Report - 1xlite-446241.top/bn?tag=d_131637m_14249c_MSnullpbgeneral79216186_d27082_l190996_clickunder&pb=7cb13d3f9d3046d5bffca6ca03342b50&click

Report Overview

Visited public
2025-06-21 20:03:49
Tags
Submit Tags
URL
1xlite-446241.top/bn?tag=d_131637m_14249c_MSnullpbgeneral79216186_d27082_l190996_clickunder&pb=7cb13d3f9d3046d5bffca6ca03342b50&click_id=d42ea4084fd1a5e47fa4a165e06507a7
Finishing URL
1xlite-446241.top/bn/block
IP / ASN
178.253.14.230
#202492 Silverhill Group Holding Ltd
Title
1xBet

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
v3.traincdn.com	unknown	2022-11-10	2022-11-25	2025-06-19	36 kB	5.8 MB	185.244.209.62
1xlite-446241.top	unknown	2024-07-12	2025-06-09	2025-06-17	22 kB	934 kB	178.253.14.230
radar.cedexis.com	3035	2009-01-07	2013-11-27	2025-06-19	850 B	1.4 kB	45.54.49.5

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-06-21	medium	1xlite-446241.top	Sinkholed
2025-06-21	medium	1xlite-446241.top	Sinkholed
2025-06-21	medium	1xlite-446241.top	Sinkholed
2025-06-21	medium	1xlite-446241.top	Sinkholed
2025-06-21	medium	1xlite-446241.top	Sinkholed
2025-06-21	medium	1xlite-446241.top	Sinkholed
2025-06-21	medium	1xlite-446241.top	Sinkholed
2025-06-21	medium	1xlite-446241.top	Sinkholed
2025-06-21	medium	1xlite-446241.top	Sinkholed
2025-06-21	medium	1xlite-446241.top	Sinkholed
2025-06-21	medium	1xlite-446241.top	Sinkholed
2025-06-21	medium	1xlite-446241.top	Sinkholed
2025-06-21	medium	1xlite-446241.top	Sinkholed
2025-06-21	medium	1xlite-446241.top	Sinkholed
2025-06-21	medium	1xlite-446241.top	Sinkholed
2025-06-21	medium	1xlite-446241.top	Sinkholed
2025-06-21	medium	1xlite-446241.top	Sinkholed
2025-06-21	medium	1xlite-446241.top	Sinkholed
2025-06-21	medium	1xlite-446241.top	Sinkholed

ThreatFox

No alerts detected

JavaScript (51)

	URL	From	Size	First Seen	Last Seen
	v3.traincdn.com/sys-static/shared-assets/__shared_localforage_FJKG5M2E.js	ImportedModule	30 kB	2025-05-14	2025-07-21
Pretty URL v3.traincdn.com/sys-static/shared-assets/__shared_localforage_FJKG5M2E.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2025-05-14 05:06 Last Seen2025-07-21 06:34 Times Seen1315 Hash 02cf95f00794b77df34632e34a59c5be b64889fb6cbe78a141688ea761a627997ef8a8af bf78b7b3dd6ecbdea04c575edfb6022ed1b2e98c7a9cb9f02ab851ca638f1b83 Loading...

	v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/fd6ab89fd4.js	ScriptElement	1.2 kB	2025-06-18	2025-06-23
Pretty URL v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/fd6ab89fd4.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-18 17:35 Last Seen2025-06-23 06:30 Times Seen32 Hash 50906dd89561b1e7e6bf82539677960c 3f22a7d92fe79d7a3cd734159da6681449296ccb 02894d09ead719d04eedd68eaf741e57886145abd86d15e3e704166f8bf4d38a Loading...

	1xlite-446241.top/bn/block	Function	84 kB	2025-06-17	2025-06-24
Pretty URL 1xlite-446241.top/bn/block IP 178.253.14.230 ASN #202492 Silverhill Group Holding Ltd Introduced by Function Embedded in HTML false Observations First Seen2025-06-17 06:36 Last Seen2025-06-24 12:47 Times Seen109 Hash 6d765d37dbe6461986f7fe26652a76f6 30bc12138b3199a169863d8e43211d654ccf4e33 f144c1a76ff9b21c5b929511f27e4c7f6b5c2b97db08e14943a2bcc06d019bb7 Loading...

	1xlite-446241.top/bn/block	Function	47 B	2023-04-14	2025-07-21
Pretty URL 1xlite-446241.top/bn/block IP 178.253.14.230 ASN #202492 Silverhill Group Holding Ltd Introduced by Function Embedded in HTML false Observations First Seen2023-04-14 16:26 Last Seen2025-07-21 06:34 Times Seen6267 Hash a01893d8e129ad16c1e0fc5c7537f411 0e46d1bf2718f848d9d596fa269eaedb31204772 cbe7b89533bcd75b69f3e54807308551d68242ec1761e63bee1a99fc6e560175 Loading...

	1xlite-446241.top/bn/block	Function	39 B	2023-04-14	2025-07-21
Pretty URL 1xlite-446241.top/bn/block IP 178.253.14.230 ASN #202492 Silverhill Group Holding Ltd Introduced by Function Embedded in HTML false Observations First Seen2023-04-14 16:26 Last Seen2025-07-21 06:34 Times Seen6273 Hash bc51ed8c76553717f10d58b2df60fd76 e2d03a8fd8d280074b226c288880f9df299c7cb1 bee994eaf88453f6343ba57571a069054c12c9b4e42f8cbad4f2ad75c7fb264c Loading...

	1xlite-446241.top/bn/block	Eval	2.6 kB	2025-06-13	2025-07-20
Pretty URL 1xlite-446241.top/bn/block IP 178.253.14.230 ASN #202492 Silverhill Group Holding Ltd Introduced by eval Embedded in HTML false Observations First Seen2025-06-13 06:28 Last Seen2025-07-20 10:46 Times Seen11 Hash 4365e1e0b8da797e579f594912654590 9a17304c98122a5266b278ad03940d0057543357 55161d126f1be4eb0dd67f42bc00b58af497e6429975f505a678ccab71276df9 Loading...

	v3.traincdn.com/sys-static/shared-assets/__shared_chunk_7HDOEZTP.js	ImportedModule	1.2 kB	2025-05-14	2025-07-21
Pretty URL v3.traincdn.com/sys-static/shared-assets/__shared_chunk_7HDOEZTP.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2025-05-14 05:06 Last Seen2025-07-21 06:34 Times Seen1315 Hash 7e76c08e7f16815131a5f13a10c1efba 5f800877b78a0713157fe119bc1a2d9a260f72e1 c6f29a0c7c3ed884ccffd7a529fd2fc599e2da1f31af658146f0e36a3f4c00dc Loading...

	v3.traincdn.com/sys-static/shared-assets/Desktop/__shared_base-app_5c24ba743a.js	ImportedModule	817 kB	2025-06-18	2025-06-25
Pretty URL v3.traincdn.com/sys-static/shared-assets/Desktop/__shared_base-app_5c24ba743a.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2025-06-18 17:35 Last Seen2025-06-25 08:27 Times Seen93 Hash 4bb8bffafb3327285627b1dae0860967 b8094e5f1f11335457d2fdd02691d4027f1b327d 348838080c75e34f5eb56571c8fdfcc5b4dde47011dd6eaa645de6bfdef4fc01 Loading...

	v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/164e07c960.js	ImportedModule	147 B	2025-06-18	2025-06-23
Pretty URL v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/164e07c960.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2025-06-18 17:35 Last Seen2025-06-23 06:30 Times Seen32 Hash d7e3795e2ecd0e90332c12c6ffed858e 89071395e5037d8a325dc68427a40925b2472db0 be6700b7e6e5998743921d1abfb511a4bc4023c3bdc5fdb0d7128ab5c1d1cb62 Loading...

	1xlite-446241.top/captcha-api/assets/hunt-captcha.js	ScriptElement	86 kB	2025-06-17	2025-06-24
Pretty URL 1xlite-446241.top/captcha-api/assets/hunt-captcha.js IP 178.253.14.230 ASN #202492 Silverhill Group Holding Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-17 06:36 Last Seen2025-06-24 12:47 Times Seen109 Hash 7c8fa1a657a274f5569fac4989528cc9 43509c7a4e32e8075147e66ee58afdc5efa58ef9 4777207c1a8f6c4a33f5c41d15f9ca068c54193af6c76f586dbc292cf04cea50 Loading...

	v3.traincdn.com/main-static/61792ac9/desktop/default/vendors/plugins.vue-notification-575f3ba7.js	ScriptElement	13 kB	2025-06-18	2025-06-24
Pretty URL v3.traincdn.com/main-static/61792ac9/desktop/default/vendors/plugins.vue-notification-575f3ba7.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-18 17:35 Last Seen2025-06-24 13:26 Times Seen43 Hash cd9839620a2ba08dedf86ba42ab5a0ae 33979ec3abb619aeb258d50931e5319e41ca3fc8 11a8211423bdc49f5ba7982a50224bb69d82c8d459d69eff9f69b10e5c5618dc Loading...

	v3.traincdn.com/main-static/61792ac9/desktop/default/DC-10710285.js	ScriptElement	2.7 kB	2025-06-18	2025-06-24
Pretty URL v3.traincdn.com/main-static/61792ac9/desktop/default/DC-10710285.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-18 17:35 Last Seen2025-06-24 13:26 Times Seen43 Hash 8456a4c93bdea57b5386e8925733e535 306f451ed2b4fe561c3288766ae845436fd33284 26f97be768fee91730f47a7194021fa49b113dc81d060a2a470581e215fcbeab Loading...

	v3.traincdn.com/sys-static/shared-assets/__shared_accept_language_parser_B6TW5FDZ.js	ImportedModule	1.3 kB	2025-05-14	2025-07-21
Pretty URL v3.traincdn.com/sys-static/shared-assets/__shared_accept_language_parser_B6TW5FDZ.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2025-05-14 05:06 Last Seen2025-07-21 06:34 Times Seen1315 Hash e3f1c4089db6b910890e85d97a2e2066 85828920da3c3fd7856acde184e835ac314295cd 6c28afe5a52e0f9b1138fe498b254c8671058a058b555651ccae8e91e7534614 Loading...

	v3.traincdn.com/sys-static/shared-assets/__shared_fast_deep_equal_XYWIEKOD.js	ImportedModule	865 B	2025-05-14	2025-07-21
Pretty URL v3.traincdn.com/sys-static/shared-assets/__shared_fast_deep_equal_XYWIEKOD.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2025-05-14 05:06 Last Seen2025-07-21 06:34 Times Seen1315 Hash 0af3fe0c072a5bb3b6c731767187982f 55db5afb57265dc92fd121fe9ae565ffb2f53b2c 655bbe85da91e863401c6f96e24b41f5c2fe51a4245cecc2deb2b8c9600fef30 Loading...

	v3.traincdn.com/sys-static/shared-assets/__shared_libphonenumber_js_Q6RMKWT6.js	ImportedModule	159 kB	2025-05-14	2025-07-21
Pretty URL v3.traincdn.com/sys-static/shared-assets/__shared_libphonenumber_js_Q6RMKWT6.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2025-05-14 05:06 Last Seen2025-07-21 06:34 Times Seen1315 Hash 1da464d70e78b04b9b808e82e4ad9487 0c79e65516d1525ecb43d13cfb4ccb0631095a28 b4c72b8036ca6767ab61490178f901538646f2aa1001cb042caa134174a41595 Loading...

	v3.traincdn.com/sys-static/shared-assets/Desktop/__shared_344f9d75c4.js	ScriptElement	11 kB	2025-06-21	2025-06-21
Pretty URL v3.traincdn.com/sys-static/shared-assets/Desktop/__shared_344f9d75c4.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-21 20:03 Last Seen2025-06-21 20:03 Times Seen1 Hash 27a5b091df4e9fe3c26e853d6709a6d3 fa40a986e2c29b01058ade3a7f7d9c1cfa5715b4 6a759be0168c14e27a6daf314db777ea6f0ea818197eee328a839ff3ffa72423 Loading...

	1xlite-446241.top/bn/block	Function	44 B	2023-04-14	2025-07-21
Pretty URL 1xlite-446241.top/bn/block IP 178.253.14.230 ASN #202492 Silverhill Group Holding Ltd Introduced by Function Embedded in HTML false Observations First Seen2023-04-14 16:26 Last Seen2025-07-21 06:34 Times Seen6270 Hash 00beb9884d0391b342eadd30744b539a 3124c0bd593822379d22f13d3e08e70a1bf5ea14 92394eec5690449a4f6cfc9a7f97497a69e926b2365cb9a9aad3507a844f835c Loading...

	1xlite-446241.top/bn/block	DomTimer	10 B	2024-09-21	2025-07-21
Pretty URL 1xlite-446241.top/bn/block IP 178.253.14.230 ASN #202492 Silverhill Group Holding Ltd Introduced by domTimer Embedded in HTML false Observations First Seen2024-09-21 15:04 Last Seen2025-07-21 06:34 Times Seen2045 Hash 01f4b51b4ba7edd00ad9f0a22259f06e 00723d0eda4be61a7b1c542b0a08a94a94a60017 9fdac1c31a22f55dbb8ca225ee28c3f7e88b41cce82968af0018c9f8b3bd35ba Loading...

	v3.traincdn.com/main-static/61792ac9/desktop/default/app-cd8079b5.js	ScriptElement	505 kB	2025-06-19	2025-06-24
Pretty URL v3.traincdn.com/main-static/61792ac9/desktop/default/app-cd8079b5.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-19 13:18 Last Seen2025-06-24 06:35 Times Seen29 Hash 876917bb52b2a485ba55cbefb6ad83ac b31f0410ae524edfcfddd7804885f29990857245 712de7eb9b77c503da829227b99bf078234473d2f214bf4302878f3830fd72b9 Loading...

	v3.traincdn.com/main-static/61792ac9/desktop/default/vendors/plugins.vue-js-modal-b80265ab.js	ScriptElement	27 kB	2025-06-18	2025-06-24
Pretty URL v3.traincdn.com/main-static/61792ac9/desktop/default/vendors/plugins.vue-js-modal-b80265ab.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-18 17:35 Last Seen2025-06-24 13:26 Times Seen43 Hash da8dc1b4d54f9f5b1506c35e1d00139a 5ac224f85c17f285fba374f44928919105abfafd 0d86bef88dc869371df25bc4fb4d9e51586a935b9124d95e089fbaedafec4a7c Loading...

	v3.traincdn.com/main-static/61792ac9/desktop/default/Betting.Core-27e1268d.js	ScriptElement	2.0 kB	2025-06-19	2025-06-24
Pretty URL v3.traincdn.com/main-static/61792ac9/desktop/default/Betting.Core-27e1268d.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-19 13:18 Last Seen2025-06-24 06:35 Times Seen29 Hash 05df4d064aa615aa90a8c03804b1a8d4 243b47dad517a68ca94212b6fc25170f2326c8d3 e1e56dada08aacab84b50ed15c2cb9fda4b31101143780738e26a762357f470a Loading...

	v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/eee81f490f.js	ImportedModule	4.1 kB	2025-06-18	2025-06-24
Pretty URL v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/eee81f490f.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2025-06-18 17:35 Last Seen2025-06-24 23:34 Times Seen49 Hash f7165652388e4db8492b0c5cef873911 bb21320a39643361100fe8e11e4b5446873130be 68aafd61544b4d0566b7ca8faa7281f9887cc0416a8381aff01f27a00dea7c1c Loading...

	v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/42e926c49f.js	ImportedModule	27 kB	2025-06-18	2025-06-23
Pretty URL v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/42e926c49f.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2025-06-18 17:35 Last Seen2025-06-23 06:30 Times Seen32 Hash 504f2defe47d7dcd76a50fb013383a5b c7e28c0b6b38045fe591196ffba3a7160b616e4c 399185c4fc4c505a4ca99d6db0a5b8e8bd65e6023c717a41140cdcb2e08b07ab Loading...

	1xlite-446241.top/hd-api/external/apps/c5e31d5915661de4393e3f1489b00ebc4497dd48/api.js	ScriptElement	760 B	2025-05-21	2025-07-21
Pretty URL 1xlite-446241.top/hd-api/external/apps/c5e31d5915661de4393e3f1489b00ebc4497dd48/api.js IP 178.253.14.230 ASN #202492 Silverhill Group Holding Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-21 09:35 Last Seen2025-07-21 06:34 Times Seen1265 Hash 0b911773e0df627d77f8306c86e228aa 0d584bb1a3294e4fe42df4582dcc8a2c8f77f7bb 01e4926540498a77d866259516007d41fae1213ab9607db826f011d926fd6006 Loading...

	1xlite-446241.top/bn/block	Function	288 kB	2025-06-21	2025-06-21
Pretty URL 1xlite-446241.top/bn/block IP 178.253.14.230 ASN #202492 Silverhill Group Holding Ltd Introduced by Function Embedded in HTML false Observations First Seen2025-06-21 20:03 Last Seen2025-06-21 20:03 Times Seen1 Hash f67a8f44b63421ea7e223a8bfc9f6d90 fbac3d3f297e3af641748fd44e0727fdd8f3cedd 91c5895a207315c7f04e326dd32c426ca2ae5af311b55350c86423133fe3ae2a Loading...

	data:text/javascript,export const meta = import.meta;	ScriptElement	32 B	2023-12-06	2025-07-21
Pretty URL data:text/javascript,export const meta = import.meta; IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-06 14:32 Last Seen2025-07-21 06:34 Times Seen4008 Hash 6d772b7d405b447ecee54ab61cdd5108 dd65fb9cd5a7cb94a40fe161f4f72303a61eb3b7 b90ff694e492935b6036fb7e878d365dab51aafa46f0afb1e33414e7ecc3307b Loading...

	1xlite-446241.top/bn/block	ScriptElement	1.7 kB	2025-06-19	2025-06-24
Pretty URL 1xlite-446241.top/bn/block IP 178.253.14.230 ASN #202492 Silverhill Group Holding Ltd Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-19 13:18 Last Seen2025-06-24 06:35 Times Seen27 Hash d944bdc1634c6478ad6a33694e05f103 f6ac0456ab8e9e177373822afbae7e7b0d9cb0a3 1b1eefa518d5632376e0d3a493ef560a3679022ad05ee96385e6e5970fd543da Loading...

	v3.traincdn.com/sys-static/shared-assets/__shared_vue_deps_DYMTJONH.js	ImportedModule	19 kB	2025-05-14	2025-07-21
Pretty URL v3.traincdn.com/sys-static/shared-assets/__shared_vue_deps_DYMTJONH.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2025-05-14 05:06 Last Seen2025-07-21 06:34 Times Seen1315 Hash 1580a3cfe81fd30910a49dfe64cc8e7b 314144dc49595482ba46c0b85b38d5f73ef73a7b 8989a021d20f0fc08c43966a287cbd99e43142a5a0ff42eb232756a101de6035 Loading...

	v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/45f1770114.js	ImportedModule	1.2 kB	2025-06-18	2025-06-24
Pretty URL v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/45f1770114.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2025-06-18 17:35 Last Seen2025-06-24 23:34 Times Seen49 Hash bf50b784620ed417a811a29b93c1674b 72cbca9b31debe6d7bda2a2c553edd8e5c5ff44e 2bcf4abc801d0b74d8f38af2b71a8572856fc612af519a57b56f78247367474a Loading...

	1xlite-446241.top/hd-api/external/assets/hdf.js	ScriptElement	4.1 kB	2025-06-05	2025-07-21
Pretty URL 1xlite-446241.top/hd-api/external/assets/hdf.js IP 178.253.14.230 ASN #202492 Silverhill Group Holding Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-05 12:46 Last Seen2025-07-21 06:34 Times Seen1059 Hash 40eaa62ed21bd753172f4c307e2a41d0 f7b03c6b004562311c8ca00466179629738b2a40 60fed8cb321dc09e4e1d910b5822bd8f67d53d0962a41ddc9f5ac33edd4e2213 Loading...

	1xlite-446241.top/bn/block	Function	34 B	2023-04-14	2025-07-21
Pretty URL 1xlite-446241.top/bn/block IP 178.253.14.230 ASN #202492 Silverhill Group Holding Ltd Introduced by Function Embedded in HTML false Observations First Seen2023-04-14 16:26 Last Seen2025-07-21 06:34 Times Seen6280 Hash 7bcdb973ab8af8e24ab11cb554a1ba6e 24e8a10f240f2b06f81d7c173cd0a90606641fc1 916ec4eb9b485eb47f43a17fe212e84e4b72600b45eb6d4588599ad495a57fcd Loading...

	v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/$_$.js	ImportedModule	69 B	2025-05-14	2025-07-21
Pretty URL v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/$_$.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2025-05-14 05:06 Last Seen2025-07-21 06:34 Times Seen1225 Hash 2cdaa92927f02e0b628f1ef4d7dd8caf 9104a2e16ed080b80a42588b8aeb52ebec47ab7a ef8101ffea52addcdcfcc3a83f96ff2d4613fb3ae6d1c16bbe4852387b73a9db Loading...

	v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/entry-f161b37ed6.js	ScriptElement	21 kB	2025-06-18	2025-06-23
Pretty URL v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/entry-f161b37ed6.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-18 17:35 Last Seen2025-06-23 06:30 Times Seen32 Hash f5cdb4f31f025ebc20061834b1c8c497 d411ed0e68449a002f48537732336b8bb7624438 9d0a4a8960a6379b5dee32f6111d95ab742fd031a0edcc069f5b7b19d3195c9e Loading...

	v3.traincdn.com/main-static/61792ac9/desktop/default/date-fns-locale-10-e6e49950.js	ScriptElement	11 kB	2025-06-21	2025-06-21
Pretty URL v3.traincdn.com/main-static/61792ac9/desktop/default/date-fns-locale-10-e6e49950.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-21 20:03 Last Seen2025-06-21 20:03 Times Seen1 Hash 289af03b1f5c9ab78871d235cda301cf dd55b9b876e515a906e1af6121b49b8fd142ec68 7cea0a14bc894c2d6b2933599d99d1b14e262ec8aeb1ec4323852daea60dc12b Loading...

	v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/568bd9aa90.js	ImportedModule	2.0 kB	2025-06-18	2025-06-23
Pretty URL v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/568bd9aa90.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2025-06-18 17:35 Last Seen2025-06-23 06:30 Times Seen32 Hash 9f379aa49c0fb5d6828f564408b9fa57 e6859ec87a16384f10f182d45fbcb2d952889e93 98d109da6adb8de563bc66a66306a3c9e9a8fb7acbc88e210165da8e6f47300f Loading...

	v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/9d4f48c82e.js	ImportedModule	2.4 kB	2025-06-18	2025-06-23
Pretty URL v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/9d4f48c82e.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2025-06-18 17:35 Last Seen2025-06-23 06:30 Times Seen32 Hash 9cc6c128dcc8a510fc6d01ad3e0e035a c9689aaf76a0e1bd0e142345fd0ee9c8d88a7291 b1ee9fd385cd9ce2fddec3ac6af9e184f0c6ef04ee113da65f0c129dcaff72e0 Loading...

	1xlite-446241.top/bn/block	Eval	300 kB	2025-06-21	2025-06-21
Pretty URL 1xlite-446241.top/bn/block IP 178.253.14.230 ASN #202492 Silverhill Group Holding Ltd Introduced by eval Embedded in HTML false Observations First Seen2025-06-21 20:03 Last Seen2025-06-21 20:03 Times Seen1 Hash 44c01433045ba00bf5d7219e49d81410 4e575c41841132824c770c0856b8242fbb61a9d1 86c5608f045251bc830ba4c6981daf7aed135ddf5c92cf787b035da58bbe96a5 Loading...

	v3.traincdn.com/main-static/61792ac9/desktop/default/Page.Block-e69ac7e3.js	ScriptElement	476 B	2025-06-18	2025-06-24
Pretty URL v3.traincdn.com/main-static/61792ac9/desktop/default/Page.Block-e69ac7e3.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-18 17:35 Last Seen2025-06-24 13:26 Times Seen42 Hash c87f54df5a69769e626d975089e6f1d4 d63b1d8931e2fd9151032a5f2c0c155f23e4d6d4 b968bc21d59d3bf276ae39c19612ceb1235e221b19f74d6c921043af36157f78 Loading...

	v3.traincdn.com/main-static/61792ac9/desktop/default/vendors/app-b161080e.js	ScriptElement	1.4 MB	2025-06-19	2025-06-24
Pretty URL v3.traincdn.com/main-static/61792ac9/desktop/default/vendors/app-b161080e.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-19 13:18 Last Seen2025-06-24 09:06 Times Seen31 Hash 59800506d8ed60811509c8061d8c8583 5e3d13ec4764ffab0ec0f7a7f7ff1590e6158455 10c5554c33de58fc57b64609c0846dc3b73fd2b68f228fd9ad0b1f5d63a346da Loading...

	1xlite-446241.top/bn/block	ScriptElement	6.4 kB	2025-06-21	2025-06-21
Pretty URL 1xlite-446241.top/bn/block IP 178.253.14.230 ASN #202492 Silverhill Group Holding Ltd Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-21 20:03 Last Seen2025-06-21 20:03 Times Seen1 Hash 1297c79d2ef4f3dc48fdfcb35005ea26 cf96a5f1845845a3c2ee5a953d6f7a41d8cbcece 7453c2b1d96909cf0ab2149d85eaf86e7309a4799add4bb022b058736a36bb5e Loading...

	v3.traincdn.com/main-static/61792ac9/desktop/default/runtime-cd8ceb8c.js	ScriptElement	19 kB	2025-06-19	2025-06-24
Pretty URL v3.traincdn.com/main-static/61792ac9/desktop/default/runtime-cd8ceb8c.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-19 13:18 Last Seen2025-06-24 06:35 Times Seen29 Hash 0c1e265007df3ccc1bfbb4e444f10864 6edfb32039115a1bca7fe2688e05ef5148161b20 2fd8c3b077e2109d70e3ee2ae9c473cb7246bcd8f7a13fa231fda3db7d7a8fb6 Loading...

	v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/ad31aef0b1.js	ImportedModule	864 B	2025-06-18	2025-06-23
Pretty URL v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/ad31aef0b1.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2025-06-18 17:35 Last Seen2025-06-23 06:30 Times Seen32 Hash 9f763cf109976cc240a688471df28e0f c97a82b72d54e5a4c96cb18df28b475fd7052ec6 ef6f9e80182014cdb24807ec43e59544eef8c3147dd6cf0300f135da0751828d Loading...

	v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/e51c24c8ac.js	ScriptElement	3.9 kB	2025-06-18	2025-06-23
Pretty URL v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/e51c24c8ac.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-18 17:35 Last Seen2025-06-23 06:30 Times Seen32 Hash bb033fb223aa7b54248f6272392312dd f7d5bd65a89f494cafc91ead618b32ac124e4764 cea19f93dd8cb316d74d251619e24ccee56002bc87cf5fb6fb452cb62133dbfe Loading...

	1xlite-446241.top/bn/block	Function	47 B	2023-04-14	2025-07-21
Pretty URL 1xlite-446241.top/bn/block IP 178.253.14.230 ASN #202492 Silverhill Group Holding Ltd Introduced by Function Embedded in HTML false Observations First Seen2023-04-14 16:26 Last Seen2025-07-21 06:34 Times Seen6268 Hash 580b3e56fc9ab6e8b4655f43ee057cc1 5dfce565e446f4a167195de9a1a5dd26163c711c 446f07b6e56de61d2c2d5b6ba408cc580b492a6d1ede8fc51cfde4ef75a2b382 Loading...

	1xlite-446241.top/bn/block	Function	96 B	2023-12-06	2025-07-21
Pretty URL 1xlite-446241.top/bn/block IP 178.253.14.230 ASN #202492 Silverhill Group Holding Ltd Introduced by Function Embedded in HTML false Observations First Seen2023-12-06 14:32 Last Seen2025-07-21 06:34 Times Seen4008 Hash 94361ed86ab9b2fbb8d805c2025df46a 3f428332f7a1c7196a85c93a373a966d75708c19 eee4d228a49a86625f29410cf9a23d145e821a09cbb1f7a4d7557d206872715a Loading...

	1xlite-446241.top/main-static/61792ac9/check-ob.js	ScriptElement	219 B	2024-07-17	2025-07-21
Pretty URL 1xlite-446241.top/main-static/61792ac9/check-ob.js IP 178.253.14.230 ASN #202492 Silverhill Group Holding Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-17 14:33 Last Seen2025-07-21 06:34 Times Seen2435 Hash c065700c9c8c493403359e1f2baa10d9 4630fe729e70bdf63fa7ba6c84ec277fd1f51030 1e61f0c82ae82ffcf503fcd4b4c8ae27b32c11e19b882d5d13f3c44364c893f4 Loading...

	v3.traincdn.com/main-static/61792ac9/desktop/default/vendors/plugins.v-tooltip-19a74e7d.js	ScriptElement	77 kB	2025-06-18	2025-06-24
Pretty URL v3.traincdn.com/main-static/61792ac9/desktop/default/vendors/plugins.v-tooltip-19a74e7d.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-18 17:35 Last Seen2025-06-24 13:26 Times Seen43 Hash fa1e03b13da82d855a5e808376231ce2 0ee034839962803578266cbec3009100a0ebec46 4777d3418e37ffbaee26e5371e815755110def6987a7d178e4cc79df42922c59 Loading...

	v3.traincdn.com/sys-static/shared-assets/__shared_popper_js_E2H7ZPXQ.js	ImportedModule	21 kB	2025-05-14	2025-07-21
Pretty URL v3.traincdn.com/sys-static/shared-assets/__shared_popper_js_E2H7ZPXQ.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2025-05-14 05:06 Last Seen2025-07-21 06:34 Times Seen1302 Hash 3cf0cae38afae9add22f7884e5061231 2a41037501375a439385a76a047876619683418f 322482e3beae5a985d069beea981614510fda90a5df7295b776a324d461fc43d Loading...

	radar.cedexis.com/1/23802/radar.js	ScriptElement	390 B	2024-02-13	2025-07-21
Pretty URL radar.cedexis.com/1/23802/radar.js IP 45.54.49.5 ASN #63911 NetActuate, Inc Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-13 14:23 Last Seen2025-07-21 06:34 Times Seen3246 Hash 82dec77fd0353c7c71ce053b8601387e fbbca95419e1d0c042e0a5fdf10f380aca66188c 39f2b7b0fa78d37d0c84d2d6618bd635d86fd683d9bcdd5729850cb2a62522f7 Loading...

	1xlite-446241.top/bn/block	ScriptElement	199 kB	2025-06-21	2025-06-21
Pretty URL 1xlite-446241.top/bn/block IP 178.253.14.230 ASN #202492 Silverhill Group Holding Ltd Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-21 20:03 Last Seen2025-06-21 20:03 Times Seen1 Hash 7265afae5babb372036a108c44f742aa 027942523b0dd852de393805427f908b17a25547 cb53ddd231457b9b88ee137e9b7ba6048b5245ae8851ebb56251de39a96fa544 Loading...

	v3.traincdn.com/main-static/61792ac9/desktop/default/commons/app-4b82fdd3.js	ScriptElement	138 kB	2025-06-18	2025-07-01
Pretty URL v3.traincdn.com/main-static/61792ac9/desktop/default/commons/app-4b82fdd3.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-18 17:35 Last Seen2025-07-01 09:09 Times Seen161 Hash 868af65a31d095c2a360f8a5e94425bc 59e94cfde197cb7fbf844717ae7083f35a44e3a4 ab24c1b9022a49c40e590b7fdd6b471a627b1eaf389ab3f5f605ae794fdb8c53 Loading...

HTTP Transactions (92)

URL IP Response Size

GET v3.traincdn.com/sys-ui/3.3.258/Desktop/Default/merged.css

185.244.209.62

200 OK

926 kB

URL GET
v3.traincdn.com/sys-ui/3.3.258/Desktop/Default/merged.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
926 kB (926140 bytes)
Hash
071a333ba6c66187587416c578292b0f
d60a98f6affa7910df2dd867985d7d0659f548f9
5d9c85dc8f9473cb1f291b0e238cc0d7ae41ba688d5dcc3eddb8bda2ae4cafc4

HTTP Headers

GET /sys-ui/3.3.258/Desktop/Default/merged.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-446241.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:26 GMT
content-type: text/css; charset=utf-8
traceparent: 00-4cbc23261ab711a0030612e1921f98bf-0903b04b6c6b5fcb-01
last-modified: Fri, 20 Jun 2025 13:53:43 GMT
etag: W/"071a333ba6c66187587416c578292b0f"
x-amz-meta-mtime: 1750427582.737916907
content-encoding: gzip
expires: Sat, 21 Jun 2025 13:59:00 GMT
cache-control: max-age=86400
x-time-ng: 0.003
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 21853
cache: HIT
x-cached-since: 2025-06-21T13:59:13+00:00
X-Firefox-Spdy: h2

GET v3.traincdn.com/main-static/61792ac9/desktop/default/vendors/app-b161080e.js

185.244.209.62

200 OK

1.4 MB

URL GET
v3.traincdn.com/main-static/61792ac9/desktop/default/vendors/app-b161080e.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (64056)
Size
1.4 MB (1405611 bytes)
Hash
59800506d8ed60811509c8061d8c8583
5e3d13ec4764ffab0ec0f7a7f7ff1590e6158455
10c5554c33de58fc57b64609c0846dc3b73fd2b68f228fd9ad0b1f5d63a346da

HTTP Headers

GET /main-static/61792ac9/desktop/default/vendors/app-b161080e.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-446241.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:26 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-021b92ae5b096b8abee8b885f6f52b7b-ac52c2fc84b71904-01
last-modified: Thu, 19 Jun 2025 12:35:31 GMT
etag: W/"59800506d8ed60811509c8061d8c8583"
x-amz-meta-mtime: 1750336530.00359527
content-encoding: gzip
expires: Fri, 20 Jun 2025 13:08:37 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 24695
cache: HIT
x-cached-since: 2025-06-21T13:11:51+00:00
X-Firefox-Spdy: h2

GET v3.traincdn.com/genfiles/cms/1-1258/desktop/media_asset/cec3125bacd27eb65f91e96df5e5f376.json

185.244.209.62

200 OK

22 kB

URL GET
v3.traincdn.com/genfiles/cms/1-1258/desktop/media_asset/cec3125bacd27eb65f91e96df5e5f376.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
22 kB (21827 bytes)
Hash
ff5d81879a491bb1cfe091c5817a89b4
2a1d20f61eb8c513b270b8d123e3a9f66c89f808
538bffce9fa55e37a08e6b7f5148f8e7884c02a82b13e8426553061ff2475f90

HTTP Headers

GET /genfiles/cms/1-1258/desktop/media_asset/cec3125bacd27eb65f91e96df5e5f376.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-446241.top/
Origin: https://1xlite-446241.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:27 GMT
content-type: application/json
traceparent: 00-e74a5e7fa480f58bd3046ff8a254817d-1bdc8a0a14efd6d4-01
last-modified: Tue, 20 May 2025 11:04:07 GMT
etag: W/"ff5d81879a491bb1cfe091c5817a89b4"
content-encoding: gzip
expires: Wed, 11 Jun 2025 10:06:30 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
cache: REVALIDATED
X-Firefox-Spdy: h2

GET v3.traincdn.com/main-static/61792ac9/desktop/default/DC-10710285.js

185.244.209.62

200 OK

2.7 kB

URL GET
v3.traincdn.com/main-static/61792ac9/desktop/default/DC-10710285.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (2653), with no line terminators
Size
2.7 kB (2653 bytes)
Hash
8456a4c93bdea57b5386e8925733e535
306f451ed2b4fe561c3288766ae845436fd33284
26f97be768fee91730f47a7194021fa49b113dc81d060a2a470581e215fcbeab

HTTP Headers

GET /main-static/61792ac9/desktop/default/DC-10710285.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-446241.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:27 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-e9572fc1ac20417d66ff2aa454f7ea12-c21a7b25f181abef-01
last-modified: Thu, 19 Jun 2025 12:35:31 GMT
etag: W/"8456a4c93bdea57b5386e8925733e535"
x-amz-meta-mtime: 1750336529.983595205
content-encoding: gzip
expires: Fri, 20 Jun 2025 13:08:39 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 24696
cache: HIT
x-cached-since: 2025-06-21T13:11:51+00:00
X-Firefox-Spdy: h2

GET 1xlite-446241.top/checker/redirect/stat/run/

178.253.14.230

200 OK

76 B

URL GET
1xlite-446241.top/checker/redirect/stat/run/
IP
178.253.14.230:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerLet's Encrypt
Subject1xlite-446241.top
FingerprintE4:92:BE:BA:35:7C:95:77:03:ED:E9:CD:D0:F5:4B:0A:C0:31:E8:76
ValidityMon, 19 May 2025 05:20:46 GMT - Sun, 17 Aug 2025 05:20:45 GMT

File type
JSON text data
Size
76 B (76 bytes)
Hash
27c2416c1b923fecbcfc18d2fe0b93c8
c2bf774eb23aea67e9f24cb3c4aef31dc2575276
235990e7fa35e87bda0de418d7f4f59e238d6bcc4663db671e512f67f0e1a74b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /checker/redirect/stat/run/ HTTP/1.1
Host: 1xlite-446241.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-446241.top/bn/block
content-type: application/json
x-requested-with: XMLHttpRequest
x-app-n: v3-nuxt2
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=bn; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_131637m_14249c_MSnullpbgeneral79216186_d27082_l190996_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_131637m_14249c_MSnullpbgeneral79216186_d27082_l190996_clickunder; postback_watcher=%7B%22tag%22%3A%22d_131637m_14249c_MSnullpbgeneral79216186_d27082_l190996_clickunder%22%2C%22pb%22%3A%227cb13d3f9d3046d5bffca6ca03342b50%22%2C%22click_id%22%3A%22d42ea4084fd1a5e47fa4a165e06507a7%22%7D; auid=sv0O5mhXEA0o/2rbA0gbAg==; window_width=1280; che_g=6eed7fb3-39ec-7cdb-74c5-ed7c2b253ded
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:27 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-time-ng: 0.001
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.008
X-Firefox-Spdy: h2

GET v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/$_$.js

185.244.209.62

200 OK

69 B

URL GET
v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/$_$.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
69 B (69 bytes)
Hash
2cdaa92927f02e0b628f1ef4d7dd8caf
9104a2e16ed080b80a42588b8aeb52ebec47ab7a
ef8101ffea52addcdcfcc3a83f96ff2d4613fb3ae6d1c16bbe4852387b73a9db

HTTP Headers

GET /sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/$_$.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-446241.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:27 GMT
content-type: text/javascript; charset=utf-8
content-length: 69
traceparent: 00-487d0277f79217d7b634475fcd6165f1-4e729e1ddc3d5626-01
last-modified: Wed, 18 Jun 2025 13:47:10 GMT
etag: "2cdaa92927f02e0b628f1ef4d7dd8caf"
x-amz-meta-mtime: 1750254148.951234625
expires: Thu, 19 Jun 2025 18:51:31 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 3888
cache: HIT
x-cached-since: 2025-06-21T18:58:39+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

GET v3.traincdn.com/sys-static/shared-assets/__shared_vue_deps_DYMTJONH.js

185.244.209.62

200 OK

19 kB

URL GET
v3.traincdn.com/sys-static/shared-assets/__shared_vue_deps_DYMTJONH.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (19034)
Size
19 kB (19175 bytes)
Hash
1580a3cfe81fd30910a49dfe64cc8e7b
314144dc49595482ba46c0b85b38d5f73ef73a7b
8989a021d20f0fc08c43966a287cbd99e43142a5a0ff42eb232756a101de6035

HTTP Headers

GET /sys-static/shared-assets/__shared_vue_deps_DYMTJONH.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-446241.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:28 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-ff49e6d684eb87268845cd34d7351dde-e829fceb36c63901-01
last-modified: Fri, 20 Jun 2025 14:13:24 GMT
etag: W/"1580a3cfe81fd30910a49dfe64cc8e7b"
x-amz-meta-mtime: 1750428765.978144538
content-encoding: gzip
expires: Sat, 21 Jun 2025 19:04:31 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 3531
cache: HIT
x-cached-since: 2025-06-21T19:04:37+00:00
X-Firefox-Spdy: h2

GET v3.traincdn.com/genfiles/cms/1-1258/desktop/media_asset/5ad56e0309d98c226f7c6f53c8988481.json

185.244.209.62

200 OK

1.4 kB

URL GET
v3.traincdn.com/genfiles/cms/1-1258/desktop/media_asset/5ad56e0309d98c226f7c6f53c8988481.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
1.4 kB (1381 bytes)
Hash
60800fc6a93e48491d94e7d6447b1709
632786af7227839842c02819d3d6340d13cc6125
62e20d1db7acda670afe7035a169bb1d4ba4adfac1251ad8a666edc7e14a5f8f

HTTP Headers

GET /genfiles/cms/1-1258/desktop/media_asset/5ad56e0309d98c226f7c6f53c8988481.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-446241.top/
Origin: https://1xlite-446241.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:28 GMT
content-type: application/json
traceparent: 00-dcea6b06d560116f4c8488a2acdf9a2f-e36deba633e5ce66-01
last-modified: Thu, 15 May 2025 13:56:17 GMT
etag: W/"60800fc6a93e48491d94e7d6447b1709"
content-encoding: gzip
expires: Thu, 05 Jun 2025 08:40:15 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
cache: REVALIDATED
X-Firefox-Spdy: h2

GET v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/568bd9aa90.js

185.244.209.62

200 OK

2.0 kB

URL GET
v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/568bd9aa90.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (1967)
Size
2.0 kB (1968 bytes)
Hash
9f379aa49c0fb5d6828f564408b9fa57
e6859ec87a16384f10f182d45fbcb2d952889e93
98d109da6adb8de563bc66a66306a3c9e9a8fb7acbc88e210165da8e6f47300f

HTTP Headers

GET /sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/568bd9aa90.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-446241.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:28 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-474bd37ed725c86165e3a7cf86a19fb3-42dc047a92af3c11-01
last-modified: Wed, 18 Jun 2025 13:47:11 GMT
etag: W/"9f379aa49c0fb5d6828f564408b9fa57"
x-amz-meta-mtime: 1750254148.956234791
content-encoding: gzip
expires: Thu, 19 Jun 2025 13:50:23 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 21672
cache: HIT
x-cached-since: 2025-06-21T14:02:16+00:00
X-Firefox-Spdy: h2

GET 1xlite-446241.top/web-api/session

178.253.14.230

204 No Content

0 B

URL GET
1xlite-446241.top/web-api/session
IP
178.253.14.230:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerLet's Encrypt
Subject1xlite-446241.top
FingerprintE4:92:BE:BA:35:7C:95:77:03:ED:E9:CD:D0:F5:4B:0A:C0:31:E8:76
ValidityMon, 19 May 2025 05:20:46 GMT - Sun, 17 Aug 2025 05:20:45 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /web-api/session HTTP/1.1
Host: 1xlite-446241.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-446241.top/bn/block
content-type: application/json
x-requested-with: XMLHttpRequest
x-app-n: v3-nuxt2
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=bn; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_131637m_14249c_MSnullpbgeneral79216186_d27082_l190996_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_131637m_14249c_MSnullpbgeneral79216186_d27082_l190996_clickunder; postback_watcher=%7B%22tag%22%3A%22d_131637m_14249c_MSnullpbgeneral79216186_d27082_l190996_clickunder%22%2C%22pb%22%3A%227cb13d3f9d3046d5bffca6ca03342b50%22%2C%22click_id%22%3A%22d42ea4084fd1a5e47fa4a165e06507a7%22%7D; auid=sv0O5mhXEA0o/2rbA0gbAg==; window_width=1280; che_g=6eed7fb3-39ec-7cdb-74c5-ed7c2b253ded
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
server: nginx
date: Sat, 21 Jun 2025 20:03:35 GMT
cache-control: no-cache, private
server-timing: dt_total;dur=0.005, p;dur=24.093, wf-uht;dur=0.036
set-cookie: ua=deleted; expires=Thu, 01 Jan 1970 00:00:01 GMT; Max-Age=0; path=/
SESSION=e53b53aa5026f32bde4a124f681445fb; path=/; secure; httponly; samesite=lax
x-dt: 1258
x-time-ng: 0.026, 0.026
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

POST 1xlite-446241.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json

178.253.14.230

200 OK

23 B

URL POST
1xlite-446241.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json
IP
178.253.14.230:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerLet's Encrypt
Subject1xlite-446241.top
FingerprintE4:92:BE:BA:35:7C:95:77:03:ED:E9:CD:D0:F5:4B:0A:C0:31:E8:76
ValidityMon, 19 May 2025 05:20:46 GMT - Sun, 17 Aug 2025 05:20:45 GMT

File type
JSON text data
Size
23 B (23 bytes)
Hash
457d9abc1c4d536abecbb5bc3e8f5e40
ee4a3404098f3a82046809806283e3263d1ba44f
d44c8c1473c55cb69faed21de8b69f54f30547643d584ad9da5971d2e086de89

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json HTTP/1.1
Host: 1xlite-446241.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-446241.top/bn/block
Content-Type: application/json
X-Lang: bn
X-Uuid: d1c3e437-ebd6-4c0e-9459-8affa3a5bade
Content-Length: 109
Origin: https://1xlite-446241.top
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=bn; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_131637m_14249c_MSnullpbgeneral79216186_d27082_l190996_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_131637m_14249c_MSnullpbgeneral79216186_d27082_l190996_clickunder; postback_watcher=%7B%22tag%22%3A%22d_131637m_14249c_MSnullpbgeneral79216186_d27082_l190996_clickunder%22%2C%22pb%22%3A%227cb13d3f9d3046d5bffca6ca03342b50%22%2C%22click_id%22%3A%22d42ea4084fd1a5e47fa4a165e06507a7%22%7D; auid=sv0O5mhXEA0o/2rbA0gbAg==; window_width=1280; che_g=6eed7fb3-39ec-7cdb-74c5-ed7c2b253ded; SESSION=e53b53aa5026f32bde4a124f681445fb
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:39 GMT
content-type: application/json
content-length: 23
x-dt: 1258
x-time-ng: 0.001
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=0.047, wf-uht;dur=0.008
X-Firefox-Spdy: h2

GET v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2

185.244.209.62

200 OK

64 kB

URL GET
v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 63920, version 1.0
Size
64 kB (63920 bytes)
Hash
a65527fcb58f66a7cfbc0e6b160538b4
45d260e7fa343401b5bb0df982a014f53e2d253b
fb13c3a1cbac60649b76f7d7f85c1645d35ac69b85ce5f4eb0692505ecc2cd45

HTTP Headers

GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-446241.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:26 GMT
content-type: font/woff2
content-length: 63920
traceparent: 00-b3f805cc65fde384e8f7095e2f6c8283-5ddad6211490512c-01
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "a65527fcb58f66a7cfbc0e6b160538b4"
expires: Thu, 16 Jan 2025 10:45:34 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 588
cache: HIT
x-cached-since: 2025-06-21T19:53:38+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

GET v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_forgot_password/bn/dictionary_08dc4f71903acd9409b9bb900425d538.json

185.244.209.62

200 OK

7.9 kB

URL GET
v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_forgot_password/bn/dictionary_08dc4f71903acd9409b9bb900425d538.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
7.9 kB (7899 bytes)
Hash
ab97f2249f995266f6f93fe444ab66d2
873e9bb91bd4ec60e1de0efb52beeac30562deca
27be340adfd1f4ff1a8da6d3699c2cb2eaa042c8c2ea01691689a5f42adec8cb

HTTP Headers

GET /genfiles/web-app-v2/dictionary2/v3_forgot_password/bn/dictionary_08dc4f71903acd9409b9bb900425d538.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-446241.top/
Origin: https://1xlite-446241.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:27 GMT
content-type: application/json; charset=utf-8
traceparent: 00-2abc8a0f64eb80f7da5038a1ab5e34c6-284d9b792eb10211-01
last-modified: Mon, 16 Jun 2025 12:06:00 GMT
etag: W/"ab97f2249f995266f6f93fe444ab66d2"
cache-control: max-age=3600
content-encoding: gzip
expires: Mon, 16 Jun 2025 14:16:57 GMT
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 2560
cache: HIT
x-cached-since: 2025-06-21T19:20:47+00:00
X-Firefox-Spdy: h2

GET v3.traincdn.com/genfiles/cms/1-1258/desktop/media_asset/0bfc54288673ecc355ae1cc451091289.json

185.244.209.62

200 OK

7.3 kB

URL GET
v3.traincdn.com/genfiles/cms/1-1258/desktop/media_asset/0bfc54288673ecc355ae1cc451091289.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
7.3 kB (7321 bytes)
Hash
0614058b667e6dfa1cdecc6e0e53131c
4f20f88c436fb5cbd82cf1dcfeaa14e52195a369
be16474b0f19b7536ebdd3d0f8867b151eaa4638411ddb46845f887a5d51a653

HTTP Headers

GET /genfiles/cms/1-1258/desktop/media_asset/0bfc54288673ecc355ae1cc451091289.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-446241.top/
Origin: https://1xlite-446241.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:27 GMT
content-type: application/json
traceparent: 00-084bf35b60e7ed9ada52cd8cde030d13-e9254a2de7c8f7c5-01
last-modified: Thu, 23 Jan 2025 13:22:52 GMT
etag: W/"0614058b667e6dfa1cdecc6e0e53131c"
content-encoding: gzip
expires: Wed, 11 Jun 2025 10:06:30 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
cache: REVALIDATED
X-Firefox-Spdy: h2

GET v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_block_pages/bn/dictionary_96c1ac571a990d633a31439f0aadd5aa.json

185.244.209.62

200 OK

4.1 kB

URL GET
v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_block_pages/bn/dictionary_96c1ac571a990d633a31439f0aadd5aa.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
4.1 kB (4080 bytes)
Hash
6f6ddadd4c50e307f3b0327c6b7dd97d
01fd9001ba48056bea81781bf572c7891d577bde
12232591821b1a1cbfebc6e9c9a88fd795d0825dcd144723fe08163e93cd69c9

HTTP Headers

GET /genfiles/web-app-v2/dictionary2/v3_block_pages/bn/dictionary_96c1ac571a990d633a31439f0aadd5aa.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-446241.top/
Origin: https://1xlite-446241.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:28 GMT
content-type: application/json; charset=utf-8
traceparent: 00-09d410022f7c1c476c54de8cb18bba5c-14192db1831e598c-01
last-modified: Wed, 23 Apr 2025 16:06:01 GMT
etag: W/"6f6ddadd4c50e307f3b0327c6b7dd97d"
cache-control: max-age=3600
content-encoding: gzip
expires: Tue, 17 Jun 2025 09:02:59 GMT
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
cache: REVALIDATED
X-Firefox-Spdy: h2

GET v3.traincdn.com/genfiles/cms/1-1258/desktop/media_asset/e9aaf54249712e7e79892e2754c64bd7.json

185.244.209.62

200 OK

3.6 kB

URL GET
v3.traincdn.com/genfiles/cms/1-1258/desktop/media_asset/e9aaf54249712e7e79892e2754c64bd7.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
3.6 kB (3557 bytes)
Hash
4b08975411699bcd7464f49777e866bf
2a9b0a0f3eadf5f3e1ef688bacd9560dd59c73d2
b6208d18413f8988db2e0040ff72516c0cb5e06d3d9692b5b098808ab46fc378

HTTP Headers

GET /genfiles/cms/1-1258/desktop/media_asset/e9aaf54249712e7e79892e2754c64bd7.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-446241.top/
Origin: https://1xlite-446241.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:28 GMT
content-type: application/json
traceparent: 00-7185e339a3c4c4195da3d63614233492-d3658a11e8b5882b-01
last-modified: Thu, 27 Feb 2025 09:07:33 GMT
etag: W/"4b08975411699bcd7464f49777e866bf"
content-encoding: gzip
expires: Thu, 05 Jun 2025 08:40:15 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
cache: REVALIDATED
X-Firefox-Spdy: h2

GET 1xlite-446241.top/bn/block

178.253.14.230

203 Non Authoritative

267 kB

URL User Request GET
1xlite-446241.top/bn/block
IP
178.253.14.230:443
ASN
#202492 Silverhill Group Holding Ltd

Certificate
IssuerLet's Encrypt
Subject1xlite-446241.top
FingerprintE4:92:BE:BA:35:7C:95:77:03:ED:E9:CD:D0:F5:4B:0A:C0:31:E8:76
ValidityMon, 19 May 2025 05:20:46 GMT - Sun, 17 Aug 2025 05:20:45 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (53869)
Size
267 kB (266705 bytes)
Hash
c9dcc18de86073d3060e183b556af4f4
cf4085272a4f8c35807b103873301dd9401bd0a1
92a40ba88750233844d101612ca42220671e33c8e8c09a9a6c8c445ce7911d78

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /bn/block HTTP/1.1
Host: 1xlite-446241.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=bn; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_131637m_14249c_MSnullpbgeneral79216186_d27082_l190996_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_131637m_14249c_MSnullpbgeneral79216186_d27082_l190996_clickunder; postback_watcher=%7B%22tag%22%3A%22d_131637m_14249c_MSnullpbgeneral79216186_d27082_l190996_clickunder%22%2C%22pb%22%3A%227cb13d3f9d3046d5bffca6ca03342b50%22%2C%22click_id%22%3A%22d42ea4084fd1a5e47fa4a165e06507a7%22%7D; auid=sv0O5mhXEA0o/2rbA0gbAg==
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 203 Non Authoritative
server: nginx
date: Sat, 21 Jun 2025 20:03:25 GMT
content-type: text/html; charset=utf-8
content-length: 266705
accept-ranges: none
server-timing: dt_total;dur=0.003, total;dur=131;desc="Nuxt Server Time"
set-cookie: gw-mm=; Path=/; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Secure; SameSite=None; Partitioned
lng=bn; Path=/
cookies_agree_type=3; Path=/
tzo=2; Path=/
is12h=0; Path=/
x-dt: 1258
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

GET v3.traincdn.com/sys-ui/2.3.253/Desktop/Default/client.css

185.244.209.62

200 OK

643 kB

URL GET
v3.traincdn.com/sys-ui/2.3.253/Desktop/Default/client.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
643 kB (642806 bytes)
Hash
51ed7bc142a0d38b5e128fc507d2425d
72307245c00ff99ee4ec428917b29d8cd80ca2a3
7ad4a2f8c8db8564be108f52b97502089eca6264a874dd2428335414614377e5

HTTP Headers

GET /sys-ui/2.3.253/Desktop/Default/client.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-446241.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:26 GMT
content-type: text/css; charset=utf-8
traceparent: 00-255d61d3fd428cdf99ed70f08911301b-8906cfa069dfb23c-01
last-modified: Wed, 18 Jun 2025 12:17:43 GMT
etag: W/"51ed7bc142a0d38b5e128fc507d2425d"
x-amz-meta-mtime: 1750249060.487555463
content-encoding: gzip
expires: Thu, 19 Jun 2025 15:47:31 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 15225
cache: HIT
x-cached-since: 2025-06-21T15:49:41+00:00
X-Firefox-Spdy: h2

GET v3.traincdn.com/main-static/61792ac9/desktop/default/runtime-cd8ceb8c.js

185.244.209.62

200 OK

19 kB

URL GET
v3.traincdn.com/main-static/61792ac9/desktop/default/runtime-cd8ceb8c.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (18683), with no line terminators
Size
19 kB (18683 bytes)
Hash
0c1e265007df3ccc1bfbb4e444f10864
6edfb32039115a1bca7fe2688e05ef5148161b20
2fd8c3b077e2109d70e3ee2ae9c473cb7246bcd8f7a13fa231fda3db7d7a8fb6

HTTP Headers

GET /main-static/61792ac9/desktop/default/runtime-cd8ceb8c.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-446241.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:26 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-801e3fb4165cc6df25fcb117409b97a3-64974b8b1e90c050-01
last-modified: Thu, 19 Jun 2025 12:35:31 GMT
etag: W/"0c1e265007df3ccc1bfbb4e444f10864"
x-amz-meta-mtime: 1750336530.00359527
content-encoding: gzip
expires: Fri, 20 Jun 2025 13:08:37 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 24695
cache: HIT
x-cached-since: 2025-06-21T13:11:51+00:00
X-Firefox-Spdy: h2

POST 1xlite-446241.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/ab.json

178.253.14.230

200 OK

2 B

URL POST
1xlite-446241.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/ab.json
IP
178.253.14.230:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerLet's Encrypt
Subject1xlite-446241.top
FingerprintE4:92:BE:BA:35:7C:95:77:03:ED:E9:CD:D0:F5:4B:0A:C0:31:E8:76
ValidityMon, 19 May 2025 05:20:46 GMT - Sun, 17 Aug 2025 05:20:45 GMT

File type
JSON text data
Size
2 B (2 bytes)
Hash
d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/ab.json HTTP/1.1
Host: 1xlite-446241.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-446241.top/bn/block
Content-Type: application/json
X-Lang: bn
X-Uuid: d1c3e437-ebd6-4c0e-9459-8affa3a5bade
Content-Length: 19
Origin: https://1xlite-446241.top
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=bn; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_131637m_14249c_MSnullpbgeneral79216186_d27082_l190996_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_131637m_14249c_MSnullpbgeneral79216186_d27082_l190996_clickunder; postback_watcher=%7B%22tag%22%3A%22d_131637m_14249c_MSnullpbgeneral79216186_d27082_l190996_clickunder%22%2C%22pb%22%3A%227cb13d3f9d3046d5bffca6ca03342b50%22%2C%22click_id%22%3A%22d42ea4084fd1a5e47fa4a165e06507a7%22%7D; auid=sv0O5mhXEA0o/2rbA0gbAg==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:27 GMT
content-type: application/json
content-length: 2
x-dt: 1258
x-time-ng: 0.000
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=0.092, wf-uht;dur=0.011
X-Firefox-Spdy: h2

GET v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_reset_password/bn/dictionary_40566392e3ae9728b3a0690a2d2ce26c.json

185.244.209.62

200 OK

1.5 kB

URL GET
v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_reset_password/bn/dictionary_40566392e3ae9728b3a0690a2d2ce26c.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
1.5 kB (1450 bytes)
Hash
0fc2a23b43d3d2eb5cd4fa64c5c71375
8f3c70fa37687422b99b9a6eaefed1c9dfa729aa
99785f4dda7d0e8d5556b7b6f4217585ed11a1894e7c197de0ac043fca404f05

HTTP Headers

GET /genfiles/web-app-v2/dictionary2/v3_reset_password/bn/dictionary_40566392e3ae9728b3a0690a2d2ce26c.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-446241.top/
Origin: https://1xlite-446241.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:27 GMT
content-type: application/json; charset=utf-8
traceparent: 00-0864ec95c6116ed5a0fc0c23820c5890-daba6c91fb333f7c-01
last-modified: Wed, 11 Oct 2023 12:52:19 GMT
etag: W/"0fc2a23b43d3d2eb5cd4fa64c5c71375"
cache-control: max-age=3600
content-encoding: gzip
expires: Thu, 05 Jun 2025 17:23:20 GMT
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
cache: REVALIDATED
X-Firefox-Spdy: h2

GET v3.traincdn.com/genfiles/cms/1-1258/desktop/media_asset/48593960336c3075164f79d77fe845c4.json

185.244.209.62

200 OK

747 B

URL GET
v3.traincdn.com/genfiles/cms/1-1258/desktop/media_asset/48593960336c3075164f79d77fe845c4.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
747 B (747 bytes)
Hash
f4e90636ec9cff061c4301b3cefdd0d6
c506efe9c3672c58434ea10021dab0ad81b1ad98
30666f138ccc12735e2f8a6405ddce4a3d8756b9445e3b2732fa2970f14dbcea

HTTP Headers

GET /genfiles/cms/1-1258/desktop/media_asset/48593960336c3075164f79d77fe845c4.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-446241.top/
Origin: https://1xlite-446241.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:27 GMT
content-type: application/json
content-length: 747
traceparent: 00-6802f72922611959e5aa44b66fed203f-97f35458a94b99d5-01
last-modified: Thu, 27 Feb 2025 13:27:57 GMT
etag: "f4e90636ec9cff061c4301b3cefdd0d6"
expires: Tue, 17 Jun 2025 09:02:38 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

GET v3.traincdn.com/genfiles/cms/1-1258/desktop/media_asset/1c88a5dff952a7ff7729f92263f647d8.json

185.244.209.62

200 OK

241 B

URL GET
v3.traincdn.com/genfiles/cms/1-1258/desktop/media_asset/1c88a5dff952a7ff7729f92263f647d8.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
241 B (241 bytes)
Hash
39257fbb62736206d5245e08925d7b60
4c11e3cb6a16b884772b88acdba30a2ad98e86b8
3a3cf0f5c60899ffb49d9825516aec475fd7b78cea8ae0b5b58dfb4e658f041e

HTTP Headers

GET /genfiles/cms/1-1258/desktop/media_asset/1c88a5dff952a7ff7729f92263f647d8.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-446241.top/
Origin: https://1xlite-446241.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:28 GMT
content-type: application/json
content-length: 241
traceparent: 00-99c3d3032bfe7354ed7918f747a3e10b-929bcab53883d7fb-01
last-modified: Thu, 27 Feb 2025 13:25:46 GMT
etag: "39257fbb62736206d5245e08925d7b60"
expires: Tue, 17 Jun 2025 09:02:59 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

GET v3.traincdn.com/sys-static/shared-assets/Desktop/__shared_css_16e298.css

185.244.209.62

200 OK

4.2 kB

URL GET
v3.traincdn.com/sys-static/shared-assets/Desktop/__shared_css_16e298.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
ASCII text, with very long lines (3743)
Size
4.2 kB (4166 bytes)
Hash
a77127dbfb4d9c95e68cf08165c7c30e
229907578c9c65f8049a3221dfda4790568dd77f
16e298fb30fe85f67917c8783ccaecec2fa9729b9593f2998e5d619f91ace6f1

HTTP Headers

GET /sys-static/shared-assets/Desktop/__shared_css_16e298.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-446241.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:25 GMT
content-type: text/css; charset=utf-8
traceparent: 00-2ab2953d946e1fd5af244448c90e6ad8-13f69dacbc929c47-01
last-modified: Fri, 20 Jun 2025 14:13:25 GMT
etag: W/"a77127dbfb4d9c95e68cf08165c7c30e"
x-amz-meta-mtime: 1750428765.982144484
content-encoding: gzip
expires: Sun, 22 Jun 2025 12:53:35 GMT
cache-control: max-age=86400
x-time-ng: 0.003
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 25438
cache: HIT
x-cached-since: 2025-06-21T12:59:27+00:00
X-Firefox-Spdy: h2

GET v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/6293f1a8ca.css

185.244.209.62

200 OK

650 B

URL GET
v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/6293f1a8ca.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
ASCII text, with very long lines (649)
Size
650 B (650 bytes)
Hash
5d70ac7829c3ae41ce5c0971c798fbcf
9996ce3a09f56d3e37d67fbe7e1efb301ea2f261
0e76b1cd191bd618caea37cb7fb6673d12c7cdff7ea47e939758eda5764a140b

HTTP Headers

GET /sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/6293f1a8ca.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-446241.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:25 GMT
content-type: text/css; charset=utf-8
content-length: 650
traceparent: 00-a27501337d9ebc0e8d4cd72be2050b48-7364d312d519dceb-01
last-modified: Wed, 18 Jun 2025 13:47:10 GMT
etag: "5d70ac7829c3ae41ce5c0971c798fbcf"
x-amz-meta-mtime: 1750254148.956234791
expires: Fri, 20 Jun 2025 09:44:36 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 36769
cache: HIT
x-cached-since: 2025-06-21T09:50:36+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

GET v3.traincdn.com/main-static/61792ac9/desktop/default/vendors/plugins.vue-js-modal-b80265ab.js

185.244.209.62

200 OK

27 kB

URL GET
v3.traincdn.com/main-static/61792ac9/desktop/default/vendors/plugins.vue-js-modal-b80265ab.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (26667), with no line terminators
Size
27 kB (26667 bytes)
Hash
da8dc1b4d54f9f5b1506c35e1d00139a
5ac224f85c17f285fba374f44928919105abfafd
0d86bef88dc869371df25bc4fb4d9e51586a935b9124d95e089fbaedafec4a7c

HTTP Headers

GET /main-static/61792ac9/desktop/default/vendors/plugins.vue-js-modal-b80265ab.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-446241.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:27 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-237f01677f0d2e8923f997b069843aef-939ae12f271eaa99-01
last-modified: Thu, 19 Jun 2025 12:35:31 GMT
etag: W/"da8dc1b4d54f9f5b1506c35e1d00139a"
x-amz-meta-mtime: 1750336530.007595283
content-encoding: gzip
expires: Fri, 20 Jun 2025 13:08:38 GMT
cache-control: max-age=86400
x-time-ng: 0.001
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 24696
cache: HIT
x-cached-since: 2025-06-21T13:11:51+00:00
X-Firefox-Spdy: h2

GET v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_coupon/bn/dictionary_b2761600ac741f9318fe73f0d898916e.json

185.244.209.62

200 OK

50 kB

URL GET
v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_coupon/bn/dictionary_b2761600ac741f9318fe73f0d898916e.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
50 kB (50067 bytes)
Hash
7feeda24139c7b5d6800783e584d927a
69c360570c414b4fff9627347b1713e5cea4c155
d54947b94e72646353252726fa9136d5375b774ecbacb73bbb1a457e28da7a45

HTTP Headers

GET /genfiles/web-app-v2/dictionary2/v3_coupon/bn/dictionary_b2761600ac741f9318fe73f0d898916e.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-446241.top/
Origin: https://1xlite-446241.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:27 GMT
content-type: application/json; charset=utf-8
traceparent: 00-06880812264e73be4c7fd5f9896f154b-4ded7d04bfda6266-01
last-modified: Fri, 20 Jun 2025 20:05:58 GMT
etag: W/"0ff6746bdd9595a68e3357586e988669"
cache-control: max-age=3600
content-encoding: gzip
expires: Fri, 20 Jun 2025 21:45:08 GMT
x-time-ng: 0.001
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 3546
cache: HIT
x-cached-since: 2025-06-21T19:04:21+00:00
X-Firefox-Spdy: h2

POST 1xlite-446241.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json

178.253.14.230

200 OK

23 B

URL POST
1xlite-446241.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json
IP
178.253.14.230:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerLet's Encrypt
Subject1xlite-446241.top
FingerprintE4:92:BE:BA:35:7C:95:77:03:ED:E9:CD:D0:F5:4B:0A:C0:31:E8:76
ValidityMon, 19 May 2025 05:20:46 GMT - Sun, 17 Aug 2025 05:20:45 GMT

File type
JSON text data
Size
23 B (23 bytes)
Hash
ed4a0e6f946e357c8f81311c060527bd
54da36899d322c17eaa72c7a77c2badf1560df59
ce0ea639e9a1d78f76c693cbcef5217d771358a3db6d95b664ca119d9905d5bd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json HTTP/1.1
Host: 1xlite-446241.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-446241.top/bn/block
Content-Type: application/json
X-Lang: bn
X-Uuid: d1c3e437-ebd6-4c0e-9459-8affa3a5bade
Content-Length: 48
Origin: https://1xlite-446241.top
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=bn; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_131637m_14249c_MSnullpbgeneral79216186_d27082_l190996_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_131637m_14249c_MSnullpbgeneral79216186_d27082_l190996_clickunder; postback_watcher=%7B%22tag%22%3A%22d_131637m_14249c_MSnullpbgeneral79216186_d27082_l190996_clickunder%22%2C%22pb%22%3A%227cb13d3f9d3046d5bffca6ca03342b50%22%2C%22click_id%22%3A%22d42ea4084fd1a5e47fa4a165e06507a7%22%7D; auid=sv0O5mhXEA0o/2rbA0gbAg==; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:27 GMT
content-type: application/json
content-length: 23
x-dt: 1258
x-time-ng: 0.001
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=0.082, wf-uht;dur=0.013
X-Firefox-Spdy: h2

GET v3.traincdn.com/genfiles/cms/1-1258/desktop/media_asset/8c7a284a3d3af225cbabdbe8d4765503.json

185.244.209.62

200 OK

2.9 kB

URL GET
v3.traincdn.com/genfiles/cms/1-1258/desktop/media_asset/8c7a284a3d3af225cbabdbe8d4765503.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
2.9 kB (2853 bytes)
Hash
f9867cd5bf362d5d518027321410c262
c8152b1f17123f07b027c8ab359062dc5f7c1456
baa9a4f415e8e8b95c2269ac32d20c6850852d9973e47937440e2761a6d8ee65

HTTP Headers

GET /genfiles/cms/1-1258/desktop/media_asset/8c7a284a3d3af225cbabdbe8d4765503.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-446241.top/
Origin: https://1xlite-446241.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:28 GMT
content-type: application/json
traceparent: 00-5d5be47a87617859ebae6c7d10733dd9-eb38249531e882e3-01
last-modified: Thu, 05 Jun 2025 12:31:11 GMT
etag: W/"f9867cd5bf362d5d518027321410c262"
content-encoding: gzip
expires: Wed, 11 Jun 2025 10:06:31 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
cache: REVALIDATED
X-Firefox-Spdy: h2

GET v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/ad31aef0b1.js

185.244.209.62

200 OK

864 B

URL GET
v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/ad31aef0b1.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (863)
Size
864 B (864 bytes)
Hash
9f763cf109976cc240a688471df28e0f
c97a82b72d54e5a4c96cb18df28b475fd7052ec6
ef6f9e80182014cdb24807ec43e59544eef8c3147dd6cf0300f135da0751828d

HTTP Headers

GET /sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/ad31aef0b1.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-446241.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:28 GMT
content-type: text/javascript; charset=utf-8
content-length: 864
traceparent: 00-ac238332ff4c07a6c645bbf7bdf38604-a8111b9d82c640c7-01
last-modified: Wed, 18 Jun 2025 13:47:11 GMT
etag: "9f763cf109976cc240a688471df28e0f"
x-amz-meta-mtime: 1750254148.96223499
expires: Thu, 19 Jun 2025 13:50:23 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 21671
cache: HIT
x-cached-since: 2025-06-21T14:02:17+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

GET radar.cedexis.com/1/23802/radar.js

45.54.49.5

302 Moved Temporarily

390 B

URL GET
radar.cedexis.com/1/23802/radar.js
IP
45.54.49.5:443
ASN
#63911 NetActuate, Inc

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerDigiCert Inc
Subjectradar.cedexis.com
FingerprintA2:3E:30:19:D5:41:3A:11:81:58:E3:B1:6F:F4:D2:78:0B:44:6F:D0
ValidityFri, 07 Mar 2025 00:00:00 GMT - Fri, 06 Mar 2026 23:59:59 GMT

File type

Size
390 B (390 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /1/23802/radar.js HTTP/1.1
Host: radar.cedexis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-446241.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Sat, 21 Jun 2025 20:03:38 GMT
Content-Type: text/html
Content-Length: 138
Connection: keep-alive
Location: /1707728419/stub.js
Expires: Sat, 21 Jun 2025 20:13:38 GMT
Cache-Control: max-age=600
Vary: User-Agent,DNT

GET v3.traincdn.com/main-static/61792ac9/desktop/default/commons/app-4b82fdd3.js

185.244.209.62

200 OK

138 kB

URL GET
v3.traincdn.com/main-static/61792ac9/desktop/default/commons/app-4b82fdd3.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65476)
Size
138 kB (138079 bytes)
Hash
868af65a31d095c2a360f8a5e94425bc
59e94cfde197cb7fbf844717ae7083f35a44e3a4
ab24c1b9022a49c40e590b7fdd6b471a627b1eaf389ab3f5f605ae794fdb8c53

HTTP Headers

GET /main-static/61792ac9/desktop/default/commons/app-4b82fdd3.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-446241.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:26 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-20e5a9e8118dca560d57a9a5aa1860a3-04b27f494e33c1e7-01
last-modified: Thu, 19 Jun 2025 12:35:31 GMT
etag: W/"868af65a31d095c2a360f8a5e94425bc"
x-amz-meta-mtime: 1750336529.991595231
content-encoding: gzip
expires: Fri, 20 Jun 2025 13:08:37 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 24695
cache: HIT
x-cached-since: 2025-06-21T13:11:51+00:00
X-Firefox-Spdy: h2

GET v3.traincdn.com/main-static/61792ac9/desktop/default/app-cd8079b5.js

185.244.209.62

200 OK

505 kB

URL GET
v3.traincdn.com/main-static/61792ac9/desktop/default/app-cd8079b5.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Size
505 kB (504916 bytes)
Hash
876917bb52b2a485ba55cbefb6ad83ac
b31f0410ae524edfcfddd7804885f29990857245
712de7eb9b77c503da829227b99bf078234473d2f214bf4302878f3830fd72b9

HTTP Headers

GET /main-static/61792ac9/desktop/default/app-cd8079b5.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-446241.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:26 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-83d65791bbc3dbbb2280b5861ea0eca0-82c52bd18324ad2f-01
last-modified: Thu, 19 Jun 2025 12:35:31 GMT
etag: W/"876917bb52b2a485ba55cbefb6ad83ac"
x-amz-meta-mtime: 1750336529.991595231
content-encoding: gzip
expires: Fri, 20 Jun 2025 13:08:37 GMT
cache-control: max-age=86400
x-time-ng: 0.003
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 24695
cache: HIT
x-cached-since: 2025-06-21T13:11:51+00:00
X-Firefox-Spdy: h2

GET v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/b5cd9a5e87d930de856c92da15aa121e.png

185.244.209.62

200 OK

653 B

URL GET
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/b5cd9a5e87d930de856c92da15aa121e.png
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
PNG image data, 32 x 32, 8-bit colormap, non-interlaced
Size
653 B (653 bytes)
Hash
e6f0766cbd95db33da44e7a9140648f2
5f196b1bfe8c3f92bd2ebcd67124e72e81ae6aaf
c0399d478788d5d483f104a2e8cb7c32f41cb40e9df0c22e831b2bfa2db63ec0

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/b5cd9a5e87d930de856c92da15aa121e.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-446241.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:26 GMT
content-type: image/png
content-length: 653
traceparent: 00-cedd856342ebf70a50d958b3b296142a-2172bf9d7945dcd5-01
last-modified: Wed, 26 Jun 2024 08:18:02 GMT
etag: "e6f0766cbd95db33da44e7a9140648f2"
expires: Thu, 16 Jan 2025 10:46:36 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 1559
cache: HIT
x-cached-since: 2025-06-21T19:37:27+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

GET v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_express_day/bn/dictionary_b1a3edd2a42afd9bfb039e239283ccf3.json

185.244.209.62

200 OK

2.3 kB

URL GET
v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_express_day/bn/dictionary_b1a3edd2a42afd9bfb039e239283ccf3.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
2.3 kB (2281 bytes)
Hash
9e463c480f277eace126a6b8cb066332
ed6586b2a875a7f464b93c2472e23b34220fd023
dc80348bc2728bc58cb00d9d8039f1bd2a8e34563991c6a53aa7aa2a6f7b312a

HTTP Headers

GET /genfiles/web-app-v2/dictionary2/v3_express_day/bn/dictionary_b1a3edd2a42afd9bfb039e239283ccf3.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-446241.top/
Origin: https://1xlite-446241.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:27 GMT
content-type: application/json; charset=utf-8
traceparent: 00-874f0b3719d5664c66a9e69f21e238b5-23e560b8ab872cc2-01
last-modified: Wed, 18 Jun 2025 08:06:13 GMT
etag: W/"583655e5eeb73e8271afeafe5d5b9329"
cache-control: max-age=3600
content-encoding: gzip
expires: Wed, 18 Jun 2025 10:56:06 GMT
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 687
cache: HIT
x-cached-since: 2025-06-21T19:52:00+00:00
X-Firefox-Spdy: h2

GET v3.traincdn.com/genfiles/cms/1-1258/desktop/media_asset/766b34ab6b77ad5d1bb966ea7bf6c157.json

185.244.209.62

200 OK

14 kB

URL GET
v3.traincdn.com/genfiles/cms/1-1258/desktop/media_asset/766b34ab6b77ad5d1bb966ea7bf6c157.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
14 kB (14232 bytes)
Hash
811ce3b7877d19901e45430cb6523d62
16a905115a678fdef3923f91c6f76cbab613e84d
10fbb74dbac63abfe9c4f5a77abc03757ef3527a479d4ae70dc977b515eec8cb

HTTP Headers

GET /genfiles/cms/1-1258/desktop/media_asset/766b34ab6b77ad5d1bb966ea7bf6c157.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-446241.top/
Origin: https://1xlite-446241.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:27 GMT
content-type: application/json
traceparent: 00-a88d6114f45e11a2c58feebd60dd5016-9920f4fe2e283703-01
last-modified: Thu, 27 Feb 2025 09:05:23 GMT
etag: W/"811ce3b7877d19901e45430cb6523d62"
content-encoding: gzip
expires: Wed, 11 Jun 2025 10:06:30 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
cache: REVALIDATED
X-Firefox-Spdy: h2

GET v3.traincdn.com/genfiles/cms/1-1258/desktop/media_asset/4590ed387c55d5b5854f8dff71e61190.json

185.244.209.62

200 OK

182 B

URL GET
v3.traincdn.com/genfiles/cms/1-1258/desktop/media_asset/4590ed387c55d5b5854f8dff71e61190.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
182 B (182 bytes)
Hash
0a64a07e9a34e8a5b5e97e80a10888c5
82545cbc39b7dcc031dd10dea841a0b3698243d6
7201497e7e8cdf9d35bf6998e43dcde5feea535f9828ce3ee98785781016126c

HTTP Headers

GET /genfiles/cms/1-1258/desktop/media_asset/4590ed387c55d5b5854f8dff71e61190.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-446241.top/
Origin: https://1xlite-446241.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:27 GMT
content-type: application/json
content-length: 182
traceparent: 00-39f2019add3202e2b2f2e3c03667dee5-dae412cf361b97f9-01
last-modified: Thu, 27 Feb 2025 08:56:47 GMT
etag: "0a64a07e9a34e8a5b5e97e80a10888c5"
expires: Wed, 11 Jun 2025 10:06:30 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

GET v3.traincdn.com/sys-static/shared-assets/__shared_fast_deep_equal_XYWIEKOD.js

185.244.209.62

200 OK

865 B

URL GET
v3.traincdn.com/sys-static/shared-assets/__shared_fast_deep_equal_XYWIEKOD.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (840)
Size
865 B (865 bytes)
Hash
0af3fe0c072a5bb3b6c731767187982f
55db5afb57265dc92fd121fe9ae565ffb2f53b2c
655bbe85da91e863401c6f96e24b41f5c2fe51a4245cecc2deb2b8c9600fef30

HTTP Headers

GET /sys-static/shared-assets/__shared_fast_deep_equal_XYWIEKOD.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-446241.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:28 GMT
content-type: text/javascript; charset=utf-8
content-length: 865
traceparent: 00-a5ec8397eb913fc5a81db7846dde4b49-128afa94abf18a37-01
last-modified: Fri, 20 Jun 2025 14:13:24 GMT
etag: "0af3fe0c072a5bb3b6c731767187982f"
x-amz-meta-mtime: 1750428765.990144376
expires: Sun, 22 Jun 2025 08:09:05 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 42350
cache: HIT
x-cached-since: 2025-06-21T08:17:38+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

GET v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/9d4f48c82e.js

185.244.209.62

200 OK

2.4 kB

URL GET
v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/9d4f48c82e.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (2401)
Size
2.4 kB (2402 bytes)
Hash
9cc6c128dcc8a510fc6d01ad3e0e035a
c9689aaf76a0e1bd0e142345fd0ee9c8d88a7291
b1ee9fd385cd9ce2fddec3ac6af9e184f0c6ef04ee113da65f0c129dcaff72e0

HTTP Headers

GET /sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/9d4f48c82e.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-446241.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:28 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-297543572af02c53c875a408e4847637-77291b2f444afa41-01
last-modified: Wed, 18 Jun 2025 13:47:11 GMT
etag: W/"9cc6c128dcc8a510fc6d01ad3e0e035a"
x-amz-meta-mtime: 1750254148.960234924
content-encoding: gzip
expires: Thu, 19 Jun 2025 13:50:23 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 21671
cache: HIT
x-cached-since: 2025-06-21T14:02:17+00:00
X-Firefox-Spdy: h2

POST 1xlite-446241.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/ab.json

178.253.14.230

200 OK

2 B

URL POST
1xlite-446241.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/ab.json
IP
178.253.14.230:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerLet's Encrypt
Subject1xlite-446241.top
FingerprintE4:92:BE:BA:35:7C:95:77:03:ED:E9:CD:D0:F5:4B:0A:C0:31:E8:76
ValidityMon, 19 May 2025 05:20:46 GMT - Sun, 17 Aug 2025 05:20:45 GMT

File type
JSON text data
Size
2 B (2 bytes)
Hash
d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/ab.json HTTP/1.1
Host: 1xlite-446241.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-446241.top/bn/block
Content-Type: application/json
X-Lang: bn
X-Uuid: d1c3e437-ebd6-4c0e-9459-8affa3a5bade
Content-Length: 19
Origin: https://1xlite-446241.top
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=bn; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_131637m_14249c_MSnullpbgeneral79216186_d27082_l190996_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_131637m_14249c_MSnullpbgeneral79216186_d27082_l190996_clickunder; postback_watcher=%7B%22tag%22%3A%22d_131637m_14249c_MSnullpbgeneral79216186_d27082_l190996_clickunder%22%2C%22pb%22%3A%227cb13d3f9d3046d5bffca6ca03342b50%22%2C%22click_id%22%3A%22d42ea4084fd1a5e47fa4a165e06507a7%22%7D; auid=sv0O5mhXEA0o/2rbA0gbAg==; window_width=1280; che_g=6eed7fb3-39ec-7cdb-74c5-ed7c2b253ded
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:28 GMT
content-type: application/json
content-length: 2
x-dt: 1258
x-time-ng: 0.001
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=0.102, wf-uht;dur=0.011
X-Firefox-Spdy: h2

POST 1xlite-446241.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json

178.253.14.230

200 OK

23 B

URL POST
1xlite-446241.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json
IP
178.253.14.230:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerLet's Encrypt
Subject1xlite-446241.top
FingerprintE4:92:BE:BA:35:7C:95:77:03:ED:E9:CD:D0:F5:4B:0A:C0:31:E8:76
ValidityMon, 19 May 2025 05:20:46 GMT - Sun, 17 Aug 2025 05:20:45 GMT

File type
JSON text data
Size
23 B (23 bytes)
Hash
bd08f4d8004fde17cf748336276d632f
e82dba714c7f82580555d040d23f7e777ded4e54
f8d374e7893e9b34506f6e7d1c20fa9f56cd0317ef69299243cdcfa9401f402d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json HTTP/1.1
Host: 1xlite-446241.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-446241.top/bn/block
Content-Type: application/json
X-Lang: bn
X-Uuid: d1c3e437-ebd6-4c0e-9459-8affa3a5bade
Content-Length: 98
Origin: https://1xlite-446241.top
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=bn; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_131637m_14249c_MSnullpbgeneral79216186_d27082_l190996_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_131637m_14249c_MSnullpbgeneral79216186_d27082_l190996_clickunder; postback_watcher=%7B%22tag%22%3A%22d_131637m_14249c_MSnullpbgeneral79216186_d27082_l190996_clickunder%22%2C%22pb%22%3A%227cb13d3f9d3046d5bffca6ca03342b50%22%2C%22click_id%22%3A%22d42ea4084fd1a5e47fa4a165e06507a7%22%7D; auid=sv0O5mhXEA0o/2rbA0gbAg==; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:27 GMT
content-type: application/json
content-length: 23
x-dt: 1258
x-time-ng: 0.001
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=0.061, wf-uht;dur=0.009
X-Firefox-Spdy: h2

GET v3.traincdn.com/main-static/61792ac9/desktop/default/Betting.Core-27e1268d.js

185.244.209.62

200 OK

2.0 kB

URL GET
v3.traincdn.com/main-static/61792ac9/desktop/default/Betting.Core-27e1268d.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (1978), with no line terminators
Size
2.0 kB (1978 bytes)
Hash
05df4d064aa615aa90a8c03804b1a8d4
243b47dad517a68ca94212b6fc25170f2326c8d3
e1e56dada08aacab84b50ed15c2cb9fda4b31101143780738e26a762357f470a

HTTP Headers

GET /main-static/61792ac9/desktop/default/Betting.Core-27e1268d.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-446241.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:27 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-d8aafdc6c277a2daf4f98ec51f577a7e-051601e71dd06f0a-01
last-modified: Thu, 19 Jun 2025 12:35:31 GMT
etag: W/"05df4d064aa615aa90a8c03804b1a8d4"
x-amz-meta-mtime: 1750336529.983595205
content-encoding: gzip
expires: Fri, 20 Jun 2025 13:08:41 GMT
cache-control: max-age=86400
x-time-ng: 0.001
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 24696
cache: HIT
x-cached-since: 2025-06-21T13:11:51+00:00
X-Firefox-Spdy: h2

GET v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/164e07c960.js

185.244.209.62

200 OK

147 B

URL GET
v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/164e07c960.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
Java source, ASCII text
Size
147 B (147 bytes)
Hash
d7e3795e2ecd0e90332c12c6ffed858e
89071395e5037d8a325dc68427a40925b2472db0
be6700b7e6e5998743921d1abfb511a4bc4023c3bdc5fdb0d7128ab5c1d1cb62

HTTP Headers

GET /sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/164e07c960.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-446241.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:28 GMT
content-type: text/javascript; charset=utf-8
content-length: 147
traceparent: 00-6586316c64b3d80d9eb3a5e7df361c4a-5f835e4285779395-01
last-modified: Wed, 18 Jun 2025 13:47:11 GMT
etag: "d7e3795e2ecd0e90332c12c6ffed858e"
x-amz-meta-mtime: 1750254148.954234725
expires: Thu, 19 Jun 2025 13:50:23 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 21671
cache: HIT
x-cached-since: 2025-06-21T14:02:17+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

GET v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_registration/bn/dictionary_045796be108448c5b51e77c5068de7c5.json

185.244.209.62

200 OK

36 kB

URL GET
v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_registration/bn/dictionary_045796be108448c5b51e77c5068de7c5.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
36 kB (36388 bytes)
Hash
9f2aa6899597e34d4afeef5645ae8002
84c7410735d25d95d30fad7ca70e92e210ba71c6
331e7cbaa444c6bbc45e6de728afc37a9d8fde55a011568eebd13b8cff8a7a82

HTTP Headers

GET /genfiles/web-app-v2/dictionary2/v3_registration/bn/dictionary_045796be108448c5b51e77c5068de7c5.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-446241.top/
Origin: https://1xlite-446241.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:27 GMT
content-type: application/json; charset=utf-8
traceparent: 00-17eefa36ed9a085afe8caa4b29ce3eab-a9c3471a68078d1e-01
last-modified: Wed, 18 Jun 2025 16:06:11 GMT
etag: W/"c4784af6e199278fd8cfba7aa6775d7c"
cache-control: max-age=3600
content-encoding: gzip
expires: Wed, 18 Jun 2025 17:43:30 GMT
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
cache: REVALIDATED
X-Firefox-Spdy: h2

GET 1xlite-446241.top/seo-module-api/api/public/v1/analytics-counters?project[id]=1258&domain[host]=1xlite-446241.top

178.253.14.230

200 OK

11 B

URL GET
1xlite-446241.top/seo-module-api/api/public/v1/analytics-counters?project[id]=1258&domain[host]=1xlite-446241.top
IP
178.253.14.230:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerLet's Encrypt
Subject1xlite-446241.top
FingerprintE4:92:BE:BA:35:7C:95:77:03:ED:E9:CD:D0:F5:4B:0A:C0:31:E8:76
ValidityMon, 19 May 2025 05:20:46 GMT - Sun, 17 Aug 2025 05:20:45 GMT

File type
JSON text data
Size
11 B (11 bytes)
Hash
e0234245cb00aa260ccfa99a9a0b235e
1050253aec7b29caff644806927dabfa81406eee
8fe32e407a1038ee38753b70e5374b3a46d6ae9d5f16cd5b73c53abaca8f5ed0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /seo-module-api/api/public/v1/analytics-counters?project[id]=1258&domain[host]=1xlite-446241.top HTTP/1.1
Host: 1xlite-446241.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-446241.top/bn/block
content-type: application/json
x-requested-with: XMLHttpRequest
x-app-n: v3-nuxt2
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=bn; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_131637m_14249c_MSnullpbgeneral79216186_d27082_l190996_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_131637m_14249c_MSnullpbgeneral79216186_d27082_l190996_clickunder; postback_watcher=%7B%22tag%22%3A%22d_131637m_14249c_MSnullpbgeneral79216186_d27082_l190996_clickunder%22%2C%22pb%22%3A%227cb13d3f9d3046d5bffca6ca03342b50%22%2C%22click_id%22%3A%22d42ea4084fd1a5e47fa4a165e06507a7%22%7D; auid=sv0O5mhXEA0o/2rbA0gbAg==; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:27 GMT
content-type: application/json
content-length: 11
cache-control: max-age=1200, must-revalidate, public, s-maxage=1800, stale-if-error=86400, stale-while-revalidate=300
x-content-digest: en35b8564af43c1302eac9a53676625934
age: 917
x-request-id: 68c00046420a31836d67cdade15320d9
x-request-guid: 68c00046420a31836d67cdade15320d9
x-time-ng: 0.023
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: p;dur=1.4340877532959, wf-uht;dur=0.042
X-Firefox-Spdy: h2

GET v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/eee81f490f.js

185.244.209.62

200 OK

4.1 kB

URL GET
v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/eee81f490f.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (4047)
Size
4.1 kB (4050 bytes)
Hash
f7165652388e4db8492b0c5cef873911
bb21320a39643361100fe8e11e4b5446873130be
68aafd61544b4d0566b7ca8faa7281f9887cc0416a8381aff01f27a00dea7c1c

HTTP Headers

GET /sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/eee81f490f.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-446241.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:28 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-fbc11f758cb14f1f386231495252188b-a9dc7f7ac4ee96fd-01
last-modified: Wed, 18 Jun 2025 13:47:11 GMT
etag: W/"f7165652388e4db8492b0c5cef873911"
x-amz-meta-mtime: 1750254148.966235123
content-encoding: gzip
expires: Thu, 19 Jun 2025 13:50:23 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 21671
cache: HIT
x-cached-since: 2025-06-21T14:02:17+00:00
X-Firefox-Spdy: h2

GET 1xlite-446241.top/hd-api/external/apps/c5e31d5915661de4393e3f1489b00ebc4497dd48/api.js

178.253.14.230

200 OK

760 B

URL GET
1xlite-446241.top/hd-api/external/apps/c5e31d5915661de4393e3f1489b00ebc4497dd48/api.js
IP
178.253.14.230:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerLet's Encrypt
Subject1xlite-446241.top
FingerprintE4:92:BE:BA:35:7C:95:77:03:ED:E9:CD:D0:F5:4B:0A:C0:31:E8:76
ValidityMon, 19 May 2025 05:20:46 GMT - Sun, 17 Aug 2025 05:20:45 GMT

File type
JavaScript source, ASCII text, with very long lines (759)
Size
760 B (760 bytes)
Hash
0b911773e0df627d77f8306c86e228aa
0d584bb1a3294e4fe42df4582dcc8a2c8f77f7bb
01e4926540498a77d866259516007d41fae1213ab9607db826f011d926fd6006

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /hd-api/external/apps/c5e31d5915661de4393e3f1489b00ebc4497dd48/api.js HTTP/1.1
Host: 1xlite-446241.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-446241.top/bn/block
Cookie: platform_type=desktop; lng=bn; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_131637m_14249c_MSnullpbgeneral79216186_d27082_l190996_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_131637m_14249c_MSnullpbgeneral79216186_d27082_l190996_clickunder; postback_watcher=%7B%22tag%22%3A%22d_131637m_14249c_MSnullpbgeneral79216186_d27082_l190996_clickunder%22%2C%22pb%22%3A%227cb13d3f9d3046d5bffca6ca03342b50%22%2C%22click_id%22%3A%22d42ea4084fd1a5e47fa4a165e06507a7%22%7D; auid=sv0O5mhXEA0o/2rbA0gbAg==; window_width=1280; che_g=6eed7fb3-39ec-7cdb-74c5-ed7c2b253ded; SESSION=e53b53aa5026f32bde4a124f681445fb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:35 GMT
content-type: text/javascript; charset=utf-8
content-length: 492
accept-ranges: bytes
cache-control: public, max-age=300
content-encoding: gzip
etag: 0b911773e0df627d77f8306c86e228aa
vary: Accept-Encoding
x-dt: 1258
x-request-guid: c3bd9464351c1148984c9aa03383f460
x-time-ng: 0.000
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=0.076, wf-uht;dur=0.009
X-Firefox-Spdy: h2

GET 1xlite-446241.top/bn?tag=d_131637m_14249c_MSnullpbgeneral79216186_d27082_l190996_clickunder&pb=7cb13d3f9d3046d5bffca6ca03342b50&click_id=d42ea4084fd1a5e47fa4a165e06507a7

178.253.14.230

302 Found

267 kB

URL User Request GET
1xlite-446241.top/bn?tag=d_131637m_14249c_MSnullpbgeneral79216186_d27082_l190996_clickunder&pb=7cb13d3f9d3046d5bffca6ca03342b50&click_id=d42ea4084fd1a5e47fa4a165e06507a7
IP
178.253.14.230:443
ASN
#202492 Silverhill Group Holding Ltd

Certificate
IssuerLet's Encrypt
Subject1xlite-446241.top
FingerprintE4:92:BE:BA:35:7C:95:77:03:ED:E9:CD:D0:F5:4B:0A:C0:31:E8:76
ValidityMon, 19 May 2025 05:20:46 GMT - Sun, 17 Aug 2025 05:20:45 GMT

File type

Size
267 kB (266705 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /bn?tag=d_131637m_14249c_MSnullpbgeneral79216186_d27082_l190996_clickunder&pb=7cb13d3f9d3046d5bffca6ca03342b50&click_id=d42ea4084fd1a5e47fa4a165e06507a7 HTTP/1.1
Host: 1xlite-446241.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx
date: Sat, 21 Jun 2025 20:03:25 GMT
location: https://1xlite-446241.top/bn/block
server-timing: dt_total;dur=0.011, total;dur=247;desc="Nuxt Server Time", wf-uht;dur=0.258
set-cookie: platform_type=desktop; Path=/; Expires=Tue, 24 Jun 2025 20:03:24 GMT; Secure; SameSite=None; Partitioned
gw-mm=; Path=/; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Secure; SameSite=None; Partitioned
lng=bn; Path=/
cookies_agree_type=3; Path=/
tzo=2; Path=/
is12h=0; Path=/
referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_131637m_14249c_MSnullpbgeneral79216186_d27082_l190996_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; Path=/; Expires=Wed, 20 Aug 2025 20:03:25 GMT
reflinkid=d_131637m_14249c_MSnullpbgeneral79216186_d27082_l190996_clickunder; Path=/; Expires=Sat, 21 Jun 2025 21:03:25 GMT
postback_watcher=%7B%22tag%22%3A%22d_131637m_14249c_MSnullpbgeneral79216186_d27082_l190996_clickunder%22%2C%22pb%22%3A%227cb13d3f9d3046d5bffca6ca03342b50%22%2C%22click_id%22%3A%22d42ea4084fd1a5e47fa4a165e06507a7%22%7D; Path=/; Expires=Mon, 21 Jul 2025 20:03:25 GMT
auid=sv0O5mhXEA0o/2rbA0gbAg==; path=/; secure; httponly; samesite=lax
x-dt: 1258
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

GET v3.traincdn.com/main-static/61792ac9/desktop/default/vendors/plugins.v-tooltip-19a74e7d.js

185.244.209.62

200 OK

77 kB

URL GET
v3.traincdn.com/main-static/61792ac9/desktop/default/vendors/plugins.v-tooltip-19a74e7d.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65476)
Size
77 kB (76622 bytes)
Hash
fa1e03b13da82d855a5e808376231ce2
0ee034839962803578266cbec3009100a0ebec46
4777d3418e37ffbaee26e5371e815755110def6987a7d178e4cc79df42922c59

HTTP Headers

GET /main-static/61792ac9/desktop/default/vendors/plugins.v-tooltip-19a74e7d.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-446241.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:27 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-0a881ee3374efbce28e45a8a91add9fa-18477ba1d07d76a8-01
last-modified: Thu, 19 Jun 2025 12:35:31 GMT
etag: W/"fa1e03b13da82d855a5e808376231ce2"
x-amz-meta-mtime: 1750336530.007595283
content-encoding: gzip
expires: Fri, 20 Jun 2025 13:08:38 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 24696
cache: HIT
x-cached-since: 2025-06-21T13:11:51+00:00
X-Firefox-Spdy: h2

GET v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_game/bn/dictionary_05a3e1924d36bb6146beafdc1c9fef4e.json

185.244.209.62

200 OK

32 kB

URL GET
v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_game/bn/dictionary_05a3e1924d36bb6146beafdc1c9fef4e.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (22104), with no line terminators
Size
32 kB (32191 bytes)
Hash
85de24399c8111c34e8b2a2e1c6c1e3e
2ebd2c59659ff7709cf8d2a4b7e73416109f48aa
1c2869da6931626aa0858269600073b8f44911a1a78c65af8d5b6c06d720c7dd

HTTP Headers

GET /genfiles/web-app-v2/dictionary2/v3_game/bn/dictionary_05a3e1924d36bb6146beafdc1c9fef4e.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-446241.top/
Origin: https://1xlite-446241.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:27 GMT
content-type: application/json; charset=utf-8
traceparent: 00-9fcffb7a2102a5d3ce658c58a3097f33-1a12d891d2027e0e-01
last-modified: Wed, 11 Jun 2025 18:06:15 GMT
etag: W/"e54f45b84f62a57c3b2fddfdbdf3d662"
cache-control: max-age=3600
content-encoding: gzip
expires: Wed, 11 Jun 2025 19:45:01 GMT
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
cache: REVALIDATED
X-Firefox-Spdy: h2

GET 1xlite-446241.top/bff-api/config/group/get?groups=d.technical&lang=bn

178.253.14.230

200 OK

730 B

URL GET
1xlite-446241.top/bff-api/config/group/get?groups=d.technical&lang=bn
IP
178.253.14.230:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerLet's Encrypt
Subject1xlite-446241.top
FingerprintE4:92:BE:BA:35:7C:95:77:03:ED:E9:CD:D0:F5:4B:0A:C0:31:E8:76
ValidityMon, 19 May 2025 05:20:46 GMT - Sun, 17 Aug 2025 05:20:45 GMT

File type
JSON text data
Size
730 B (730 bytes)
Hash
a80b86a48b7272febe5c32bc598c41da
4cc2011f289c9fbd5995e4d5c9d230577cf498d0
3ae2a1fbece04840cb4071464eedae22c6e79f12019c52917ea28b9a12581964

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /bff-api/config/group/get?groups=d.technical&lang=bn HTTP/1.1
Host: 1xlite-446241.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-446241.top/bn/block
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
x-svc-source: __TECHNICAL_PAGES_APP__
x-app-n: __TECHNICAL_PAGES_APP__
x-geoip2-country-code: ru
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=bn; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_131637m_14249c_MSnullpbgeneral79216186_d27082_l190996_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_131637m_14249c_MSnullpbgeneral79216186_d27082_l190996_clickunder; postback_watcher=%7B%22tag%22%3A%22d_131637m_14249c_MSnullpbgeneral79216186_d27082_l190996_clickunder%22%2C%22pb%22%3A%227cb13d3f9d3046d5bffca6ca03342b50%22%2C%22click_id%22%3A%22d42ea4084fd1a5e47fa4a165e06507a7%22%7D; auid=sv0O5mhXEA0o/2rbA0gbAg==; window_width=1920; che_g=6eed7fb3-39ec-7cdb-74c5-ed7c2b253ded
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:28 GMT
content-type: application/json
content-length: 730
cache-control: no-cache, private
server-timing: dt_total;dur=0.012, bff;dur=17.54, wf-uht;dur=0.035
x-dt: 1258
x-pod: R-jpjrp
x-time-ng: 0.027
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

GET v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/45f1770114.js

185.244.209.62

200 OK

1.2 kB

URL GET
v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/45f1770114.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (1165)
Size
1.2 kB (1166 bytes)
Hash
bf50b784620ed417a811a29b93c1674b
72cbca9b31debe6d7bda2a2c553edd8e5c5ff44e
2bcf4abc801d0b74d8f38af2b71a8572856fc612af519a57b56f78247367474a

HTTP Headers

GET /sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/45f1770114.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-446241.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:28 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-1df1b49bdfb595358cf9f221a90cc8ea-8bad40dfe297c9d2-01
last-modified: Wed, 18 Jun 2025 13:47:11 GMT
etag: W/"bf50b784620ed417a811a29b93c1674b"
x-amz-meta-mtime: 1750254148.955234758
content-encoding: gzip
expires: Thu, 19 Jun 2025 13:50:23 GMT
cache-control: max-age=86400
x-time-ng: 0.001
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 21672
cache: HIT
x-cached-since: 2025-06-21T14:02:16+00:00
X-Firefox-Spdy: h2

GET v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/42e926c49f.js

185.244.209.62

200 OK

27 kB

URL GET
v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/42e926c49f.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (27023)
Size
27 kB (27024 bytes)
Hash
504f2defe47d7dcd76a50fb013383a5b
c7e28c0b6b38045fe591196ffba3a7160b616e4c
399185c4fc4c505a4ca99d6db0a5b8e8bd65e6023c717a41140cdcb2e08b07ab

HTTP Headers

GET /sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/42e926c49f.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-446241.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:28 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-f835ab16517b7ae010ed615c5cd55280-5712a2cc73f1d22b-01
last-modified: Wed, 18 Jun 2025 13:47:11 GMT
etag: W/"504f2defe47d7dcd76a50fb013383a5b"
x-amz-meta-mtime: 1750254148.954234725
content-encoding: gzip
expires: Thu, 19 Jun 2025 13:50:23 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 21671
cache: HIT
x-cached-since: 2025-06-21T14:02:17+00:00
X-Firefox-Spdy: h2

GET v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2

185.244.209.62

200 OK

64 kB

URL GET
v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 63920, version 1.0
Size
64 kB (63920 bytes)
Hash
a65527fcb58f66a7cfbc0e6b160538b4
45d260e7fa343401b5bb0df982a014f53e2d253b
fb13c3a1cbac60649b76f7d7f85c1645d35ac69b85ce5f4eb0692505ecc2cd45

HTTP Headers

GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-446241.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:27 GMT
content-type: font/woff2
content-length: 63920
traceparent: 00-ab2b7c1071a2388aea76848803644237-cd5d7702f284c0d2-01
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "a65527fcb58f66a7cfbc0e6b160538b4"
expires: Thu, 16 Jan 2025 10:45:34 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 589
cache: HIT
x-cached-since: 2025-06-21T19:53:38+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

GET v3.traincdn.com/sys-static/shared-assets/__shared_localforage_FJKG5M2E.js

185.244.209.62

200 OK

30 kB

URL GET
v3.traincdn.com/sys-static/shared-assets/__shared_localforage_FJKG5M2E.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (30255)
Size
30 kB (30277 bytes)
Hash
02cf95f00794b77df34632e34a59c5be
b64889fb6cbe78a141688ea761a627997ef8a8af
bf78b7b3dd6ecbdea04c575edfb6022ed1b2e98c7a9cb9f02ab851ca638f1b83

HTTP Headers

GET /sys-static/shared-assets/__shared_localforage_FJKG5M2E.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-446241.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:28 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-24aa4dfdd8ea3e234c00748425a33390-057f806cbee8abe3-01
last-modified: Fri, 20 Jun 2025 14:13:24 GMT
etag: W/"02cf95f00794b77df34632e34a59c5be"
x-amz-meta-mtime: 1750428765.978144538
content-encoding: gzip
expires: Sun, 22 Jun 2025 08:09:04 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 42372
cache: HIT
x-cached-since: 2025-06-21T08:17:16+00:00
X-Firefox-Spdy: h2

GET v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/fd6ab89fd4.js

185.244.209.62

200 OK

1.2 kB

URL GET
v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/fd6ab89fd4.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (833)
Size
1.2 kB (1206 bytes)
Hash
50906dd89561b1e7e6bf82539677960c
3f22a7d92fe79d7a3cd734159da6681449296ccb
02894d09ead719d04eedd68eaf741e57886145abd86d15e3e704166f8bf4d38a

HTTP Headers

GET /sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/fd6ab89fd4.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-446241.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:28 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-b5f2566d93b0d7c65d164fb9afdc5b4a-52c72a2d15af9c7c-01
last-modified: Wed, 18 Jun 2025 13:47:11 GMT
etag: W/"50906dd89561b1e7e6bf82539677960c"
x-amz-meta-mtime: 1750254148.967235156
content-encoding: gzip
expires: Thu, 19 Jun 2025 13:50:23 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 21673
cache: HIT
x-cached-since: 2025-06-21T14:02:15+00:00
X-Firefox-Spdy: h2

GET 1xlite-446241.top/hd-api/external/01979416-dded-7ee7-9f55-8bab6567ae4a.js

178.253.14.230

200 OK

300 kB

URL GET
1xlite-446241.top/hd-api/external/01979416-dded-7ee7-9f55-8bab6567ae4a.js
IP
178.253.14.230:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerLet's Encrypt
Subject1xlite-446241.top
FingerprintE4:92:BE:BA:35:7C:95:77:03:ED:E9:CD:D0:F5:4B:0A:C0:31:E8:76
ValidityMon, 19 May 2025 05:20:46 GMT - Sun, 17 Aug 2025 05:20:45 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
300 kB (299735 bytes)
Hash
44c01433045ba00bf5d7219e49d81410
4e575c41841132824c770c0856b8242fbb61a9d1
86c5608f045251bc830ba4c6981daf7aed135ddf5c92cf787b035da58bbe96a5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /hd-api/external/01979416-dded-7ee7-9f55-8bab6567ae4a.js HTTP/1.1
Host: 1xlite-446241.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-446241.top/bn/block
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=bn; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_131637m_14249c_MSnullpbgeneral79216186_d27082_l190996_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_131637m_14249c_MSnullpbgeneral79216186_d27082_l190996_clickunder; postback_watcher=%7B%22tag%22%3A%22d_131637m_14249c_MSnullpbgeneral79216186_d27082_l190996_clickunder%22%2C%22pb%22%3A%227cb13d3f9d3046d5bffca6ca03342b50%22%2C%22click_id%22%3A%22d42ea4084fd1a5e47fa4a165e06507a7%22%7D; auid=sv0O5mhXEA0o/2rbA0gbAg==; window_width=1280; che_g=6eed7fb3-39ec-7cdb-74c5-ed7c2b253ded; SESSION=e53b53aa5026f32bde4a124f681445fb
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:36 GMT
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=0, must-revalidate
content-encoding: gzip
vary: Accept-Encoding
x-dt: 1258
x-hd-trace-id: 306550aa-3a9f-46e5-bcbc-f0ae66ae650d
x-request-guid: 56676eba88975c1145c8c27d487f1b5a
x-time-ng: 0.002
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=0.007, wf-uht;dur=0.017
X-Firefox-Spdy: h2

POST 1xlite-446241.top/hd-api/external/verify

178.253.14.230

200 OK

715 B

URL POST
1xlite-446241.top/hd-api/external/verify
IP
178.253.14.230:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerLet's Encrypt
Subject1xlite-446241.top
FingerprintE4:92:BE:BA:35:7C:95:77:03:ED:E9:CD:D0:F5:4B:0A:C0:31:E8:76
ValidityMon, 19 May 2025 05:20:46 GMT - Sun, 17 Aug 2025 05:20:45 GMT

File type
JSON text data
Size
715 B (715 bytes)
Hash
00946963e05e40d7a00f2aea3cfbbfa4
cd15f753585bbdf7c066a4b02cbb77e83de85660
1f05d2cea7793e762bc28b1cf1fd4fb3cb9c37fa9f5d07d82bddafb03ab39a17

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /hd-api/external/verify HTTP/1.1
Host: 1xlite-446241.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-446241.top/bn/block
Content-Type: text/plain;charset=UTF-8
Content-Length: 108853
Origin: https://1xlite-446241.top
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=bn; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_131637m_14249c_MSnullpbgeneral79216186_d27082_l190996_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_131637m_14249c_MSnullpbgeneral79216186_d27082_l190996_clickunder; postback_watcher=%7B%22tag%22%3A%22d_131637m_14249c_MSnullpbgeneral79216186_d27082_l190996_clickunder%22%2C%22pb%22%3A%227cb13d3f9d3046d5bffca6ca03342b50%22%2C%22click_id%22%3A%22d42ea4084fd1a5e47fa4a165e06507a7%22%7D; auid=sv0O5mhXEA0o/2rbA0gbAg==; window_width=1280; che_g=6eed7fb3-39ec-7cdb-74c5-ed7c2b253ded; SESSION=e53b53aa5026f32bde4a124f681445fb
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:38 GMT
content-type: application/json
content-length: 589
content-encoding: gzip
vary: Accept-Encoding
x-dt: 1258
x-request-guid: 8444ebe385d1ac3967e04e6378739c67
x-time-ng: 0.053
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=0.103, wf-uht;dur=0.081
X-Firefox-Spdy: h2

GET v3.traincdn.com/main-static/61792ac9/desktop/default/css/d3210503.css

185.244.209.62

200 OK

55 kB

URL GET
v3.traincdn.com/main-static/61792ac9/desktop/default/css/d3210503.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
ASCII text, with very long lines (55385), with no line terminators
Size
55 kB (55385 bytes)
Hash
d81bf189b0a4a3890e996eace092254a
5fdbcfd7ac870bbdcb2ea397737d6c59b76f508d
03ea73cc169073d2b907b1d22d3a6bb653a689b1350e5ce245140ab9d2337238

HTTP Headers

GET /main-static/61792ac9/desktop/default/css/d3210503.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-446241.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:25 GMT
content-type: text/css; charset=utf-8
traceparent: 00-57a6072d4f4cbdebcc54682014e8709c-84bfa95193f23241-01
last-modified: Thu, 19 Jun 2025 12:35:31 GMT
etag: W/"d81bf189b0a4a3890e996eace092254a"
x-amz-meta-mtime: 1750336529.995595244
content-encoding: gzip
expires: Fri, 20 Jun 2025 13:08:35 GMT
cache-control: max-age=86400
x-time-ng: 0.001
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 24694
cache: HIT
x-cached-since: 2025-06-21T13:11:51+00:00
X-Firefox-Spdy: h2

GET v3.traincdn.com/main-static/61792ac9/desktop/default/Page.Block-e69ac7e3.js

185.244.209.62

200 OK

476 B

URL GET
v3.traincdn.com/main-static/61792ac9/desktop/default/Page.Block-e69ac7e3.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (476), with no line terminators
Size
476 B (476 bytes)
Hash
c87f54df5a69769e626d975089e6f1d4
d63b1d8931e2fd9151032a5f2c0c155f23e4d6d4
b968bc21d59d3bf276ae39c19612ceb1235e221b19f74d6c921043af36157f78

HTTP Headers

GET /main-static/61792ac9/desktop/default/Page.Block-e69ac7e3.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-446241.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:26 GMT
content-type: text/javascript; charset=utf-8
content-length: 476
traceparent: 00-76e514226bb2caf3b542389ccf60899c-1f37d593767df810-01
last-modified: Thu, 19 Jun 2025 12:35:31 GMT
etag: "c87f54df5a69769e626d975089e6f1d4"
x-amz-meta-mtime: 1750336529.987595219
expires: Fri, 20 Jun 2025 13:08:51 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 24571
cache: HIT
x-cached-since: 2025-06-21T13:13:55+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

GET v3.traincdn.com/main-static/61792ac9/desktop/default/vendors/plugins.vue-notification-575f3ba7.js

185.244.209.62

200 OK

13 kB

URL GET
v3.traincdn.com/main-static/61792ac9/desktop/default/vendors/plugins.vue-notification-575f3ba7.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (12563), with no line terminators
Size
13 kB (12563 bytes)
Hash
cd9839620a2ba08dedf86ba42ab5a0ae
33979ec3abb619aeb258d50931e5319e41ca3fc8
11a8211423bdc49f5ba7982a50224bb69d82c8d459d69eff9f69b10e5c5618dc

HTTP Headers

GET /main-static/61792ac9/desktop/default/vendors/plugins.vue-notification-575f3ba7.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-446241.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:27 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-e131662878f441342e8e0f9da5834b10-38a7ee54ee83514d-01
last-modified: Thu, 19 Jun 2025 12:35:31 GMT
etag: W/"cd9839620a2ba08dedf86ba42ab5a0ae"
x-amz-meta-mtime: 1750336530.007595283
content-encoding: gzip
expires: Fri, 20 Jun 2025 13:08:38 GMT
cache-control: max-age=86400
x-time-ng: 0.001
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 24696
cache: HIT
x-cached-since: 2025-06-21T13:11:51+00:00
X-Firefox-Spdy: h2

GET v3.traincdn.com/genfiles/site-admin/colors/11fcf67d96d7d317c64c54b46d5ec44f.css

185.244.209.62

200 OK

40 kB

URL GET
v3.traincdn.com/genfiles/site-admin/colors/11fcf67d96d7d317c64c54b46d5ec44f.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
ASCII text, with very long lines (39742), with no line terminators
Size
40 kB (39742 bytes)
Hash
11fcf67d96d7d317c64c54b46d5ec44f
abf4e85e9e932ed64412f46ff590b39a87e26cb9
96ec24e0f388bf29d22bc262d0ed8aecf4582efa4d2031a06566442663f68658

HTTP Headers

GET /genfiles/site-admin/colors/11fcf67d96d7d317c64c54b46d5ec44f.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-446241.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:27 GMT
content-type: text/css
traceparent: 00-bf1a741b64620a71b69e7c2357ef1fd7-d4dec83a13741138-01
last-modified: Fri, 20 Jun 2025 09:37:08 GMT
etag: W/"11fcf67d96d7d317c64c54b46d5ec44f"
cache-control: max-age=3600
content-encoding: gzip
expires: Fri, 20 Jun 2025 11:58:57 GMT
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 1936
cache: HIT
x-cached-since: 2025-06-21T19:31:11+00:00
X-Firefox-Spdy: h2

GET v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_auth/bn/dictionary_7a35de9fd0f098fe455598ab34a66695.json

185.244.209.62

200 OK

18 kB

URL GET
v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_auth/bn/dictionary_7a35de9fd0f098fe455598ab34a66695.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
18 kB (17764 bytes)
Hash
cb116017b992da0ab0e84ec36e568e85
60865f567b33553b149f98aa4f6f125c4f4a905d
b5c759b9c0f172a20f6f0cc211f2be9794f5a630348ba1326bb5a1eebde8f18b

HTTP Headers

GET /genfiles/web-app-v2/dictionary2/v3_auth/bn/dictionary_7a35de9fd0f098fe455598ab34a66695.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-446241.top/
Origin: https://1xlite-446241.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:27 GMT
content-type: application/json; charset=utf-8
traceparent: 00-fed94c912621483ca20b7427d47167eb-7ea3e54ab6190863-01
last-modified: Thu, 19 Jun 2025 10:06:04 GMT
etag: W/"cb116017b992da0ab0e84ec36e568e85"
cache-control: max-age=3600
content-encoding: gzip
expires: Thu, 19 Jun 2025 14:02:49 GMT
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
cache: REVALIDATED
X-Firefox-Spdy: h2

POST 1xlite-446241.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json

178.253.14.230

200 OK

23 B

URL POST
1xlite-446241.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json
IP
178.253.14.230:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerLet's Encrypt
Subject1xlite-446241.top
FingerprintE4:92:BE:BA:35:7C:95:77:03:ED:E9:CD:D0:F5:4B:0A:C0:31:E8:76
ValidityMon, 19 May 2025 05:20:46 GMT - Sun, 17 Aug 2025 05:20:45 GMT

File type
JSON text data
Size
23 B (23 bytes)
Hash
169066d0ff3496de5b4443dae6cf714c
c2d5e471a34b544ffad1c3ec6766abb5c0d0c1ba
a655d5797b4ada4294a0ceb74893894c35917aca650ec9f70c97164f9495809b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json HTTP/1.1
Host: 1xlite-446241.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-446241.top/bn/block
Content-Type: application/json
X-Lang: bn
X-Uuid: d1c3e437-ebd6-4c0e-9459-8affa3a5bade
Content-Length: 89
Origin: https://1xlite-446241.top
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=bn; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_131637m_14249c_MSnullpbgeneral79216186_d27082_l190996_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_131637m_14249c_MSnullpbgeneral79216186_d27082_l190996_clickunder; postback_watcher=%7B%22tag%22%3A%22d_131637m_14249c_MSnullpbgeneral79216186_d27082_l190996_clickunder%22%2C%22pb%22%3A%227cb13d3f9d3046d5bffca6ca03342b50%22%2C%22click_id%22%3A%22d42ea4084fd1a5e47fa4a165e06507a7%22%7D; auid=sv0O5mhXEA0o/2rbA0gbAg==; window_width=1280; che_g=6eed7fb3-39ec-7cdb-74c5-ed7c2b253ded
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:27 GMT
content-type: application/json
content-length: 23
x-dt: 1258
x-time-ng: 0.001
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=0.074, wf-uht;dur=0.008
X-Firefox-Spdy: h2

GET v3.traincdn.com/sys-static/shared-assets/__shared_popper_js_E2H7ZPXQ.js

185.244.209.62

200 OK

21 kB

URL GET
v3.traincdn.com/sys-static/shared-assets/__shared_popper_js_E2H7ZPXQ.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (21232)
Size
21 kB (21252 bytes)
Hash
3cf0cae38afae9add22f7884e5061231
2a41037501375a439385a76a047876619683418f
322482e3beae5a985d069beea981614510fda90a5df7295b776a324d461fc43d

HTTP Headers

GET /sys-static/shared-assets/__shared_popper_js_E2H7ZPXQ.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-446241.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:28 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-9d89555dafe6d74b80fc60221f88302b-671e740fd7f0bf8c-01
last-modified: Fri, 20 Jun 2025 14:13:24 GMT
etag: W/"3cf0cae38afae9add22f7884e5061231"
x-amz-meta-mtime: 1750428765.978144538
content-encoding: gzip
expires: Sun, 22 Jun 2025 09:08:26 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 39302
cache: HIT
x-cached-since: 2025-06-21T09:08:26+00:00
X-Firefox-Spdy: h2

GET 1xlite-446241.top/hd-api/external/assets/hdf.js

178.253.14.230

200 OK

4.1 kB

URL GET
1xlite-446241.top/hd-api/external/assets/hdf.js
IP
178.253.14.230:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerLet's Encrypt
Subject1xlite-446241.top
FingerprintE4:92:BE:BA:35:7C:95:77:03:ED:E9:CD:D0:F5:4B:0A:C0:31:E8:76
ValidityMon, 19 May 2025 05:20:46 GMT - Sun, 17 Aug 2025 05:20:45 GMT

File type
C++ source, ASCII text, with very long lines (874)
Size
4.1 kB (4083 bytes)
Hash
40eaa62ed21bd753172f4c307e2a41d0
f7b03c6b004562311c8ca00466179629738b2a40
60fed8cb321dc09e4e1d910b5822bd8f67d53d0962a41ddc9f5ac33edd4e2213

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /hd-api/external/assets/hdf.js HTTP/1.1
Host: 1xlite-446241.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-446241.top/bn/block
Cookie: platform_type=desktop; lng=bn; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_131637m_14249c_MSnullpbgeneral79216186_d27082_l190996_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_131637m_14249c_MSnullpbgeneral79216186_d27082_l190996_clickunder; postback_watcher=%7B%22tag%22%3A%22d_131637m_14249c_MSnullpbgeneral79216186_d27082_l190996_clickunder%22%2C%22pb%22%3A%227cb13d3f9d3046d5bffca6ca03342b50%22%2C%22click_id%22%3A%22d42ea4084fd1a5e47fa4a165e06507a7%22%7D; auid=sv0O5mhXEA0o/2rbA0gbAg==; window_width=1280; che_g=6eed7fb3-39ec-7cdb-74c5-ed7c2b253ded; SESSION=e53b53aa5026f32bde4a124f681445fb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:36 GMT
content-type: text/javascript; charset=utf-8
content-length: 1620
accept-ranges: bytes
cache-control: public, max-age=300
content-encoding: gzip
etag: 40eaa62ed21bd753172f4c307e2a41d0
vary: Accept-Encoding
x-dt: 1258
x-request-guid: be72831bd34f9fdd9cc4aa8f63cb387e
x-time-ng: 0.001
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=0.009, wf-uht;dur=0.011
X-Firefox-Spdy: h2

GET v3.traincdn.com/main-static/61792ac9/desktop/default/css/684d7545.css

185.244.209.62

200 OK

14 kB

URL GET
v3.traincdn.com/main-static/61792ac9/desktop/default/css/684d7545.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
ASCII text, with very long lines (14391), with no line terminators
Size
14 kB (14391 bytes)
Hash
a552d5db890b7f16e370b33cc587e807
a9dc47737b3e1d8ef6fcbb48c7c0b026c6fda545
0d7e00204297499711ae1da574d4635b31d8238ab4a663b382c44d850d24f3ec

HTTP Headers

GET /main-static/61792ac9/desktop/default/css/684d7545.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-446241.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:25 GMT
content-type: text/css; charset=utf-8
traceparent: 00-1f98cbc5ee3b47850ed1cd0ce70e04f8-90be22612cbc548e-01
last-modified: Thu, 19 Jun 2025 12:35:31 GMT
etag: W/"a552d5db890b7f16e370b33cc587e807"
x-amz-meta-mtime: 1750336529.991595231
content-encoding: gzip
expires: Fri, 20 Jun 2025 13:08:35 GMT
cache-control: max-age=86400
x-time-ng: 0.001
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 24694
cache: HIT
x-cached-since: 2025-06-21T13:11:51+00:00
X-Firefox-Spdy: h2

GET v3.traincdn.com/main-static/61792ac9/desktop/default/date-fns-locale-10-e6e49950.js

185.244.209.62

200 OK

11 kB

URL GET
v3.traincdn.com/main-static/61792ac9/desktop/default/date-fns-locale-10-e6e49950.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (7839), with no line terminators
Size
11 kB (11439 bytes)
Hash
289af03b1f5c9ab78871d235cda301cf
dd55b9b876e515a906e1af6121b49b8fd142ec68
7cea0a14bc894c2d6b2933599d99d1b14e262ec8aeb1ec4323852daea60dc12b

HTTP Headers

GET /main-static/61792ac9/desktop/default/date-fns-locale-10-e6e49950.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-446241.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:27 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-bb41109fe0f7e07c6498b84938eeaab3-d5d02e4ec4195d1c-01
last-modified: Thu, 19 Jun 2025 12:35:31 GMT
etag: W/"289af03b1f5c9ab78871d235cda301cf"
x-amz-meta-mtime: 1750336529.995595244
content-encoding: gzip
expires: Fri, 20 Jun 2025 18:29:11 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 65688
cache: HIT
x-cached-since: 2025-06-21T01:48:39+00:00
X-Firefox-Spdy: h2

GET v3.traincdn.com/main-static/61792ac9/desktop/default/css/7fe5f71b.css

185.244.209.62

200 OK

3.3 kB

URL GET
v3.traincdn.com/main-static/61792ac9/desktop/default/css/7fe5f71b.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
ASCII text, with very long lines (3313), with no line terminators
Size
3.3 kB (3313 bytes)
Hash
c610b8710368de3bf2f1c5bb581b6a3a
f67bc86785d434adb2e81a356a7926b8818ac567
fad7111846310042401990719146401178f22e2618abf2b058e641b6495e8eba

HTTP Headers

GET /main-static/61792ac9/desktop/default/css/7fe5f71b.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-446241.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:27 GMT
content-type: text/css; charset=utf-8
traceparent: 00-4f557d9c6947d368b280b3558ae93779-ac758c1032cba04d-01
last-modified: Thu, 19 Jun 2025 12:35:31 GMT
etag: W/"c610b8710368de3bf2f1c5bb581b6a3a"
x-amz-meta-mtime: 1750336529.991595231
content-encoding: gzip
expires: Fri, 20 Jun 2025 13:08:38 GMT
cache-control: max-age=86400
x-time-ng: 0.001
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 24696
cache: HIT
x-cached-since: 2025-06-21T13:11:51+00:00
X-Firefox-Spdy: h2

GET v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_main/bn/dictionary_d70bd228e4643c96bc62bc1ed58fd60a.json

185.244.209.62

200 OK

211 kB

URL GET
v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_main/bn/dictionary_d70bd228e4643c96bc62bc1ed58fd60a.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
211 kB (211248 bytes)
Hash
4dbe5be46833ee555804d58b62389ad7
ef407e2ede612ed02482562583d4394f7b23d78b
6748194b889a4bae83f2797793ea88434361210494a79e94db0d18bee24b747f

HTTP Headers

GET /genfiles/web-app-v2/dictionary2/v3_main/bn/dictionary_d70bd228e4643c96bc62bc1ed58fd60a.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-446241.top/
Origin: https://1xlite-446241.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:27 GMT
content-type: application/json; charset=utf-8
traceparent: 00-2e06ae00ea811d6483c50e12f85b4e6e-795acf1e839181ab-01
last-modified: Thu, 19 Jun 2025 06:06:02 GMT
etag: W/"42aaf5bfb09ed8ddbafccd8a719a6e9b"
cache-control: max-age=3600
content-encoding: gzip
expires: Thu, 19 Jun 2025 08:47:41 GMT
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 625
cache: HIT
x-cached-since: 2025-06-21T19:53:02+00:00
X-Firefox-Spdy: h2

GET v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2

185.244.209.62

200 OK

64 kB

URL GET
v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 63748, version 1.0
Size
64 kB (63748 bytes)
Hash
6887b6f24414dbc612dbf42ccdc76b70
8068d3abfbc6cbf35b55919da45b1f4d2d136238
fc5c015fc32518f1ed810fa84ca28941eb9d5a3c81acc8df69a4dbbeedef7b0c

HTTP Headers

GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-446241.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:27 GMT
content-type: font/woff2
content-length: 63748
traceparent: 00-38aab3db5606deb78497cb7dff340699-355179ae569ce5e1-01
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "6887b6f24414dbc612dbf42ccdc76b70"
expires: Thu, 16 Jan 2025 10:32:14 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 2643
cache: HIT
x-cached-since: 2025-06-21T19:19:24+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

GET v3.traincdn.com/sys-static/shared-assets/Desktop/__shared_base-app_5c24ba743a.js

185.244.209.62

200 OK

817 kB

URL GET
v3.traincdn.com/sys-static/shared-assets/Desktop/__shared_base-app_5c24ba743a.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (22892)
Size
817 kB (816976 bytes)
Hash
4bb8bffafb3327285627b1dae0860967
b8094e5f1f11335457d2fdd02691d4027f1b327d
348838080c75e34f5eb56571c8fdfcc5b4dde47011dd6eaa645de6bfdef4fc01

HTTP Headers

GET /sys-static/shared-assets/Desktop/__shared_base-app_5c24ba743a.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-446241.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:27 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-e91b536c279d8f9efb9ef3f58bd9cbf9-9f51d234a6d4449e-01
last-modified: Fri, 20 Jun 2025 13:00:39 GMT
etag: W/"4bb8bffafb3327285627b1dae0860967"
x-amz-meta-mtime: 1750424035.016973526
content-encoding: gzip
expires: Sat, 21 Jun 2025 13:49:44 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 22221
cache: HIT
x-cached-since: 2025-06-21T13:53:06+00:00
X-Firefox-Spdy: h2

GET v3.traincdn.com/sys-static/shared-assets/__shared_chunk_7HDOEZTP.js

185.244.209.62

200 OK

1.2 kB

URL GET
v3.traincdn.com/sys-static/shared-assets/__shared_chunk_7HDOEZTP.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (1193)
Size
1.2 kB (1194 bytes)
Hash
7e76c08e7f16815131a5f13a10c1efba
5f800877b78a0713157fe119bc1a2d9a260f72e1
c6f29a0c7c3ed884ccffd7a529fd2fc599e2da1f31af658146f0e36a3f4c00dc

HTTP Headers

GET /sys-static/shared-assets/__shared_chunk_7HDOEZTP.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-446241.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:28 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-c66602d866251deb062c8cdd1dd7f848-e654ebb8399d6dde-01
last-modified: Fri, 20 Jun 2025 14:13:24 GMT
etag: W/"7e76c08e7f16815131a5f13a10c1efba"
x-amz-meta-mtime: 1750428765.962144752
content-encoding: gzip
expires: Sun, 22 Jun 2025 08:09:04 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 42350
cache: HIT
x-cached-since: 2025-06-21T08:17:38+00:00
X-Firefox-Spdy: h2

GET v3.traincdn.com/sys-static/shared-assets/__shared_accept_language_parser_B6TW5FDZ.js

185.244.209.62

200 OK

1.3 kB

URL GET
v3.traincdn.com/sys-static/shared-assets/__shared_accept_language_parser_B6TW5FDZ.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (1265)
Size
1.3 kB (1297 bytes)
Hash
e3f1c4089db6b910890e85d97a2e2066
85828920da3c3fd7856acde184e835ac314295cd
6c28afe5a52e0f9b1138fe498b254c8671058a058b555651ccae8e91e7534614

HTTP Headers

GET /sys-static/shared-assets/__shared_accept_language_parser_B6TW5FDZ.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-446241.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:28 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-4555c7e367635df7d8ae7cc5c6f61ef7-8a5f871dfd4d0c7f-01
last-modified: Fri, 20 Jun 2025 14:13:24 GMT
etag: W/"e3f1c4089db6b910890e85d97a2e2066"
x-amz-meta-mtime: 1750428765.962144752
content-encoding: gzip
expires: Sat, 21 Jun 2025 17:53:38 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 7789
cache: HIT
x-cached-since: 2025-06-21T17:53:39+00:00
X-Firefox-Spdy: h2

GET v3.traincdn.com/sys-static/shared-assets/Desktop/__shared_344f9d75c4.js

185.244.209.62

200 OK

11 kB

URL GET
v3.traincdn.com/sys-static/shared-assets/Desktop/__shared_344f9d75c4.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (6971)
Size
11 kB (10572 bytes)
Hash
27a5b091df4e9fe3c26e853d6709a6d3
fa40a986e2c29b01058ade3a7f7d9c1cfa5715b4
6a759be0168c14e27a6daf314db777ea6f0ea818197eee328a839ff3ffa72423

HTTP Headers

GET /sys-static/shared-assets/Desktop/__shared_344f9d75c4.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-446241.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:28 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-cecae385c318ef8559dff8830d071719-cedf58b571ddca37-01
last-modified: Fri, 20 Jun 2025 13:00:39 GMT
etag: W/"27a5b091df4e9fe3c26e853d6709a6d3"
x-amz-meta-mtime: 1750424034.958968386
content-encoding: gzip
expires: Sun, 22 Jun 2025 01:48:56 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 65672
cache: HIT
x-cached-since: 2025-06-21T01:48:56+00:00
X-Firefox-Spdy: h2

GET v3.traincdn.com/version.json

185.244.209.62

200 OK

11 B

URL GET
v3.traincdn.com/version.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
ASCII text
Size
11 B (11 bytes)
Hash
12c4804389852fa8685844f2635a8707
3463a056f3af2afa31c692ce608cd627d5d45300
43c67b7a36b1aec5ba5aed79ec0878b293657c4e14e4b70c10f08e48cb23ef1d

HTTP Headers

GET /version.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-446241.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-446241.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:25 GMT
content-type: application/json
content-length: 11
traceparent: 00-d417ff6d469bea3e7fa9ae1981db330f-189393e57ef17e16-01
last-modified: Thu, 19 Jun 2025 12:35:52 GMT
etag: "12c4804389852fa8685844f2635a8707"
x-amz-meta-mtime: 1750336552.15566702
expires: Thu, 19 Jun 2025 12:38:00 GMT
cache-control: max-age=60
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 51
cache: HIT
x-cached-since: 2025-06-21T20:02:34+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

GET v3.traincdn.com/genfiles/cms/1-1258/desktop/media_asset/5dcd60a4ec3fb197293c001befdf067b.json

185.244.209.62

200 OK

14 kB

URL GET
v3.traincdn.com/genfiles/cms/1-1258/desktop/media_asset/5dcd60a4ec3fb197293c001befdf067b.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
14 kB (14466 bytes)
Hash
1a7ec72aad44f9540cb604d7cde5ff38
65e5851d652e0471c213282efb5eeee31ae813db
94d4bf6bc00a09b766ea0ba441e860dc40ee6d398be80e89016dd0ee662869d6

HTTP Headers

GET /genfiles/cms/1-1258/desktop/media_asset/5dcd60a4ec3fb197293c001befdf067b.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-446241.top/
Origin: https://1xlite-446241.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:27 GMT
content-type: application/json
traceparent: 00-5a7fd6d536a18a69571e5c6a5328e0ed-8d5359f3251a17c2-01
last-modified: Mon, 16 Jun 2025 11:27:34 GMT
etag: W/"1a7ec72aad44f9540cb604d7cde5ff38"
content-encoding: gzip
expires: Tue, 17 Jun 2025 09:02:58 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
cache: REVALIDATED
X-Firefox-Spdy: h2

GET v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/8192228305b202797f207eeb6842287c.png

185.244.209.62

200 OK

5.2 kB

URL GET
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/8192228305b202797f207eeb6842287c.png
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
PNG image data, 514 x 514, 8-bit colormap, non-interlaced
Size
5.2 kB (5202 bytes)
Hash
b9a636eef54b2844b571fe7de49184a7
bf653690790ced40eb3189da075a275d951d1607
001bfcdd52b658d46543a1aec889d35b73b3909b47097cc011b95e96fc9e3743

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/8192228305b202797f207eeb6842287c.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-446241.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:27 GMT
content-type: image/png
content-length: 5202
traceparent: 00-44a7f7db0d9ed9afd26a6bb7dbff7fc8-4441394d474df93e-01
last-modified: Wed, 26 Jun 2024 08:22:59 GMT
etag: "b9a636eef54b2844b571fe7de49184a7"
expires: Thu, 16 Jan 2025 11:18:57 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 2190
cache: HIT
x-cached-since: 2025-06-21T19:26:57+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

GET v3.traincdn.com/genfiles/cms/1-1258/desktop/media_asset/8c9565bcb3d75b5e56cf36e61ca88fc7.json

185.244.209.62

200 OK

465 B

URL GET
v3.traincdn.com/genfiles/cms/1-1258/desktop/media_asset/8c9565bcb3d75b5e56cf36e61ca88fc7.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
465 B (465 bytes)
Hash
c18f57f4aff3cdc9ac4e9b71b54a5810
11e0ec9094d11ec4bfe5ef61cd09aa827df836d4
4844ea1e167daceb7a53a3b70c83d4389c19d42d0c1af060daf3a91ee7dbe64a

HTTP Headers

GET /genfiles/cms/1-1258/desktop/media_asset/8c9565bcb3d75b5e56cf36e61ca88fc7.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-446241.top/
Origin: https://1xlite-446241.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:28 GMT
content-type: application/json
content-length: 465
traceparent: 00-bba4a7f0b88f68fbf8ca1f3e4f236d51-4bdeb13f3db62cbf-01
last-modified: Mon, 01 Jul 2024 11:34:34 GMT
etag: "c18f57f4aff3cdc9ac4e9b71b54a5810"
expires: Thu, 05 Jun 2025 08:40:15 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

GET v3.traincdn.com/genfiles/cms/1-1258/desktop/media_asset/3269ef480c0b8ea6baff7a6c347f07f7.json

185.244.209.62

200 OK

1.3 kB

URL GET
v3.traincdn.com/genfiles/cms/1-1258/desktop/media_asset/3269ef480c0b8ea6baff7a6c347f07f7.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
1.3 kB (1342 bytes)
Hash
499d57f89b2bf5fed52d984d865fd72c
f3dd138886f2c1e257d3ac2214b7e3cba57e56b2
9467cf5576ce2a97d9e44e53915a9c4ae529c134cc1ea5a3c62ea304eebda0c8

HTTP Headers

GET /genfiles/cms/1-1258/desktop/media_asset/3269ef480c0b8ea6baff7a6c347f07f7.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-446241.top/
Origin: https://1xlite-446241.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:28 GMT
content-type: application/json
traceparent: 00-70b3022b75bd4f5382e1a60f653f2660-1bf53dc9cdb4eb44-01
last-modified: Thu, 27 Feb 2025 08:18:57 GMT
etag: W/"499d57f89b2bf5fed52d984d865fd72c"
content-encoding: gzip
expires: Wed, 11 Jun 2025 10:06:31 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
cache: REVALIDATED
X-Firefox-Spdy: h2

GET v3.traincdn.com/sys-static/shared-assets/__shared_libphonenumber_js_Q6RMKWT6.js

185.244.209.62

200 OK

159 kB

URL GET
v3.traincdn.com/sys-static/shared-assets/__shared_libphonenumber_js_Q6RMKWT6.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
ASCII text, with very long lines (65509)
Size
159 kB (158815 bytes)
Hash
1da464d70e78b04b9b808e82e4ad9487
0c79e65516d1525ecb43d13cfb4ccb0631095a28
b4c72b8036ca6767ab61490178f901538646f2aa1001cb042caa134174a41595

HTTP Headers

GET /sys-static/shared-assets/__shared_libphonenumber_js_Q6RMKWT6.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-446241.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:27 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-4ac3d4398ac37d1add9d39e4d3404bf6-c04ca6153dc3bc10-01
last-modified: Fri, 20 Jun 2025 14:13:24 GMT
etag: W/"1da464d70e78b04b9b808e82e4ad9487"
x-amz-meta-mtime: 1750428765.962144752
content-encoding: gzip
expires: Sun, 22 Jun 2025 08:09:02 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 42349
cache: HIT
x-cached-since: 2025-06-21T08:17:38+00:00
X-Firefox-Spdy: h2

GET v3.traincdn.com/genfiles/cms/1-1258/desktop/media_asset/1244ce60e9a4e015fc2b1c21b064b936.json

185.244.209.62

200 OK

13 kB

URL GET
v3.traincdn.com/genfiles/cms/1-1258/desktop/media_asset/1244ce60e9a4e015fc2b1c21b064b936.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
13 kB (13278 bytes)
Hash
2b474bcc2f009b70e64e2b5a95dd50a4
1fd5ee2d54da7dfbf61e67efd938a89c548fc866
f86d880575f3f65ddaaf9e8a0e3746bbbefcefe7e6c0c4441e9e20ceffdca237

HTTP Headers

GET /genfiles/cms/1-1258/desktop/media_asset/1244ce60e9a4e015fc2b1c21b064b936.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-446241.top/
Origin: https://1xlite-446241.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:28 GMT
content-type: application/json
traceparent: 00-5f914845e94917ecb13ca41ddc048e68-b5ea4e5ebbaa2367-01
last-modified: Wed, 12 Mar 2025 09:36:48 GMT
etag: W/"2b474bcc2f009b70e64e2b5a95dd50a4"
content-encoding: gzip
expires: Sat, 21 Jun 2025 05:37:18 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
cache: REVALIDATED
X-Firefox-Spdy: h2

GET v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/e51c24c8ac.js

185.244.209.62

200 OK

3.9 kB

URL GET
v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/e51c24c8ac.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (3873)
Size
3.9 kB (3874 bytes)
Hash
bb033fb223aa7b54248f6272392312dd
f7d5bd65a89f494cafc91ead618b32ac124e4764
cea19f93dd8cb316d74d251619e24ccee56002bc87cf5fb6fb452cb62133dbfe

HTTP Headers

GET /sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/e51c24c8ac.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-446241.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:28 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-9579858e6426e4e490c6bc513d2f906e-435d7ea1ee1ea9e3-01
last-modified: Wed, 18 Jun 2025 13:47:11 GMT
etag: W/"bb033fb223aa7b54248f6272392312dd"
x-amz-meta-mtime: 1750254148.964235056
content-encoding: gzip
expires: Thu, 19 Jun 2025 13:50:23 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 21672
cache: HIT
x-cached-since: 2025-06-21T14:02:16+00:00
X-Firefox-Spdy: h2

GET 1xlite-446241.top/main-static/61792ac9/check-ob.js

178.253.14.230

200 OK

219 B

URL GET
1xlite-446241.top/main-static/61792ac9/check-ob.js
IP
178.253.14.230:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerLet's Encrypt
Subject1xlite-446241.top
FingerprintE4:92:BE:BA:35:7C:95:77:03:ED:E9:CD:D0:F5:4B:0A:C0:31:E8:76
ValidityMon, 19 May 2025 05:20:46 GMT - Sun, 17 Aug 2025 05:20:45 GMT

File type
JavaScript source, ASCII text
Size
219 B (219 bytes)
Hash
c065700c9c8c493403359e1f2baa10d9
4630fe729e70bdf63fa7ba6c84ec277fd1f51030
1e61f0c82ae82ffcf503fcd4b4c8ae27b32c11e19b882d5d13f3c44364c893f4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /main-static/61792ac9/check-ob.js HTTP/1.1
Host: 1xlite-446241.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-446241.top/bn/block
Cookie: platform_type=desktop; lng=bn; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_131637m_14249c_MSnullpbgeneral79216186_d27082_l190996_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_131637m_14249c_MSnullpbgeneral79216186_d27082_l190996_clickunder; postback_watcher=%7B%22tag%22%3A%22d_131637m_14249c_MSnullpbgeneral79216186_d27082_l190996_clickunder%22%2C%22pb%22%3A%227cb13d3f9d3046d5bffca6ca03342b50%22%2C%22click_id%22%3A%22d42ea4084fd1a5e47fa4a165e06507a7%22%7D; auid=sv0O5mhXEA0o/2rbA0gbAg==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:25 GMT
content-type: text/javascript; charset=utf-8
content-length: 219
last-modified: Thu, 19 Jun 2025 12:35:52 GMT
etag: "c065700c9c8c493403359e1f2baa10d9"
x-amz-meta-mtime: 1750336551.243664066
expires: Sun, 22 Jun 2025 20:03:25 GMT
cache-control: max-age=86400
x-time-ng: 0.000
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.012
X-Firefox-Spdy: h2

GET v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/c0e02032d1.css

185.244.209.62

200 OK

11 kB

URL GET
v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/c0e02032d1.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
ASCII text, with very long lines (11072)
Size
11 kB (11073 bytes)
Hash
3d3e04f603cc58802ff96240abbdc3aa
e7e6a5d59c97236922354b40d288736f034a1ce3
611f7a963cd4aa278f1ba51f2401247df8c658929b76bfdce45bec08be83d7bd

HTTP Headers

GET /sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/c0e02032d1.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-446241.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:26 GMT
content-type: text/css; charset=utf-8
traceparent: 00-4bb073c383ebc52352fcf7cab72e7ebc-01d4bbbcc4747227-01
last-modified: Wed, 18 Jun 2025 13:47:11 GMT
etag: W/"3d3e04f603cc58802ff96240abbdc3aa"
x-amz-meta-mtime: 1750254148.963235023
content-encoding: gzip
expires: Thu, 19 Jun 2025 16:10:36 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 13766
cache: HIT
x-cached-since: 2025-06-21T16:14:00+00:00
X-Firefox-Spdy: h2

GET v3.traincdn.com/genfiles/site-admin/css_vars/29b5cda95fa390c124de39b6aeca6d24.css

185.244.209.62

200 OK

46 B

URL GET
v3.traincdn.com/genfiles/site-admin/css_vars/29b5cda95fa390c124de39b6aeca6d24.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
46 B (46 bytes)
Hash
29b5cda95fa390c124de39b6aeca6d24
46f68f69533c1fdc737eb36e8e7af7672178e610
6021ec0aede22eadcb8401fe945d345202320437c7be01b157f0cb282ebe7c88

HTTP Headers

GET /genfiles/site-admin/css_vars/29b5cda95fa390c124de39b6aeca6d24.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-446241.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:27 GMT
content-type: text/css
content-length: 46
traceparent: 00-7e21cca22cdf1d9e3296ac5b5e37f1a9-7e948aeec6a3ab8e-01
last-modified: Thu, 20 Mar 2025 13:29:31 GMT
etag: "29b5cda95fa390c124de39b6aeca6d24"
cache-control: max-age=3600
expires: Thu, 20 Mar 2025 14:32:37 GMT
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 986
cache: HIT
x-cached-since: 2025-06-21T19:47:01+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

GET v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/entry-f161b37ed6.js

185.244.209.62

200 OK

21 kB

URL GET
v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/entry-f161b37ed6.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20628)
Size
21 kB (21168 bytes)
Hash
f5cdb4f31f025ebc20061834b1c8c497
d411ed0e68449a002f48537732336b8bb7624438
9d0a4a8960a6379b5dee32f6111d95ab742fd031a0edcc069f5b7b19d3195c9e

HTTP Headers

GET /sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/entry-f161b37ed6.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-446241.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-446241.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:27 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-2f668a91b19d675f12aa7ff88b72a836-9c1fb3aa8f0682cf-01
last-modified: Wed, 18 Jun 2025 13:47:11 GMT
etag: W/"f5cdb4f31f025ebc20061834b1c8c497"
x-amz-meta-mtime: 1750254148.965235089
content-encoding: gzip
expires: Thu, 19 Jun 2025 13:50:14 GMT
cache-control: max-age=86400
x-time-ng: 0.001
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 21673
cache: HIT
x-cached-since: 2025-06-21T14:02:14+00:00
X-Firefox-Spdy: h2

GET v3.traincdn.com/genfiles/cms/1-1258/desktop/media_asset/625e1f2832090ba0fc7373dedf6388bd.json

185.244.209.62

200 OK

328 B

URL GET
v3.traincdn.com/genfiles/cms/1-1258/desktop/media_asset/625e1f2832090ba0fc7373dedf6388bd.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
328 B (328 bytes)
Hash
4347fc050ebe622e30a7bf78a213b5a0
c05b3b571980b01ff9f07e6adc1c29c58be70bd1
ed1b1193a248bf273141c31b7f74dd1224416b3757e5a71f2e7d579c50d65d57

HTTP Headers

GET /genfiles/cms/1-1258/desktop/media_asset/625e1f2832090ba0fc7373dedf6388bd.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-446241.top/
Origin: https://1xlite-446241.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:28 GMT
content-type: application/json
content-length: 328
traceparent: 00-dde194d0d65eec6fb875cfc370b10050-c0f5e99dd1ae5a9d-01
last-modified: Thu, 27 Feb 2025 10:57:19 GMT
etag: "4347fc050ebe622e30a7bf78a213b5a0"
expires: Thu, 05 Jun 2025 08:40:15 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

POST 1xlite-446241.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json

178.253.14.230

200 OK

23 B

URL POST
1xlite-446241.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json
IP
178.253.14.230:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerLet's Encrypt
Subject1xlite-446241.top
FingerprintE4:92:BE:BA:35:7C:95:77:03:ED:E9:CD:D0:F5:4B:0A:C0:31:E8:76
ValidityMon, 19 May 2025 05:20:46 GMT - Sun, 17 Aug 2025 05:20:45 GMT

File type
JSON text data
Size
23 B (23 bytes)
Hash
9d8546fc0463fb72a06ba1cbfa2efffa
fd35aa4c51fde4d4de607facb7b004691ee44401
74a9131194500f751704b30f8b989fc7adb9b5a9b6ee379c3c70e31d806fcf88

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json HTTP/1.1
Host: 1xlite-446241.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-446241.top/bn/block
Content-Type: application/json
X-Lang: bn
X-Uuid: d1c3e437-ebd6-4c0e-9459-8affa3a5bade
Content-Length: 72
Origin: https://1xlite-446241.top
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=bn; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_131637m_14249c_MSnullpbgeneral79216186_d27082_l190996_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_131637m_14249c_MSnullpbgeneral79216186_d27082_l190996_clickunder; postback_watcher=%7B%22tag%22%3A%22d_131637m_14249c_MSnullpbgeneral79216186_d27082_l190996_clickunder%22%2C%22pb%22%3A%227cb13d3f9d3046d5bffca6ca03342b50%22%2C%22click_id%22%3A%22d42ea4084fd1a5e47fa4a165e06507a7%22%7D; auid=sv0O5mhXEA0o/2rbA0gbAg==; window_width=1280; che_g=6eed7fb3-39ec-7cdb-74c5-ed7c2b253ded
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:28 GMT
content-type: application/json
content-length: 23
x-dt: 1258
x-time-ng: 0.000
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=0.008, wf-uht;dur=0.013
X-Firefox-Spdy: h2

GET radar.cedexis.com/1707728419/stub.js

45.54.49.5

200 OK

390 B

URL GET
radar.cedexis.com/1707728419/stub.js
IP
45.54.49.5:443
ASN
#63911 NetActuate, Inc

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerDigiCert Inc
Subjectradar.cedexis.com
FingerprintA2:3E:30:19:D5:41:3A:11:81:58:E3:B1:6F:F4:D2:78:0B:44:6F:D0
ValidityFri, 07 Mar 2025 00:00:00 GMT - Fri, 06 Mar 2026 23:59:59 GMT

File type
JavaScript source, ASCII text
Size
390 B (390 bytes)
Hash
82dec77fd0353c7c71ce053b8601387e
fbbca95419e1d0c042e0a5fdf10f380aca66188c
39f2b7b0fa78d37d0c84d2d6618bd635d86fd683d9bcdd5729850cb2a62522f7

HTTP Headers

GET /1707728419/stub.js HTTP/1.1
Host: radar.cedexis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-446241.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 21 Jun 2025 20:03:38 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 12 Feb 2024 09:50:42 GMT
Vary: Accept-Encoding
ETag: W/"65c9e9f2-186"
Expires: Sat, 05 Jul 2025 20:03:38 GMT
Cache-Control: max-age=1209600, public
Content-Encoding: gzip

GET v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2

185.244.209.62

200 OK

64 kB

URL GET
v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 63748, version 1.0
Size
64 kB (63748 bytes)
Hash
6887b6f24414dbc612dbf42ccdc76b70
8068d3abfbc6cbf35b55919da45b1f4d2d136238
fc5c015fc32518f1ed810fa84ca28941eb9d5a3c81acc8df69a4dbbeedef7b0c

HTTP Headers

GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-446241.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:26 GMT
content-type: font/woff2
content-length: 63748
traceparent: 00-f74c5299ea25887337e675f6ea57cc0f-ab3b41c42e725f24-01
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "6887b6f24414dbc612dbf42ccdc76b70"
expires: Thu, 16 Jan 2025 10:32:14 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 2642
cache: HIT
x-cached-since: 2025-06-21T19:19:24+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

GET 1xlite-446241.top/captcha-api/assets/hunt-captcha.js

178.253.14.230

200 OK

86 kB

URL GET
1xlite-446241.top/captcha-api/assets/hunt-captcha.js
IP
178.253.14.230:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-446241.top/bn/block
Certificate
IssuerLet's Encrypt
Subject1xlite-446241.top
FingerprintE4:92:BE:BA:35:7C:95:77:03:ED:E9:CD:D0:F5:4B:0A:C0:31:E8:76
ValidityMon, 19 May 2025 05:20:46 GMT - Sun, 17 Aug 2025 05:20:45 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
86 kB (85627 bytes)
Hash
7c8fa1a657a274f5569fac4989528cc9
43509c7a4e32e8075147e66ee58afdc5efa58ef9
4777207c1a8f6c4a33f5c41d15f9ca068c54193af6c76f586dbc292cf04cea50

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /captcha-api/assets/hunt-captcha.js HTTP/1.1
Host: 1xlite-446241.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-446241.top/bn/block
Cookie: platform_type=desktop; lng=bn; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_131637m_14249c_MSnullpbgeneral79216186_d27082_l190996_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_131637m_14249c_MSnullpbgeneral79216186_d27082_l190996_clickunder; postback_watcher=%7B%22tag%22%3A%22d_131637m_14249c_MSnullpbgeneral79216186_d27082_l190996_clickunder%22%2C%22pb%22%3A%227cb13d3f9d3046d5bffca6ca03342b50%22%2C%22click_id%22%3A%22d42ea4084fd1a5e47fa4a165e06507a7%22%7D; auid=sv0O5mhXEA0o/2rbA0gbAg==; window_width=1280; che_g=6eed7fb3-39ec-7cdb-74c5-ed7c2b253ded; SESSION=e53b53aa5026f32bde4a124f681445fb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jun 2025 20:03:36 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=300
content-encoding: br
vary: Accept-Encoding
x-dt: 1258
x-request-id: 1ca751d08c6d4f2dead563e31095ae59
x-time-ng: 0.002
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=0.008, wf-uht;dur=0.013
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (51)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML