faab2d495c95d31b820a22.css

185.244.209.62

200 OK

40 kB

URL GET
v3.traincdn.com/genfiles/site-admin/colors/73c1e50506faab2d495c95d31b820a22.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
ASCII text, with very long lines (39662), with no line terminators
Size
40 kB (39662 bytes)
Hash
73c1e50506faab2d495c95d31b820a22
c0f2744dc4b187b6667f6aa6a9b4013cf1f0dcd3
4ea05001192895400e75d7cd8c07c56ed203c40a1aed77be2534e7bd42135566

HTTP Headers

GET /genfiles/site-admin/colors/73c1e50506faab2d495c95d31b820a22.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-545087.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:53 GMT
content-type: text/css
traceparent: 00-3b7761e4e3c72bc69ee4bc4d42cd30aa-b3a313572a622d34-01
last-modified: Fri, 25 Apr 2025 07:09:38 GMT
etag: W/"73c1e50506faab2d495c95d31b820a22"
cache-control: max-age=3600
content-encoding: gzip
expires: Fri, 25 Apr 2025 09:44:42 GMT
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 2840
cache: HIT
x-cached-since: 2025-04-28T01:18:33+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_forgot_password/en/dictionary_28cb4e6b9a8be3afbcbc2a6b22ab3393.json

185.244.209.62

200 OK

3.5 kB

URL GET
v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_forgot_password/en/dictionary_28cb4e6b9a8be3afbcbc2a6b22ab3393.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
3.5 kB (3497 bytes)
Hash
273bec90c875f74d2f5ef70f9e32db45
f46d2fe53dbb25c9b9ddc3cabb5731ca38f8f1e7
cd0f959ce14dedb8fd75b1844e40ba237d747c2bb83a87dcabd0d71564eaed21

HTTP Headers

GET /genfiles/web-app-v2/dictionary2/v3_forgot_password/en/dictionary_28cb4e6b9a8be3afbcbc2a6b22ab3393.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-545087.top/
Origin: https://1xlite-545087.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:53 GMT
content-type: application/json; charset=utf-8
traceparent: 00-802da9034888fdb81ddf580572c8952b-326741393190cd85-01
last-modified: Tue, 03 Dec 2024 08:05:32 GMT
etag: W/"273bec90c875f74d2f5ef70f9e32db45"
cache-control: max-age=3600
content-encoding: gzip
expires: Thu, 16 Jan 2025 10:56:28 GMT
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 2217
cache: HIT
x-cached-since: 2025-04-28T01:28:56+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/entry-dd3c004aa9.js

185.244.209.62

200 OK

28 kB

URL GET
v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/entry-dd3c004aa9.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (2969)
Size
28 kB (27591 bytes)
Hash
9f0802c0fdde1c0d4dde4f4e8d30897d
fa12c4858dd660b8a1b7bc49ae49d3821e1391fd
9cfd6db131ebae893fe41a493ce7df8f92e13db8b59b42fe82094a69e1bc47bc

HTTP Headers

GET /sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/entry-dd3c004aa9.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-545087.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-545087.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:53 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-0c6d831316e9cc2ea2e88bce62517a2c-1ead52f18c9d71e1-01
last-modified: Wed, 23 Apr 2025 10:39:58 GMT
etag: W/"9f0802c0fdde1c0d4dde4f4e8d30897d"
x-amz-meta-mtime: 1745404478.035224129
content-encoding: gzip
expires: Thu, 24 Apr 2025 10:44:52 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 54383
cache: HIT
x-cached-since: 2025-04-27T10:59:30+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/main-static/337b990b/desktop/default/vendors/app-caec72e7.js

185.244.209.62

200 OK

925 kB

URL GET
v3.traincdn.com/main-static/337b990b/desktop/default/vendors/app-caec72e7.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (63296)
Size
925 kB (925012 bytes)
Hash
aeecbb282817e7b7f53f38241e40dc64
dfe62996dfcaf0d57f18fbdcf223666a7efba330
0d73f838d048437de1d6ca5a103bb7889f061c9753e1c083f238176f7650f996

HTTP Headers

GET /main-static/337b990b/desktop/default/vendors/app-caec72e7.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-545087.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:52 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-3be655bd3d95e30b67e43885f72decbb-768a31ad30d9a7d0-01
last-modified: Fri, 25 Apr 2025 14:23:48 GMT
etag: W/"aeecbb282817e7b7f53f38241e40dc64"
x-amz-meta-mtime: 1745591027.413715007
content-encoding: gzip
expires: Sat, 26 Apr 2025 14:31:27 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 41424
cache: HIT
x-cached-since: 2025-04-27T14:35:28+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/main-static/337b990b/desktop/default/css/7fe5f71b.css

185.244.209.62

200 OK

3.3 kB

URL GET
v3.traincdn.com/main-static/337b990b/desktop/default/css/7fe5f71b.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
ASCII text, with very long lines (3313), with no line terminators
Size
3.3 kB (3313 bytes)
Hash
c610b8710368de3bf2f1c5bb581b6a3a
f67bc86785d434adb2e81a356a7926b8818ac567
fad7111846310042401990719146401178f22e2618abf2b058e641b6495e8eba

HTTP Headers

GET /main-static/337b990b/desktop/default/css/7fe5f71b.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-545087.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:53 GMT
content-type: text/css; charset=utf-8
traceparent: 00-2c5aa4d58c00db483ded7cc68f54fda4-26ad678129c925a5-01
last-modified: Fri, 25 Apr 2025 14:23:48 GMT
etag: W/"c610b8710368de3bf2f1c5bb581b6a3a"
x-amz-meta-mtime: 1745591027.405714928
content-encoding: gzip
expires: Sat, 26 Apr 2025 14:31:28 GMT
cache-control: max-age=86400
x-time-ng: 0.001
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 41425
cache: HIT
x-cached-since: 2025-04-27T14:35:28+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_registration/en/dictionary_508cd106486a019e979f64bdcdf6fbc8.json

185.244.209.62

200 OK

19 kB

URL GET
v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_registration/en/dictionary_508cd106486a019e979f64bdcdf6fbc8.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (18399), with no line terminators
Size
19 kB (18852 bytes)
Hash
ab3e2fb7fba001507b877d15d42f2058
75fc461705ae63f60443a5a1199295aeab2385f9
af9d11eded31f8434a0b1a54a46ebf8529f81de03efd2c81d5165821fd94fb74

HTTP Headers

GET /genfiles/web-app-v2/dictionary2/v3_registration/en/dictionary_508cd106486a019e979f64bdcdf6fbc8.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-545087.top/
Origin: https://1xlite-545087.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:53 GMT
content-type: application/json; charset=utf-8
traceparent: 00-a4ff9627fd40d1b4deea661dec968e0b-b657c9ddf553cad8-01
last-modified: Mon, 07 Apr 2025 16:06:25 GMT
etag: W/"2ad14999ee9d15f11397a18353a70dc4"
cache-control: max-age=3600
content-encoding: gzip
expires: Mon, 07 Apr 2025 17:21:19 GMT
x-time-ng: 0.001
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 2221
cache: HIT
x-cached-since: 2025-04-28T01:28:52+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/9fc790f0ab.js

185.244.209.62

200 OK

1.3 kB

URL GET
v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/9fc790f0ab.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
ASCII text, with very long lines (542)
Size
1.3 kB (1299 bytes)
Hash
c2ae2e3447ddec5081a99f3a27cc8a3e
4c4c356d6918e683b1ad4a53b093a039156c0212
6983aa528110a1b26a6afe9f266bf7e8f0e79e4862350c306e133dbf34f86456

HTTP Headers

GET /sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/9fc790f0ab.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-545087.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:54 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-2357ce456b7ff197d1c8cad91e07cfa0-72788854e3c5e171-01
last-modified: Wed, 23 Apr 2025 10:39:58 GMT
etag: W/"c2ae2e3447ddec5081a99f3a27cc8a3e"
x-amz-meta-mtime: 1745404478.033224072
content-encoding: gzip
expires: Thu, 24 Apr 2025 10:44:54 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 54384
cache: HIT
x-cached-since: 2025-04-27T10:59:30+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/593f1a6d4223015f3145bf447897f4f2.json

185.244.209.62

200 OK

241 B

URL GET
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/593f1a6d4223015f3145bf447897f4f2.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
241 B (241 bytes)
Hash
39257fbb62736206d5245e08925d7b60
4c11e3cb6a16b884772b88acdba30a2ad98e86b8
3a3cf0f5c60899ffb49d9825516aec475fd7b78cea8ae0b5b58dfb4e658f041e

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/593f1a6d4223015f3145bf447897f4f2.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-545087.top/
Origin: https://1xlite-545087.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:54 GMT
content-type: application/json
content-length: 241
traceparent: 00-24cc6da0146855dc3735492a82ff5157-7a6e7db2021e7d7c-01
last-modified: Thu, 27 Feb 2025 13:24:25 GMT
etag: "39257fbb62736206d5245e08925d7b60"
expires: Thu, 27 Feb 2025 14:48:35 GMT
cache-control: max-age=3600
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 2681
cache: HIT
x-cached-since: 2025-04-28T01:21:13+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/main-static/337b990b/desktop/default/Betting.Core-654a842c.js

185.244.209.62

200 OK

2.1 kB

URL GET
v3.traincdn.com/main-static/337b990b/desktop/default/Betting.Core-654a842c.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (2085), with no line terminators
Size
2.1 kB (2085 bytes)
Hash
f2c019d5a3e74992053fd541c2111906
16530bb0585c8392e1eca8c6ab08cec9335cd93a
80d7ce974ba191478c07e3a46fdbefec6722d14f1dbf890953015df74bfab7a1

HTTP Headers

GET /main-static/337b990b/desktop/default/Betting.Core-654a842c.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-545087.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:53 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-65bc34c7a7952d9b6c9edacac67f1ed8-888fa5dc1bb9241b-01
last-modified: Fri, 25 Apr 2025 14:23:48 GMT
etag: W/"f2c019d5a3e74992053fd541c2111906"
x-amz-meta-mtime: 1745591027.389714766
content-encoding: gzip
expires: Sat, 26 Apr 2025 14:31:29 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 41424
cache: HIT
x-cached-since: 2025-04-27T14:35:29+00:00
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-KFGPRJ2V

142.250.74.168

200 OK

330 kB

URL GET
www.googletagmanager.com/gtm.js?id=GTM-KFGPRJ2V
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintE4:97:12:2A:2B:30:84:66:33:9D:D6:09:14:D3:8F:CE:3E:20:73:24
ValidityMon, 31 Mar 2025 08:54:37 GMT - Mon, 23 Jun 2025 08:54:36 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (4828)
Size
330 kB (330530 bytes)
Hash
5b2256d8892c8bd019399e017cfa9905
78cff5519122a868e859c1e132833985214ddd3f
d357e4d9fd07de2cec0b4e0d723341d1fb0eeef9f37fdb59deeadef03a678981

HTTP Headers

GET /gtm.js?id=GTM-KFGPRJ2V HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-545087.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 28 Apr 2025 02:06:03 GMT
expires: Mon, 28 Apr 2025 02:06:03 GMT
cache-control: private, max-age=900
last-modified: Mon, 28 Apr 2025 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1310:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1310:0
report-to: {"group":"ascgcycc:1310:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1310:0"}],}
server: Google Tag Manager
content-length: 114006
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_game/en/dictionary_36d47dccada66cf828eb69a35f4f9dd9.json

185.244.209.62

200 OK

22 kB

URL GET
v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_game/en/dictionary_36d47dccada66cf828eb69a35f4f9dd9.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (21905), with no line terminators
Size
22 kB (22426 bytes)
Hash
700ed6e64166dd07b373b5ac6cd5b851
67f93244ee33fd8d0fb03e4cfc52bd2a3d958271
27bfbccfe057cb1b86870db1e5b60a41a59aa0141f17f930f0f8dac9b16f22b8

HTTP Headers

GET /genfiles/web-app-v2/dictionary2/v3_game/en/dictionary_36d47dccada66cf828eb69a35f4f9dd9.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-545087.top/
Origin: https://1xlite-545087.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:53 GMT
content-type: application/json; charset=utf-8
traceparent: 00-3bce18a4e1a7b42d7b54227045fd0d88-33b0487b3666459a-01
last-modified: Fri, 25 Apr 2025 10:06:05 GMT
etag: W/"4c2f48d59f910c72b84d1dbaebc68713"
cache-control: max-age=3600
content-encoding: gzip
expires: Fri, 25 Apr 2025 11:20:26 GMT
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 3337
cache: HIT
x-cached-since: 2025-04-28T01:10:16+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/8a06d45803d5dab2daf7338e3d600636.json

185.244.209.62

200 OK

22 kB

URL GET
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/8a06d45803d5dab2daf7338e3d600636.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
22 kB (21827 bytes)
Hash
ff5d81879a491bb1cfe091c5817a89b4
2a1d20f61eb8c513b270b8d123e3a9f66c89f808
538bffce9fa55e37a08e6b7f5148f8e7884c02a82b13e8426553061ff2475f90

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/8a06d45803d5dab2daf7338e3d600636.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-545087.top/
Origin: https://1xlite-545087.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:53 GMT
content-type: application/json
traceparent: 00-c0bee087e7d2a3fa115895fc91e98368-1c0ddb9b1b81183b-01
last-modified: Wed, 16 Apr 2025 13:44:01 GMT
etag: W/"ff5d81879a491bb1cfe091c5817a89b4"
content-encoding: gzip
expires: Wed, 16 Apr 2025 14:52:16 GMT
cache-control: max-age=3600
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 2683
cache: HIT
x-cached-since: 2025-04-28T01:21:10+00:00
X-Firefox-Spdy: h2

1xlite-545087.top/seo-module-api/api/public/v1/analytics-counters?project[id]=285&domain[host]=1xlite-545087.top

83.147.224.3

200 OK

105 B

URL GET
1xlite-545087.top/seo-module-api/api/public/v1/analytics-counters?project[id]=285&domain[host]=1xlite-545087.top
IP
83.147.224.3:443
ASN
#0

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerLet's Encrypt
Subject1xlite-545087.top
FingerprintC7:86:BD:39:F5:04:4A:45:DF:1F:27:D2:46:A9:66:A0:E7:BD:A9:DD
ValidityTue, 11 Mar 2025 05:20:04 GMT - Mon, 09 Jun 2025 05:20:03 GMT

File type
JSON text data
Size
105 B (105 bytes)
Hash
6abfe5f6641fddde82c2ca29cf5c6a7a
958379bc84073d266358a27b3cf86b15484f5f6d
ede01772dfd8da2cc82f245e454ce360b2ceb13b7d1c330bbc1d68fe41255c19

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /seo-module-api/api/public/v1/analytics-counters?project[id]=285&domain[host]=1xlite-545087.top HTTP/1.1
Host: 1xlite-545087.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-545087.top/en/block
content-type: application/json
x-requested-with: XMLHttpRequest
x-app-n: v3-nuxt2
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_4175298m_97c_PU_CIS_PA_SB_MB_1XBET_ANDROID%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_4175298m_97c_PU_CIS_PA_SB_MB_1XBET_ANDROID; postback_watcher=%7B%22tag%22%3A%22d_4175298m_97c_PU_CIS_PA_SB_MB_1XBET_ANDROID%22%2C%22pb%22%3A%227ceb261dfb824837b0d185a5d0c3c180%22%2C%22click_id%22%3A%22w89pfkqrkgh5n2f9jiu1u8si%22%7D; auid=U5PgA2gO4n87/zUjBDKFAg==; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:53 GMT
content-type: application/json
content-length: 107
cache-control: max-age=1200, must-revalidate, public, s-maxage=1800, stale-if-error=86400, stale-while-revalidate=300
x-content-digest: en6d0e5d6e0146a49c358c0eaad1d2ef38
age: 56
x-request-id: 997cd967cb2f5f1652be32477cfe0570
x-request-guid: 997cd967cb2f5f1652be32477cfe0570
content-encoding: br
x-time-ng: 0.002
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: p;dur=1.4188289642334, wf-uht;dur=0.009
X-Firefox-Spdy: h2

1xlite-545087.top/hd-api/external/assets/hdf.js

83.147.224.3

200 OK

4.1 kB

URL GET
1xlite-545087.top/hd-api/external/assets/hdf.js
IP
83.147.224.3:443
ASN
#0

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerLet's Encrypt
Subject1xlite-545087.top
FingerprintC7:86:BD:39:F5:04:4A:45:DF:1F:27:D2:46:A9:66:A0:E7:BD:A9:DD
ValidityTue, 11 Mar 2025 05:20:04 GMT - Mon, 09 Jun 2025 05:20:03 GMT

File type
C++ source, ASCII text, with very long lines (874)
Size
4.1 kB (4078 bytes)
Hash
2f26a679e9d54a65e6578e947cc5bdf2
1b984864aa7b3e28231ac7cea3c199435dbdc6bf
1e3c4bd81a1cd9ee02e42a42802d5c18cbdb3f3a11c0b2732eb11bd12263020c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /hd-api/external/assets/hdf.js HTTP/1.1
Host: 1xlite-545087.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-545087.top/en/block
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_4175298m_97c_PU_CIS_PA_SB_MB_1XBET_ANDROID%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_4175298m_97c_PU_CIS_PA_SB_MB_1XBET_ANDROID; postback_watcher=%7B%22tag%22%3A%22d_4175298m_97c_PU_CIS_PA_SB_MB_1XBET_ANDROID%22%2C%22pb%22%3A%227ceb261dfb824837b0d185a5d0c3c180%22%2C%22click_id%22%3A%22w89pfkqrkgh5n2f9jiu1u8si%22%7D; auid=U5PgA2gO4n87/zUjBDKFAg==; window_width=1280; che_g=9c83febf-9949-def6-4ed3-3be586b89df1; SESSION=94876929e96e46d4ffb4008776c3fcc1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:06:01 GMT
content-type: text/javascript; charset=utf-8
content-length: 1622
accept-ranges: bytes
cache-control: public, max-age=300
content-encoding: gzip
etag: 2f26a679e9d54a65e6578e947cc5bdf2
vary: Accept-Encoding
x-dt: 285
x-request-guid: c3f57eb9bf4587996a57b1fd78677e83
x-time-ng: 0.001
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=0.006, wf-uht;dur=0.011
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-7JGWL9SV66&gtm=45je54n0v897130004za200zb9180563600&_p=1745805963712&em=tv.1~em.ODS1igyfeIhzOTHENqwIfH1sb8t0oxg8FT6iY2YCmeo&_gaz=1&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&cid=184144087.1745805964&ecid=503866877&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&ec_mode=a&_s=2&sid=1745805964&sct=1&seg=0&dl=https%3A%2F%2F1xlite-545087.top%2Fen%2Fblock&dt=1xBet&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.optimize_id=GTM-5R4MT54&tfd=13868

216.239.34.36

204 No Content

0 B

URL POST
region1.analytics.google.com/g/collect?v=2&tid=G-7JGWL9SV66&gtm=45je54n0v897130004za200zb9180563600&_p=1745805963712&em=tv.1~em.ODS1igyfeIhzOTHENqwIfH1sb8t0oxg8FT6iY2YCmeo&_gaz=1&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&cid=184144087.1745805964&ecid=503866877&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&ec_mode=a&_s=2&sid=1745805964&sct=1&seg=0&dl=https%3A%2F%2F1xlite-545087.top%2Fen%2Fblock&dt=1xBet&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.optimize_id=GTM-5R4MT54&tfd=13868
IP
216.239.34.36:443
ASN
#15169 GOOGLE

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintE4:97:12:2A:2B:30:84:66:33:9D:D6:09:14:D3:8F:CE:3E:20:73:24
ValidityMon, 31 Mar 2025 08:54:37 GMT - Mon, 23 Jun 2025 08:54:36 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-7JGWL9SV66&gtm=45je54n0v897130004za200zb9180563600&_p=1745805963712&em=tv.1~em.ODS1igyfeIhzOTHENqwIfH1sb8t0oxg8FT6iY2YCmeo&_gaz=1&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&cid=184144087.1745805964&ecid=503866877&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&ec_mode=a&_s=2&sid=1745805964&sct=1&seg=0&dl=https%3A%2F%2F1xlite-545087.top%2Fen%2Fblock&dt=1xBet&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.optimize_id=GTM-5R4MT54&tfd=13868 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-545087.top/
Origin: https://1xlite-545087.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://1xlite-545087.top
date: Mon, 28 Apr 2025 02:06:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:153:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:153:0
report-to: {"group":"ascnsrsggc:153:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:153:0"}],}
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

v3.traincdn.com/main-static/337b990b/desktop/default/Page.Block-8fcdc097.js

185.244.209.62

200 OK

476 B

URL GET
v3.traincdn.com/main-static/337b990b/desktop/default/Page.Block-8fcdc097.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (476), with no line terminators
Size
476 B (476 bytes)
Hash
dfabe94120b17112be34dcd2281710bb
1a884b34728c539990c17986d5dcceffe83630b4
bce080b724d67603ee605bc5862fffa7d1459683323f8d952753044a833db8af

HTTP Headers

GET /main-static/337b990b/desktop/default/Page.Block-8fcdc097.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-545087.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:52 GMT
content-type: text/javascript; charset=utf-8
content-length: 476
traceparent: 00-3a338366d1342be5624143369375696e-16e64313456e0b05-01
last-modified: Fri, 25 Apr 2025 14:23:48 GMT
etag: "dfabe94120b17112be34dcd2281710bb"
x-amz-meta-mtime: 1745591027.389714766
expires: Sat, 26 Apr 2025 14:31:43 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 41250
cache: HIT
x-cached-since: 2025-04-27T14:38:22+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-7JGWL9SV66

142.250.74.168

200 OK

458 kB

URL GET
www.googletagmanager.com/gtag/js?id=G-7JGWL9SV66
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintE4:97:12:2A:2B:30:84:66:33:9D:D6:09:14:D3:8F:CE:3E:20:73:24
ValidityMon, 31 Mar 2025 08:54:37 GMT - Mon, 23 Jun 2025 08:54:36 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (12571)
Size
458 kB (458210 bytes)
Hash
b49cbe31c1509127a727c9f1f0115b9a
8bb57773b065c587032f9d3d2f5d5fafbb88562d
98db76efdac3be171cb689d1118e88e78af33c502e78509a28a7b06edcdb2ebf

HTTP Headers

GET /gtag/js?id=G-7JGWL9SV66 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-545087.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 28 Apr 2025 02:06:03 GMT
expires: Mon, 28 Apr 2025 02:06:03 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1068:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1068:0
report-to: {"group":"ascgcycc:1068:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1068:0"}],}
server: Google Tag Manager
content-length: 146524
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

affpa.top/L?tag=d_4175298m_97c_PU_CIS_PA_SB_MB_1XBET_ANDROID&pb=7ceb261dfb824837b0d185a5d0c3c180&click_id=w89pfkqrkgh5n2f9jiu1u8si

83.147.205.153

303 See Other

243 kB

URL User Request GET
affpa.top/L?tag=d_4175298m_97c_PU_CIS_PA_SB_MB_1XBET_ANDROID&pb=7ceb261dfb824837b0d185a5d0c3c180&click_id=w89pfkqrkgh5n2f9jiu1u8si
IP
83.147.205.153:443
ASN
#202492 Silverhill Group Holding Ltd

Certificate
IssuerLet's Encrypt
Subjectaffpa.top
Fingerprint15:B9:7F:C7:CF:9F:B7:D1:8D:6D:64:8F:ED:4E:FB:91:7E:E3:8C:C7
ValidityMon, 03 Mar 2025 05:20:51 GMT - Sun, 01 Jun 2025 05:20:50 GMT

File type

Size
243 kB (242727 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /L?tag=d_4175298m_97c_PU_CIS_PA_SB_MB_1XBET_ANDROID&pb=7ceb261dfb824837b0d185a5d0c3c180&click_id=w89pfkqrkgh5n2f9jiu1u8si HTTP/1.1
Host: affpa.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 303 See Other
server: nginx
date: Mon, 28 Apr 2025 02:05:51 GMT
location: https://1xlite-545087.top:443/en?tag=d_4175298m_97c_PU_CIS_PA_SB_MB_1XBET_ANDROID&pb=7ceb261dfb824837b0d185a5d0c3c180&click_id=w89pfkqrkgh5n2f9jiu1u8si
set-cookie: A_97_v=0; expires=Tue, 29 Apr 2025 02:05:51 GMT; path=/; secure
A_97_c=1; expires=Tue, 29 Apr 2025 02:05:51 GMT; path=/; secure
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.011
X-Firefox-Spdy: h2

1xlite-545087.top/en/block

83.147.224.3

203 Non Authoritative

243 kB

URL User Request GET
1xlite-545087.top/en/block
IP
83.147.224.3:443
ASN
#0

Certificate
IssuerLet's Encrypt
Subject1xlite-545087.top
FingerprintC7:86:BD:39:F5:04:4A:45:DF:1F:27:D2:46:A9:66:A0:E7:BD:A9:DD
ValidityTue, 11 Mar 2025 05:20:04 GMT - Mon, 09 Jun 2025 05:20:03 GMT

File type
HTML document, ASCII text, with very long lines (57799)
Size
243 kB (242727 bytes)
Hash
cb493e25d72bff6dde4c027c1511149e
1672f3d4f9e22e49d02647cc45a5249f0fc6a97c
97b7b3324e88a6358c7760d70983a1e709b7febe2bb354991dcd1671c83c5c48

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /en/block HTTP/1.1
Host: 1xlite-545087.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_4175298m_97c_PU_CIS_PA_SB_MB_1XBET_ANDROID%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_4175298m_97c_PU_CIS_PA_SB_MB_1XBET_ANDROID; postback_watcher=%7B%22tag%22%3A%22d_4175298m_97c_PU_CIS_PA_SB_MB_1XBET_ANDROID%22%2C%22pb%22%3A%227ceb261dfb824837b0d185a5d0c3c180%22%2C%22click_id%22%3A%22w89pfkqrkgh5n2f9jiu1u8si%22%7D; auid=U5PgA2gO4n87/zUjBDKFAg==
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 203 Non Authoritative
server: nginx
date: Mon, 28 Apr 2025 02:05:51 GMT
content-type: text/html; charset=utf-8
content-length: 242727
accept-ranges: none
link: <https://v3.traincdn.com/sys-ui/2.3.144/Desktop/Default/client.css>; rel=preload; as=style; crossorigin=anonymous
server-timing: dt_total;dur=0.004, total;dur=39;desc="Nuxt Server Time"
set-cookie: gw-mm=; Path=/; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Secure; SameSite=None; Partitioned
lng=en; Path=/
cookies_agree_type=3; Path=/
tzo=2; Path=/
is12h=0; Path=/
x-dt: 285
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_reset_password/en/dictionary_612c6e919ca15d39cc751a619a3952c7.json

185.244.209.62

200 OK

765 B

URL GET
v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_reset_password/en/dictionary_612c6e919ca15d39cc751a619a3952c7.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
765 B (765 bytes)
Hash
00f980f23f1b4c1ccee99ed49e0a8feb
4cb07094de9bffff1bf81d94446280b91013b660
bb3be3377fbb8e66a4b5a8a3866dfd865a37cb4a96482ab2f439981e03b57cea

HTTP Headers

GET /genfiles/web-app-v2/dictionary2/v3_reset_password/en/dictionary_612c6e919ca15d39cc751a619a3952c7.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-545087.top/
Origin: https://1xlite-545087.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:53 GMT
content-type: application/json; charset=utf-8
content-length: 765
traceparent: 00-bab81456c9865f4a863cfed935658b26-20c1e7f45cfd38ac-01
last-modified: Wed, 11 Oct 2023 12:52:53 GMT
etag: "00f980f23f1b4c1ccee99ed49e0a8feb"
cache-control: max-age=3600
expires: Thu, 16 Jan 2025 10:53:47 GMT
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 2503
cache: HIT
x-cached-since: 2025-04-28T01:24:10+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

radar.cedexis.com/1/23802/radar.js

45.54.49.5

302 Moved Temporarily

390 B

URL GET
radar.cedexis.com/1/23802/radar.js
IP
45.54.49.5:443
ASN
#63911 NetActuate, Inc

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerDigiCert Inc
Subjectradar.cedexis.com
FingerprintA2:3E:30:19:D5:41:3A:11:81:58:E3:B1:6F:F4:D2:78:0B:44:6F:D0
ValidityFri, 07 Mar 2025 00:00:00 GMT - Fri, 06 Mar 2026 23:59:59 GMT

File type

Size
390 B (390 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /1/23802/radar.js HTTP/1.1
Host: radar.cedexis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-545087.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Mon, 28 Apr 2025 02:06:04 GMT
Content-Type: text/html
Content-Length: 138
Connection: keep-alive
Location: /1707728419/stub.js
Expires: Mon, 28 Apr 2025 02:16:04 GMT
Cache-Control: max-age=600
Vary: User-Agent,DNT

v3.traincdn.com/sys-ui/3.3.183/Desktop/Default/merged.css

185.244.209.62

200 OK

2.0 MB

URL GET
v3.traincdn.com/sys-ui/3.3.183/Desktop/Default/merged.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
2.0 MB (2004601 bytes)
Hash
1da091fc02611cf5c4ed4d8ea55b1561
337c6bc7bb230dfac37d947e6e85bcc7a01cffee
966a3b21e7701806ead319651f7d501813a0aebb87f566bfee0ed22280fc9db2

HTTP Headers

GET /sys-ui/3.3.183/Desktop/Default/merged.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-545087.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:52 GMT
content-type: text/css; charset=utf-8
traceparent: 00-81e9dc3f810e1e9480b818604b235940-b1f7d9b73d381dfb-01
last-modified: Fri, 25 Apr 2025 08:40:45 GMT
etag: W/"1da091fc02611cf5c4ed4d8ea55b1561"
x-amz-meta-mtime: 1745570340.466076405
content-encoding: gzip
expires: Sat, 26 Apr 2025 08:50:28 GMT
cache-control: max-age=86400
x-time-ng: 0.004
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 61978
cache: HIT
x-cached-since: 2025-04-27T08:52:54+00:00
X-Firefox-Spdy: h2

1xlite-545087.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json

83.147.224.3

200 OK

23 B

URL POST
1xlite-545087.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json
IP
83.147.224.3:443
ASN
#0

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerLet's Encrypt
Subject1xlite-545087.top
FingerprintC7:86:BD:39:F5:04:4A:45:DF:1F:27:D2:46:A9:66:A0:E7:BD:A9:DD
ValidityTue, 11 Mar 2025 05:20:04 GMT - Mon, 09 Jun 2025 05:20:03 GMT

File type
JSON text data
Size
23 B (23 bytes)
Hash
fd43220999e10d20bdfd697d813a5809
86eeab16fcc567c154eaee8e874c7cd4fe475e04
10f703d2d6509b3c8a3636d683065bf60655a7d827993105316cf3c928f24637

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json HTTP/1.1
Host: 1xlite-545087.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-545087.top/en/block
Content-Type: application/json
X-Lang: en
X-Uuid: 31fa024e-48c2-43ae-b4a8-02a6e727066d
Content-Length: 88
Origin: https://1xlite-545087.top
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_4175298m_97c_PU_CIS_PA_SB_MB_1XBET_ANDROID%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_4175298m_97c_PU_CIS_PA_SB_MB_1XBET_ANDROID; postback_watcher=%7B%22tag%22%3A%22d_4175298m_97c_PU_CIS_PA_SB_MB_1XBET_ANDROID%22%2C%22pb%22%3A%227ceb261dfb824837b0d185a5d0c3c180%22%2C%22click_id%22%3A%22w89pfkqrkgh5n2f9jiu1u8si%22%7D; auid=U5PgA2gO4n87/zUjBDKFAg==; window_width=1280; che_g=9c83febf-9949-def6-4ed3-3be586b89df1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:53 GMT
content-type: application/json
content-length: 23
x-dt: 285
x-time-ng: 0.001
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=0.081, wf-uht;dur=0.012
X-Firefox-Spdy: h2

1xlite-545087.top/checker/redirect/stat/run/

83.147.224.3

200 OK

48 B

URL GET
1xlite-545087.top/checker/redirect/stat/run/
IP
83.147.224.3:443
ASN
#0

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerLet's Encrypt
Subject1xlite-545087.top
FingerprintC7:86:BD:39:F5:04:4A:45:DF:1F:27:D2:46:A9:66:A0:E7:BD:A9:DD
ValidityTue, 11 Mar 2025 05:20:04 GMT - Mon, 09 Jun 2025 05:20:03 GMT

File type
JSON text data
Size
48 B (48 bytes)
Hash
9888f7a224cc53454552a8c8eb10b19d
62e178608894924df151faab12f8ae662b12b970
70d6fbcf20c1f1becc6bce6fac3078156e200d22e15eea3aed2d8bdf187b457c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /checker/redirect/stat/run/ HTTP/1.1
Host: 1xlite-545087.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-545087.top/en/block
content-type: application/json
x-requested-with: XMLHttpRequest
x-app-n: v3-nuxt2
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_4175298m_97c_PU_CIS_PA_SB_MB_1XBET_ANDROID%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_4175298m_97c_PU_CIS_PA_SB_MB_1XBET_ANDROID; postback_watcher=%7B%22tag%22%3A%22d_4175298m_97c_PU_CIS_PA_SB_MB_1XBET_ANDROID%22%2C%22pb%22%3A%227ceb261dfb824837b0d185a5d0c3c180%22%2C%22click_id%22%3A%22w89pfkqrkgh5n2f9jiu1u8si%22%7D; auid=U5PgA2gO4n87/zUjBDKFAg==; window_width=1280; che_g=9c83febf-9949-def6-4ed3-3be586b89df1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:53 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-time-ng: 0.001
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.011
X-Firefox-Spdy: h2

1xlite-545087.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json

83.147.224.3

200 OK

23 B

URL POST
1xlite-545087.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json
IP
83.147.224.3:443
ASN
#0

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerLet's Encrypt
Subject1xlite-545087.top
FingerprintC7:86:BD:39:F5:04:4A:45:DF:1F:27:D2:46:A9:66:A0:E7:BD:A9:DD
ValidityTue, 11 Mar 2025 05:20:04 GMT - Mon, 09 Jun 2025 05:20:03 GMT

File type
JSON text data
Size
23 B (23 bytes)
Hash
d84893a8e4b5dd09f4c24538db92abbe
cd25936a9174013474a9d2abcc84e92316857e22
cd6d6aca88eca942988417d74fe1ae423a659c78c95773c8d1183cf07a1bbe5f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json HTTP/1.1
Host: 1xlite-545087.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-545087.top/en/block
Content-Type: application/json
X-Lang: en
X-Uuid: 31fa024e-48c2-43ae-b4a8-02a6e727066d
Content-Length: 72
Origin: https://1xlite-545087.top
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_4175298m_97c_PU_CIS_PA_SB_MB_1XBET_ANDROID%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_4175298m_97c_PU_CIS_PA_SB_MB_1XBET_ANDROID; postback_watcher=%7B%22tag%22%3A%22d_4175298m_97c_PU_CIS_PA_SB_MB_1XBET_ANDROID%22%2C%22pb%22%3A%227ceb261dfb824837b0d185a5d0c3c180%22%2C%22click_id%22%3A%22w89pfkqrkgh5n2f9jiu1u8si%22%7D; auid=U5PgA2gO4n87/zUjBDKFAg==; window_width=1280; che_g=9c83febf-9949-def6-4ed3-3be586b89df1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:54 GMT
content-type: application/json
content-length: 23
x-dt: 285
x-time-ng: 0.000
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=0.008, wf-uht;dur=0.011
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/shared-assets/__shared_fast_deep_equal_4DKQVMAE.js

185.244.209.62

200 OK

865 B

URL GET
v3.traincdn.com/sys-static/shared-assets/__shared_fast_deep_equal_4DKQVMAE.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (840)
Size
865 B (865 bytes)
Hash
b83f09e2c933f2aafd2e97f88f23d81f
c5c5ff5f8b7cd801781559b42c365a16e6839800
f584585b1dce860bf95b8270b60680af7022244f6723ed8f01fe3967780c6aae

HTTP Headers

GET /sys-static/shared-assets/__shared_fast_deep_equal_4DKQVMAE.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-545087.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:53 GMT
content-type: text/javascript; charset=utf-8
content-length: 865
traceparent: 00-82a676ca43f86c2f5b35ad0a30ce7b0c-050cb88a55129913-01
last-modified: Fri, 25 Apr 2025 12:13:58 GMT
etag: "b83f09e2c933f2aafd2e97f88f23d81f"
x-amz-meta-mtime: 1745583083.413339551
expires: Sun, 27 Apr 2025 10:45:17 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 54369
cache: HIT
x-cached-since: 2025-04-27T10:59:44+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

1xlite-545087.top/captcha-api/assets/hunt-captcha.js

83.147.224.3

200 OK

88 kB

URL GET
1xlite-545087.top/captcha-api/assets/hunt-captcha.js
IP
83.147.224.3:443
ASN
#0

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerLet's Encrypt
Subject1xlite-545087.top
FingerprintC7:86:BD:39:F5:04:4A:45:DF:1F:27:D2:46:A9:66:A0:E7:BD:A9:DD
ValidityTue, 11 Mar 2025 05:20:04 GMT - Mon, 09 Jun 2025 05:20:03 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
88 kB (87797 bytes)
Hash
20f08fd85a92e1de3cfff42f5e37c0ae
6bbaf2e69b14e1c9467366d73c721a99456280c2
03453fb10ff9c919192aef883af120f1e5b88f9bbbba28c5e5344e910a77ede7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /captcha-api/assets/hunt-captcha.js HTTP/1.1
Host: 1xlite-545087.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-545087.top/en/block
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_4175298m_97c_PU_CIS_PA_SB_MB_1XBET_ANDROID%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_4175298m_97c_PU_CIS_PA_SB_MB_1XBET_ANDROID; postback_watcher=%7B%22tag%22%3A%22d_4175298m_97c_PU_CIS_PA_SB_MB_1XBET_ANDROID%22%2C%22pb%22%3A%227ceb261dfb824837b0d185a5d0c3c180%22%2C%22click_id%22%3A%22w89pfkqrkgh5n2f9jiu1u8si%22%7D; auid=U5PgA2gO4n87/zUjBDKFAg==; window_width=1280; che_g=9c83febf-9949-def6-4ed3-3be586b89df1; SESSION=94876929e96e46d4ffb4008776c3fcc1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:06:01 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=300
content-encoding: br
vary: Accept-Encoding
x-dt: 285
x-request-id: f1d6117738b42434823fc2d10872ca07
x-time-ng: 0.002
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=0.012, wf-uht;dur=0.017
X-Firefox-Spdy: h2

v3.traincdn.com/main-static/337b990b/desktop/default/analytics-53855c77.js

185.244.209.62

200 OK

7.8 kB

URL GET
v3.traincdn.com/main-static/337b990b/desktop/default/analytics-53855c77.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (7765), with no line terminators
Size
7.8 kB (7765 bytes)
Hash
4ae220f11ce63cc49a00ac484e5dadf8
93e3b73cdf408c4daa0005c3c3a13afab084f3b1
ac9494e2f87fe7c316ba9d68e01bc56e7c05b8796fb0c2669d706eb151083a61

HTTP Headers

GET /main-static/337b990b/desktop/default/analytics-53855c77.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-545087.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:06:03 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-f9fb2a66ae98522fd4f85914da570369-5b071fa99793501f-01
last-modified: Fri, 25 Apr 2025 14:23:48 GMT
etag: W/"4ae220f11ce63cc49a00ac484e5dadf8"
x-amz-meta-mtime: 1745591027.401714887
content-encoding: gzip
expires: Sat, 26 Apr 2025 14:31:37 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 41370
cache: HIT
x-cached-since: 2025-04-27T14:36:33+00:00
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/destination?id=AW-16664555628&l=dataLayer&cx=c&gtm=45He54n0v9180563600za200&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001

142.250.74.168

200 OK

334 kB

URL GET
www.googletagmanager.com/gtag/destination?id=AW-16664555628&l=dataLayer&cx=c&gtm=45He54n0v9180563600za200&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintE4:97:12:2A:2B:30:84:66:33:9D:D6:09:14:D3:8F:CE:3E:20:73:24
ValidityMon, 31 Mar 2025 08:54:37 GMT - Mon, 23 Jun 2025 08:54:36 GMT

File type
JavaScript source, ASCII text, with very long lines (5436)
Size
334 kB (334394 bytes)
Hash
6b5a06889ceee85953ab30431db3c473
735d90f5eb261ef5cfa05b24d741f7bf07b82b82
5f2afba83d0a14fb9aabf57d99ad13b574f9db0a2c00ab54110d20d17789a6f4

HTTP Headers

GET /gtag/destination?id=AW-16664555628&l=dataLayer&cx=c&gtm=45He54n0v9180563600za200&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-545087.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 28 Apr 2025 02:06:04 GMT
expires: Mon, 28 Apr 2025 02:06:04 GMT
cache-control: private, max-age=900
last-modified: Mon, 28 Apr 2025 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcysghrgc:42:0
report-to: {"group":"ascgcysghrgc:42:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
server: Google Tag Manager
content-length: 114761
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

radar.cedexis.com/1707728419/stub.js

45.54.49.5

200 OK

390 B

URL GET
radar.cedexis.com/1707728419/stub.js
IP
45.54.49.5:443
ASN
#63911 NetActuate, Inc

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerDigiCert Inc
Subjectradar.cedexis.com
FingerprintA2:3E:30:19:D5:41:3A:11:81:58:E3:B1:6F:F4:D2:78:0B:44:6F:D0
ValidityFri, 07 Mar 2025 00:00:00 GMT - Fri, 06 Mar 2026 23:59:59 GMT

File type
JavaScript source, ASCII text
Size
390 B (390 bytes)
Hash
82dec77fd0353c7c71ce053b8601387e
fbbca95419e1d0c042e0a5fdf10f380aca66188c
39f2b7b0fa78d37d0c84d2d6618bd635d86fd683d9bcdd5729850cb2a62522f7

HTTP Headers

GET /1707728419/stub.js HTTP/1.1
Host: radar.cedexis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-545087.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Apr 2025 02:06:04 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 12 Feb 2024 09:50:51 GMT
Vary: Accept-Encoding
ETag: W/"65c9e9fb-186"
Expires: Mon, 12 May 2025 02:06:04 GMT
Cache-Control: max-age=1209600, public
Content-Encoding: gzip

1xlite-545087.top/en?tag=d_4175298m_97c_PU_CIS_PA_SB_MB_1XBET_ANDROID&pb=7ceb261dfb824837b0d185a5d0c3c180&click_id=w89pfkqrkgh5n2f9jiu1u8si

83.147.224.3

302 Found

243 kB

URL User Request GET
1xlite-545087.top/en?tag=d_4175298m_97c_PU_CIS_PA_SB_MB_1XBET_ANDROID&pb=7ceb261dfb824837b0d185a5d0c3c180&click_id=w89pfkqrkgh5n2f9jiu1u8si
IP
83.147.224.3:443
ASN
#0

Certificate
IssuerLet's Encrypt
Subject1xlite-545087.top
FingerprintC7:86:BD:39:F5:04:4A:45:DF:1F:27:D2:46:A9:66:A0:E7:BD:A9:DD
ValidityTue, 11 Mar 2025 05:20:04 GMT - Mon, 09 Jun 2025 05:20:03 GMT

File type

Size
243 kB (242727 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /en?tag=d_4175298m_97c_PU_CIS_PA_SB_MB_1XBET_ANDROID&pb=7ceb261dfb824837b0d185a5d0c3c180&click_id=w89pfkqrkgh5n2f9jiu1u8si HTTP/1.1
Host: 1xlite-545087.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx
date: Mon, 28 Apr 2025 02:05:51 GMT
link: <https://v3.traincdn.com/sys-ui/2.3.144/Desktop/Default/client.css>; rel=preload; as=style; crossorigin=anonymous
location: /en/block
server-timing: dt_total;dur=0.011, total;dur=14;desc="Nuxt Server Time", wf-uht;dur=0.026
set-cookie: platform_type=desktop; Path=/; Expires=Thu, 01 May 2025 02:05:51 GMT; Secure; SameSite=None; Partitioned
gw-mm=; Path=/; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Secure; SameSite=None; Partitioned
lng=en; Path=/
cookies_agree_type=3; Path=/
tzo=2; Path=/
is12h=0; Path=/
referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_4175298m_97c_PU_CIS_PA_SB_MB_1XBET_ANDROID%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; Path=/; Expires=Fri, 27 Jun 2025 02:05:51 GMT
reflinkid=d_4175298m_97c_PU_CIS_PA_SB_MB_1XBET_ANDROID; Path=/; Expires=Mon, 28 Apr 2025 03:05:51 GMT
postback_watcher=%7B%22tag%22%3A%22d_4175298m_97c_PU_CIS_PA_SB_MB_1XBET_ANDROID%22%2C%22pb%22%3A%227ceb261dfb824837b0d185a5d0c3c180%22%2C%22click_id%22%3A%22w89pfkqrkgh5n2f9jiu1u8si%22%7D; Path=/; Expires=Wed, 28 May 2025 02:05:51 GMT
auid=U5PgA2gO4n87/zUjBDKFAg==; path=/; secure; httponly; samesite=lax
x-dt: 285
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2

185.244.209.62

200 OK

64 kB

URL GET
v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 63920, version 1.0
Size
64 kB (63920 bytes)
Hash
a65527fcb58f66a7cfbc0e6b160538b4
45d260e7fa343401b5bb0df982a014f53e2d253b
fb13c3a1cbac60649b76f7d7f85c1645d35ac69b85ce5f4eb0692505ecc2cd45

HTTP Headers

GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-545087.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:52 GMT
content-type: font/woff2
content-length: 63920
traceparent: 00-5d8152dd55fc709c124b5e09a217863d-3d09d88082c3eaca-01
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "a65527fcb58f66a7cfbc0e6b160538b4"
expires: Thu, 16 Jan 2025 10:45:34 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 1389
cache: HIT
x-cached-since: 2025-04-28T01:42:43+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

1xlite-545087.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/ab.json

83.147.224.3

200 OK

2 B

URL POST
1xlite-545087.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/ab.json
IP
83.147.224.3:443
ASN
#0

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerLet's Encrypt
Subject1xlite-545087.top
FingerprintC7:86:BD:39:F5:04:4A:45:DF:1F:27:D2:46:A9:66:A0:E7:BD:A9:DD
ValidityTue, 11 Mar 2025 05:20:04 GMT - Mon, 09 Jun 2025 05:20:03 GMT

File type
JSON text data
Size
2 B (2 bytes)
Hash
d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/ab.json HTTP/1.1
Host: 1xlite-545087.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-545087.top/en/block
Content-Type: application/json
X-Lang: en
X-Uuid: 31fa024e-48c2-43ae-b4a8-02a6e727066d
Content-Length: 19
Origin: https://1xlite-545087.top
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_4175298m_97c_PU_CIS_PA_SB_MB_1XBET_ANDROID%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_4175298m_97c_PU_CIS_PA_SB_MB_1XBET_ANDROID; postback_watcher=%7B%22tag%22%3A%22d_4175298m_97c_PU_CIS_PA_SB_MB_1XBET_ANDROID%22%2C%22pb%22%3A%227ceb261dfb824837b0d185a5d0c3c180%22%2C%22click_id%22%3A%22w89pfkqrkgh5n2f9jiu1u8si%22%7D; auid=U5PgA2gO4n87/zUjBDKFAg==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:53 GMT
content-type: application/json
content-length: 2
x-dt: 285
x-time-ng: 0.000
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=0.011, wf-uht;dur=0.010
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/46fe3f96f4140750e81ded48911f3e30.json

185.244.209.62

200 OK

747 B

URL GET
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/46fe3f96f4140750e81ded48911f3e30.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
747 B (747 bytes)
Hash
f4e90636ec9cff061c4301b3cefdd0d6
c506efe9c3672c58434ea10021dab0ad81b1ad98
30666f138ccc12735e2f8a6405ddce4a3d8756b9445e3b2732fa2970f14dbcea

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/46fe3f96f4140750e81ded48911f3e30.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-545087.top/
Origin: https://1xlite-545087.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:53 GMT
content-type: application/json
content-length: 747
traceparent: 00-336656f505804a1f67a06c744be2824e-acc9d3a4b1dcc68f-01
last-modified: Thu, 27 Feb 2025 13:26:35 GMT
etag: "f4e90636ec9cff061c4301b3cefdd0d6"
expires: Thu, 27 Feb 2025 15:00:05 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 1877
cache: HIT
x-cached-since: 2025-04-28T01:34:36+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/60608cbba85ee2e8946c25b55281a0bc.json

185.244.209.62

200 OK

328 B

URL GET
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/60608cbba85ee2e8946c25b55281a0bc.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
328 B (328 bytes)
Hash
4347fc050ebe622e30a7bf78a213b5a0
c05b3b571980b01ff9f07e6adc1c29c58be70bd1
ed1b1193a248bf273141c31b7f74dd1224416b3757e5a71f2e7d579c50d65d57

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/60608cbba85ee2e8946c25b55281a0bc.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-545087.top/
Origin: https://1xlite-545087.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:54 GMT
content-type: application/json
content-length: 328
traceparent: 00-3278a089cd13843146b55220739d0d8e-18acb943a1103443-01
last-modified: Thu, 27 Feb 2025 10:51:50 GMT
etag: "4347fc050ebe622e30a7bf78a213b5a0"
expires: Thu, 27 Feb 2025 12:17:56 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 1577
cache: HIT
x-cached-since: 2025-04-28T01:39:37+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2

185.244.209.62

200 OK

64 kB

URL GET
v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 63748, version 1.0
Size
64 kB (63748 bytes)
Hash
6887b6f24414dbc612dbf42ccdc76b70
8068d3abfbc6cbf35b55919da45b1f4d2d136238
fc5c015fc32518f1ed810fa84ca28941eb9d5a3c81acc8df69a4dbbeedef7b0c

HTTP Headers

GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-545087.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:52 GMT
content-type: font/woff2
content-length: 63748
traceparent: 00-98fff3738ed18d16ce96d024dfc91bd4-29caeee4fa85cdb9-01
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "6887b6f24414dbc612dbf42ccdc76b70"
expires: Thu, 16 Jan 2025 10:32:14 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 1066
cache: HIT
x-cached-since: 2025-04-28T01:48:06+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/shared-assets/__shared_accept_language_parser_FZZ6RWIK.js

185.244.209.62

200 OK

1.3 kB

URL GET
v3.traincdn.com/sys-static/shared-assets/__shared_accept_language_parser_FZZ6RWIK.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (1265)
Size
1.3 kB (1297 bytes)
Hash
fc1c44ae9e4954ae02c484125b7a6a1e
484eb92dd5bb166e7a06c1cf2dce2400bb3055e3
fa015c22854d009fd3436cac0b3958a3616d67d9c633c61d0ae309c114ab9f04

HTTP Headers

GET /sys-static/shared-assets/__shared_accept_language_parser_FZZ6RWIK.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-545087.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:53 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-c32d3f4ff28f313754f3137c809ffbaa-bbb5d0c19af6f6cd-01
last-modified: Fri, 25 Apr 2025 12:13:58 GMT
etag: W/"fc1c44ae9e4954ae02c484125b7a6a1e"
x-amz-meta-mtime: 1745583083.412339468
content-encoding: gzip
expires: Sun, 27 Apr 2025 10:43:22 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 54331
cache: HIT
x-cached-since: 2025-04-27T11:00:22+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/813e8388f0.js

185.244.209.62

200 OK

3.8 kB

URL GET
v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/813e8388f0.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
ASCII text, with very long lines (1194)
Size
3.8 kB (3834 bytes)
Hash
e482a4b4636f380636d9dfddea4a1747
af47fa46121e53c27f16738f72e495a6225f76ba
36894c041d0dcd718fb0852db3f160ed631e426c9f977f7b1d93df1909816809

HTTP Headers

GET /sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/813e8388f0.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-545087.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:54 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-ab791d175ee0f41a6712f822719b545f-4ae7839573290819-01
last-modified: Wed, 23 Apr 2025 10:39:58 GMT
etag: W/"e482a4b4636f380636d9dfddea4a1747"
x-amz-meta-mtime: 1745404478.033224072
content-encoding: gzip
expires: Thu, 24 Apr 2025 10:44:56 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 54384
cache: HIT
x-cached-since: 2025-04-27T10:59:30+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2

185.244.209.62

200 OK

64 kB

URL GET
v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 63920, version 1.0
Size
64 kB (63920 bytes)
Hash
a65527fcb58f66a7cfbc0e6b160538b4
45d260e7fa343401b5bb0df982a014f53e2d253b
fb13c3a1cbac60649b76f7d7f85c1645d35ac69b85ce5f4eb0692505ecc2cd45

HTTP Headers

GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-545087.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:06:02 GMT
content-type: font/woff2
content-length: 63920
traceparent: 00-8aec2b2b9b92466eb5845e49996024c5-cf717433ac07043e-01
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "a65527fcb58f66a7cfbc0e6b160538b4"
expires: Thu, 16 Jan 2025 10:45:34 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 1399
cache: HIT
x-cached-since: 2025-04-28T01:42:43+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-7JGWL9SV66&l=dataLayer&cx=c&gtm=45He54n0v9180563600za200&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001

142.250.74.168

200 OK

458 kB

URL GET
www.googletagmanager.com/gtag/js?id=G-7JGWL9SV66&l=dataLayer&cx=c&gtm=45He54n0v9180563600za200&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintE4:97:12:2A:2B:30:84:66:33:9D:D6:09:14:D3:8F:CE:3E:20:73:24
ValidityMon, 31 Mar 2025 08:54:37 GMT - Mon, 23 Jun 2025 08:54:36 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (12571)
Size
458 kB (458231 bytes)
Hash
e0425085d1693dccda0c513e0b7984d4
350fbfd82d3b6ddbc15cf87e53280af58a3f4cbf
401ff733f7184a53b7e7850c5f4bb5cff2b9d7e2d26cb72f404a145bbc7f5606

HTTP Headers

GET /gtag/js?id=G-7JGWL9SV66&l=dataLayer&cx=c&gtm=45He54n0v9180563600za200&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-545087.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 28 Apr 2025 02:06:04 GMT
expires: Mon, 28 Apr 2025 02:06:04 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1068:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1068:0
report-to: {"group":"ascgcycc:1068:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1068:0"}],}
server: Google Tag Manager
content-length: 146419
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

region1.analytics.google.com/g/collect?v=2&tid=G-7JGWL9SV66&gtm=45je54n0v897130004za200zb9180563600&_p=1745805963712&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&cid=184144087.1745805964&ecid=503866877&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=AEAAAAI&_s=1&sid=1745805964&sct=1&seg=0&dl=https%3A%2F%2F1xlite-545087.top%2Fen%2Fblock&dt=1xBet&en=scroll&ep.optimize_id=GTM-5R4MT54&epn.percent_scrolled=90&upn.ref_id=1&tfd=13866

216.239.34.36

204 No Content

0 B

URL POST
region1.analytics.google.com/g/collect?v=2&tid=G-7JGWL9SV66&gtm=45je54n0v897130004za200zb9180563600&_p=1745805963712&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&cid=184144087.1745805964&ecid=503866877&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=AEAAAAI&_s=1&sid=1745805964&sct=1&seg=0&dl=https%3A%2F%2F1xlite-545087.top%2Fen%2Fblock&dt=1xBet&en=scroll&ep.optimize_id=GTM-5R4MT54&epn.percent_scrolled=90&upn.ref_id=1&tfd=13866
IP
216.239.34.36:443
ASN
#15169 GOOGLE

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintE4:97:12:2A:2B:30:84:66:33:9D:D6:09:14:D3:8F:CE:3E:20:73:24
ValidityMon, 31 Mar 2025 08:54:37 GMT - Mon, 23 Jun 2025 08:54:36 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-7JGWL9SV66&gtm=45je54n0v897130004za200zb9180563600&_p=1745805963712&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&cid=184144087.1745805964&ecid=503866877&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=AEAAAAI&_s=1&sid=1745805964&sct=1&seg=0&dl=https%3A%2F%2F1xlite-545087.top%2Fen%2Fblock&dt=1xBet&en=scroll&ep.optimize_id=GTM-5R4MT54&epn.percent_scrolled=90&upn.ref_id=1&tfd=13866 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-545087.top/
Origin: https://1xlite-545087.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://1xlite-545087.top
date: Mon, 28 Apr 2025 02:06:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:153:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:153:0
report-to: {"group":"ascnsrsggc:153:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:153:0"}],}
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/shared-assets/Desktop/__shared_base-app_d2c2bd4088.js

185.244.209.62

200 OK

801 kB

URL GET
v3.traincdn.com/sys-static/shared-assets/Desktop/__shared_base-app_d2c2bd4088.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (22765)
Size
801 kB (800571 bytes)
Hash
dd3f6c27f89b359dec9ecbd1ff243eb2
bf91e8d155787c18182fca8e8ea7d2abd264dbe4
ef4b0170b6cd09d7eb6e496de41de62aad5c6dacc609f651fea6ea999568fc8c

HTTP Headers

GET /sys-static/shared-assets/Desktop/__shared_base-app_d2c2bd4088.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-545087.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:53 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-0db0d66f91de185bad0acf68ec670747-f06492c264fb5909-01
last-modified: Thu, 24 Apr 2025 07:56:18 GMT
etag: W/"dd3f6c27f89b359dec9ecbd1ff243eb2"
x-amz-meta-mtime: 1745481162.808983878
content-encoding: gzip
expires: Fri, 25 Apr 2025 10:44:58 GMT
cache-control: max-age=86400
x-time-ng: 0.003
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 55150
cache: HIT
x-cached-since: 2025-04-27T10:46:43+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/af72478ef380e9832ceeb89ff239c105.json

185.244.209.62

200 OK

2.6 kB

URL GET
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/af72478ef380e9832ceeb89ff239c105.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
2.6 kB (2619 bytes)
Hash
37570a18cf2b5036cde573bc602ffca6
b291a81808a55fec78bde32a98259623778d50df
26bca68a5ce30ed4b03bba1ae6ee6380b3d34836a4efb869cada70c5cd48120c

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/af72478ef380e9832ceeb89ff239c105.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-545087.top/
Origin: https://1xlite-545087.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:54 GMT
content-type: application/json
traceparent: 00-c8b8280c17c4da88b8d62ac171d22ca1-b3ccaa7828382f33-01
last-modified: Wed, 26 Mar 2025 06:48:32 GMT
etag: W/"37570a18cf2b5036cde573bc602ffca6"
content-encoding: gzip
expires: Wed, 26 Mar 2025 07:52:03 GMT
cache-control: max-age=3600
x-time-ng: 0.047
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 1577
cache: HIT
x-cached-since: 2025-04-28T01:39:37+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/7deb41e6a6.js

185.244.209.62

200 OK

2.0 kB

URL GET
v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/7deb41e6a6.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
ASCII text, with very long lines (1435)
Size
2.0 kB (2047 bytes)
Hash
59bbd7c7c12c2bfa5463fec581cf285b
c886f6e91e463988b39c7694105aa90f5b30bdad
15e186205c9f78c5ca0e368125fe2850e25d6acccf7f902cfc5df7a01586e1bc

HTTP Headers

GET /sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/7deb41e6a6.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-545087.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:54 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-da852009c9826941ad0986c6521c7b53-add464f7400fc82c-01
last-modified: Wed, 23 Apr 2025 10:39:58 GMT
etag: W/"59bbd7c7c12c2bfa5463fec581cf285b"
x-amz-meta-mtime: 1745404478.033224072
content-encoding: gzip
expires: Thu, 24 Apr 2025 10:44:56 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 54384
cache: HIT
x-cached-since: 2025-04-27T10:59:30+00:00
X-Firefox-Spdy: h2

1xlite-545087.top/hd-api/external/verify

83.147.224.3

200 OK

715 B

URL POST
1xlite-545087.top/hd-api/external/verify
IP
83.147.224.3:443
ASN
#0

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerLet's Encrypt
Subject1xlite-545087.top
FingerprintC7:86:BD:39:F5:04:4A:45:DF:1F:27:D2:46:A9:66:A0:E7:BD:A9:DD
ValidityTue, 11 Mar 2025 05:20:04 GMT - Mon, 09 Jun 2025 05:20:03 GMT

File type
JSON text data
Size
715 B (715 bytes)
Hash
a57a94b8879dc95a1fc438bce4a2989c
7d9ad16d455a43f9027eb97c56b93420aafed8f8
41df3a53b279d9dae3f7c7fb292439e84bc96a7e10cc82b44b2c05f6dcf727dc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /hd-api/external/verify HTTP/1.1
Host: 1xlite-545087.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-545087.top/en/block
Content-Type: text/plain;charset=UTF-8
Content-Length: 108557
Origin: https://1xlite-545087.top
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_4175298m_97c_PU_CIS_PA_SB_MB_1XBET_ANDROID%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_4175298m_97c_PU_CIS_PA_SB_MB_1XBET_ANDROID; postback_watcher=%7B%22tag%22%3A%22d_4175298m_97c_PU_CIS_PA_SB_MB_1XBET_ANDROID%22%2C%22pb%22%3A%227ceb261dfb824837b0d185a5d0c3c180%22%2C%22click_id%22%3A%22w89pfkqrkgh5n2f9jiu1u8si%22%7D; auid=U5PgA2gO4n87/zUjBDKFAg==; window_width=1280; che_g=9c83febf-9949-def6-4ed3-3be586b89df1; SESSION=94876929e96e46d4ffb4008776c3fcc1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:06:03 GMT
content-type: application/json
content-length: 582
content-encoding: gzip
vary: Accept-Encoding
x-dt: 285
x-request-guid: 5bbfed934775ac823415a78b2ba23c45
x-time-ng: 0.006
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=0.009, wf-uht;dur=0.042
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/1c0cd0740fccd19a9816be06e69f0a1b.json

185.244.209.62

200 OK

473 B

URL GET
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/1c0cd0740fccd19a9816be06e69f0a1b.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
473 B (473 bytes)
Hash
e67aa19ef00fd2285c7b4ecbb6018306
5b01d4786d6fbfbd5de7901eb4359a55466f434a
135c1042c31e3674d8a1b3b9e7179f4f36868048ca6058ea458ff291b8880b5e

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/1c0cd0740fccd19a9816be06e69f0a1b.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-545087.top/
Origin: https://1xlite-545087.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:54 GMT
content-type: application/json
content-length: 473
traceparent: 00-e39cc271dcbaab58af47bb042f5f93c6-38dc25a612abbb9e-01
last-modified: Thu, 16 May 2024 20:41:30 GMT
etag: "e67aa19ef00fd2285c7b4ecbb6018306"
expires: Thu, 16 Jan 2025 11:19:55 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 1577
cache: HIT
x-cached-since: 2025-04-28T01:39:37+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/b5cd9a5e87d930de856c92da15aa121e.png

185.244.209.62

200 OK

653 B

URL GET
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/b5cd9a5e87d930de856c92da15aa121e.png
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
PNG image data, 32 x 32, 8-bit colormap, non-interlaced
Size
653 B (653 bytes)
Hash
e6f0766cbd95db33da44e7a9140648f2
5f196b1bfe8c3f92bd2ebcd67124e72e81ae6aaf
c0399d478788d5d483f104a2e8cb7c32f41cb40e9df0c22e831b2bfa2db63ec0

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/b5cd9a5e87d930de856c92da15aa121e.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-545087.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:52 GMT
content-type: image/png
content-length: 653
traceparent: 00-681df6fe2cc87fcbbdf508900b2f3489-af7200fd62859d53-01
last-modified: Wed, 26 Jun 2024 08:18:02 GMT
etag: "e6f0766cbd95db33da44e7a9140648f2"
expires: Thu, 16 Jan 2025 10:46:36 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 1877
cache: HIT
x-cached-since: 2025-04-28T01:34:35+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2

185.244.209.62

200 OK

64 kB

URL GET
v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 63748, version 1.0
Size
64 kB (63748 bytes)
Hash
6887b6f24414dbc612dbf42ccdc76b70
8068d3abfbc6cbf35b55919da45b1f4d2d136238
fc5c015fc32518f1ed810fa84ca28941eb9d5a3c81acc8df69a4dbbeedef7b0c

HTTP Headers

GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-545087.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:06:02 GMT
content-type: font/woff2
content-length: 63748
traceparent: 00-d416a8c419de2c5415db4b5d0d1c2974-8e93818435038e5f-01
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "6887b6f24414dbc612dbf42ccdc76b70"
expires: Thu, 16 Jan 2025 10:32:14 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 1076
cache: HIT
x-cached-since: 2025-04-28T01:48:06+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/main-static/337b990b/desktop/default/vendors/plugins.vue-notification-38fbfa56.js

185.244.209.62

200 OK

13 kB

URL GET
v3.traincdn.com/main-static/337b990b/desktop/default/vendors/plugins.vue-notification-38fbfa56.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (12563), with no line terminators
Size
13 kB (12563 bytes)
Hash
cd711867320f42c6286f5b1ee5bfbc7d
abe742504bf172f9c7d68864178049a09ae00b59
1f07ad009ccc6be8cd5bf278b42ec06df35fea23f62b772e313f2b566bb78d10

HTTP Headers

GET /main-static/337b990b/desktop/default/vendors/plugins.vue-notification-38fbfa56.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-545087.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:53 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-6ac5a1e0282ca9beac6fb3da36ba7018-f71336d130c90324-01
last-modified: Fri, 25 Apr 2025 14:23:48 GMT
etag: W/"cd711867320f42c6286f5b1ee5bfbc7d"
x-amz-meta-mtime: 1745591027.417715049
content-encoding: gzip
expires: Sat, 26 Apr 2025 14:31:28 GMT
cache-control: max-age=86400
x-time-ng: 0.001
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 41425
cache: HIT
x-cached-since: 2025-04-27T14:35:28+00:00
X-Firefox-Spdy: h2

1xlite-545087.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/ab.json

83.147.224.3

200 OK

2 B

URL POST
1xlite-545087.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/ab.json
IP
83.147.224.3:443
ASN
#0

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerLet's Encrypt
Subject1xlite-545087.top
FingerprintC7:86:BD:39:F5:04:4A:45:DF:1F:27:D2:46:A9:66:A0:E7:BD:A9:DD
ValidityTue, 11 Mar 2025 05:20:04 GMT - Mon, 09 Jun 2025 05:20:03 GMT

File type
JSON text data
Size
2 B (2 bytes)
Hash
d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/ab.json HTTP/1.1
Host: 1xlite-545087.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-545087.top/en/block
Content-Type: application/json
X-Lang: en
X-Uuid: 31fa024e-48c2-43ae-b4a8-02a6e727066d
Content-Length: 19
Origin: https://1xlite-545087.top
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_4175298m_97c_PU_CIS_PA_SB_MB_1XBET_ANDROID%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_4175298m_97c_PU_CIS_PA_SB_MB_1XBET_ANDROID; postback_watcher=%7B%22tag%22%3A%22d_4175298m_97c_PU_CIS_PA_SB_MB_1XBET_ANDROID%22%2C%22pb%22%3A%227ceb261dfb824837b0d185a5d0c3c180%22%2C%22click_id%22%3A%22w89pfkqrkgh5n2f9jiu1u8si%22%7D; auid=U5PgA2gO4n87/zUjBDKFAg==; window_width=1280; che_g=9c83febf-9949-def6-4ed3-3be586b89df1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:54 GMT
content-type: application/json
content-length: 2
x-dt: 285
x-time-ng: 0.000
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=0.005, wf-uht;dur=0.013
X-Firefox-Spdy: h2

v3.traincdn.com/version.json

185.244.209.62

200 OK

11 B

URL GET
v3.traincdn.com/version.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
ASCII text
Size
11 B (11 bytes)
Hash
fa19366d32ac77bdf6a34bcac69e646f
71033664aa2c80657ffe3215f0acc618d90fff8b
d9f72067b55cddb457b266f84804043583cffd0348086f763bf77737b00513e8

HTTP Headers

GET /version.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-545087.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-545087.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:52 GMT
content-type: application/json
content-length: 11
traceparent: 00-41916aa509eea9ba2701fc2fe3102cf9-1d5a53f52b3f0457-01
last-modified: Fri, 25 Apr 2025 14:25:55 GMT
etag: "fa19366d32ac77bdf6a34bcac69e646f"
x-amz-meta-mtime: 1745591155.8333574
expires: Fri, 25 Apr 2025 14:28:24 GMT
cache-control: max-age=60
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 46
cache: HIT
x-cached-since: 2025-04-28T02:05:06+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/main-static/337b990b/desktop/default/app-bb2199dd.js

185.244.209.62

200 OK

509 kB

URL GET
v3.traincdn.com/main-static/337b990b/desktop/default/app-bb2199dd.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
509 kB (509399 bytes)
Hash
d92869654b7c06b53a68ceb09e1929c6
193f6de3299ea0d291d9ce56b3df58209e092fa0
3e04eaa1112c5c5edbfea6bba853d180266702a7ce22b7e3ff483df382c41b99

HTTP Headers

GET /main-static/337b990b/desktop/default/app-bb2199dd.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-545087.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:52 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-92a12a870812520d5f402addf53906e8-d18701fd843469dc-01
last-modified: Fri, 25 Apr 2025 14:23:48 GMT
etag: W/"d92869654b7c06b53a68ceb09e1929c6"
x-amz-meta-mtime: 1745591027.405714928
content-encoding: gzip
expires: Sat, 26 Apr 2025 14:31:27 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 41424
cache: HIT
x-cached-since: 2025-04-27T14:35:28+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/b9639b3b1e.js

185.244.209.62

200 OK

27 kB

URL GET
v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/b9639b3b1e.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
ASCII text, with very long lines (12766)
Size
27 kB (27230 bytes)
Hash
2eec0d70786483601bb3ee005c6104a3
2e81319d87e36af13c16e5417d5b4049cd6968d2
67d7ebca2ec18eb0302193de83058b8c5381bd0aebb355308e4283b3b6b2c780

HTTP Headers

GET /sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/b9639b3b1e.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-545087.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:54 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-32f2f417036290743dbb70f5176383e8-2266b9a5b7dc3c77-01
last-modified: Wed, 23 Apr 2025 10:39:58 GMT
etag: W/"2eec0d70786483601bb3ee005c6104a3"
x-amz-meta-mtime: 1745404478.033224072
content-encoding: gzip
expires: Thu, 24 Apr 2025 10:44:56 GMT
cache-control: max-age=86400
x-time-ng: 0.003
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 54384
cache: HIT
x-cached-since: 2025-04-27T10:59:30+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/main-static/337b990b/desktop/default/vendors/plugins.vue-js-modal-c2cf1c12.js

185.244.209.62

200 OK

27 kB

URL GET
v3.traincdn.com/main-static/337b990b/desktop/default/vendors/plugins.vue-js-modal-c2cf1c12.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (26667), with no line terminators
Size
27 kB (26667 bytes)
Hash
cf8b06baeb7ae8f2ac91e5786d61e146
625e7cac0cbf5c55ca40df6c229af389687c0d34
8c297d5dda72c0cc5d6fce3dabc93773c1b435c9dfd2f3d37bdb4f42c34f436b

HTTP Headers

GET /main-static/337b990b/desktop/default/vendors/plugins.vue-js-modal-c2cf1c12.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-545087.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:53 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-d101eb73190f21ab12ccd32897658d81-fa967348850fe387-01
last-modified: Fri, 25 Apr 2025 14:23:48 GMT
etag: W/"cf8b06baeb7ae8f2ac91e5786d61e146"
x-amz-meta-mtime: 1745591027.417715049
content-encoding: gzip
expires: Sat, 26 Apr 2025 14:31:28 GMT
cache-control: max-age=86400
x-time-ng: 0.001
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 41425
cache: HIT
x-cached-since: 2025-04-27T14:35:28+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_coupon/en/dictionary_22c581700f9009d3aa46609a4ffa61d6.json

185.244.209.62

200 OK

24 kB

URL GET
v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_coupon/en/dictionary_22c581700f9009d3aa46609a4ffa61d6.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
24 kB (24300 bytes)
Hash
3a36df93e63e0dd00a4ad628c20f495a
b2005e9725612a2c33530627966d1827f5c3fe8d
0425b9e7cdd4c8f1049dd240ad2a23a45bfa9fb86f95f4790b3e286afe527b40

HTTP Headers

GET /genfiles/web-app-v2/dictionary2/v3_coupon/en/dictionary_22c581700f9009d3aa46609a4ffa61d6.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-545087.top/
Origin: https://1xlite-545087.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:53 GMT
content-type: application/json; charset=utf-8
traceparent: 00-66460bfcfa09979bfa371243f6cedd67-7465246b3e45764a-01
last-modified: Tue, 22 Apr 2025 12:06:05 GMT
etag: W/"3a36df93e63e0dd00a4ad628c20f495a"
cache-control: max-age=3600
content-encoding: gzip
expires: Tue, 22 Apr 2025 13:25:43 GMT
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 1581
cache: HIT
x-cached-since: 2025-04-28T01:39:32+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_auth/en/dictionary_d44e2f2b089cfe400f9161a4e0964c8c.json

185.244.209.62

200 OK

9.1 kB

URL GET
v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_auth/en/dictionary_d44e2f2b089cfe400f9161a4e0964c8c.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
9.1 kB (9102 bytes)
Hash
4f63311d65c9301b044217863c3fe25d
b24f42a719be8e0b53069262c6d4472443aa15bc
44920204f088fd41c46285d851bfc86ee55e01bbcc1d19cff5c964a3eb7a364a

HTTP Headers

GET /genfiles/web-app-v2/dictionary2/v3_auth/en/dictionary_d44e2f2b089cfe400f9161a4e0964c8c.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-545087.top/
Origin: https://1xlite-545087.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:53 GMT
content-type: application/json; charset=utf-8
traceparent: 00-8da5da469e1545faebfc2581c175906a-a2f83aee5ec4baf4-01
last-modified: Thu, 24 Apr 2025 16:06:15 GMT
etag: W/"4f63311d65c9301b044217863c3fe25d"
cache-control: max-age=3600
content-encoding: gzip
expires: Thu, 24 Apr 2025 17:20:23 GMT
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 3461
cache: HIT
x-cached-since: 2025-04-28T01:08:12+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/fc03516ae4c718991727836d377493ff.json

185.244.209.62

200 OK

13 kB

URL GET
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/fc03516ae4c718991727836d377493ff.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
13 kB (13278 bytes)
Hash
2b474bcc2f009b70e64e2b5a95dd50a4
1fd5ee2d54da7dfbf61e67efd938a89c548fc866
f86d880575f3f65ddaaf9e8a0e3746bbbefcefe7e6c0c4441e9e20ceffdca237

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/fc03516ae4c718991727836d377493ff.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-545087.top/
Origin: https://1xlite-545087.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:54 GMT
content-type: application/json
traceparent: 00-e6b867ff31ff77c7b576696de42e5c61-b2248200fdef0b18-01
last-modified: Wed, 12 Mar 2025 09:35:22 GMT
etag: W/"2b474bcc2f009b70e64e2b5a95dd50a4"
content-encoding: gzip
expires: Wed, 12 Mar 2025 11:03:31 GMT
cache-control: max-age=3600
x-time-ng: 0.001
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 1577
cache: HIT
x-cached-since: 2025-04-28T01:39:37+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/8b4e10c31932a559912f415b65fba92c.json

185.244.209.62

200 OK

1.3 kB

URL GET
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/8b4e10c31932a559912f415b65fba92c.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
1.3 kB (1342 bytes)
Hash
499d57f89b2bf5fed52d984d865fd72c
f3dd138886f2c1e257d3ac2214b7e3cba57e56b2
9467cf5576ce2a97d9e44e53915a9c4ae529c134cc1ea5a3c62ea304eebda0c8

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/8b4e10c31932a559912f415b65fba92c.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-545087.top/
Origin: https://1xlite-545087.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:54 GMT
content-type: application/json
traceparent: 00-9f04dfbfca1a633a6a428c2f21964cca-9173ee9743bd17d6-01
last-modified: Thu, 27 Feb 2025 08:17:13 GMT
etag: W/"499d57f89b2bf5fed52d984d865fd72c"
content-encoding: gzip
expires: Thu, 27 Feb 2025 11:06:29 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 1577
cache: HIT
x-cached-since: 2025-04-28T01:39:37+00:00
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7JGWL9SV66&cid=184144087.1745805964&gtm=45je54n0v897130004za200zb9180563600&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&z=1584052621

142.250.178.99

200 OK

42 B

URL GET
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7JGWL9SV66&cid=184144087.1745805964&gtm=45je54n0v897130004za200zb9180563600&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&z=1584052621
IP
142.250.178.99:443
ASN
#15169 GOOGLE

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerGoogle Trust Services
Subject*.google.no
Fingerprint5C:74:10:81:DF:C8:1D:7B:16:B3:CA:71:3E:22:4F:22:CD:5D:62:75
ValidityMon, 31 Mar 2025 08:57:30 GMT - Mon, 23 Jun 2025 08:57:29 GMT

File type
GIF image data, version 89a, 1 x 1
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7JGWL9SV66&cid=184144087.1745805964&gtm=45je54n0v897130004za200zb9180563600&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&z=1584052621 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-545087.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 28 Apr 2025 02:06:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

v3.traincdn.com/sys-ui/2.3.144/Desktop/Default/client.css

185.244.209.62

200 OK

618 kB

URL GET
v3.traincdn.com/sys-ui/2.3.144/Desktop/Default/client.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
618 kB (618170 bytes)
Hash
dceafd3db151a193aeaefaab141bf11d
8f561ffd898e8ccabf26a6be66b10017fcb99347
f63f8a0830e5e8207d03aad889f5aca512096bc83d3268591d5828f84721db89

HTTP Headers

GET /sys-ui/2.3.144/Desktop/Default/client.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-545087.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:52 GMT
content-type: text/css; charset=utf-8
traceparent: 00-842322dc5fba7bd1ffe2317f56921217-fc43e4648c852458-01
last-modified: Mon, 31 Mar 2025 06:54:35 GMT
etag: W/"dceafd3db151a193aeaefaab141bf11d"
x-amz-meta-mtime: 1743404071.991761778
content-encoding: gzip
expires: Thu, 10 Apr 2025 08:14:42 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 63779
cache: HIT
x-cached-since: 2025-04-27T08:22:53+00:00
X-Firefox-Spdy: h2

1xlite-545087.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json

83.147.224.3

200 OK

23 B

URL POST
1xlite-545087.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json
IP
83.147.224.3:443
ASN
#0

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerLet's Encrypt
Subject1xlite-545087.top
FingerprintC7:86:BD:39:F5:04:4A:45:DF:1F:27:D2:46:A9:66:A0:E7:BD:A9:DD
ValidityTue, 11 Mar 2025 05:20:04 GMT - Mon, 09 Jun 2025 05:20:03 GMT

File type
JSON text data
Size
23 B (23 bytes)
Hash
410e9ad0f9dbe1c4ca0ed709b25b3aeb
76f4808828f75fc13b7e6ecebf603528e249241f
6ec153765254e69ee1a3d064420ddfcb7a6f8424f8d873ae99544066ed25bc6d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json HTTP/1.1
Host: 1xlite-545087.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-545087.top/en/block
Content-Type: application/json
X-Lang: en
X-Uuid: 31fa024e-48c2-43ae-b4a8-02a6e727066d
Content-Length: 48
Origin: https://1xlite-545087.top
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_4175298m_97c_PU_CIS_PA_SB_MB_1XBET_ANDROID%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_4175298m_97c_PU_CIS_PA_SB_MB_1XBET_ANDROID; postback_watcher=%7B%22tag%22%3A%22d_4175298m_97c_PU_CIS_PA_SB_MB_1XBET_ANDROID%22%2C%22pb%22%3A%227ceb261dfb824837b0d185a5d0c3c180%22%2C%22click_id%22%3A%22w89pfkqrkgh5n2f9jiu1u8si%22%7D; auid=U5PgA2gO4n87/zUjBDKFAg==; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:53 GMT
content-type: application/json
content-length: 23
x-dt: 285
x-time-ng: 0.001
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=0.005, wf-uht;dur=0.013
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/shared-assets/__shared_localforage_H7M2CI7V.js

185.244.209.62

200 OK

30 kB

URL GET
v3.traincdn.com/sys-static/shared-assets/__shared_localforage_H7M2CI7V.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (30255)
Size
30 kB (30277 bytes)
Hash
8c858b7ed9e89233e182c6824388b15d
72b5da96c3735591317ee5d7a77733f3ee2e4f5b
ff626e5d8a3bf634c1577b920a448b6da177e7e0e164a3cce4d270ff78bb7d23

HTTP Headers

GET /sys-static/shared-assets/__shared_localforage_H7M2CI7V.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-545087.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:53 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-2c73abc49cc08860a04635c54176fc0b-79cc11ae1053529d-01
last-modified: Fri, 25 Apr 2025 12:13:58 GMT
etag: W/"8c858b7ed9e89233e182c6824388b15d"
x-amz-meta-mtime: 1745583083.413339551
content-encoding: gzip
expires: Sun, 27 Apr 2025 10:44:33 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 54369
cache: HIT
x-cached-since: 2025-04-27T10:59:44+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_block_pages/en/dictionary_bc0570f08a28537dc724f4764ecf77e4.json

185.244.209.62

200 OK

2.3 kB

URL GET
v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_block_pages/en/dictionary_bc0570f08a28537dc724f4764ecf77e4.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
2.3 kB (2308 bytes)
Hash
7c12ae6fc08684f50822b3eb56779e29
036c726b8b7b2d24f987391101f3e8d1a2a183cf
a2eac45353675c82733192916712b8876c6b038b7bdbddc24df464e38b67cbfd

HTTP Headers

GET /genfiles/web-app-v2/dictionary2/v3_block_pages/en/dictionary_bc0570f08a28537dc724f4764ecf77e4.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-545087.top/
Origin: https://1xlite-545087.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:54 GMT
content-type: application/json; charset=utf-8
traceparent: 00-fe5c6c4baa65cac5e4dd56725e4d8337-23b162af0e72c49a-01
last-modified: Tue, 22 Apr 2025 08:06:29 GMT
etag: W/"7c12ae6fc08684f50822b3eb56779e29"
cache-control: max-age=3600
content-encoding: gzip
expires: Tue, 22 Apr 2025 09:26:34 GMT
x-time-ng: 0.001
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 79
cache: HIT
x-cached-since: 2025-04-28T02:04:35+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/e17f24c13b.js

185.244.209.62

200 OK

1.2 kB

URL GET
v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/e17f24c13b.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
ASCII text, with very long lines (839)
Size
1.2 kB (1208 bytes)
Hash
84b0fa02c6fb01a238017a59f653ca22
ee86a08f3dfb1ef32c02aba766a00174a74ef190
a9998600aaf3d1d0c7f55929cb61a90aa3a49f9ec5eedfa09b69a66617d3e38f

HTTP Headers

GET /sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/e17f24c13b.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-545087.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:54 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-8b0154dc19ad4ce820691a9e551021bc-d29c31c66e451bd7-01
last-modified: Wed, 23 Apr 2025 10:39:58 GMT
etag: W/"84b0fa02c6fb01a238017a59f653ca22"
x-amz-meta-mtime: 1745404478.034224101
content-encoding: gzip
expires: Thu, 24 Apr 2025 10:44:56 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 54384
cache: HIT
x-cached-since: 2025-04-27T10:59:30+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/ac02f639a86763a884adc5615fe65e72.json

185.244.209.62

200 OK

14 kB

URL GET
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/ac02f639a86763a884adc5615fe65e72.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
14 kB (14232 bytes)
Hash
811ce3b7877d19901e45430cb6523d62
16a905115a678fdef3923f91c6f76cbab613e84d
10fbb74dbac63abfe9c4f5a77abc03757ef3527a479d4ae70dc977b515eec8cb

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/ac02f639a86763a884adc5615fe65e72.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-545087.top/
Origin: https://1xlite-545087.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:53 GMT
content-type: application/json
traceparent: 00-26b300cedba8a7b24846a143befd350e-c5a79644a512765a-01
last-modified: Thu, 27 Feb 2025 09:04:01 GMT
etag: W/"811ce3b7877d19901e45430cb6523d62"
content-encoding: gzip
expires: Thu, 27 Feb 2025 10:17:13 GMT
cache-control: max-age=3600
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 2683
cache: HIT
x-cached-since: 2025-04-28T01:21:10+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/8192228305b202797f207eeb6842287c.png

185.244.209.62

200 OK

5.2 kB

URL GET
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/8192228305b202797f207eeb6842287c.png
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
PNG image data, 514 x 514, 8-bit colormap, non-interlaced
Size
5.2 kB (5202 bytes)
Hash
b9a636eef54b2844b571fe7de49184a7
bf653690790ced40eb3189da075a275d951d1607
001bfcdd52b658d46543a1aec889d35b73b3909b47097cc011b95e96fc9e3743

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/8192228305b202797f207eeb6842287c.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-545087.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:53 GMT
content-type: image/png
content-length: 5202
traceparent: 00-0a93e1f04814c2c58a39e86d79170df7-2c32b8b0ab71161e-01
last-modified: Wed, 26 Jun 2024 08:22:59 GMT
etag: "b9a636eef54b2844b571fe7de49184a7"
expires: Thu, 16 Jan 2025 11:18:57 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/e3dd2d416ede1d7659584842878349f6.json

185.244.209.62

200 OK

1.1 kB

URL GET
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/e3dd2d416ede1d7659584842878349f6.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
1.1 kB (1085 bytes)
Hash
338264fc869e8f0b86b0d6c9d92102b0
83b4d35816df0e1486b766251e74d23f28b77824
015355a44429f40dd63b566dd1e9b1b76af3dfa28dcd25a43e82820ba0847b8d

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/e3dd2d416ede1d7659584842878349f6.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-545087.top/
Origin: https://1xlite-545087.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:54 GMT
content-type: application/json
traceparent: 00-e3dce981d105cf29c98bbd564af31529-8d637f7a5b78097c-01
last-modified: Thu, 16 May 2024 19:05:13 GMT
etag: W/"338264fc869e8f0b86b0d6c9d92102b0"
content-encoding: gzip
expires: Thu, 16 Jan 2025 11:19:55 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 1577
cache: HIT
x-cached-since: 2025-04-28T01:39:37+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/56f58c6d078ff0e8f698576f33bb478d.json

185.244.209.62

200 OK

3.6 kB

URL GET
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/56f58c6d078ff0e8f698576f33bb478d.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
3.6 kB (3557 bytes)
Hash
4b08975411699bcd7464f49777e866bf
2a9b0a0f3eadf5f3e1ef688bacd9560dd59c73d2
b6208d18413f8988db2e0040ff72516c0cb5e06d3d9692b5b098808ab46fc378

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/56f58c6d078ff0e8f698576f33bb478d.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-545087.top/
Origin: https://1xlite-545087.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:54 GMT
content-type: application/json
traceparent: 00-7518bac6d9547552d55f108ac60bbc64-daa7dd9b7567b70a-01
last-modified: Thu, 27 Feb 2025 09:06:12 GMT
etag: W/"4b08975411699bcd7464f49777e866bf"
content-encoding: gzip
expires: Thu, 27 Feb 2025 10:17:14 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 1577
cache: HIT
x-cached-since: 2025-04-28T01:39:37+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/3f30456910.js

185.244.209.62

200 OK

134 B

URL GET
v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/3f30456910.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
Java source, ASCII text
Size
134 B (134 bytes)
Hash
834095d96bc70d6775eea00ac7f66ee5
40d18957a683b25c8c27a9762821c22e51df1dac
3aedb8ddb0a940d381125c90208d4c5c4334b19f7e1183a994fa20eb4ba719e5

HTTP Headers

GET /sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/3f30456910.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-545087.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:54 GMT
content-type: text/javascript; charset=utf-8
content-length: 134
traceparent: 00-065aa0db5b2d614b92c903e2c07885b2-a32e7be5323b5b5f-01
last-modified: Wed, 23 Apr 2025 10:39:58 GMT
etag: "834095d96bc70d6775eea00ac7f66ee5"
x-amz-meta-mtime: 1745404478.032224044
expires: Thu, 24 Apr 2025 10:44:56 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 54384
cache: HIT
x-cached-since: 2025-04-27T10:59:30+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/sys-ui/2.3.144/Desktop/Default/client.css

185.244.209.62

200 OK

618 kB

URL GET
v3.traincdn.com/sys-ui/2.3.144/Desktop/Default/client.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
618 kB (618170 bytes)
Hash
dceafd3db151a193aeaefaab141bf11d
8f561ffd898e8ccabf26a6be66b10017fcb99347
f63f8a0830e5e8207d03aad889f5aca512096bc83d3268591d5828f84721db89

HTTP Headers

GET /sys-ui/2.3.144/Desktop/Default/client.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-545087.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-545087.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:52 GMT
content-type: text/css; charset=utf-8
traceparent: 00-1c578e92c000bea61855faf725f4cb40-036499f2c74761eb-01
last-modified: Mon, 31 Mar 2025 06:54:35 GMT
etag: W/"dceafd3db151a193aeaefaab141bf11d"
x-amz-meta-mtime: 1743404071.991761778
content-encoding: gzip
expires: Thu, 10 Apr 2025 08:14:42 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 63779
cache: HIT
x-cached-since: 2025-04-27T08:22:53+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/19f05ee466.css

185.244.209.62

200 OK

15 kB

URL GET
v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/19f05ee466.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
ASCII text, with very long lines (15082)
Size
15 kB (15083 bytes)
Hash
967ea13abafaa256ab87710daeab15e3
c35d006df7e93184905785ddd0780675dbf5ea14
21a68512f65cb824cf777ebddc9aa65f5922defc4dfbc969c3c0e37f74636eda

HTTP Headers

GET /sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/19f05ee466.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-545087.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:52 GMT
content-type: text/css; charset=utf-8
traceparent: 00-58e3267740f37b23e5a99b317f2f2af8-badcd61a15850973-01
last-modified: Wed, 23 Apr 2025 10:39:58 GMT
etag: W/"967ea13abafaa256ab87710daeab15e3"
x-amz-meta-mtime: 1745404478.02822393
content-encoding: gzip
expires: Fri, 25 Apr 2025 10:06:02 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 57523
cache: HIT
x-cached-since: 2025-04-27T10:07:09+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/shared-assets/Desktop/__shared_css_fd9561.css

185.244.209.62

200 OK

5.0 kB

URL GET
v3.traincdn.com/sys-static/shared-assets/Desktop/__shared_css_fd9561.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
ASCII text, with very long lines (4607)
Size
5.0 kB (5030 bytes)
Hash
5498f16be4b5e31fc69b105bd2e086e0
7c3cebacccaaf7d8dd7e3337d96602fba2e6db47
fd95617b284e0e75b0aac92febea4f5fc279fee6281a4dd5e04c053bad2e048e

HTTP Headers

GET /sys-static/shared-assets/Desktop/__shared_css_fd9561.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-545087.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:52 GMT
content-type: text/css; charset=utf-8
traceparent: 00-bbd23200ef0d005d23ee36f4a3b5cde0-0da26c5434b7cad9-01
last-modified: Fri, 25 Apr 2025 11:35:36 GMT
etag: W/"5498f16be4b5e31fc69b105bd2e086e0"
x-amz-meta-mtime: 1745580627.727939983
content-encoding: gzip
expires: Sun, 27 Apr 2025 08:40:13 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 62651
cache: HIT
x-cached-since: 2025-04-27T08:41:41+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/main-static/337b990b/desktop/default/css/395983a7.css

185.244.209.62

200 OK

62 kB

URL GET
v3.traincdn.com/main-static/337b990b/desktop/default/css/395983a7.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
ASCII text, with very long lines (62132), with no line terminators
Size
62 kB (62132 bytes)
Hash
598626a9055faeafb920afd64ca1c29f
547cbec16417b1b075a347156bb0343bf22fef89
2011b6e42d2971c10c24ccc2064536384a16c02e4702b57fc49300a348536684

HTTP Headers

GET /main-static/337b990b/desktop/default/css/395983a7.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-545087.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:52 GMT
content-type: text/css; charset=utf-8
traceparent: 00-b4a3fa924041d506e604f9841a51255a-09756031daac548c-01
last-modified: Fri, 25 Apr 2025 14:23:48 GMT
etag: W/"598626a9055faeafb920afd64ca1c29f"
x-amz-meta-mtime: 1745591027.405714928
content-encoding: gzip
expires: Sat, 26 Apr 2025 14:31:26 GMT
cache-control: max-age=86400
x-time-ng: 0.001
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 41586
cache: HIT
x-cached-since: 2025-04-27T14:32:46+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/shared-assets/__shared_chunk_KSBWA3N2.js

185.244.209.62

200 OK

610 B

URL GET
v3.traincdn.com/sys-static/shared-assets/__shared_chunk_KSBWA3N2.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (609)
Size
610 B (610 bytes)
Hash
464c50409850b3095783d5b3b9a1b00d
7d5c3f49bd0689d72dddceee68afd229f4168ed5
71cbc8847b4abb3782fe515be3e9e1f3fb639f801b337a2a3612616151ec250d

HTTP Headers

GET /sys-static/shared-assets/__shared_chunk_KSBWA3N2.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-545087.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:53 GMT
content-type: text/javascript; charset=utf-8
content-length: 610
traceparent: 00-183d5b64e30ed3b6a259ed50135b83bb-58969158816333c5-01
last-modified: Fri, 25 Apr 2025 12:13:58 GMT
etag: "464c50409850b3095783d5b3b9a1b00d"
x-amz-meta-mtime: 1745583083.412339468
expires: Sun, 27 Apr 2025 10:45:08 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 54331
cache: HIT
x-cached-since: 2025-04-27T11:00:22+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/shared-assets/__shared_vue_deps_SVMMEEZF.js

185.244.209.62

200 OK

21 kB

URL GET
v3.traincdn.com/sys-static/shared-assets/__shared_vue_deps_SVMMEEZF.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20436)
Size
21 kB (20564 bytes)
Hash
b3ce9215487c615dbe0e474955e1dd39
64d50e6020e3cdfe3156bf52d46c176dfd098fd9
e3c9c6a51511916a872d65993ad41d579fd580f3dd688335924153613e295d43

HTTP Headers

GET /sys-static/shared-assets/__shared_vue_deps_SVMMEEZF.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-545087.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:53 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-8dd62c80ee7af23c9023bafff1329607-af47db716b9c59f0-01
last-modified: Fri, 25 Apr 2025 11:22:42 GMT
etag: W/"b3ce9215487c615dbe0e474955e1dd39"
x-amz-meta-mtime: 1745580113.115902707
content-encoding: gzip
expires: Sun, 27 Apr 2025 10:44:14 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 55175
cache: HIT
x-cached-since: 2025-04-27T10:46:18+00:00
X-Firefox-Spdy: h2

1xlite-545087.top/main-static/337b990b/check-ob.js

83.147.224.3

200 OK

219 B

URL GET
1xlite-545087.top/main-static/337b990b/check-ob.js
IP
83.147.224.3:443
ASN
#0

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerLet's Encrypt
Subject1xlite-545087.top
FingerprintC7:86:BD:39:F5:04:4A:45:DF:1F:27:D2:46:A9:66:A0:E7:BD:A9:DD
ValidityTue, 11 Mar 2025 05:20:04 GMT - Mon, 09 Jun 2025 05:20:03 GMT

File type
JavaScript source, ASCII text
Size
219 B (219 bytes)
Hash
c065700c9c8c493403359e1f2baa10d9
4630fe729e70bdf63fa7ba6c84ec277fd1f51030
1e61f0c82ae82ffcf503fcd4b4c8ae27b32c11e19b882d5d13f3c44364c893f4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /main-static/337b990b/check-ob.js HTTP/1.1
Host: 1xlite-545087.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-545087.top/en/block
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_4175298m_97c_PU_CIS_PA_SB_MB_1XBET_ANDROID%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_4175298m_97c_PU_CIS_PA_SB_MB_1XBET_ANDROID; postback_watcher=%7B%22tag%22%3A%22d_4175298m_97c_PU_CIS_PA_SB_MB_1XBET_ANDROID%22%2C%22pb%22%3A%227ceb261dfb824837b0d185a5d0c3c180%22%2C%22click_id%22%3A%22w89pfkqrkgh5n2f9jiu1u8si%22%7D; auid=U5PgA2gO4n87/zUjBDKFAg==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:51 GMT
content-type: text/javascript; charset=utf-8
content-length: 219
last-modified: Fri, 25 Apr 2025 14:25:55 GMT
etag: "c065700c9c8c493403359e1f2baa10d9"
x-amz-meta-mtime: 1745591154.757354177
expires: Tue, 29 Apr 2025 02:05:51 GMT
cache-control: max-age=86400
x-time-ng: 0.000
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.007
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/ca0b35c4fc049f15180d875f935913b8.json

185.244.209.62

200 OK

9.3 kB

URL GET
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/ca0b35c4fc049f15180d875f935913b8.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
9.3 kB (9330 bytes)
Hash
ca7f8dc261bfa0bedbe26c6196957093
201939c20640df2ad6fbe79bc165b2e2d19bc65b
9d7da7f9fd8b6eb344298507d3e2afd038623c0e46dee2a018c0e3ecd667f203

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/ca0b35c4fc049f15180d875f935913b8.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-545087.top/
Origin: https://1xlite-545087.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:53 GMT
content-type: application/json
traceparent: 00-6b8708b96f303dbcc14ba0d0366e4689-d7fa803c414c86d2-01
last-modified: Wed, 20 Nov 2024 09:20:07 GMT
etag: W/"ca7f8dc261bfa0bedbe26c6196957093"
content-encoding: gzip
expires: Thu, 16 Jan 2025 10:57:42 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 1877
cache: HIT
x-cached-since: 2025-04-28T01:34:36+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/shared-assets/__shared_libphonenumber_js_4IISRMA4.js

185.244.209.62

200 OK

159 kB

URL GET
v3.traincdn.com/sys-static/shared-assets/__shared_libphonenumber_js_4IISRMA4.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
ASCII text, with very long lines (65509)
Size
159 kB (158815 bytes)
Hash
4673edf4e262d0703069c59915cde01f
da52ee1e0d3f5967a58218500593537f8e33621e
4e24e1b83813d014e5a44217a142123c8f95be42d2a9594b535155630e1adf45

HTTP Headers

GET /sys-static/shared-assets/__shared_libphonenumber_js_4IISRMA4.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-545087.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:53 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-8ab0286839da8084dcdfd9162b60aa68-669c98a7ed4aa90e-01
last-modified: Fri, 25 Apr 2025 12:13:58 GMT
etag: W/"4673edf4e262d0703069c59915cde01f"
x-amz-meta-mtime: 1745583083.413339551
content-encoding: gzip
expires: Sun, 27 Apr 2025 10:59:43 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 54369
cache: HIT
x-cached-since: 2025-04-27T10:59:44+00:00
X-Firefox-Spdy: h2

1xlite-545087.top/hd-api/external/apps/c5e31d5915661de4393e3f1489b00ebc4497dd48/api.js

83.147.224.3

200 OK

753 B

URL GET
1xlite-545087.top/hd-api/external/apps/c5e31d5915661de4393e3f1489b00ebc4497dd48/api.js
IP
83.147.224.3:443
ASN
#0

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerLet's Encrypt
Subject1xlite-545087.top
FingerprintC7:86:BD:39:F5:04:4A:45:DF:1F:27:D2:46:A9:66:A0:E7:BD:A9:DD
ValidityTue, 11 Mar 2025 05:20:04 GMT - Mon, 09 Jun 2025 05:20:03 GMT

File type
JavaScript source, ASCII text, with very long lines (752)
Size
753 B (753 bytes)
Hash
f004562bde4d48fb0987e200eb06f3af
6ce4bb1f9a61802bc2b28d084810a6a752af30a6
ba2a7d9626d02a36d5c599c2e0f24594f47e2624d8fa93f6944056722e31f20f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /hd-api/external/apps/c5e31d5915661de4393e3f1489b00ebc4497dd48/api.js HTTP/1.1
Host: 1xlite-545087.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-545087.top/en/block
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_4175298m_97c_PU_CIS_PA_SB_MB_1XBET_ANDROID%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_4175298m_97c_PU_CIS_PA_SB_MB_1XBET_ANDROID; postback_watcher=%7B%22tag%22%3A%22d_4175298m_97c_PU_CIS_PA_SB_MB_1XBET_ANDROID%22%2C%22pb%22%3A%227ceb261dfb824837b0d185a5d0c3c180%22%2C%22click_id%22%3A%22w89pfkqrkgh5n2f9jiu1u8si%22%7D; auid=U5PgA2gO4n87/zUjBDKFAg==; window_width=1280; che_g=9c83febf-9949-def6-4ed3-3be586b89df1; SESSION=94876929e96e46d4ffb4008776c3fcc1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:06:01 GMT
content-type: text/javascript; charset=utf-8
content-length: 490
accept-ranges: bytes
cache-control: public, max-age=300
content-encoding: gzip
etag: f004562bde4d48fb0987e200eb06f3af
vary: Accept-Encoding
x-dt: 285
x-request-guid: e940a264f0028397e31d63cb1718ab5f
x-time-ng: 0.001
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=0.014, wf-uht;dur=0.008
X-Firefox-Spdy: h2

1xlite-545087.top/hd-api/external/01967a24-ea6c-7aa8-9d94-822109c58329.js

83.147.224.3

200 OK

341 kB

URL GET
1xlite-545087.top/hd-api/external/01967a24-ea6c-7aa8-9d94-822109c58329.js
IP
83.147.224.3:443
ASN
#0

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerLet's Encrypt
Subject1xlite-545087.top
FingerprintC7:86:BD:39:F5:04:4A:45:DF:1F:27:D2:46:A9:66:A0:E7:BD:A9:DD
ValidityTue, 11 Mar 2025 05:20:04 GMT - Mon, 09 Jun 2025 05:20:03 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
341 kB (341374 bytes)
Hash
69bf60e00bad219a4cbc592745625920
b662627cb33bc173d95621d8f79883919279f07f
57b54d4c43cde7ccedb1d9984b065255ffec24ae6cdeae5229a782ac8db67993

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /hd-api/external/01967a24-ea6c-7aa8-9d94-822109c58329.js HTTP/1.1
Host: 1xlite-545087.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-545087.top/en/block
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_4175298m_97c_PU_CIS_PA_SB_MB_1XBET_ANDROID%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_4175298m_97c_PU_CIS_PA_SB_MB_1XBET_ANDROID; postback_watcher=%7B%22tag%22%3A%22d_4175298m_97c_PU_CIS_PA_SB_MB_1XBET_ANDROID%22%2C%22pb%22%3A%227ceb261dfb824837b0d185a5d0c3c180%22%2C%22click_id%22%3A%22w89pfkqrkgh5n2f9jiu1u8si%22%7D; auid=U5PgA2gO4n87/zUjBDKFAg==; window_width=1280; che_g=9c83febf-9949-def6-4ed3-3be586b89df1; SESSION=94876929e96e46d4ffb4008776c3fcc1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:06:01 GMT
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=0, must-revalidate
content-encoding: gzip
vary: Accept-Encoding
x-dt: 285
x-hd-trace-id: 96d844f3-a941-4c3d-80db-da6d66dd4908
x-request-guid: 24f6af72e35fec2ccabed1f30033f480
x-time-ng: 0.003
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=0.053, wf-uht;dur=0.025
X-Firefox-Spdy: h2

movenivalcrooffer.com/cde93dc0-fe82-4786-9705-578f3bac729f?zoneid=3350468&bannerid=23459034&zonetype={zone_type}&campaignid=9304976&device=other&region=70&isp=bestcjsc&useragent=Mozilla/5.0(Linux;Android10;K)AppleWebKit/537.36(KHTML,likeGecko)SamsungBrowser/28.0Chrome/130.0.0.0MobileSafari/537.36&language=be&connectiontype=oc12&cost=0.002000&visitor_id=940539964368625664

3.167.2.43

302 Found

243 kB

URL User Request GET
movenivalcrooffer.com/cde93dc0-fe82-4786-9705-578f3bac729f?zoneid=3350468&bannerid=23459034&zonetype={zone_type}&campaignid=9304976&device=other&region=70&isp=bestcjsc&useragent=Mozilla/5.0(Linux;Android10;K)AppleWebKit/537.36(KHTML,likeGecko)SamsungBrowser/28.0Chrome/130.0.0.0MobileSafari/537.36&language=be&connectiontype=oc12&cost=0.002000&visitor_id=940539964368625664
IP
3.167.2.43:443
ASN
#0

Certificate
IssuerAmazon
Subjectmovenivalcrooffer.com
Fingerprint54:CA:E2:5A:FD:D3:AE:38:1F:34:3D:5F:35:42:C5:90:05:BC:6F:54
ValidityFri, 21 Jun 2024 00:00:00 GMT - Sun, 20 Jul 2025 23:59:59 GMT

File type

Size
243 kB (242727 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cde93dc0-fe82-4786-9705-578f3bac729f?zoneid=3350468&bannerid=23459034&zonetype={zone_type}&campaignid=9304976&device=other&region=70&isp=bestcjsc&useragent=Mozilla/5.0(Linux;Android10;K)AppleWebKit/537.36(KHTML,likeGecko)SamsungBrowser/28.0Chrome/130.0.0.0MobileSafari/537.36&language=be&connectiontype=oc12&cost=0.002000&visitor_id=940539964368625664 HTTP/1.1
Host: movenivalcrooffer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-length: 0
location: https://affpa.top/L?tag=d_4175298m_97c_PU_CIS_PA_SB_MB_1XBET_ANDROID&pb=7ceb261dfb824837b0d185a5d0c3c180&click_id=w89pfkqrkgh5n2f9jiu1u8si
date: Mon, 28 Apr 2025 02:05:50 GMT
server: nginx
cache-control: no-store, no-cache, pre-check=0, post-check=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: cde93dc0-fe82-4786-9705-578f3bac729f-v4=-7Az6DKUunkLIboPW9ceqfJob1hZZk06tWuS1h13584; Max-Age=86400; Expires=Tue, 29 Apr 2025 02:05:50 GMT; Domain=movenivalcrooffer.com; Path=/; Secure; HttpOnly; SameSite=None
cc-v4=W1AEXHeUoKiCU4mKVYGCEVbiKHh33N5CR6rRlqfYvslEISaB43ZVSVKr4l2m5qqR5wAFD%2FQUNtCdwUvnhxJzx5qj8LU9Z748R1ouXz7lhD0nHukaruts58Ph4AVch7TmL6gSO2HfRrdtCYg5HmYvZQ%3D%3D; Max-Age=31536000; Expires=Tue, 28 Apr 2026 02:05:50 GMT; Domain=movenivalcrooffer.com; Path=/; Secure; HttpOnly; SameSite=None
x-cache: Miss from cloudfront
via: 1.1 ac3e1d7135d19671e1860c67a45b3f70.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P2
x-amz-cf-id: RXbLp1fQjRdoY4IZ1Q6MuEQ54KYKbVmrBjp9fP4jssvLdeK7WprhuQ==
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/346ba7cb7f.css

185.244.209.62

200 OK

650 B

URL GET
v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/346ba7cb7f.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
ASCII text, with very long lines (649)
Size
650 B (650 bytes)
Hash
d1fd527117bc7f6ab34dfb21f73eff21
3cd449f00b04eaf0e19ace8e68cd5ca39b43cfa8
4aa6713aa401bfab91d607e5d75483215ae8c34f840d55b2e7bef9cc3cc0cd28

HTTP Headers

GET /sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/346ba7cb7f.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-545087.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:52 GMT
content-type: text/css; charset=utf-8
content-length: 650
traceparent: 00-aac835e3fac88a3d4a7325e8d71b32b9-79f91d5fb0e39fcd-01
last-modified: Wed, 23 Apr 2025 10:39:58 GMT
etag: "d1fd527117bc7f6ab34dfb21f73eff21"
x-amz-meta-mtime: 1745404478.030223987
expires: Fri, 25 Apr 2025 09:17:50 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 60276
cache: HIT
x-cached-since: 2025-04-27T09:21:16+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_main/en/dictionary_bcb0e28032946c6da50c20c901d641a2.json

185.244.209.62

200 OK

135 kB

URL GET
v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_main/en/dictionary_bcb0e28032946c6da50c20c901d641a2.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
135 kB (135137 bytes)
Hash
895408ca86f8c4d343b614bf646aefbf
badcc3883855653f7afef985fcd8683f14605447
6347fa563b256a5d4887895a4861fe46b794f9cf18b0025a96a7fba69508cb53

HTTP Headers

GET /genfiles/web-app-v2/dictionary2/v3_main/en/dictionary_bcb0e28032946c6da50c20c901d641a2.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-545087.top/
Origin: https://1xlite-545087.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:53 GMT
content-type: application/json; charset=utf-8
traceparent: 00-996c1dee532495656c9448d2d5fd41f5-7ebddd3efa8ad288-01
last-modified: Fri, 25 Apr 2025 12:06:05 GMT
etag: W/"895408ca86f8c4d343b614bf646aefbf"
cache-control: max-age=3600
content-encoding: gzip
expires: Fri, 25 Apr 2025 13:35:19 GMT
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 3461
cache: HIT
x-cached-since: 2025-04-28T01:08:12+00:00
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/destination?id=DC-14030178&l=dataLayer&cx=c&gtm=45He54n0v9180563600za200&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001

142.250.74.168

200 OK

288 kB

URL GET
www.googletagmanager.com/gtag/destination?id=DC-14030178&l=dataLayer&cx=c&gtm=45He54n0v9180563600za200&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintE4:97:12:2A:2B:30:84:66:33:9D:D6:09:14:D3:8F:CE:3E:20:73:24
ValidityMon, 31 Mar 2025 08:54:37 GMT - Mon, 23 Jun 2025 08:54:36 GMT

File type
JavaScript source, ASCII text, with very long lines (5436)
Size
288 kB (288092 bytes)
Hash
e359619372f8e111166a03aab1891809
0ac40024d97a2d80b23456d9408962cbca86c2ca
93024b3c54cee181509bb9d70fc6f57f284873c01989d5f89005057fd3adcf93

HTTP Headers

GET /gtag/destination?id=DC-14030178&l=dataLayer&cx=c&gtm=45He54n0v9180563600za200&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-545087.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 28 Apr 2025 02:06:04 GMT
expires: Mon, 28 Apr 2025 02:06:04 GMT
cache-control: private, max-age=900
last-modified: Mon, 28 Apr 2025 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcysghrgc:42:0
report-to: {"group":"ascgcysghrgc:42:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
server: Google Tag Manager
content-length: 101352
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/bfa3e9fd30e7d63c0906602f42c13468.json

185.244.209.62

200 OK

182 B

URL GET
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/bfa3e9fd30e7d63c0906602f42c13468.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
182 B (182 bytes)
Hash
0a64a07e9a34e8a5b5e97e80a10888c5
82545cbc39b7dcc031dd10dea841a0b3698243d6
7201497e7e8cdf9d35bf6998e43dcde5feea535f9828ce3ee98785781016126c

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/bfa3e9fd30e7d63c0906602f42c13468.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-545087.top/
Origin: https://1xlite-545087.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:53 GMT
content-type: application/json
content-length: 182
traceparent: 00-db5f9894a81e78219ae5dd6c3dd54563-fe9a6a66ac167a62-01
last-modified: Thu, 27 Feb 2025 08:55:26 GMT
etag: "0a64a07e9a34e8a5b5e97e80a10888c5"
expires: Thu, 27 Feb 2025 10:17:13 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 2683
cache: HIT
x-cached-since: 2025-04-28T01:21:10+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/403f7acf2d.js

185.244.209.62

200 OK

1.4 kB

URL GET
v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/403f7acf2d.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
ASCII text, with very long lines (454)
Size
1.4 kB (1425 bytes)
Hash
4a184b0acdec02ef966d6bd67de40cb9
f00fe96fa5a80c9ddbb0a4d961484e2a05f8bdc6
89c804ff4e56cec5e528a71bfc6c194680b12aff25c9c05bccfffb6c940b531c

HTTP Headers

GET /sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/403f7acf2d.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-545087.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:54 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-ee5f846381864c2aecc87700b277b8b0-8ee2df9a41c046c8-01
last-modified: Wed, 23 Apr 2025 10:39:58 GMT
etag: W/"4a184b0acdec02ef966d6bd67de40cb9"
x-amz-meta-mtime: 1745404478.032224044
content-encoding: gzip
expires: Thu, 24 Apr 2025 10:44:56 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 54384
cache: HIT
x-cached-since: 2025-04-27T10:59:30+00:00
X-Firefox-Spdy: h2

www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2F1xlite-545087.top%2Fen%2Fblock&scrsrc=www.googletagmanager.com&frm=0&rnd=340428323.1745805964&dt=1xBet&auid=1938938163.1745805964&navt=n&npa=1&gtm=45He54n0v9180563600za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&tft=1745805964162&tfd=13471&apve=1

142.250.178.68

200 OK

0 B

URL POST
www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2F1xlite-545087.top%2Fen%2Fblock&scrsrc=www.googletagmanager.com&frm=0&rnd=340428323.1745805964&dt=1xBet&auid=1938938163.1745805964&navt=n&npa=1&gtm=45He54n0v9180563600za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&tft=1745805964162&tfd=13471&apve=1
IP
142.250.178.68:443
ASN
#15169 GOOGLE

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerGoogle Trust Services
Subjectwww.google.com
FingerprintD0:D7:4C:27:9F:7B:15:26:DB:1E:8C:54:8C:59:28:47:E4:A8:63:68
ValidityMon, 31 Mar 2025 08:56:27 GMT - Mon, 23 Jun 2025 08:56:26 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /ccm/collect?en=page_view&dl=https%3A%2F%2F1xlite-545087.top%2Fen%2Fblock&scrsrc=www.googletagmanager.com&frm=0&rnd=340428323.1745805964&dt=1xBet&auid=1938938163.1745805964&navt=n&npa=1&gtm=45He54n0v9180563600za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&tft=1745805964162&tfd=13471&apve=1 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-545087.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-545087.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 200 OK
pragma: no-cache
date: Mon, 28 Apr 2025 02:06:05 GMT
cache-control: no-cache, no-store, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT
content-type: text/plain
vary: Origin, X-Origin, Referer
server: scaffolding on HTTPServer2
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://1xlite-545087.top
access-control-expose-headers: date,vary,vary,vary,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

1xlite-545087.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json

83.147.224.3

200 OK

23 B

URL POST
1xlite-545087.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json
IP
83.147.224.3:443
ASN
#0

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerLet's Encrypt
Subject1xlite-545087.top
FingerprintC7:86:BD:39:F5:04:4A:45:DF:1F:27:D2:46:A9:66:A0:E7:BD:A9:DD
ValidityTue, 11 Mar 2025 05:20:04 GMT - Mon, 09 Jun 2025 05:20:03 GMT

File type
JSON text data
Size
23 B (23 bytes)
Hash
5bbcb192717fc5ab6d3796823a5b4946
84b8e26542708eb3df22b91cc8c84da83e456d90
772b3c5fa0a21604c9e3b54183bf13c84b3bcc1a7ceaf263dba73cb016c8cddf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json HTTP/1.1
Host: 1xlite-545087.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-545087.top/en/block
Content-Type: application/json
X-Lang: en
X-Uuid: 31fa024e-48c2-43ae-b4a8-02a6e727066d
Content-Length: 109
Origin: https://1xlite-545087.top
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_4175298m_97c_PU_CIS_PA_SB_MB_1XBET_ANDROID%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_4175298m_97c_PU_CIS_PA_SB_MB_1XBET_ANDROID; postback_watcher=%7B%22tag%22%3A%22d_4175298m_97c_PU_CIS_PA_SB_MB_1XBET_ANDROID%22%2C%22pb%22%3A%227ceb261dfb824837b0d185a5d0c3c180%22%2C%22click_id%22%3A%22w89pfkqrkgh5n2f9jiu1u8si%22%7D; auid=U5PgA2gO4n87/zUjBDKFAg==; window_width=1280; che_g=9c83febf-9949-def6-4ed3-3be586b89df1; SESSION=94876929e96e46d4ffb4008776c3fcc1; _gcl_au=1.1.1938938163.1745805964; _ga_7JGWL9SV66=GS1.1.1745805964.1.0.1745805964.60.0.503866877; _ga=GA1.1.184144087.1745805964
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:06:05 GMT
content-type: application/json
content-length: 23
x-dt: 285
x-time-ng: 0.000
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=0.006, wf-uht;dur=0.008
X-Firefox-Spdy: h2

v3.traincdn.com/main-static/337b990b/desktop/default/vendors/plugins.v-tooltip-b66f9922.js

185.244.209.62

200 OK

77 kB

URL GET
v3.traincdn.com/main-static/337b990b/desktop/default/vendors/plugins.v-tooltip-b66f9922.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65476)
Size
77 kB (76856 bytes)
Hash
a24547bf1ffe97f41579d8a7e7800c4b
0193336c6b51d7b94ff4cd0da8ef8e0284772ede
0b855db85d3885dd172c263a92fde745ad01a78c16a77d43e57a5dfa1d6313fb

HTTP Headers

GET /main-static/337b990b/desktop/default/vendors/plugins.v-tooltip-b66f9922.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-545087.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:53 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-45debf89c12f6a63c384aeeb5cebcc47-85a8fe9250c7e581-01
last-modified: Fri, 25 Apr 2025 14:23:48 GMT
etag: W/"a24547bf1ffe97f41579d8a7e7800c4b"
x-amz-meta-mtime: 1745591027.417715049
content-encoding: gzip
expires: Sat, 26 Apr 2025 14:31:28 GMT
cache-control: max-age=86400
x-time-ng: 0.001
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 41425
cache: HIT
x-cached-since: 2025-04-27T14:35:28+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/main-static/337b990b/desktop/default/DC-7f6e33b2.js

185.244.209.62

200 OK

2.7 kB

URL GET
v3.traincdn.com/main-static/337b990b/desktop/default/DC-7f6e33b2.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (2654), with no line terminators
Size
2.7 kB (2654 bytes)
Hash
4cf9881e0957b4a895f76227be33f9ee
b14ddb1476e113194eb9abbbd83e1c13cc4a3a25
c1feb4ad40a0292b32a2aa3d450558e792d2927817db4f02df535dbeb842d119

HTTP Headers

GET /main-static/337b990b/desktop/default/DC-7f6e33b2.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-545087.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:53 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-16fcb76e3320e74ffeca01fb5d3970a3-e36737bb22343c17-01
last-modified: Fri, 25 Apr 2025 14:23:48 GMT
etag: W/"4cf9881e0957b4a895f76227be33f9ee"
x-amz-meta-mtime: 1745591027.389714766
content-encoding: gzip
expires: Sat, 26 Apr 2025 14:31:28 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 41424
cache: HIT
x-cached-since: 2025-04-27T14:35:29+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/main-static/337b990b/desktop/default/css/684d7545.css

185.244.209.62

200 OK

14 kB

URL GET
v3.traincdn.com/main-static/337b990b/desktop/default/css/684d7545.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
ASCII text, with very long lines (14391), with no line terminators
Size
14 kB (14391 bytes)
Hash
a552d5db890b7f16e370b33cc587e807
a9dc47737b3e1d8ef6fcbb48c7c0b026c6fda545
0d7e00204297499711ae1da574d4635b31d8238ab4a663b382c44d850d24f3ec

HTTP Headers

GET /main-static/337b990b/desktop/default/css/684d7545.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-545087.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:52 GMT
content-type: text/css; charset=utf-8
traceparent: 00-fe85e93458329af96c57ec412f4a2504-b360a3860cbbd708-01
last-modified: Fri, 25 Apr 2025 14:23:48 GMT
etag: W/"a552d5db890b7f16e370b33cc587e807"
x-amz-meta-mtime: 1745591027.405714928
content-encoding: gzip
expires: Sat, 26 Apr 2025 14:31:26 GMT
cache-control: max-age=86400
x-time-ng: 0.001
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 41586
cache: HIT
x-cached-since: 2025-04-27T14:32:46+00:00
X-Firefox-Spdy: h2

1xlite-545087.top/web-api/session

83.147.224.3

204 No Content

0 B

URL GET
1xlite-545087.top/web-api/session
IP
83.147.224.3:443
ASN
#0

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerLet's Encrypt
Subject1xlite-545087.top
FingerprintC7:86:BD:39:F5:04:4A:45:DF:1F:27:D2:46:A9:66:A0:E7:BD:A9:DD
ValidityTue, 11 Mar 2025 05:20:04 GMT - Mon, 09 Jun 2025 05:20:03 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /web-api/session HTTP/1.1
Host: 1xlite-545087.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-545087.top/en/block
content-type: application/json
x-requested-with: XMLHttpRequest
x-app-n: v3-nuxt2
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_4175298m_97c_PU_CIS_PA_SB_MB_1XBET_ANDROID%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_4175298m_97c_PU_CIS_PA_SB_MB_1XBET_ANDROID; postback_watcher=%7B%22tag%22%3A%22d_4175298m_97c_PU_CIS_PA_SB_MB_1XBET_ANDROID%22%2C%22pb%22%3A%227ceb261dfb824837b0d185a5d0c3c180%22%2C%22click_id%22%3A%22w89pfkqrkgh5n2f9jiu1u8si%22%7D; auid=U5PgA2gO4n87/zUjBDKFAg==; window_width=1280; che_g=9c83febf-9949-def6-4ed3-3be586b89df1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
server: nginx
date: Mon, 28 Apr 2025 02:06:01 GMT
cache-control: no-cache, private
server-timing: dt_total;dur=0.080, p;dur=15.091, wf-uht;dur=0.029
set-cookie: ua=deleted; expires=Thu, 01 Jan 1970 00:00:01 GMT; Max-Age=0; path=/
SESSION=94876929e96e46d4ffb4008776c3fcc1; path=/; secure; httponly; samesite=lax
x-dt: 285
x-time-ng: 0.016, 0.016
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_express_day/en/dictionary_d33d208649ed1030df89e13e093c1b13.json

185.244.209.62

200 OK

831 B

URL GET
v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_express_day/en/dictionary_d33d208649ed1030df89e13e093c1b13.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
831 B (831 bytes)
Hash
5d35c8a9d00341303233a231c1adecdb
868de72ab2e64dbfd609751d6783c978826b39dd
fe97545e2ddeb8d2e24ebc21daaea02500fa15d9a5b8914b86884ad0ad1419a5

HTTP Headers

GET /genfiles/web-app-v2/dictionary2/v3_express_day/en/dictionary_d33d208649ed1030df89e13e093c1b13.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-545087.top/
Origin: https://1xlite-545087.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:53 GMT
content-type: application/json; charset=utf-8
content-length: 831
traceparent: 00-cfa5e2e7ef1ed9330933d60acef5c9c9-4ae209827ed40b72-01
last-modified: Wed, 24 Jan 2024 16:06:20 GMT
etag: "5d35c8a9d00341303233a231c1adecdb"
cache-control: max-age=3600
expires: Thu, 16 Jan 2025 10:56:26 GMT
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 755
cache: HIT
x-cached-since: 2025-04-28T01:53:18+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/cf5743ab5e.js

185.244.209.62

200 OK

2.5 kB

URL GET
v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/cf5743ab5e.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
ASCII text, with very long lines (1064)
Size
2.5 kB (2483 bytes)
Hash
cc03a41eac717c1ed4e095be6f8edaa9
6808d797ed81c447639c104a2c905a8e1c69590b
33b1834b9ceecacdd3bd72826b542ba6a3a0e1d0006bb84e32159185d2da4d0d

HTTP Headers

GET /sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/cf5743ab5e.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-545087.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:54 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-a69c701919dfa8b7577eb4a258a58624-0a584ccdbe8d2ae1-01
last-modified: Wed, 23 Apr 2025 10:39:58 GMT
etag: W/"cc03a41eac717c1ed4e095be6f8edaa9"
x-amz-meta-mtime: 1745404478.036224158
content-encoding: gzip
expires: Thu, 24 Apr 2025 10:44:56 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 54384
cache: HIT
x-cached-since: 2025-04-27T10:59:30+00:00
X-Firefox-Spdy: h2

1xlite-545087.top/bff-api/config/group/get?groups=d.technical&lang=en

83.147.224.3

200 OK

74 B

URL GET
1xlite-545087.top/bff-api/config/group/get?groups=d.technical&lang=en
IP
83.147.224.3:443
ASN
#0

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerLet's Encrypt
Subject1xlite-545087.top
FingerprintC7:86:BD:39:F5:04:4A:45:DF:1F:27:D2:46:A9:66:A0:E7:BD:A9:DD
ValidityTue, 11 Mar 2025 05:20:04 GMT - Mon, 09 Jun 2025 05:20:03 GMT

File type
JSON text data
Size
74 B (74 bytes)
Hash
d07d3049600764e057b39a0c74514371
4fe4cd913d0ac488da985dace4a60838f4c86260
2d59cf38716e88e993cced16134ff807cb3fdbfb547db140f999547b47cd92ea

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /bff-api/config/group/get?groups=d.technical&lang=en HTTP/1.1
Host: 1xlite-545087.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-545087.top/en/block
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
x-svc-source: __TECHNICAL_PAGES_APP__
x-app-n: __TECHNICAL_PAGES_APP__
x-geoip2-country-code: ru
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_4175298m_97c_PU_CIS_PA_SB_MB_1XBET_ANDROID%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_4175298m_97c_PU_CIS_PA_SB_MB_1XBET_ANDROID; postback_watcher=%7B%22tag%22%3A%22d_4175298m_97c_PU_CIS_PA_SB_MB_1XBET_ANDROID%22%2C%22pb%22%3A%227ceb261dfb824837b0d185a5d0c3c180%22%2C%22click_id%22%3A%22w89pfkqrkgh5n2f9jiu1u8si%22%7D; auid=U5PgA2gO4n87/zUjBDKFAg==; window_width=1920; che_g=9c83febf-9949-def6-4ed3-3be586b89df1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:54 GMT
content-type: application/json
content-length: 74
cache-control: no-cache, private
server-timing: dt_total;dur=0.087, bff;dur=0.85, wf-uht;dur=0.014
x-cache-expire: 801
x-cache-hit: 1
x-dt: 285
x-pod: R-zcljf
x-time-ng: 0.001
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/e7d0d99c09.js

185.244.209.62

200 OK

5.3 kB

URL GET
v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/e7d0d99c09.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
ASCII text, with very long lines (2176)
Size
5.3 kB (5322 bytes)
Hash
b0a4cbc9f85d216634bbfbd65106a360
1a0c63c254447a9e41274ea5a09f64e6651f452b
1c796e285f06e59281af9cf6d4ac414087979cfc2c5c034864641d4dc120fbac

HTTP Headers

GET /sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/e7d0d99c09.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-545087.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:54 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-7454d7f28d7302b1a2ebc78797f4e92f-abe903f69a129454-01
last-modified: Wed, 23 Apr 2025 10:39:58 GMT
etag: W/"b0a4cbc9f85d216634bbfbd65106a360"
x-amz-meta-mtime: 1745404478.035224129
content-encoding: gzip
expires: Thu, 24 Apr 2025 10:44:56 GMT
cache-control: max-age=86400
x-time-ng: 0.007
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 54384
cache: HIT
x-cached-since: 2025-04-27T10:59:30+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/main-static/337b990b/desktop/default/commons/app-4500f575.js

185.244.209.62

200 OK

138 kB

URL GET
v3.traincdn.com/main-static/337b990b/desktop/default/commons/app-4500f575.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65476)
Size
138 kB (137775 bytes)
Hash
0f44966ce907b0675f4cf269c12e0555
32cb356f3b9c7c629afb78fda6fb0a834eec0da1
a55e4e1bff13398aeb28d6cddefefa11a9784475c9a72251e0c65db34c50363e

HTTP Headers

GET /main-static/337b990b/desktop/default/commons/app-4500f575.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-545087.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:52 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-db0c4a4e56e90e810615d9ae6dfde877-20f71887f19cbb03-01
last-modified: Fri, 25 Apr 2025 14:23:48 GMT
etag: W/"0f44966ce907b0675f4cf269c12e0555"
x-amz-meta-mtime: 1745591027.405714928
content-encoding: gzip
expires: Sat, 26 Apr 2025 14:31:27 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 41424
cache: HIT
x-cached-since: 2025-04-27T14:35:28+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/d9842b87b9dabdc4cdc248c062355299.json

185.244.209.62

200 OK

7.3 kB

URL GET
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/d9842b87b9dabdc4cdc248c062355299.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
7.3 kB (7321 bytes)
Hash
0614058b667e6dfa1cdecc6e0e53131c
4f20f88c436fb5cbd82cf1dcfeaa14e52195a369
be16474b0f19b7536ebdd3d0f8867b151eaa4638411ddb46845f887a5d51a653

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/d9842b87b9dabdc4cdc248c062355299.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-545087.top/
Origin: https://1xlite-545087.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:53 GMT
content-type: application/json
traceparent: 00-21acd37ba92f15f0a1693ffcdf890ed7-cc0b4873a6a830fd-01
last-modified: Thu, 23 Jan 2025 13:19:10 GMT
etag: W/"0614058b667e6dfa1cdecc6e0e53131c"
content-encoding: gzip
expires: Thu, 23 Jan 2025 14:50:28 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 2683
cache: HIT
x-cached-since: 2025-04-28T01:21:10+00:00
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/shared-assets/__shared_popper_js_EEH7JIJK.js

185.244.209.62

200 OK

21 kB

URL GET
v3.traincdn.com/sys-static/shared-assets/__shared_popper_js_EEH7JIJK.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-545087.top/en/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (21232)
Size
21 kB (21252 bytes)
Hash
65baa1e0e10c3b0e4763d35e76999e25
a21b6807691f637324b24296803e05b64fc4c694
610516103d1262a5c7d3f5481f3f54328723386634607085bf0cfc631ad0ab3f

HTTP Headers

GET /sys-static/shared-assets/__shared_popper_js_EEH7JIJK.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-545087.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 28 Apr 2025 02:05:53 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-c3cf3dd77f58540e0000be76d87a74f0-0c3f41e5b404f1a4-01
last-modified: Fri, 25 Apr 2025 12:13:58 GMT
etag: W/"65baa1e0e10c3b0e4763d35e76999e25"
x-amz-meta-mtime: 1745583083.413339551
content-encoding: gzip
expires: Sat, 26 Apr 2025 12:29:56 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 48945
cache: HIT
x-cached-since: 2025-04-27T12:30:08+00:00
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (53)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML