{"report_id":"74002760-c4c0-4fd5-b985-e165915eae87","version":6,"status":"done","tags":[],"date":"2025-12-31T09:27:00Z","url":{"schema":"http","addr":"1xlite-45347.bar/","fqdn":"1xlite-45347.bar","domain":"1xlite-45347.bar","tld":"bar"},"ip":{"addr":"178.253.24.51","port":0,"asn":202492,"as":"Silverhill Group Holding Ltd","country":"Iran","country_code":"IR"},"final":{"url":{"schema":"https","addr":"1xlite-45347.bar/en/block","fqdn":"1xlite-45347.bar","domain":"1xlite-45347.bar","tld":"bar"},"title":"1xBet","dom":{"size":22052,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (17912)","md5":"6b986ec52aabc9f9389bbd8f4386b8c3","sha1":"872d1c3ba1d177a570944c4acbd4a13e8bc0d4db","sha256":"fb97163d5345086e27f590e2ae99ef3de0d92c867b3964b2073c337eb88b1c9d","sha512":"0d838eb90c81174281cd7ed2b05e5e3f21edbea5b371f360e4817edb17b2c1fcf6125a1af37d74991ca65e253b44e8716b5914387555ac132bd290ffcae03918","ssdeep":"384:6cihZx4MRAsEqVCr3rywsf3EqOt8H7spXi4qt/0+To:psMr3rywy/OaApXi4E/0+c","tlshash":"b4a2e847f46c7017b7f765dc883aaa8be6afe727c659d19192fd81c40f86a57b203800","dom_hash":"domhash16459a11c48a968b7d0cdd94fbed685b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"1xlite-45347.bar/","fqdn":"1xlite-45347.bar","domain":"1xlite-45347.bar","tld":"bar"},"ip":{"addr":"178.253.24.51","port":0,"asn":202492,"as":"Silverhill Group Holding Ltd","country":"Iran","country_code":"IR"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-04T09:27:00Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"1xlite-45347.bar","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"radar.cedexis.com","ip":{"addr":"45.54.49.5","port":443,"asn":63911,"as":"NetActuate, Inc","country":"United States","country_code":"US"},"domain_registered":"2009-01-07","domain_rank":28156,"first_seen":"2013-11-27T02:31:43Z","last_seen":"2025-12-30T08:54:12.007239Z","alert_count":0,"request_count":2,"received_data":1415,"sent_data":848,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"1xlite-45347.bar","ip":{"addr":"178.253.24.51","port":443,"asn":202492,"as":"Silverhill Group Holding Ltd","country":"Iran","country_code":"IR"},"domain_registered":"2025-07-09","domain_rank":0,"first_seen":"2025-11-07T14:35:49.858452Z","last_seen":"2025-11-07T14:35:49.858452Z","alert_count":10,"request_count":10,"received_data":67102,"sent_data":6771,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"www.google.no","ip":{"addr":"142.251.38.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2001-02-26","domain_rank":92680,"first_seen":"2012-06-26T23:22:08Z","last_seen":"2025-12-28T22:19:36.894477Z","alert_count":0,"request_count":1,"received_data":580,"sent_data":775,"comment":"","tags":null,"fingerprints":null},{"fqdn":"region1.analytics.google.com","ip":{"addr":"216.239.34.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":22257,"first_seen":"2022-03-17T11:26:33Z","last_seen":"2025-12-28T22:22:58.360429Z","alert_count":0,"request_count":2,"received_data":1700,"sent_data":2105,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.251.38.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2025-12-28T22:17:36.419718Z","alert_count":0,"request_count":1,"received_data":510443,"sent_data":437,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"v3.traincdn.com","ip":{"addr":"185.244.209.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Norway","country_code":"NO"},"domain_registered":"2022-11-10","domain_rank":256434,"first_seen":"2022-11-25T10:00:40Z","last_seen":"2025-12-30T01:12:22.713533Z","alert_count":0,"request_count":36,"received_data":3133236,"sent_data":18054,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"v3.traincdn.com/sys-static/shared-assets/Desktop/__shared_67be4069d3.js","fqdn":"v3.traincdn.com","domain":"traincdn.com","tld":"com"},"ip":{"addr":"185.244.209.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Norway","country_code":"NO"},"introduction_type":"importedModule","is_inline":false,"md5":"00e9a1cb57562ecdbc4f8a438ff0d3a7","sha1":"18b312426460be06bfc557ef8d24fc9328935b47","sha256":"360358fda10eb3510d6f69bd8362258043c0092d0c085fd24c1996fa20303790","sha512":"af88385a60878abfb1fffe9275e125445f0c177a9302a0ecb431dbdb7bba0c7888d4981323c78ea48278b821ec6a9a9c62bfa193a8dc684e6c2add3004d5edba","ssdeep":"","tlshash":"1cd0eb3d6ff1e0b5330528ff322b719233093c04930ad4a300a6036801c80faa275e3a","size":291,"data":"","first_seen":"2025-12-23T20:54:42.051787Z","last_seen":"2026-01-14T07:33:59.011214Z","times_seen":183,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/19734a1859.js","fqdn":"v3.traincdn.com","domain":"traincdn.com","tld":"com"},"ip":{"addr":"185.244.209.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Norway","country_code":"NO"},"introduction_type":"importedModule","is_inline":false,"md5":"0de0c156338f3d41ab95438c3d50bf21","sha1":"a39a274e2f641a2ed9c25a57fb8206974ad2c262","sha256":"1af1032c4d01a1d34bc1f6932bc12fcbe55b50735cee5caefdcd5fdca4591cb7","sha512":"2a894ed85c825eb50db36a6a733e0b521d6bb5128d21fcdca4beffc12f9795b3e20ef869d5404ebef83d6c68e0a8b997e31c16a41453c2b2b947e8421970d8a7","ssdeep":"","tlshash":"9bc08c0f24a85837826e4ef8991021421e0d85e533e105c8ed0c83ba032a4d3854e62a","size":165,"data":"","first_seen":"2025-12-23T20:54:41.987403Z","last_seen":"2026-01-14T07:33:59.049088Z","times_seen":114,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/708191bc33.js","fqdn":"v3.traincdn.com","domain":"traincdn.com","tld":"com"},"ip":{"addr":"185.244.209.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Norway","country_code":"NO"},"introduction_type":"scriptElement","is_inline":false,"md5":"f558fd5629eaf2411a804db7a8f35d89","sha1":"c9239b8810c39517704dfc46f746c3f03136b466","sha256":"481f44e30fbad7065c6cf53e1b699af33c6afe77c4ecb17095eed9022c388e5e","sha512":"d10fc5869f68eea2268d0d3c9dc465268e348063a9b50a0401e0f08c91418da9bc75b187d1138b6f4676128a5241450ed60b2d2632407e58ff1cb501d3e526bc","ssdeep":"","tlshash":"84717346ac78f5f6ba0782a83d2344f0cb1fac2ed16449eae1f4c6bc129d4952432f57","size":3730,"data":"","first_seen":"2025-12-23T20:54:42.009554Z","last_seen":"2026-01-14T07:33:59.0485Z","times_seen":114,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/entry-bbdf0b7ffc.js","fqdn":"v3.traincdn.com","domain":"traincdn.com","tld":"com"},"ip":{"addr":"185.244.209.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Norway","country_code":"NO"},"introduction_type":"scriptElement","is_inline":false,"md5":"538f7cf8c223d576e55ec57979962f1b","sha1":"a2d705e712322178eda29a6f371affc79ab46770","sha256":"7561410894dd995cafda66d9bf39de55d8f52e98058f4d0a46cfe105c45087e1","sha512":"e9a0d6b81f2d59235b74526d96411ae6e4e66c391e6df4a37a6da3b0ea9ebb1f608095a051d4ee3270ddab356665c2527977d64976a96bc026e613daee684fc0","ssdeep":"384:HkJQgN7zrAiEqUb8To4lGSdlqll70JGhPhjwVTGxcPRDCEBzua4QIiouV+2cTrcL:HkWuZEqc8To4rdlqll70JwPhjwV6xgRd","tlshash":"e2a21f7c219cf0f535cb459537f6bc526688ad2ff98abcd6409789cc03da04cc9663aa","size":22542,"data":"","first_seen":"2025-12-23T20:54:42.05595Z","last_seen":"2026-01-14T07:33:59.035481Z","times_seen":115,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v3.traincdn.com/sys-static/shared-assets/Desktop/__shared_base-app_1e35a72ffc.js","fqdn":"v3.traincdn.com","domain":"traincdn.com","tld":"com"},"ip":{"addr":"185.244.209.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Norway","country_code":"NO"},"introduction_type":"importedModule","is_inline":false,"md5":"c0122178324b698b365f113bbe9f6cc2","sha1":"93adf11ecaba172a5ebf4042e249c0a4498ea5c0","sha256":"1f0e6e4b2f677f8ab4ee137d290d4bc5d788cd6d8ed1f80817a0222ea04095e5","sha512":"c536594213b8367a3a21ade27b64495481b2aa1c826c1bc2e641c54ab59463b3801eadf574c7b3375b8b3ca466c351cfeca1f74d54b66712bd5d1f891e0c3cd8","ssdeep":"49152:2FLjr8yGOI5w7RySDDAjLr2A234Y1Kl/F/Wmr4js:8E52a","tlshash":"06759d55f0467d223ee745e5a0771282b69c5a9ec408f4a4f1fbc8e83a8f44452afb7c","size":1628255,"data":"","first_seen":"2025-12-23T20:54:42.08575Z","last_seen":"2026-01-14T07:33:59.056196Z","times_seen":183,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/ec95a66bfe.js","fqdn":"v3.traincdn.com","domain":"traincdn.com","tld":"com"},"ip":{"addr":"185.244.209.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Norway","country_code":"NO"},"introduction_type":"scriptElement","is_inline":false,"md5":"ea480642e3fdad5b9118b3b2458455a7","sha1":"7d0a927ea118fd45b8b0342fff295cb3361d9387","sha256":"94cbddfb1ac92d6901543646d503a528b4132e388c6bde226782589026772e6d","sha512":"46d0e4811c5e32385998cad926bf723b16b83a610a189c731f37e84a3a4c0e7a30033e8a5c78669815201137d7c44dc22b7865c466dbeba22a65fdfe236916d1","ssdeep":"192:FhpR0b23WsQ0W99z/ULrcZkprVTrQitHZs6CS+v1d0:HpR0b23WsQ0W99z/YcZk/T7i6CS+v1y","tlshash":"abd1d6ad1ff930b420650fd8be1224b197a81d2793ec88f6ea590f64033d449c6ba967","size":6742,"data":"","first_seen":"2025-12-23T20:54:42.063151Z","last_seen":"2026-01-14T07:33:59.042438Z","times_seen":115,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"1xlite-45347.bar/en/block","fqdn":"1xlite-45347.bar","domain":"1xlite-45347.bar","tld":"bar"},"ip":{"addr":"178.253.24.51","port":443,"asn":202492,"as":"Silverhill Group Holding Ltd","country":"Iran","country_code":"IR"},"introduction_type":"scriptElement","is_inline":true,"md5":"dafb343aac3fe5ca646b209532d36997","sha1":"53e7e61d359e4302e8a8a993ef87941addbdcd3a","sha256":"27054e18281f5b986021cef8efafab9b9fbf6b6dc64a0027cca8bbb3050dc6d4","sha512":"2431a1f17b00f26dd58d329f3c4bcd32aeacc95ece9d1ac6086772ba90aa32700431daabebc5431f41654b2018b3bb9638215e2c0953c16188a17ccc8673c125","ssdeep":"","tlshash":"f6e0cd969519f61b5c33681d896c8b0f95c97e75500d795dc034855c3a53456106723a","size":308,"data":"","first_seen":"2025-12-10T10:19:59.465768Z","last_seen":"2026-04-04T22:24:03.803214Z","times_seen":830,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"1xlite-45347.bar/en/block","fqdn":"1xlite-45347.bar","domain":"1xlite-45347.bar","tld":"bar"},"ip":{"addr":"178.253.24.51","port":443,"asn":202492,"as":"Silverhill Group Holding Ltd","country":"Iran","country_code":"IR"},"introduction_type":"scriptElement","is_inline":true,"md5":"552bcb33e22724fbba144d84c45cbc3f","sha1":"b229d2434925290826210b3bd2197913656bdc2f","sha256":"5626773f91c57ba40e112922ce82a552a1dbcf8f397c8c12e8b5d87f6b691d8a","sha512":"6379840af1135de902eb4bef30552c4ca86ffaef59f6c688af9f00c0f8b1bd6519e56c7b798ffd9ea77b9db8991123131cf323f88a357546fd028fe6982c7d3e","ssdeep":"","tlshash":"d5211d25907c0a3f8a27462ea303ba419fad007622d67b1cf61c4f8ca6c62cda1136c7","size":1434,"data":"","first_seen":"2025-12-23T01:00:00.357529Z","last_seen":"2026-01-13T02:10:46.02517Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/$_$.js","fqdn":"v3.traincdn.com","domain":"traincdn.com","tld":"com"},"ip":{"addr":"185.244.209.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Norway","country_code":"NO"},"introduction_type":"importedModule","is_inline":false,"md5":"2cdaa92927f02e0b628f1ef4d7dd8caf","sha1":"9104a2e16ed080b80a42588b8aeb52ebec47ab7a","sha256":"ef8101ffea52addcdcfcc3a83f96ff2d4613fb3ae6d1c16bbe4852387b73a9db","sha512":"31da80bc1b17aa708fef74b0211af91fce1b4a5f518f11e5caa80f50e9a7791b6e94924e381f550fc44a02f4c1d785e5b95fa2464e7968b5cab079612d70d839","ssdeep":"","tlshash":"1ba002935a5ef66c209044860696e74733823d6a3477b1d625bc5509e6061474817257","size":69,"data":"","first_seen":"2025-05-14T05:06:37.199299Z","last_seen":"2026-03-18T19:40:26.76398Z","times_seen":5502,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v3.traincdn.com/sys-static/shared-assets/__shared_popper_js_WZJKYEQD.js","fqdn":"v3.traincdn.com","domain":"traincdn.com","tld":"com"},"ip":{"addr":"185.244.209.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Norway","country_code":"NO"},"introduction_type":"importedModule","is_inline":false,"md5":"bea5b052c307601192270938523fa030","sha1":"937f7094c67f5a92c1032a7bc3f21ee94bec66ef","sha256":"f41290374ba615854ebb4b28a07de775581707f3b6427bcc01c0529c62476f64","sha512":"b9bff7f7d9b518ec76898a732114873c01206378c2a840c62062f05487ef773716ce841d7a5bafe3f0c65fbfdf05509852571a3a6b381661cb6f4984d6bc23a9","ssdeep":"384:ZP7iayBuR9vu3z1JXvykd2+LaqHdC6RjVnTGm/7piCXmH8kCCcvJTCyCu+meAxiZ:piZwO3XvO+NMSJt3XmckXcv4nxJAxiH5","tlshash":"7b92a28c7684b0a287a7a2a7a07f860f71376865650e9004f59cf6ec3c35dba507bc7d","size":21252,"data":"","first_seen":"2025-08-22T10:11:14.555802Z","last_seen":"2026-03-04T04:00:43.408775Z","times_seen":3920,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-5671CMJ6T4","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.38.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a79da3d70ffe521f357bcf2cc7320d89","sha1":"2415530ec7ff12574efe1a62b29007a31cb38e34","sha256":"ffafc379658f8b8cdf69eb09b0b4ff4a83ca0faccf6139b90e90e31ee8d9b69d","sha512":"5fde0b561cb84175063a8830af33ef8e4d78b3a4b08fd25b9f99ca99964e2975a1ab8f22b75eb173e6f0d8a177bf92f81ca85aa78995419dd8dde63e09c353cd","ssdeep":"6144:u77nTm/ObujKYKb1U95/YeSfDHHYOyQFzvnsCECiWVSzbjaJd/EPPad:ITXbuNm1cqVnsVWRPEy","tlshash":"5ab4098e73c63426939af478502f02cba9bb25e2b45dc897b1c9ccf02d7459a4167f78","size":509839,"data":"","first_seen":"2025-12-31T09:27:07.366589Z","last_seen":"2025-12-31T12:25:58.623271Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"radar.cedexis.com/1/23802/radar.js","fqdn":"radar.cedexis.com","domain":"cedexis.com","tld":"com"},"ip":{"addr":"45.54.49.5","port":443,"asn":63911,"as":"NetActuate, Inc","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"82dec77fd0353c7c71ce053b8601387e","sha1":"fbbca95419e1d0c042e0a5fdf10f380aca66188c","sha256":"39f2b7b0fa78d37d0c84d2d6618bd635d86fd683d9bcdd5729850cb2a62522f7","sha512":"6872c895cb44711405e57a436dfbe15d094f9159e11ee2b89983c63b1f18f6acbdfaf0ccbb5e48b2bf24f366f16584c660bca4b6b14c048a134bb77a60f6563e","ssdeep":"","tlshash":"02e068ae9391a318537a2dbacc4e060ba0f6114888e5e4e029f5c2c00461bae072bfb4","size":390,"data":"","first_seen":"2024-02-13T14:23:26Z","last_seen":"2026-01-15T12:01:08.184588Z","times_seen":7496,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v3.traincdn.com/sys-static/shared-assets/__shared_chunk_LNU73JEK.js","fqdn":"v3.traincdn.com","domain":"traincdn.com","tld":"com"},"ip":{"addr":"185.244.209.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Norway","country_code":"NO"},"introduction_type":"importedModule","is_inline":false,"md5":"d96d317966512ab8915a90670ca5a5af","sha1":"a810be1c3e515adb49804e8d976250deb16fd77d","sha256":"f125201d62c452efba070d856821885c7cfd539a31d55846caa6ae3a7522d3cf","sha512":"460b29966e6f5ac4d34ccc714217d29686d7aff42efa92a102729d40aa36dd4fbb87116178b2f9fdece5fdb09cb2bf2024312d3f1b86abb69644f695c76aca2d","ssdeep":"","tlshash":"a521f1e56fbc7ba362be2ae4a02e0041e001d53752f4f1d4f294dfb4a4e949d035b5b6","size":1232,"data":"","first_seen":"2025-08-22T10:11:14.554562Z","last_seen":"2026-03-04T04:00:43.411503Z","times_seen":3921,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v3.traincdn.com/sys-static/shared-assets/__shared_fast_deep_equal_RNYYWXHZ.js","fqdn":"v3.traincdn.com","domain":"traincdn.com","tld":"com"},"ip":{"addr":"185.244.209.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Norway","country_code":"NO"},"introduction_type":"importedModule","is_inline":false,"md5":"00e44cad05af09626c2b10aeee7de5a3","sha1":"4461fd05cdd85255f4ab24edd5ac80e7b6dec92e","sha256":"5277a86b8db312b1e34318cb994829e113d8204c3a2e88ab594e5135b2bbfb2a","sha512":"548bf615b1118881d21a0cfd2d530b3f0ce1e14cc93cb6afce662b30ac70877fa152fd71b5d786bb2e43e31a1980e00b83106b1f4b3ae12fbb2ddbedf6c81841","ssdeep":"","tlshash":"901159c232e3a0d183e058cd1001d906f23969e9a4bca0c9c757e6b93cb2a53d87672a","size":865,"data":"","first_seen":"2025-08-22T10:11:14.567955Z","last_seen":"2026-03-04T04:00:43.420123Z","times_seen":3921,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v3.traincdn.com/sys-static/shared-assets/__shared_accept_language_parser_LEQ4UAP5.js","fqdn":"v3.traincdn.com","domain":"traincdn.com","tld":"com"},"ip":{"addr":"185.244.209.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Norway","country_code":"NO"},"introduction_type":"importedModule","is_inline":false,"md5":"83e311eb8e222d229b6177bd007ce9eb","sha1":"96b851ffda0eab794c2bb637255a48ae25770144","sha256":"d0ff62de588e1c47eedbd91a89dcf394e2ec5bd09392ea556b9a34108077e9ad","sha512":"fd2e1bfb6588598e356ddc08724c2e6f602b89626b30eeca2c25b8f60340f25e28a761b8e13b75d1627172530abf7dd0e586e792f53759d08bda626145f65b0d","ssdeep":"","tlshash":"202112debed2b5908394188c4e2ec055f23a2957641ce6fcd765e7827c403a186f3c1d","size":1297,"data":"","first_seen":"2025-08-22T10:11:14.559442Z","last_seen":"2026-03-04T04:00:43.42063Z","times_seen":3921,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v3.traincdn.com/sys-static/shared-assets/__shared_localforage_PJNUBKRP.js","fqdn":"v3.traincdn.com","domain":"traincdn.com","tld":"com"},"ip":{"addr":"185.244.209.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Norway","country_code":"NO"},"introduction_type":"importedModule","is_inline":false,"md5":"7e7ebd44e3a6550f862e122ab7df6409","sha1":"384ecbc3ab0f65e6b0f88c1e68ba3eb73fad4999","sha256":"138767518a09e63d24f918f6380923893a2ec3aa59a640e51c83517501823076","sha512":"e2766b50e289dc6a69fa30432a49a0b7743f15cd15a54d707959c7623f258057a821a94285c492746216cfbf815089309b6cc09b930ba7977ff9c4ffc352d76e","ssdeep":"768:wDKAOpvMewHFuM96WwZACjzz46zSTKsBE1OvFXfX1UXk:wm8uPW43zEIOvdlUU","tlshash":"a5d2b68c7799f02683bb3070907f580ef237a912594d90a0e591e5f86dbd75c822bfad","size":30277,"data":"","first_seen":"2025-08-22T10:11:14.535778Z","last_seen":"2026-03-04T04:00:43.425133Z","times_seen":3921,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/192f3e7f77.js","fqdn":"v3.traincdn.com","domain":"traincdn.com","tld":"com"},"ip":{"addr":"185.244.209.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Norway","country_code":"NO"},"introduction_type":"importedModule","is_inline":false,"md5":"a183d67a6f8ea109fef0a1b4f5f2b920","sha1":"9908c3bc21a4de25fe732742f501bd5b42c04c79","sha256":"ebdb6c637f146183a35569fcf56d547616da772f4b10c500a12a670fd46a6560","sha512":"c55796a768f46379b24f94bb40ff4846e651c94411fbf828648f1ba95353caeb7970abc3b37e4ffbac456c42085e8d46868a9d1ae07b0a2d31005d6025b7655e","ssdeep":"","tlshash":"ca5166967cb4b0b2af7643ee7e2640f5460d2a45b15d4093fded473c200f0a9176ab63","size":2848,"data":"","first_seen":"2025-12-23T20:54:42.020611Z","last_seen":"2026-01-14T07:33:59.008285Z","times_seen":127,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"1xlite-45347.bar/en/block","fqdn":"1xlite-45347.bar","domain":"1xlite-45347.bar","tld":"bar"},"ip":{"addr":"178.253.24.51","port":443,"asn":202492,"as":"Silverhill Group Holding Ltd","country":"Iran","country_code":"IR"},"introduction_type":"scriptElement","is_inline":true,"md5":"d500a2ca1e727e6c3672cd77d68c98f6","sha1":"91bb9c29f3ca5bdb90a171d9d14f4fd8cab1bd13","sha256":"d0442eda8c76341a51da5fbf54d0e0c0b157ab5f4a3a617eafd7903a2ab21a26","sha512":"0f498727c99c9b80d3ad0fde0f95682f1d27151e877b21982c7a687b5d30688fda32c0155d5f7076df13e116af9a357a273f89e2f1275949dc46ed5825a10cb1","ssdeep":"","tlshash":"7c1175230a38e73f412468ccc9a1bba955d0285ab100d44f9dfc8c4b576b5d3ad93f13","size":1037,"data":"","first_seen":"2025-12-23T20:54:42.084049Z","last_seen":"2026-01-14T07:33:59.058133Z","times_seen":114,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v3.traincdn.com/sys-static/shared-assets/__shared_vue_deps_YV646KAL.js","fqdn":"v3.traincdn.com","domain":"traincdn.com","tld":"com"},"ip":{"addr":"185.244.209.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Norway","country_code":"NO"},"introduction_type":"importedModule","is_inline":false,"md5":"817daa834e18cb5941c970ebd9539382","sha1":"2776cb6819f955e7a9434dc6885f31a09c7458f0","sha256":"daee6582cc260392552be5918f785c8192fc39c90a0de67ec94105625a105f83","sha512":"d7d41f49d473fa846fa3e68a7de3196a282939e7d941eae3e641ac4f3df017f239c0eda9664ecb491a0d95c72557321e898cc0411d2d272d2357d8795f3a499a","ssdeep":"768:2XwZ1yyQBnJnqxqy3a1ztAy7lyyC0H64ar9Ebk0y6OWe/BtKoD4gPuLOdY:2XwWBnJqxq31p9lyypH642Ebk0y6OWgi","tlshash":"5de24d98b779b8a2336d50cc90770713b37559f3484d9060f3aa9ea234a5a43c2e7b79","size":31989,"data":"","first_seen":"2025-12-23T20:54:42.080275Z","last_seen":"2026-01-14T07:33:59.036202Z","times_seen":183,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/2de3cb6d98.js","fqdn":"v3.traincdn.com","domain":"traincdn.com","tld":"com"},"ip":{"addr":"185.244.209.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Norway","country_code":"NO"},"introduction_type":"scriptElement","is_inline":false,"md5":"748d69570f5ecc45d4e669b8c2d63b19","sha1":"60e3bb5ea966a9fcce1d6cb502e20fd67a446b6d","sha256":"aa09e47ded5695d360fad9336da11a29e24c8a62c08b13bdca76f19caf72dd89","sha512":"193263ac8bc41f13749c0459d6f53051fbbf86abee79cdec191601edefa9f1605ea6e894834d9fdb1a78f5c5520ecd6b9f653e63ea5fff6337f090fe7ec80c45","ssdeep":"","tlshash":"3f21837badb0f03846101afebc243071038b2e57868ed59995cc03a60347095592aeb7","size":1370,"data":"","first_seen":"2025-12-23T20:54:41.975798Z","last_seen":"2026-01-14T07:33:59.033741Z","times_seen":114,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"v3.traincdn.com/version.json","fqdn":"v3.traincdn.com","domain":"traincdn.com","tld":"com"},"ip":{"addr":"185.244.209.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://1xlite-45347.bar/en/block","date":"2025-12-31T09:26:37.691Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.traincdn.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 16 Dec 2025 00:00:00 GMT","end":"Fri, 15 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"2C:ED:08:D6:4A:C2:81:ED:6F:55:AB:70:5D:D3:1C:9C:1A:5A:9F:05","sha256":"8B:2C:5C:5C:1A:73:14:D9:18:4E:BF:B8:81:B4:A3:EB:D9:E7:55:08:46:E5:70:6E:6A:AA:B4:07:73:C9:57:C8"}}},"request":{"raw":"GET /version.json HTTP/1.1\r\nHost: v3.traincdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://1xlite-45347.bar\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://1xlite-45347.bar/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 31 Dec 2025 09:26:37 GMT\r\ncontent-type: application/json\r\ncontent-length: 11\r\ntraceparent: 00-8a9f8290d4f0b4d023b6e3e8887d478c-0edf304bf5de8391-01\r\nlast-modified: Tue, 30 Dec 2025 11:35:51 GMT\r\netag: \"8ea3a345f3f62644147abd32f4fa716d\"\r\nx-amz-meta-mtime: 1767094551.076810794\r\nexpires: Tue, 30 Dec 2025 11:39:04 GMT\r\ncache-control: max-age=60\r\nx-time-ng: 0.000\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccess-control-allow-origin: *\r\nx-id: osix-hw-edge-gc4\r\nage: 18\r\ncache: HIT\r\nx-cached-since: 2025-12-31T09:26:19+00:00\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11,"size_decoded":0,"mime_type":"application/json","magic":"ASCII text","md5":"8ea3a345f3f62644147abd32f4fa716d","sha1":"994c2c271ca6f972da76023d4818ef99042d65c0","sha256":"f69b33de6027c743066c2e8ccda94818758bf34ff8c433306aa00a6cc1d7fde9","sha512":"40c7271f9ed5db80ede5943b38225e217e6f70a2d4ded61e7c3d5ac985b911b1379ed3c30d6a6927c5908d96e04ccb2e455a1e2fff5115e4afaa12edd22bbeb7","ssdeep":"","tlshash":"0750000003000cc0000f00000003000cf0c00c0000003f0000c0c00000003003000c00","first_seen":"2025-12-30T12:48:04.916545Z","last_seen":"2026-01-05T09:11:08.89272Z","times_seen":55,"resource_available":false,"data":null}},"time_used":3,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v3.traincdn.com/sys-ui/3.3.544/Desktop/Default/client.css","fqdn":"v3.traincdn.com","domain":"traincdn.com","tld":"com"},"ip":{"addr":"185.244.209.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://1xlite-45347.bar/en/block","date":"2025-12-31T09:26:38.638Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.traincdn.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 16 Dec 2025 00:00:00 GMT","end":"Fri, 15 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"2C:ED:08:D6:4A:C2:81:ED:6F:55:AB:70:5D:D3:1C:9C:1A:5A:9F:05","sha256":"8B:2C:5C:5C:1A:73:14:D9:18:4E:BF:B8:81:B4:A3:EB:D9:E7:55:08:46:E5:70:6E:6A:AA:B4:07:73:C9:57:C8"}}},"request":{"raw":"GET /sys-ui/3.3.544/Desktop/Default/client.css HTTP/1.1\r\nHost: v3.traincdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://1xlite-45347.bar/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 31 Dec 2025 09:26:38 GMT\r\ncontent-type: text/css; charset=utf-8\r\ntraceparent: 00-6525e64d09c0f09d33190e23da04dfc0-110d7e7aac92846f-01\r\nlast-modified: Thu, 18 Dec 2025 08:43:05 GMT\r\netag: W/\"a10805f87dbd4750c11572b5d2f6ba7c\"\r\nx-amz-meta-mtime: 1766047382.787017175\r\ncontent-encoding: gzip\r\nexpires: Wed, 24 Dec 2025 08:50:37 GMT\r\ncache-control: max-age=86400\r\nx-time-ng: 0.003\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccess-control-allow-origin: *\r\nx-id: osix-hw-edge-gc4\r\nage: 1517\r\ncache: HIT\r\nx-cached-since: 2025-12-31T09:01:21+00:00\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":720302,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"a10805f87dbd4750c11572b5d2f6ba7c","sha1":"8bc092e930b008473f7f211eaae4f6579717840a","sha256":"e3eddb33cb9dee8a8ad866700f671b90c7e116a199bc1a5cd2bab915343eef81","sha512":"3974d431c58149c309ffa50f420971e2449bffb507f10756cb21a5474c6ff9be3a4726dc10433216e8938df532a155825303a2c082ea7b86a52ea31d61667bbd","ssdeep":"12288:nnSDjMb4OAD03pDTuThJDUZxzMjfPQfIHSKRuPB48:MMb4OAD03pDTuFI48","tlshash":"ebe4941cf29d92353e37e62062945ffc6620b7079b231d6ef4aa064a0ec35437196dbb","first_seen":"2025-12-23T20:54:41.985309Z","last_seen":"2026-01-14T07:33:59.009167Z","times_seen":183,"resource_available":false,"data":null}},"time_used":2,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v3.traincdn.com/genfiles/cms/1-1254/desktop/media_asset/9cb2a632b4748822faa8dd723f689c5b.json","fqdn":"v3.traincdn.com","domain":"traincdn.com","tld":"com"},"ip":{"addr":"185.244.209.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://1xlite-45347.bar/en/block","date":"2025-12-31T09:26:38.931Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.traincdn.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 16 Dec 2025 00:00:00 GMT","end":"Fri, 15 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"2C:ED:08:D6:4A:C2:81:ED:6F:55:AB:70:5D:D3:1C:9C:1A:5A:9F:05","sha256":"8B:2C:5C:5C:1A:73:14:D9:18:4E:BF:B8:81:B4:A3:EB:D9:E7:55:08:46:E5:70:6E:6A:AA:B4:07:73:C9:57:C8"}}},"request":{"raw":"GET /genfiles/cms/1-1254/desktop/media_asset/9cb2a632b4748822faa8dd723f689c5b.json HTTP/1.1\r\nHost: v3.traincdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://1xlite-45347.bar/\r\nOrigin: https://1xlite-45347.bar\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 31 Dec 2025 09:26:38 GMT\r\ncontent-type: application/json\r\ntraceparent: 00-b8434cfdb07a022bc7db7d8ab866954e-18c1762ce45227e9-01\r\nlast-modified: Fri, 07 Nov 2025 11:35:02 GMT\r\netag: W/\"b95bbe824df0e2a2d571358c25c01f88\"\r\ncontent-encoding: gzip\r\nexpires: Mon, 17 Nov 2025 05:56:54 GMT\r\ncache-control: max-age=3600\r\nx-time-ng: 0.000\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccess-control-allow-origin: *\r\nx-id: osix-hw-edge-gc4\r\ncache: REVALIDATED\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7723,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"b95bbe824df0e2a2d571358c25c01f88","sha1":"7fcd8150dae9d36bae064f605676517894eba563","sha256":"deaedaa5a68d9f5a85961164003477eb5078602f7634eeb6257a45c235bd5234","sha512":"cd1211517c82f9675fb88706595ae2445566de27564f475ac7a26c3fcf67ee70f59ec575a5153c737c49bf87a75db9a1216d672dadbd146ffbd22e95ca8c3e00","ssdeep":"48:TzABBABGkABjABFygABCN/ABCNYN8ABWHABaEABzzEFABIIX4ABBxSHsABYiwABp:lFbClXCL3cblP+XyLO5GIQ","tlshash":"0ff11684fff05c33112f94ad98b37a89a3884f07a95a7d1c7f9d294c1f1451a04aadbe","first_seen":"2025-11-07T13:07:42.245146Z","last_seen":"2026-01-05T09:11:08.877922Z","times_seen":824,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/708191bc33.js","fqdn":"v3.traincdn.com","domain":"traincdn.com","tld":"com"},"ip":{"addr":"185.244.209.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://1xlite-45347.bar/en/block","date":"2025-12-31T09:26:39.007Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.traincdn.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 16 Dec 2025 00:00:00 GMT","end":"Fri, 15 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"2C:ED:08:D6:4A:C2:81:ED:6F:55:AB:70:5D:D3:1C:9C:1A:5A:9F:05","sha256":"8B:2C:5C:5C:1A:73:14:D9:18:4E:BF:B8:81:B4:A3:EB:D9:E7:55:08:46:E5:70:6E:6A:AA:B4:07:73:C9:57:C8"}}},"request":{"raw":"GET /sys-static/sys-technical-pages-app-static/Desktop/Default/708191bc33.js HTTP/1.1\r\nHost: v3.traincdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://1xlite-45347.bar\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://v3.traincdn.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 31 Dec 2025 09:26:38 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\ntraceparent: 00-e8c509043dcc7e3de9a37752f5e36678-5af6640605561162-01\r\nlast-modified: Tue, 23 Dec 2025 11:09:43 GMT\r\netag: W/\"f558fd5629eaf2411a804db7a8f35d89\"\r\nx-amz-meta-mtime: 1766488103.478474356\r\ncontent-encoding: gzip\r\nexpires: Wed, 24 Dec 2025 11:12:24 GMT\r\ncache-control: max-age=86400\r\nx-time-ng: 0.002\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccess-control-allow-origin: *\r\nx-id: osix-hw-edge-gc4\r\nage: 79536\r\ncache: HIT\r\nx-cached-since: 2025-12-30T11:21:02+00:00\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3730,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (3729)","md5":"f558fd5629eaf2411a804db7a8f35d89","sha1":"c9239b8810c39517704dfc46f746c3f03136b466","sha256":"481f44e30fbad7065c6cf53e1b699af33c6afe77c4ecb17095eed9022c388e5e","sha512":"d10fc5869f68eea2268d0d3c9dc465268e348063a9b50a0401e0f08c91418da9bc75b187d1138b6f4676128a5241450ed60b2d2632407e58ff1cb501d3e526bc","ssdeep":"","tlshash":"84717346ac78f5f6ba0782a83d2344f0cb1fac2ed16449eae1f4c6bc129d4952432f57","first_seen":"2025-12-23T20:54:42.009554Z","last_seen":"2026-01-14T07:33:59.0485Z","times_seen":114,"resource_available":true,"data":null}},"time_used":1,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v3.traincdn.com/genfiles/cms/desktop/media_asset/e6baed4eecf4ba7f9a5c2fcf97aad110.webp","fqdn":"v3.traincdn.com","domain":"traincdn.com","tld":"com"},"ip":{"addr":"185.244.209.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://1xlite-45347.bar/en/block","date":"2025-12-31T09:26:39.055Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.traincdn.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 16 Dec 2025 00:00:00 GMT","end":"Fri, 15 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"2C:ED:08:D6:4A:C2:81:ED:6F:55:AB:70:5D:D3:1C:9C:1A:5A:9F:05","sha256":"8B:2C:5C:5C:1A:73:14:D9:18:4E:BF:B8:81:B4:A3:EB:D9:E7:55:08:46:E5:70:6E:6A:AA:B4:07:73:C9:57:C8"}}},"request":{"raw":"GET /genfiles/cms/desktop/media_asset/e6baed4eecf4ba7f9a5c2fcf97aad110.webp HTTP/1.1\r\nHost: v3.traincdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://1xlite-45347.bar/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 31 Dec 2025 09:26:39 GMT\r\ncontent-type: image/webp\r\ncontent-length: 6642\r\ntraceparent: 00-a09bc50e797626d75ad53f0cdd1f54a3-5a8b01f2fdc9f548-01\r\nlast-modified: Tue, 28 Oct 2025 08:17:54 GMT\r\netag: \"f2a90faef41c53fb4af747c8cbf25485\"\r\nexpires: Mon, 08 Dec 2025 19:01:33 GMT\r\ncache-control: max-age=3600\r\nx-time-ng: 0.000\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccess-control-allow-origin: *\r\nx-id: osix-hw-edge-gc4\r\ncache: REVALIDATED\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6642,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 960x278, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"f2a90faef41c53fb4af747c8cbf25485","sha1":"54855a9fb307c4ecc9afea135838328cf439162e","sha256":"993540582d4cab4dc40ba13392f7460f30f0b656ff1e413abe9c20387000cc92","sha512":"c6f5e9a6238a864affd37952ba241b4e5a01dbfad9a18e22b53ea00e6f3acbbf114a5752f0b5faecd89efa6d24990df365113d7321543d0d44cfab1987f123a8","ssdeep":"96:MdOd7t6i+bJODeMN38LbY5gZQpRDH/ij1TgpEV6iuRjxNY4wos4RWNFCjMzlAm92:MduSOXsv6DfiR8fisNk9X3qUhpg","tlshash":"d7d1b074a2c81a958a299e763e763dab6e81039c31bcb6d674b5d5c8c50843fede7030","first_seen":"2025-11-13T15:27:51.525317Z","last_seen":"2026-04-04T22:24:03.778265Z","times_seen":1114,"resource_available":false,"data":null}},"time_used":65,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":65,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2","fqdn":"v3.traincdn.com","domain":"traincdn.com","tld":"com"},"ip":{"addr":"185.244.209.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://1xlite-45347.bar/en/block","date":"2025-12-31T09:26:39.063Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.traincdn.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 16 Dec 2025 00:00:00 GMT","end":"Fri, 15 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"2C:ED:08:D6:4A:C2:81:ED:6F:55:AB:70:5D:D3:1C:9C:1A:5A:9F:05","sha256":"8B:2C:5C:5C:1A:73:14:D9:18:4E:BF:B8:81:B4:A3:EB:D9:E7:55:08:46:E5:70:6E:6A:AA:B4:07:73:C9:57:C8"}}},"request":{"raw":"GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2 HTTP/1.1\r\nHost: v3.traincdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://1xlite-45347.bar\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://v3.traincdn.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 31 Dec 2025 09:26:39 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 63920\r\ntraceparent: 00-b2fbd0006cccbd3e6b1f6a308c4796ef-7f6eb5bc5bf767a0-01\r\nlast-modified: Wed, 14 Jun 2023 09:49:53 GMT\r\netag: \"a65527fcb58f66a7cfbc0e6b160538b4\"\r\nexpires: Sun, 10 Aug 2025 19:21:26 GMT\r\ncache-control: max-age=3600\r\nx-time-ng: 0.000\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccess-control-allow-origin: *\r\nx-id: osix-hw-edge-gc4\r\nage: 594\r\ncache: HIT\r\nx-cached-since: 2025-12-31T09:16:45+00:00\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":63920,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 63920, version 1.0","md5":"a65527fcb58f66a7cfbc0e6b160538b4","sha1":"45d260e7fa343401b5bb0df982a014f53e2d253b","sha256":"fb13c3a1cbac60649b76f7d7f85c1645d35ac69b85ce5f4eb0692505ecc2cd45","sha512":"8448e96abe326f43285b2d8b0d75beaf0e9c9e051e8754841d907b30eb303ae24c447011306da6a1703b9192d02aeff76a4517bdf94ec6e7dc360ce3538802af","ssdeep":"1536:UIG3hJMkJeK8ic5iZGnJ4URj9vqXOQ6UqYdbuA5RVK1:UL31hcLlRjDQ6Uq4W1","tlshash":"7f5302df8de32a148ff78772668885f4f4927c68898c8e7345526a8907f07d6b96c04f","first_seen":"2023-05-07T18:04:27Z","last_seen":"2026-04-04T21:03:15.355867Z","times_seen":10179,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"radar.cedexis.com/1/23802/radar.js","fqdn":"radar.cedexis.com","domain":"cedexis.com","tld":"com"},"ip":{"addr":"45.54.49.5","port":443,"asn":63911,"as":"NetActuate, Inc","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://1xlite-45347.bar/en/block","date":"2025-12-31T09:26:48.843Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"radar.cedexis.com","organization":"Citrix Systems, Inc."},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 07 Mar 2025 00:00:00 GMT","end":"Fri, 06 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A2:3E:30:19:D5:41:3A:11:81:58:E3:B1:6F:F4:D2:78:0B:44:6F:D0","sha256":"BE:70:39:96:BA:51:8F:A7:6A:9D:E1:58:FB:D9:F7:6F:17:5C:DA:A9:6E:54:3F:8F:0B:3D:1E:DF:8C:44:B4:71"}}},"request":{"raw":"GET /1/23802/radar.js HTTP/1.1\r\nHost: radar.cedexis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://1xlite-45347.bar/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Wed, 31 Dec 2025 09:26:48 GMT\r\nContent-Type: text/html\r\nContent-Length: 138\r\nConnection: keep-alive\r\nLocation: /1707728419/stub.js\r\nExpires: Wed, 31 Dec 2025 09:36:48 GMT\r\nCache-Control: max-age=600\r\nVary: User-Agent,DNT\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":390,"size_decoded":0,"mime_type":"application/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T21:47:03.661814Z","times_seen":13347989,"resource_available":true,"data":null}},"time_used":104,"timings":{"blocked":35,"dns":0,"connect":19,"send":0,"wait":22,"receive":0,"ssl":25},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v3.traincdn.com/sys-static/shared-assets/Desktop/__shared_base-app_1e35a72ffc.js","fqdn":"v3.traincdn.com","domain":"traincdn.com","tld":"com"},"ip":{"addr":"185.244.209.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://1xlite-45347.bar/en/block","date":"2025-12-31T09:26:37.743Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.traincdn.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 16 Dec 2025 00:00:00 GMT","end":"Fri, 15 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"2C:ED:08:D6:4A:C2:81:ED:6F:55:AB:70:5D:D3:1C:9C:1A:5A:9F:05","sha256":"8B:2C:5C:5C:1A:73:14:D9:18:4E:BF:B8:81:B4:A3:EB:D9:E7:55:08:46:E5:70:6E:6A:AA:B4:07:73:C9:57:C8"}}},"request":{"raw":"GET /sys-static/shared-assets/Desktop/__shared_base-app_1e35a72ffc.js HTTP/1.1\r\nHost: v3.traincdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://1xlite-45347.bar\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://v3.traincdn.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 31 Dec 2025 09:26:37 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\ntraceparent: 00-cfaabceaa025b15c50793159e47aa7df-dfcde4ef71094013-01\r\nlast-modified: Tue, 30 Dec 2025 12:59:20 GMT\r\netag: W/\"c0122178324b698b365f113bbe9f6cc2\"\r\nx-amz-meta-mtime: 1767099327.785295139\r\ncontent-encoding: gzip\r\nexpires: Thu, 01 Jan 2026 08:50:50 GMT\r\ncache-control: max-age=86400\r\nx-time-ng: 0.000\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccess-control-allow-origin: *\r\nx-id: osix-hw-edge-gc4\r\nage: 1389\r\ncache: HIT\r\nx-cached-since: 2025-12-31T09:03:28+00:00\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1628255,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (23791)","md5":"0e09ea6ca336302e09328e11eea7eb20","sha1":"a3cb8880feaa296cc191d72259ad73b1a3b752cb","sha256":"8ef3fa0028abf530c73f0f08c2a08285066a4a9202ed3c4296d911ffe154489f","sha512":"01dceefe56140a7d94066b3a42582bbf12454372ea3e79547b29458bb8f0d3f20b5d6d4c6e4d6a8092134ff92adc51fa9b5aeaf0bbae312f8e8cd026bd9a6cea","ssdeep":"24576:2FLjr8yGOPw5wtuiRySDDAjLr2A234Y1QTDJ/F/k:2FLjr8yGOI5w7RySDDAjLr2A234Y1Kle","tlshash":"9f259e65f112791339e755e5a0631387ba9c499ed80ce894f2e7cde43a8b41022eef7c","first_seen":"2025-12-23T20:54:42.018305Z","last_seen":"2026-01-14T07:33:58.996601Z","times_seen":181,"resource_available":false,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v3.traincdn.com/sys-static/shared-assets/__shared_fast_deep_equal_RNYYWXHZ.js","fqdn":"v3.traincdn.com","domain":"traincdn.com","tld":"com"},"ip":{"addr":"185.244.209.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://1xlite-45347.bar/en/block","date":"2025-12-31T09:26:38.054Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.traincdn.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 16 Dec 2025 00:00:00 GMT","end":"Fri, 15 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"2C:ED:08:D6:4A:C2:81:ED:6F:55:AB:70:5D:D3:1C:9C:1A:5A:9F:05","sha256":"8B:2C:5C:5C:1A:73:14:D9:18:4E:BF:B8:81:B4:A3:EB:D9:E7:55:08:46:E5:70:6E:6A:AA:B4:07:73:C9:57:C8"}}},"request":{"raw":"GET /sys-static/shared-assets/__shared_fast_deep_equal_RNYYWXHZ.js HTTP/1.1\r\nHost: v3.traincdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://1xlite-45347.bar\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://v3.traincdn.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 31 Dec 2025 09:26:38 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\ncontent-length: 865\r\ntraceparent: 00-23636275e46608cd4fbf548bad51ae10-902abcc66d71a078-01\r\nlast-modified: Tue, 30 Dec 2025 12:59:16 GMT\r\netag: \"00e44cad05af09626c2b10aeee7de5a3\"\r\nx-amz-meta-mtime: 1767099327.750294637\r\nexpires: Thu, 01 Jan 2026 05:42:53 GMT\r\ncache-control: max-age=86400\r\nx-time-ng: 0.000\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccess-control-allow-origin: *\r\nx-id: osix-hw-edge-gc4\r\nage: 13425\r\ncache: HIT\r\nx-cached-since: 2025-12-31T05:42:53+00:00\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":865,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (840)","md5":"00e44cad05af09626c2b10aeee7de5a3","sha1":"4461fd05cdd85255f4ab24edd5ac80e7b6dec92e","sha256":"5277a86b8db312b1e34318cb994829e113d8204c3a2e88ab594e5135b2bbfb2a","sha512":"548bf615b1118881d21a0cfd2d530b3f0ce1e14cc93cb6afce662b30ac70877fa152fd71b5d786bb2e43e31a1980e00b83106b1f4b3ae12fbb2ddbedf6c81841","ssdeep":"","tlshash":"901159c232e3a0d183e058cd1001d906f23969e9a4bca0c9c757e6b93cb2a53d87672a","first_seen":"2025-08-22T10:11:14.567955Z","last_seen":"2026-03-04T04:00:43.420123Z","times_seen":3921,"resource_available":true,"data":null}},"time_used":3,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"1xlite-45347.bar/bff-api/config/group/get?groups=d.customize\u0026lang=en","fqdn":"1xlite-45347.bar","domain":"1xlite-45347.bar","tld":"bar"},"ip":{"addr":"178.253.24.51","port":443,"asn":202492,"as":"Silverhill Group Holding Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://1xlite-45347.bar/en/block","date":"2025-12-31T09:26:38.670Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1xlite-45347.bar","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Dec 2025 05:21:06 GMT","end":"Sun, 08 Mar 2026 05:21:05 GMT"},"fingerprint":{"sha1":"05:03:B3:49:94:6D:1A:70:98:06:F4:B4:23:25:93:A6:15:02:7A:1C","sha256":"BF:5D:D3:9F:4D:85:1E:F6:BA:3B:B5:07:1D:71:7E:55:68:EF:FB:70:D8:08:FE:B5:43:56:52:5F:1F:F9:AA:6C"}}},"request":{"raw":"GET /bff-api/config/group/get?groups=d.customize\u0026lang=en HTTP/1.1\r\nHost: 1xlite-45347.bar\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://1xlite-45347.bar/en/block\r\ncontent-type: application/json\r\nx-requested-with: XMLHttpRequest\r\nis-srv: false\r\nx-svc-source: __TECHNICAL_PAGES_APP__\r\nx-app-n: __TECHNICAL_PAGES_APP__\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: platform_type=desktop; gw-blk=eyJ0ZW1wbGF0ZSI6MSwicnVsZSI6MjI5NH0=; auid=sv0YM2lU7E2nu1p1BDgFAg==; lng=en; tzo=3\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 31 Dec 2025 09:26:38 GMT\r\ncontent-type: application/json\r\ncontent-length: 750\r\ncache-control: no-cache, private\r\nserver-timing: dt_total;dur=0.106, bff;dur=13.99, wf-uht;dur=0.031\r\nx-dt: 1254\r\nx-pod: R-2zpmr\r\nx-time-ng: 0.019\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":750,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"c51a40b22d7cbb20b9af3c73584d1d2f","sha1":"b6d321c66aa1915b7497450df885f191eee31a36","sha256":"21dbe1dffa6aa7204676bd9c13bb4cc1a9b65e210a7a9595106a79dbbfbeaf67","sha512":"92542af70a8e80f1baa174f93556a8c780602ecffe1d2e451f300416f92ad2551a83184839b42f3ac5e3107a7d8e4f82d9a2f620d4fb41bdae7ccc79b5432ce0","ssdeep":"","tlshash":"1a01d14da161623cd2a18b99d8823f145ff990b735497a04e81c9dca33e36ebe2b1203","first_seen":"2025-12-23T01:00:00.340327Z","last_seen":"2026-01-01T05:36:13.544009Z","times_seen":3,"resource_available":false,"data":null}},"time_used":61,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":61,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"1xlite-45347.bar","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.google.no/ads/ga-audiences?v=1\u0026t=sr\u0026slf_rd=1\u0026_r=4\u0026tid=G-7JGWL9SV66\u0026cid=1512623880.1767173209\u0026gtm=45je5cb0h2v897130004za200zd897130004\u0026aip=1\u0026dma=1\u0026dma_cps=syphamo\u0026gcd=13l3lPl2l1l1\u0026npa=1\u0026frm=0\u0026tag_exp=103116026~103200004~104527906~104528500~104684208~104684211~105391253~115583767~115938466~115938469~116184927~116184929~116251938~116251940~116682876\u0026z=1362565292","fqdn":"www.google.no","domain":"google.no","tld":"no"},"ip":{"addr":"142.251.38.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://1xlite-45347.bar/en/block","date":"2025-12-31T09:26:49.119Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.no","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:59:22 GMT","end":"Wed, 25 Feb 2026 15:59:21 GMT"},"fingerprint":{"sha1":"E3:8A:B3:9D:E4:8B:53:E7:04:0F:DC:F1:FF:B6:DA:2F:A5:13:E7:D1","sha256":"3D:CC:25:A1:DF:57:5C:E5:5E:62:8C:3E:4C:9E:BF:21:67:03:6E:09:DE:4F:C1:38:17:4D:91:E4:81:A1:1D:6E"}}},"request":{"raw":"GET /ads/ga-audiences?v=1\u0026t=sr\u0026slf_rd=1\u0026_r=4\u0026tid=G-7JGWL9SV66\u0026cid=1512623880.1767173209\u0026gtm=45je5cb0h2v897130004za200zd897130004\u0026aip=1\u0026dma=1\u0026dma_cps=syphamo\u0026gcd=13l3lPl2l1l1\u0026npa=1\u0026frm=0\u0026tag_exp=103116026~103200004~104527906~104528500~104684208~104684211~105391253~115583767~115938466~115938469~116184927~116184929~116251938~116251940~116682876\u0026z=1362565292 HTTP/1.1\r\nHost: www.google.no\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://1xlite-45347.bar/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\np3p: policyref=\"https://www.googleadservices.com/pagead/p3p.xml\", CP=\"NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC\"\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\ndate: Wed, 31 Dec 2025 09:26:49 GMT\r\npragma: no-cache\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\ncontent-type: image/gif\r\nx-content-type-options: nosniff\r\nserver: cafe\r\ncontent-length: 42\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":42,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"d89746888da2d9510b64a9f031eaecd5","sha1":"d5fceb6532643d0d84ffe09c40c481ecdf59e15a","sha256":"ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629","sha512":"d5da26b5d496edb0221df1a4057a8b0285d15592a8f8dc7016a294df37ed335f3fde6a2252962e0df38b62847f8b771463a0124ef3f84299f262ed9d9d3cee4c","ssdeep":"","tlshash":"c4900023fa808000c3a8c2300a0b238a2b8c80200a28030b80ae208cec3a3a22c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-04-04T21:44:28.430209Z","times_seen":764016,"resource_available":true,"data":null}},"time_used":223,"timings":{"blocked":94,"dns":1,"connect":20,"send":0,"wait":33,"receive":0,"ssl":71},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"region1.analytics.google.com/g/collect?v=2\u0026tid=G-7JGWL9SV66\u0026gtm=45je5cb0h2v897130004za200zd897130004\u0026_p=1767173208657\u0026em=tv.1~em.ODS1igyfeIhzOTHENqwIfH1sb8t0oxg8FT6iY2YCmeo\u0026_gaz=1\u0026gcd=13l3lPl2l1l1\u0026npa=1\u0026dma_cps=syphamo\u0026dma=1\u0026cid=1512623880.1767173209\u0026ecid=913540935\u0026ul=en-us\u0026sr=1280x1024\u0026frm=0\u0026pscdl=noapi\u0026ec_mode=a\u0026_s=2\u0026tag_exp=103116026~103200004~104527906~104528500~104684208~104684211~105391253~115583767~115938466~115938469~116184927~116184929~116251938~116251940~116682876\u0026sid=1767173209\u0026sct=1\u0026seg=0\u0026dl=https%3A%2F%2F1xlite-45347.bar%2Fen%2Fblock\u0026dt=1xBet\u0026en=page_view\u0026_fv=1\u0026_nsi=1\u0026_ss=1\u0026_ee=1\u0026ep.optimize_id=GTM-5R4MT54\u0026tfd=12176","fqdn":"region1.analytics.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.239.34.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://1xlite-45347.bar/en/block","date":"2025-12-31T09:26:49.122Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:49:27 GMT","end":"Wed, 25 Feb 2026 15:49:26 GMT"},"fingerprint":{"sha1":"2C:B9:1B:62:2A:F9:04:B9:16:E2:30:B0:A8:B2:85:0C:68:BC:79:25","sha256":"AE:CB:A0:2C:92:1E:CB:D2:CB:6C:0D:37:5E:A2:4E:27:AE:4E:CA:0C:EC:53:D5:50:E6:C1:3D:EB:17:C1:F2:C9"}}},"request":{"raw":"POST /g/collect?v=2\u0026tid=G-7JGWL9SV66\u0026gtm=45je5cb0h2v897130004za200zd897130004\u0026_p=1767173208657\u0026em=tv.1~em.ODS1igyfeIhzOTHENqwIfH1sb8t0oxg8FT6iY2YCmeo\u0026_gaz=1\u0026gcd=13l3lPl2l1l1\u0026npa=1\u0026dma_cps=syphamo\u0026dma=1\u0026cid=1512623880.1767173209\u0026ecid=913540935\u0026ul=en-us\u0026sr=1280x1024\u0026frm=0\u0026pscdl=noapi\u0026ec_mode=a\u0026_s=2\u0026tag_exp=103116026~103200004~104527906~104528500~104684208~104684211~105391253~115583767~115938466~115938469~116184927~116184929~116251938~116251940~116682876\u0026sid=1767173209\u0026sct=1\u0026seg=0\u0026dl=https%3A%2F%2F1xlite-45347.bar%2Fen%2Fblock\u0026dt=1xBet\u0026en=page_view\u0026_fv=1\u0026_nsi=1\u0026_ss=1\u0026_ee=1\u0026ep.optimize_id=GTM-5R4MT54\u0026tfd=12176 HTTP/1.1\r\nHost: region1.analytics.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://1xlite-45347.bar/\r\nOrigin: https://1xlite-45347.bar\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 204 No Content\r\naccess-control-allow-origin: https://1xlite-45347.bar\r\ndate: Wed, 31 Dec 2025 09:26:49 GMT\r\npragma: no-cache\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\naccess-control-allow-credentials: true\r\ncontent-type: text/plain\r\ncross-origin-resource-policy: cross-origin\r\ncontent-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:170:0\r\ncross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:170:0\r\nreport-to: {\"group\":\"ascnsrsggc:170:0\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:170:0\"}],}\r\nserver: Golfe2\r\ncontent-length: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T21:47:03.661814Z","times_seen":13347989,"resource_available":true,"data":null}},"time_used":161,"timings":{"blocked":70,"dns":0,"connect":22,"send":0,"wait":19,"receive":0,"ssl":47},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/entry-bbdf0b7ffc.js","fqdn":"v3.traincdn.com","domain":"traincdn.com","tld":"com"},"ip":{"addr":"185.244.209.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://1xlite-45347.bar/en/block","date":"2025-12-31T09:26:37.719Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.traincdn.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 16 Dec 2025 00:00:00 GMT","end":"Fri, 15 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"2C:ED:08:D6:4A:C2:81:ED:6F:55:AB:70:5D:D3:1C:9C:1A:5A:9F:05","sha256":"8B:2C:5C:5C:1A:73:14:D9:18:4E:BF:B8:81:B4:A3:EB:D9:E7:55:08:46:E5:70:6E:6A:AA:B4:07:73:C9:57:C8"}}},"request":{"raw":"GET /sys-static/sys-technical-pages-app-static/Desktop/Default/entry-bbdf0b7ffc.js HTTP/1.1\r\nHost: v3.traincdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://1xlite-45347.bar\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://1xlite-45347.bar/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 31 Dec 2025 09:26:37 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\ntraceparent: 00-93a64021a95d002951aaa587953818b0-b4dd565a0224e593-01\r\nlast-modified: Tue, 23 Dec 2025 11:09:43 GMT\r\netag: W/\"538f7cf8c223d576e55ec57979962f1b\"\r\nx-amz-meta-mtime: 1766488103.525478309\r\ncontent-encoding: gzip\r\nexpires: Wed, 24 Dec 2025 11:12:21 GMT\r\ncache-control: max-age=86400\r\nx-time-ng: 0.002\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccess-control-allow-origin: *\r\nx-id: osix-hw-edge-gc4\r\nage: 79730\r\ncache: HIT\r\nx-cached-since: 2025-12-30T11:17:47+00:00\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":22542,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (22015)","md5":"538f7cf8c223d576e55ec57979962f1b","sha1":"a2d705e712322178eda29a6f371affc79ab46770","sha256":"7561410894dd995cafda66d9bf39de55d8f52e98058f4d0a46cfe105c45087e1","sha512":"e9a0d6b81f2d59235b74526d96411ae6e4e66c391e6df4a37a6da3b0ea9ebb1f608095a051d4ee3270ddab356665c2527977d64976a96bc026e613daee684fc0","ssdeep":"384:HkJQgN7zrAiEqUb8To4lGSdlqll70JGhPhjwVTGxcPRDCEBzua4QIiouV+2cTrcL:HkWuZEqc8To4rdlqll70JwPhjwV6xgRd","tlshash":"e2a21f7c219cf0f535cb459537f6bc526688ad2ff98abcd6409789cc03da04cc9663aa","first_seen":"2025-12-23T20:54:42.05595Z","last_seen":"2026-01-14T07:33:59.035481Z","times_seen":115,"resource_available":true,"data":null}},"time_used":3,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v3.traincdn.com/sys-static/shared-assets/__shared_vue_deps_YV646KAL.js","fqdn":"v3.traincdn.com","domain":"traincdn.com","tld":"com"},"ip":{"addr":"185.244.209.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://1xlite-45347.bar/en/block","date":"2025-12-31T09:26:38.067Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.traincdn.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 16 Dec 2025 00:00:00 GMT","end":"Fri, 15 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"2C:ED:08:D6:4A:C2:81:ED:6F:55:AB:70:5D:D3:1C:9C:1A:5A:9F:05","sha256":"8B:2C:5C:5C:1A:73:14:D9:18:4E:BF:B8:81:B4:A3:EB:D9:E7:55:08:46:E5:70:6E:6A:AA:B4:07:73:C9:57:C8"}}},"request":{"raw":"GET /sys-static/shared-assets/__shared_vue_deps_YV646KAL.js HTTP/1.1\r\nHost: v3.traincdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://1xlite-45347.bar\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://v3.traincdn.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 31 Dec 2025 09:26:38 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\ntraceparent: 00-077c31d376930404ffe9dcd7158f7b1f-9065deb6822c6a5f-01\r\nlast-modified: Tue, 30 Dec 2025 12:59:16 GMT\r\netag: W/\"817daa834e18cb5941c970ebd9539382\"\r\nx-amz-meta-mtime: 1767099327.750294637\r\ncontent-encoding: gzip\r\nexpires: Thu, 01 Jan 2026 08:50:34 GMT\r\ncache-control: max-age=86400\r\nx-time-ng: 0.000\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccess-control-allow-origin: *\r\nx-id: osix-hw-edge-gc4\r\nage: 1783\r\ncache: HIT\r\nx-cached-since: 2025-12-31T08:56:55+00:00\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":31989,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (31848)","md5":"817daa834e18cb5941c970ebd9539382","sha1":"2776cb6819f955e7a9434dc6885f31a09c7458f0","sha256":"daee6582cc260392552be5918f785c8192fc39c90a0de67ec94105625a105f83","sha512":"d7d41f49d473fa846fa3e68a7de3196a282939e7d941eae3e641ac4f3df017f239c0eda9664ecb491a0d95c72557321e898cc0411d2d272d2357d8795f3a499a","ssdeep":"768:2XwZ1yyQBnJnqxqy3a1ztAy7lyyC0H64ar9Ebk0y6OWe/BtKoD4gPuLOdY:2XwWBnJqxq31p9lyypH642Ebk0y6OWgi","tlshash":"5de24d98b779b8a2336d50cc90770713b37559f3484d9060f3aa9ea234a5a43c2e7b79","first_seen":"2025-12-23T20:54:42.080275Z","last_seen":"2026-01-14T07:33:59.036202Z","times_seen":183,"resource_available":true,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v3.traincdn.com/sys-static/shared-assets/__shared_localforage_PJNUBKRP.js","fqdn":"v3.traincdn.com","domain":"traincdn.com","tld":"com"},"ip":{"addr":"185.244.209.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://1xlite-45347.bar/en/block","date":"2025-12-31T09:26:38.089Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.traincdn.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 16 Dec 2025 00:00:00 GMT","end":"Fri, 15 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"2C:ED:08:D6:4A:C2:81:ED:6F:55:AB:70:5D:D3:1C:9C:1A:5A:9F:05","sha256":"8B:2C:5C:5C:1A:73:14:D9:18:4E:BF:B8:81:B4:A3:EB:D9:E7:55:08:46:E5:70:6E:6A:AA:B4:07:73:C9:57:C8"}}},"request":{"raw":"GET /sys-static/shared-assets/__shared_localforage_PJNUBKRP.js HTTP/1.1\r\nHost: v3.traincdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://1xlite-45347.bar\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://v3.traincdn.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 31 Dec 2025 09:26:38 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\ntraceparent: 00-326648a37c015181c68ed2dda1c91060-e935c016c2f172b9-01\r\nlast-modified: Mon, 29 Dec 2025 11:45:27 GMT\r\netag: W/\"7e7ebd44e3a6550f862e122ab7df6409\"\r\nx-amz-meta-mtime: 1767008673.666370437\r\ncontent-encoding: gzip\r\nexpires: Wed, 31 Dec 2025 09:47:15 GMT\r\ncache-control: max-age=86400\r\nx-time-ng: 0.000\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccess-control-allow-origin: *\r\nx-id: osix-hw-edge-gc4\r\nage: 85163\r\ncache: HIT\r\nx-cached-since: 2025-12-30T09:47:15+00:00\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":30277,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (30255)","md5":"7e7ebd44e3a6550f862e122ab7df6409","sha1":"384ecbc3ab0f65e6b0f88c1e68ba3eb73fad4999","sha256":"138767518a09e63d24f918f6380923893a2ec3aa59a640e51c83517501823076","sha512":"e2766b50e289dc6a69fa30432a49a0b7743f15cd15a54d707959c7623f258057a821a94285c492746216cfbf815089309b6cc09b930ba7977ff9c4ffc352d76e","ssdeep":"768:wDKAOpvMewHFuM96WwZACjzz46zSTKsBE1OvFXfX1UXk:wm8uPW43zEIOvdlUU","tlshash":"a5d2b68c7799f02683bb3070907f580ef237a912594d90a0e591e5f86dbd75c822bfad","first_seen":"2025-08-22T10:11:14.535778Z","last_seen":"2026-03-04T04:00:43.425133Z","times_seen":3921,"resource_available":true,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v3.traincdn.com/genfiles/cms/1-1254/desktop/media_asset/f823ed9436a8aeeb4ef0008aa73ee94f.json","fqdn":"v3.traincdn.com","domain":"traincdn.com","tld":"com"},"ip":{"addr":"185.244.209.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://1xlite-45347.bar/en/block","date":"2025-12-31T09:26:38.932Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.traincdn.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 16 Dec 2025 00:00:00 GMT","end":"Fri, 15 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"2C:ED:08:D6:4A:C2:81:ED:6F:55:AB:70:5D:D3:1C:9C:1A:5A:9F:05","sha256":"8B:2C:5C:5C:1A:73:14:D9:18:4E:BF:B8:81:B4:A3:EB:D9:E7:55:08:46:E5:70:6E:6A:AA:B4:07:73:C9:57:C8"}}},"request":{"raw":"GET /genfiles/cms/1-1254/desktop/media_asset/f823ed9436a8aeeb4ef0008aa73ee94f.json HTTP/1.1\r\nHost: v3.traincdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://1xlite-45347.bar/\r\nOrigin: https://1xlite-45347.bar\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 31 Dec 2025 09:26:38 GMT\r\ncontent-type: application/json\r\ntraceparent: 00-354b0d32b9f948ce502ceb92d9fe978e-ed45311c5011d507-01\r\nlast-modified: Wed, 24 Dec 2025 14:24:12 GMT\r\netag: W/\"90539e045cd6aee730f89f811acc4a30\"\r\ncontent-encoding: gzip\r\nexpires: Fri, 26 Dec 2025 09:30:56 GMT\r\ncache-control: max-age=3600\r\nx-time-ng: 0.000\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccess-control-allow-origin: *\r\nx-id: osix-hw-edge-gc4\r\nage: 2827\r\ncache: HIT\r\nx-cached-since: 2025-12-31T08:39:31+00:00\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1712,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"90539e045cd6aee730f89f811acc4a30","sha1":"b419105e1bca131d03bf88ea751fb2220fd35df8","sha256":"df5274eabaedc02741f745d19342175eb01707560f5867a537227190cea40537","sha512":"1e9d298520ec854b8e75b4c8961d9f8e30c26dd764542472ce0b2b23787156c4254a7024c435a04a832a37a00c8714c8d725647fd66d9935f6094b0749db0fc6","ssdeep":"","tlshash":"da31dc89fbf02cb3302f90ed99b7b54ed3880f07ac566d54ba5c754c2b54516006ad7e","first_seen":"2025-12-24T17:22:02.953849Z","last_seen":"2026-03-09T08:17:21.757896Z","times_seen":496,"resource_available":false,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/4d416977b5.css","fqdn":"v3.traincdn.com","domain":"traincdn.com","tld":"com"},"ip":{"addr":"185.244.209.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://1xlite-45347.bar/en/block","date":"2025-12-31T09:26:38.963Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.traincdn.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 16 Dec 2025 00:00:00 GMT","end":"Fri, 15 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"2C:ED:08:D6:4A:C2:81:ED:6F:55:AB:70:5D:D3:1C:9C:1A:5A:9F:05","sha256":"8B:2C:5C:5C:1A:73:14:D9:18:4E:BF:B8:81:B4:A3:EB:D9:E7:55:08:46:E5:70:6E:6A:AA:B4:07:73:C9:57:C8"}}},"request":{"raw":"GET /sys-static/sys-technical-pages-app-static/Desktop/Default/4d416977b5.css HTTP/1.1\r\nHost: v3.traincdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://1xlite-45347.bar\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://1xlite-45347.bar/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 31 Dec 2025 09:26:38 GMT\r\ncontent-type: text/css; charset=utf-8\r\ntraceparent: 00-e428cec53d8f545bde70500693021f39-7cd82da5308fec5d-01\r\nlast-modified: Tue, 23 Dec 2025 11:09:44 GMT\r\netag: W/\"5c33927153f6d628ea771eb51a514b09\"\r\nx-amz-meta-mtime: 1766488103.471473767\r\ncontent-encoding: gzip\r\nexpires: Wed, 24 Dec 2025 17:22:05 GMT\r\ncache-control: max-age=86400\r\nx-time-ng: 0.000\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccess-control-allow-origin: *\r\nx-id: osix-hw-edge-gc4\r\nage: 57570\r\ncache: HIT\r\nx-cached-since: 2025-12-30T17:27:08+00:00\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3884,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (3883)","md5":"5c33927153f6d628ea771eb51a514b09","sha1":"40390b90d99b2d3408d597d24daedc4bf614beda","sha256":"302ec7f61d1e628eba933d5b3c75a98f3135bbbd45af794476a0fcbdf145a9c5","sha512":"edde36cc3523543858227617d05807be04053a8b6a1569452abb135fd96074f99252834da9f54d31ae23bc06d06dcb3a1f57ad65e44686dbfc837ff8d94d82ca","ssdeep":"","tlshash":"19818c58bcaf409cfc37df210bdb5e188276b122d11692c8f841953a2ddb98794f149f","first_seen":"2025-11-13T15:27:51.581732Z","last_seen":"2026-02-17T23:36:16.903884Z","times_seen":837,"resource_available":false,"data":null}},"time_used":1,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v3.traincdn.com/genfiles/site-admin/colors/ac807ea7bf6b3d0ff1813b5eadc3e98a.css","fqdn":"v3.traincdn.com","domain":"traincdn.com","tld":"com"},"ip":{"addr":"185.244.209.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://1xlite-45347.bar/en/block","date":"2025-12-31T09:26:38.988Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.traincdn.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 16 Dec 2025 00:00:00 GMT","end":"Fri, 15 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"2C:ED:08:D6:4A:C2:81:ED:6F:55:AB:70:5D:D3:1C:9C:1A:5A:9F:05","sha256":"8B:2C:5C:5C:1A:73:14:D9:18:4E:BF:B8:81:B4:A3:EB:D9:E7:55:08:46:E5:70:6E:6A:AA:B4:07:73:C9:57:C8"}}},"request":{"raw":"GET /genfiles/site-admin/colors/ac807ea7bf6b3d0ff1813b5eadc3e98a.css HTTP/1.1\r\nHost: v3.traincdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://1xlite-45347.bar/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 31 Dec 2025 09:26:38 GMT\r\ncontent-type: text/css\r\ntraceparent: 00-04525d1a42b85a460eff67e658baad38-09fc10a41c73c6a3-01\r\nlast-modified: Fri, 26 Dec 2025 08:01:41 GMT\r\netag: W/\"ac807ea7bf6b3d0ff1813b5eadc3e98a\"\r\ncache-control: max-age=3600\r\ncontent-encoding: gzip\r\nexpires: Fri, 26 Dec 2025 10:30:42 GMT\r\nx-time-ng: 0.000\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccess-control-allow-origin: *\r\nx-id: osix-hw-edge-gc4\r\nage: 1459\r\ncache: HIT\r\nx-cached-since: 2025-12-31T09:02:19+00:00\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":41375,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (41375), with no line terminators","md5":"ac807ea7bf6b3d0ff1813b5eadc3e98a","sha1":"9483c1b722af655b4d51c04c5247ad367fd16a35","sha256":"8c57ea603f02d13f97aa644529208c4d11ef35834db2523eafbc44079aa7e147","sha512":"ffcec057ff5752012fd832655100cb49eb6080be33be273f6ad283feffb3e9de399f9ba788771f5aeff6cbe2e63018322a132d1952633f2516bb22c91fcd677b","ssdeep":"768:+EO1mFS775xWt5JkyunibMhSNmInQLeCA:+EO1mFI75xWt5JkyunibMhvInQLeB","tlshash":"f8037b7ded91c1712a991931911c677b3d36e9ceae240f8fd02c73e570c1a022be5a7a","first_seen":"2025-12-18T19:24:06.611705Z","last_seen":"2026-02-04T19:06:52.762739Z","times_seen":253,"resource_available":false,"data":null}},"time_used":2,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/$_$.js","fqdn":"v3.traincdn.com","domain":"traincdn.com","tld":"com"},"ip":{"addr":"185.244.209.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://1xlite-45347.bar/en/block","date":"2025-12-31T09:26:37.741Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.traincdn.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 16 Dec 2025 00:00:00 GMT","end":"Fri, 15 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"2C:ED:08:D6:4A:C2:81:ED:6F:55:AB:70:5D:D3:1C:9C:1A:5A:9F:05","sha256":"8B:2C:5C:5C:1A:73:14:D9:18:4E:BF:B8:81:B4:A3:EB:D9:E7:55:08:46:E5:70:6E:6A:AA:B4:07:73:C9:57:C8"}}},"request":{"raw":"GET /sys-static/sys-technical-pages-app-static/Desktop/Default/$_$.js HTTP/1.1\r\nHost: v3.traincdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://1xlite-45347.bar\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://v3.traincdn.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 31 Dec 2025 09:26:37 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\ncontent-length: 69\r\ntraceparent: 00-e7087de79aa9c30009b8cb61ca1300ea-5bfd9aa50b497ef4-01\r\nlast-modified: Tue, 23 Dec 2025 11:09:44 GMT\r\netag: \"2cdaa92927f02e0b628f1ef4d7dd8caf\"\r\nx-amz-meta-mtime: 1766488103.461472926\r\nexpires: Wed, 24 Dec 2025 18:17:06 GMT\r\ncache-control: max-age=86400\r\nx-time-ng: 0.000\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccess-control-allow-origin: *\r\nx-id: osix-hw-edge-gc4\r\nage: 54344\r\ncache: HIT\r\nx-cached-since: 2025-12-30T18:20:53+00:00\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":69,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"2cdaa92927f02e0b628f1ef4d7dd8caf","sha1":"9104a2e16ed080b80a42588b8aeb52ebec47ab7a","sha256":"ef8101ffea52addcdcfcc3a83f96ff2d4613fb3ae6d1c16bbe4852387b73a9db","sha512":"31da80bc1b17aa708fef74b0211af91fce1b4a5f518f11e5caa80f50e9a7791b6e94924e381f550fc44a02f4c1d785e5b95fa2464e7968b5cab079612d70d839","ssdeep":"","tlshash":"1ba002935a5ef66c209044860696e74733823d6a3477b1d625bc5509e6061474817257","first_seen":"2025-05-14T05:06:37.199299Z","last_seen":"2026-03-18T19:40:26.76398Z","times_seen":5502,"resource_available":true,"data":null}},"time_used":3,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"1xlite-45347.bar/seo-module-api/api/public/v1/analytics-counters?project[id]=1254\u0026domain[host]=1xlite-45347.bar","fqdn":"1xlite-45347.bar","domain":"1xlite-45347.bar","tld":"bar"},"ip":{"addr":"178.253.24.51","port":443,"asn":202492,"as":"Silverhill Group Holding Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://1xlite-45347.bar/en/block","date":"2025-12-31T09:26:38.673Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1xlite-45347.bar","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Dec 2025 05:21:06 GMT","end":"Sun, 08 Mar 2026 05:21:05 GMT"},"fingerprint":{"sha1":"05:03:B3:49:94:6D:1A:70:98:06:F4:B4:23:25:93:A6:15:02:7A:1C","sha256":"BF:5D:D3:9F:4D:85:1E:F6:BA:3B:B5:07:1D:71:7E:55:68:EF:FB:70:D8:08:FE:B5:43:56:52:5F:1F:F9:AA:6C"}}},"request":{"raw":"GET /seo-module-api/api/public/v1/analytics-counters?project[id]=1254\u0026domain[host]=1xlite-45347.bar HTTP/1.1\r\nHost: 1xlite-45347.bar\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://1xlite-45347.bar/en/block\r\ncontent-type: application/json\r\nx-requested-with: XMLHttpRequest\r\nis-srv: false\r\nx-svc-source: __TECHNICAL_PAGES_APP__\r\nx-app-n: __TECHNICAL_PAGES_APP__\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: platform_type=desktop; gw-blk=eyJ0ZW1wbGF0ZSI6MSwicnVsZSI6MjI5NH0=; auid=sv0YM2lU7E2nu1p1BDgFAg==; lng=en; tzo=3\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 31 Dec 2025 09:26:38 GMT\r\ncontent-type: application/json\r\ncontent-length: 47\r\ncontent-encoding: br\r\ncache-control: max-age=1200, must-revalidate, public, s-maxage=1800, stale-if-error=86400, stale-while-revalidate=300\r\nx-content-digest: enb066c3de982d01779fd50476f73b1ab6\r\nage: 775\r\nx-request-id: aa6c9ac277d1df329e964b22947fd516\r\nx-request-guid: aa6c9ac277d1df329e964b22947fd516\r\nx-time-ng: 0.012\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nserver-timing: p;dur=9.1800689697266, wf-uht;dur=0.026\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":43,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"c809138c09727a461b3438eb080f8445","sha1":"2b43a325cd3d2b7a1d91967f30bb52c4e136822b","sha256":"47d34e128cb5a1e2edb0f30e9a15ec1c79a82bc64c512b53702ddf6a5a33f74c","sha512":"31a4a640ba00124b48f424535b4e79e3a42bc44f84c4fec2ed52461131ce90e68d090804b9c30c40abc780edefd8321e261403fe80b0e113af509952ecb7e892","ssdeep":"","tlshash":"0490045177057d54d40750c444454553411c50d5cf5111033d54c733c17d35470c7517","first_seen":"2024-04-27T00:40:23Z","last_seen":"2026-03-30T00:11:58.747679Z","times_seen":455,"resource_available":false,"data":null}},"time_used":57,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":57,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"1xlite-45347.bar","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"v3.traincdn.com/genfiles/cms/1-1254/desktop/media_asset/f5736ab336bfa0d9480d595738d78cb5.json","fqdn":"v3.traincdn.com","domain":"traincdn.com","tld":"com"},"ip":{"addr":"185.244.209.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://1xlite-45347.bar/en/block","date":"2025-12-31T09:26:38.835Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.traincdn.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 16 Dec 2025 00:00:00 GMT","end":"Fri, 15 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"2C:ED:08:D6:4A:C2:81:ED:6F:55:AB:70:5D:D3:1C:9C:1A:5A:9F:05","sha256":"8B:2C:5C:5C:1A:73:14:D9:18:4E:BF:B8:81:B4:A3:EB:D9:E7:55:08:46:E5:70:6E:6A:AA:B4:07:73:C9:57:C8"}}},"request":{"raw":"GET /genfiles/cms/1-1254/desktop/media_asset/f5736ab336bfa0d9480d595738d78cb5.json HTTP/1.1\r\nHost: v3.traincdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://1xlite-45347.bar/\r\nOrigin: https://1xlite-45347.bar\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 31 Dec 2025 09:26:38 GMT\r\ncontent-type: application/json\r\ntraceparent: 00-1e598bb18745c2bc77791970dd91ad27-411688a1e06d4def-01\r\nlast-modified: Wed, 24 Dec 2025 19:03:16 GMT\r\netag: W/\"917f249d7ba3f198ffcd4c0996b36c68\"\r\ncontent-encoding: gzip\r\nexpires: Wed, 24 Dec 2025 22:58:27 GMT\r\ncache-control: max-age=3600\r\nx-time-ng: 0.000\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccess-control-allow-origin: *\r\nx-id: osix-hw-edge-gc4\r\ncache: REVALIDATED\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":18124,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"917f249d7ba3f198ffcd4c0996b36c68","sha1":"5097c10634e403da22a92ee62d12f504c024e479","sha256":"ceabc18fbbc228992e212623f9528f47119c7d3623879141a7a877bf8d27651f","sha512":"5e9ce3dbd4c35499115291c61a6c78f093e0782f87fa34154f899c0776ec1d19f3a82bfc960b851d6f2ab8e18d5fb1ce7a2b4a52a5f27bc32f69254ef9aabdf9","ssdeep":"96:7tb7Ba79eu4QWGAdryCiQFpzLJLJeHZVZYpH3UGHSTSSbbGiJinHQyu7Bn2:K7kJ2VK3UsyinHQd78","tlshash":"b48235d9bae41c33112b60bed5e7f91ae3cc1f479d4aa8287e9c6d4c1b6050500aed7e","first_seen":"2025-12-24T19:43:26.562976Z","last_seen":"2026-03-01T21:06:43.444084Z","times_seen":274,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v3.traincdn.com/sys-static/shared-assets/Desktop/__shared_67be4069d3.js","fqdn":"v3.traincdn.com","domain":"traincdn.com","tld":"com"},"ip":{"addr":"185.244.209.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://1xlite-45347.bar/en/block","date":"2025-12-31T09:26:38.903Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.traincdn.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 16 Dec 2025 00:00:00 GMT","end":"Fri, 15 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"2C:ED:08:D6:4A:C2:81:ED:6F:55:AB:70:5D:D3:1C:9C:1A:5A:9F:05","sha256":"8B:2C:5C:5C:1A:73:14:D9:18:4E:BF:B8:81:B4:A3:EB:D9:E7:55:08:46:E5:70:6E:6A:AA:B4:07:73:C9:57:C8"}}},"request":{"raw":"GET /sys-static/shared-assets/Desktop/__shared_67be4069d3.js HTTP/1.1\r\nHost: v3.traincdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://1xlite-45347.bar\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://v3.traincdn.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 31 Dec 2025 09:26:38 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\ncontent-length: 291\r\ntraceparent: 00-4d0c4863cc951b55339b884991978fad-da2dc75cc5b1a436-01\r\nlast-modified: Tue, 30 Dec 2025 12:59:20 GMT\r\netag: \"00e9a1cb57562ecdbc4f8a438ff0d3a7\"\r\nx-amz-meta-mtime: 1767099327.786295153\r\nexpires: Thu, 01 Jan 2026 09:01:50 GMT\r\ncache-control: max-age=86400\r\nx-time-ng: 0.000\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccess-control-allow-origin: *\r\nx-id: osix-hw-edge-gc4\r\nage: 1389\r\ncache: HIT\r\nx-cached-since: 2025-12-31T09:03:29+00:00\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":291,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"Java source, ASCII text","md5":"00e9a1cb57562ecdbc4f8a438ff0d3a7","sha1":"18b312426460be06bfc557ef8d24fc9328935b47","sha256":"360358fda10eb3510d6f69bd8362258043c0092d0c085fd24c1996fa20303790","sha512":"af88385a60878abfb1fffe9275e125445f0c177a9302a0ecb431dbdb7bba0c7888d4981323c78ea48278b821ec6a9a9c62bfa193a8dc684e6c2add3004d5edba","ssdeep":"","tlshash":"1cd0eb3d6ff1e0b5330528ff322b719233093c04930ad4a300a6036801c80faa275e3a","first_seen":"2025-12-23T20:54:42.051787Z","last_seen":"2026-01-14T07:33:59.011214Z","times_seen":183,"resource_available":true,"data":null}},"time_used":1,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":1,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_main/en/dictionary_3077a431d59054a0bb97f4914c3ede99.json","fqdn":"v3.traincdn.com","domain":"traincdn.com","tld":"com"},"ip":{"addr":"185.244.209.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://1xlite-45347.bar/en/block","date":"2025-12-31T09:26:38.922Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.traincdn.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 16 Dec 2025 00:00:00 GMT","end":"Fri, 15 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"2C:ED:08:D6:4A:C2:81:ED:6F:55:AB:70:5D:D3:1C:9C:1A:5A:9F:05","sha256":"8B:2C:5C:5C:1A:73:14:D9:18:4E:BF:B8:81:B4:A3:EB:D9:E7:55:08:46:E5:70:6E:6A:AA:B4:07:73:C9:57:C8"}}},"request":{"raw":"GET /genfiles/web-app-v2/dictionary2/v3_main/en/dictionary_3077a431d59054a0bb97f4914c3ede99.json HTTP/1.1\r\nHost: v3.traincdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://1xlite-45347.bar/\r\nOrigin: https://1xlite-45347.bar\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 31 Dec 2025 09:26:38 GMT\r\ncontent-type: application/json; charset=utf-8\r\ntraceparent: 00-06b73c6a8a75828597a157f50c384fcd-71a626eee835aea7-01\r\nlast-modified: Tue, 30 Dec 2025 08:10:39 GMT\r\netag: W/\"0291a092fe1434f30e86bfed5837d2bb\"\r\ncache-control: max-age=3600\r\ncontent-encoding: gzip\r\nexpires: Tue, 30 Dec 2025 09:18:45 GMT\r\nx-time-ng: 0.006\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccess-control-allow-origin: *\r\nx-id: osix-hw-edge-gc4\r\nage: 112\r\ncache: HIT\r\nx-cached-since: 2025-12-31T09:24:46+00:00\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":147636,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"0291a092fe1434f30e86bfed5837d2bb","sha1":"2831f8ef70ec27383dc09527e1d9039270f257a4","sha256":"c167cc2c084474a61ed7e5c557e8426f20674b96322d27f168a45b431a3a66a7","sha512":"6af188a52a12cd0852b1ae5c968db8496cada2c25b2f3863ef8a689a24a201d70de4b97e8b099b1190dee975211ee1b779b00012f3b03c4c7185664ef515e48a","ssdeep":"3072:Li+H5u8iZcIkZPePfxxlRVPtE+IsLKHMc6WrDaRf7JmCpvZw:LVQXlRVPtE+ZKHZIf7JmChO","tlshash":"0ee3d80a194c6e7b0fda12ddf98fdf4962b00045aab2c822d8eec51e7197fd2917714b","first_seen":"2025-12-30T08:54:15.637987Z","last_seen":"2026-01-12T09:44:50.399789Z","times_seen":114,"resource_available":false,"data":null}},"time_used":1,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/3083a20a3f73c30fce38710d7ada9cbb.svg","fqdn":"v3.traincdn.com","domain":"traincdn.com","tld":"com"},"ip":{"addr":"185.244.209.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://1xlite-45347.bar/en/block","date":"2025-12-31T09:26:39.036Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.traincdn.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 16 Dec 2025 00:00:00 GMT","end":"Fri, 15 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"2C:ED:08:D6:4A:C2:81:ED:6F:55:AB:70:5D:D3:1C:9C:1A:5A:9F:05","sha256":"8B:2C:5C:5C:1A:73:14:D9:18:4E:BF:B8:81:B4:A3:EB:D9:E7:55:08:46:E5:70:6E:6A:AA:B4:07:73:C9:57:C8"}}},"request":{"raw":"GET /genfiles/cms/1-285/desktop/media_asset/3083a20a3f73c30fce38710d7ada9cbb.svg HTTP/1.1\r\nHost: v3.traincdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://1xlite-45347.bar/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 31 Dec 2025 09:26:39 GMT\r\ncontent-type: image/svg+xml\r\ntraceparent: 00-4c4da5d55ef9bc60720bbee61f178910-6d988e36193e1d13-01\r\nlast-modified: Wed, 19 Apr 2023 11:51:30 GMT\r\netag: W/\"3ae81b002dca46d3b732ce3e03ae35c6\"\r\ncontent-encoding: gzip\r\nexpires: Thu, 16 Jan 2025 11:13:48 GMT\r\ncache-control: max-age=3600\r\nx-time-ng: 0.000\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccess-control-allow-origin: *\r\nx-id: osix-hw-edge-gc4\r\nage: 1517\r\ncache: HIT\r\nx-cached-since: 2025-12-31T09:01:22+00:00\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1228,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"3ae81b002dca46d3b732ce3e03ae35c6","sha1":"388d37b5f714937677de74330a8daab0a0d1196b","sha256":"1c76b93f07c6a861c4ad9529059ea99ae69f2451788da7cab1f17fa94d54382e","sha512":"48887848044da3a9a54b72a1f15a39ac0b30ea8ad7ddc3d4c69e51bb0479f39631d4b9098d289eecdaa9648db4118ddfa38cf76ef1a58718c67d70efc80a67a8","ssdeep":"","tlshash":"e72124be434d5bfb60025fd8967802513abaf0c2f29926ed55d674227903cf4d074955","first_seen":"2023-04-05T22:56:35Z","last_seen":"2026-04-04T22:24:03.797555Z","times_seen":1393,"resource_available":false,"data":null}},"time_used":1,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":1,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-5671CMJ6T4","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.38.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://1xlite-45347.bar/en/block","date":"2025-12-31T09:26:48.663Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:49:27 GMT","end":"Wed, 25 Feb 2026 15:49:26 GMT"},"fingerprint":{"sha1":"2C:B9:1B:62:2A:F9:04:B9:16:E2:30:B0:A8:B2:85:0C:68:BC:79:25","sha256":"AE:CB:A0:2C:92:1E:CB:D2:CB:6C:0D:37:5E:A2:4E:27:AE:4E:CA:0C:EC:53:D5:50:E6:C1:3D:EB:17:C1:F2:C9"}}},"request":{"raw":"GET /gtag/js?id=G-5671CMJ6T4 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://1xlite-45347.bar/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Wed, 31 Dec 2025 09:26:48 GMT\r\nexpires: Wed, 31 Dec 2025 09:26:48 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 161207\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":509839,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (12571)","md5":"a79da3d70ffe521f357bcf2cc7320d89","sha1":"2415530ec7ff12574efe1a62b29007a31cb38e34","sha256":"ffafc379658f8b8cdf69eb09b0b4ff4a83ca0faccf6139b90e90e31ee8d9b69d","sha512":"5fde0b561cb84175063a8830af33ef8e4d78b3a4b08fd25b9f99ca99964e2975a1ab8f22b75eb173e6f0d8a177bf92f81ca85aa78995419dd8dde63e09c353cd","ssdeep":"6144:u77nTm/ObujKYKb1U95/YeSfDHHYOyQFzvnsCECiWVSzbjaJd/EPPad:ITXbuNm1cqVnsVWRPEy","tlshash":"5ab4098e73c63426939af478502f02cba9bb25e2b45dc897b1c9ccf02d7459a4167f78","first_seen":"2025-12-31T09:27:07.366589Z","last_seen":"2025-12-31T12:25:58.623271Z","times_seen":2,"resource_available":true,"data":null}},"time_used":178,"timings":{"blocked":58,"dns":0,"connect":7,"send":0,"wait":32,"receive":29,"ssl":50},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"region1.analytics.google.com/g/collect?v=2\u0026tid=G-7JGWL9SV66\u0026gtm=45je5cb0h2v897130004za200zd897130004\u0026_p=1767173208657\u0026gcd=13l3lPl2l1l1\u0026npa=1\u0026dma_cps=syphamo\u0026dma=1\u0026cid=1512623880.1767173209\u0026ecid=913540935\u0026ul=en-us\u0026sr=1280x1024\u0026frm=0\u0026pscdl=noapi\u0026_eu=AEAAAAQ\u0026_s=1\u0026tag_exp=103116026~103200004~104527906~104528500~104684208~104684211~105391253~115583767~115938466~115938469~116184927~116184929~116251938~116251940~116682876\u0026sid=1767173209\u0026sct=1\u0026seg=0\u0026dl=https%3A%2F%2F1xlite-45347.bar%2Fen%2Fblock\u0026dt=1xBet\u0026en=scroll\u0026ep.optimize_id=GTM-5R4MT54\u0026epn.percent_scrolled=90\u0026upn.ref_id=1\u0026tfd=12175","fqdn":"region1.analytics.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.239.34.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://1xlite-45347.bar/en/block","date":"2025-12-31T09:26:49.121Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:49:27 GMT","end":"Wed, 25 Feb 2026 15:49:26 GMT"},"fingerprint":{"sha1":"2C:B9:1B:62:2A:F9:04:B9:16:E2:30:B0:A8:B2:85:0C:68:BC:79:25","sha256":"AE:CB:A0:2C:92:1E:CB:D2:CB:6C:0D:37:5E:A2:4E:27:AE:4E:CA:0C:EC:53:D5:50:E6:C1:3D:EB:17:C1:F2:C9"}}},"request":{"raw":"POST /g/collect?v=2\u0026tid=G-7JGWL9SV66\u0026gtm=45je5cb0h2v897130004za200zd897130004\u0026_p=1767173208657\u0026gcd=13l3lPl2l1l1\u0026npa=1\u0026dma_cps=syphamo\u0026dma=1\u0026cid=1512623880.1767173209\u0026ecid=913540935\u0026ul=en-us\u0026sr=1280x1024\u0026frm=0\u0026pscdl=noapi\u0026_eu=AEAAAAQ\u0026_s=1\u0026tag_exp=103116026~103200004~104527906~104528500~104684208~104684211~105391253~115583767~115938466~115938469~116184927~116184929~116251938~116251940~116682876\u0026sid=1767173209\u0026sct=1\u0026seg=0\u0026dl=https%3A%2F%2F1xlite-45347.bar%2Fen%2Fblock\u0026dt=1xBet\u0026en=scroll\u0026ep.optimize_id=GTM-5R4MT54\u0026epn.percent_scrolled=90\u0026upn.ref_id=1\u0026tfd=12175 HTTP/1.1\r\nHost: region1.analytics.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://1xlite-45347.bar/\r\nOrigin: https://1xlite-45347.bar\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 204 No Content\r\naccess-control-allow-origin: https://1xlite-45347.bar\r\ndate: Wed, 31 Dec 2025 09:26:49 GMT\r\npragma: no-cache\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\naccess-control-allow-credentials: true\r\ncontent-type: text/plain\r\ncross-origin-resource-policy: cross-origin\r\ncontent-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:170:0\r\ncross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:170:0\r\nreport-to: {\"group\":\"ascnsrsggc:170:0\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:170:0\"}],}\r\nserver: Golfe2\r\ncontent-length: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T21:47:03.661814Z","times_seen":13347989,"resource_available":true,"data":null}},"time_used":80,"timings":{"blocked":30,"dns":0,"connect":8,"send":0,"wait":18,"receive":0,"ssl":21},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"1xlite-45347.bar/","fqdn":"1xlite-45347.bar","domain":"1xlite-45347.bar","tld":"bar"},"ip":{"addr":"178.253.24.51","port":443,"asn":202492,"as":"Silverhill Group Holding Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-31T09:26:36.954Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1xlite-45347.bar","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Dec 2025 05:21:06 GMT","end":"Sun, 08 Mar 2026 05:21:05 GMT"},"fingerprint":{"sha1":"05:03:B3:49:94:6D:1A:70:98:06:F4:B4:23:25:93:A6:15:02:7A:1C","sha256":"BF:5D:D3:9F:4D:85:1E:F6:BA:3B:B5:07:1D:71:7E:55:68:EF:FB:70:D8:08:FE:B5:43:56:52:5F:1F:F9:AA:6C"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: 1xlite-45347.bar\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: nginx\r\ndate: Wed, 31 Dec 2025 09:26:37 GMT\r\ncontent-length: 0\r\nlocation: /en/block\r\nset-cookie: platform_type=desktop; Path=/; Expires=Sat, 03 Jan 2026 09:26:37 GMT; Secure; SameSite=None; Partitioned\ngw-mm=; Path=/; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Secure; SameSite=None; Partitioned\ngw-blk=eyJ0ZW1wbGF0ZSI6MSwicnVsZSI6MjI5NH0=; Path=/; Expires=Sat, 03 Jan 2026 09:26:37 GMT; Secure\nauid=sv0YM2lU7E2nu1p1BDgFAg==; path=/; secure; httponly; samesite=lax\r\nx-dt: 1254\r\nx-gw-blk-redirect-reason: block\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nserver-timing: dt_total;dur=0.013, wf-uht;dur=0.015\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3311,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T21:47:03.661814Z","times_seen":13347989,"resource_available":true,"data":null}},"time_used":576,"timings":{"blocked":265,"dns":166,"connect":31,"send":0,"wait":45,"receive":0,"ssl":66},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"1xlite-45347.bar","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"v3.traincdn.com/sys-static/shared-assets/__shared_accept_language_parser_LEQ4UAP5.js","fqdn":"v3.traincdn.com","domain":"traincdn.com","tld":"com"},"ip":{"addr":"185.244.209.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://1xlite-45347.bar/en/block","date":"2025-12-31T09:26:38.059Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.traincdn.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 16 Dec 2025 00:00:00 GMT","end":"Fri, 15 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"2C:ED:08:D6:4A:C2:81:ED:6F:55:AB:70:5D:D3:1C:9C:1A:5A:9F:05","sha256":"8B:2C:5C:5C:1A:73:14:D9:18:4E:BF:B8:81:B4:A3:EB:D9:E7:55:08:46:E5:70:6E:6A:AA:B4:07:73:C9:57:C8"}}},"request":{"raw":"GET /sys-static/shared-assets/__shared_accept_language_parser_LEQ4UAP5.js HTTP/1.1\r\nHost: v3.traincdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://1xlite-45347.bar\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://v3.traincdn.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 31 Dec 2025 09:26:38 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\ntraceparent: 00-4c316429f54e5e1a57ddc3a7e5b97d2d-8a6e336ca7e6d486-01\r\nlast-modified: Mon, 29 Dec 2025 11:45:27 GMT\r\netag: W/\"83e311eb8e222d229b6177bd007ce9eb\"\r\nx-amz-meta-mtime: 1767008673.665370357\r\ncontent-encoding: gzip\r\nexpires: Wed, 31 Dec 2025 09:45:16 GMT\r\ncache-control: max-age=86400\r\nx-time-ng: 0.000\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccess-control-allow-origin: *\r\nx-id: osix-hw-edge-gc4\r\nage: 85282\r\ncache: HIT\r\nx-cached-since: 2025-12-30T09:45:16+00:00\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1297,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1265)","md5":"83e311eb8e222d229b6177bd007ce9eb","sha1":"96b851ffda0eab794c2bb637255a48ae25770144","sha256":"d0ff62de588e1c47eedbd91a89dcf394e2ec5bd09392ea556b9a34108077e9ad","sha512":"fd2e1bfb6588598e356ddc08724c2e6f602b89626b30eeca2c25b8f60340f25e28a761b8e13b75d1627172530abf7dd0e586e792f53759d08bda626145f65b0d","ssdeep":"","tlshash":"202112debed2b5908394188c4e2ec055f23a2957641ce6fcd765e7827c403a186f3c1d","first_seen":"2025-08-22T10:11:14.559442Z","last_seen":"2026-03-04T04:00:43.42063Z","times_seen":3921,"resource_available":true,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/192f3e7f77.js","fqdn":"v3.traincdn.com","domain":"traincdn.com","tld":"com"},"ip":{"addr":"185.244.209.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://1xlite-45347.bar/en/block","date":"2025-12-31T09:26:38.261Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.traincdn.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 16 Dec 2025 00:00:00 GMT","end":"Fri, 15 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"2C:ED:08:D6:4A:C2:81:ED:6F:55:AB:70:5D:D3:1C:9C:1A:5A:9F:05","sha256":"8B:2C:5C:5C:1A:73:14:D9:18:4E:BF:B8:81:B4:A3:EB:D9:E7:55:08:46:E5:70:6E:6A:AA:B4:07:73:C9:57:C8"}}},"request":{"raw":"GET /sys-static/sys-technical-pages-app-static/Desktop/Default/192f3e7f77.js HTTP/1.1\r\nHost: v3.traincdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://1xlite-45347.bar\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://v3.traincdn.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 31 Dec 2025 09:26:38 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\ntraceparent: 00-2c5ce23f78b4fd8ff7c302d67e1b06d4-195a9bbadbe19288-01\r\nlast-modified: Tue, 23 Dec 2025 11:09:43 GMT\r\netag: W/\"a183d67a6f8ea109fef0a1b4f5f2b920\"\r\nx-amz-meta-mtime: 1766488103.537479318\r\ncontent-encoding: gzip\r\nexpires: Wed, 24 Dec 2025 11:12:21 GMT\r\ncache-control: max-age=86400\r\nx-time-ng: 0.000\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccess-control-allow-origin: *\r\nx-id: osix-hw-edge-gc4\r\nage: 79537\r\ncache: HIT\r\nx-cached-since: 2025-12-30T11:21:01+00:00\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2848,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (2845)","md5":"a183d67a6f8ea109fef0a1b4f5f2b920","sha1":"9908c3bc21a4de25fe732742f501bd5b42c04c79","sha256":"ebdb6c637f146183a35569fcf56d547616da772f4b10c500a12a670fd46a6560","sha512":"c55796a768f46379b24f94bb40ff4846e651c94411fbf828648f1ba95353caeb7970abc3b37e4ffbac456c42085e8d46868a9d1ae07b0a2d31005d6025b7655e","ssdeep":"","tlshash":"ca5166967cb4b0b2af7643ee7e2640f5460d2a45b15d4093fded473c200f0a9176ab63","first_seen":"2025-12-23T20:54:42.020611Z","last_seen":"2026-01-14T07:33:59.008285Z","times_seen":127,"resource_available":true,"data":null}},"time_used":2,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"1xlite-45347.bar/bff-api/config/group/get?groups=d.technical,d.global\u0026lang=en","fqdn":"1xlite-45347.bar","domain":"1xlite-45347.bar","tld":"bar"},"ip":{"addr":"178.253.24.51","port":443,"asn":202492,"as":"Silverhill Group Holding Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://1xlite-45347.bar/en/block","date":"2025-12-31T09:26:38.693Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1xlite-45347.bar","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Dec 2025 05:21:06 GMT","end":"Sun, 08 Mar 2026 05:21:05 GMT"},"fingerprint":{"sha1":"05:03:B3:49:94:6D:1A:70:98:06:F4:B4:23:25:93:A6:15:02:7A:1C","sha256":"BF:5D:D3:9F:4D:85:1E:F6:BA:3B:B5:07:1D:71:7E:55:68:EF:FB:70:D8:08:FE:B5:43:56:52:5F:1F:F9:AA:6C"}}},"request":{"raw":"GET /bff-api/config/group/get?groups=d.technical,d.global\u0026lang=en HTTP/1.1\r\nHost: 1xlite-45347.bar\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://1xlite-45347.bar/en/block\r\ncontent-type: application/json\r\nx-requested-with: XMLHttpRequest\r\nis-srv: false\r\nx-svc-source: __TECHNICAL_PAGES_APP__\r\nx-app-n: __TECHNICAL_PAGES_APP__\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: platform_type=desktop; gw-blk=eyJ0ZW1wbGF0ZSI6MSwicnVsZSI6MjI5NH0=; auid=sv0YM2lU7E2nu1p1BDgFAg==; lng=en; tzo=3\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 31 Dec 2025 09:26:38 GMT\r\ncontent-type: application/json\r\ncache-control: no-cache, private\r\ncontent-encoding: br\r\nserver-timing: dt_total;dur=0.137, bff;dur=7.52, wf-uht;dur=0.100\r\nvary: Accept-Encoding\r\nx-dt: 1254\r\nx-pod: R-64hq4\r\nx-time-ng: 0.091\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1326,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"e1eebbe083a99cdd4b82facb0b1b8827","sha1":"a2654d14473667b9cd9e6f9cec8275d2874fb6db","sha256":"fdcf2a439902221e50b188461a9c03dcaf867ee9b333df109b9b8646813d4a15","sha512":"d96420e254b8bd0e154457501e92027d4bba1d26761e54eb44d696b871691ca139b55fd3fae8f1ec9f91653d55b1b7fac2d90b5d90e733e34ef0887b79815c07","ssdeep":"","tlshash":"5d21375e60b18a3c60680676db817e149eed405f35817581fe4c9c5c70d2cdef96254b","first_seen":"2025-12-23T01:00:00.336336Z","last_seen":"2026-01-01T05:36:13.527021Z","times_seen":3,"resource_available":false,"data":null}},"time_used":131,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":131,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"1xlite-45347.bar","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/e27425a6cf.css","fqdn":"v3.traincdn.com","domain":"traincdn.com","tld":"com"},"ip":{"addr":"185.244.209.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://1xlite-45347.bar/en/block","date":"2025-12-31T09:26:38.957Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.traincdn.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 16 Dec 2025 00:00:00 GMT","end":"Fri, 15 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"2C:ED:08:D6:4A:C2:81:ED:6F:55:AB:70:5D:D3:1C:9C:1A:5A:9F:05","sha256":"8B:2C:5C:5C:1A:73:14:D9:18:4E:BF:B8:81:B4:A3:EB:D9:E7:55:08:46:E5:70:6E:6A:AA:B4:07:73:C9:57:C8"}}},"request":{"raw":"GET /sys-static/sys-technical-pages-app-static/Desktop/Default/e27425a6cf.css HTTP/1.1\r\nHost: v3.traincdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://1xlite-45347.bar\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://1xlite-45347.bar/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 31 Dec 2025 09:26:38 GMT\r\ncontent-type: text/css; charset=utf-8\r\ntraceparent: 00-9fd8f70b29444883a4c86190041efa27-57c6f0f0041ec6ec-01\r\nlast-modified: Tue, 23 Dec 2025 11:09:44 GMT\r\netag: W/\"544ea803a3df8e55e85706a646f95614\"\r\nx-amz-meta-mtime: 1766488103.514477383\r\ncontent-encoding: gzip\r\nexpires: Wed, 24 Dec 2025 14:43:13 GMT\r\ncache-control: max-age=86400\r\nx-time-ng: 0.000\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccess-control-allow-origin: *\r\nx-id: osix-hw-edge-gc4\r\nage: 66995\r\ncache: HIT\r\nx-cached-since: 2025-12-30T14:50:03+00:00\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2867,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (2866)","md5":"544ea803a3df8e55e85706a646f95614","sha1":"ae409064324337a44a066208ec8fa7166bbfd628","sha256":"8991a0d7246dce731aee299bf16a3acbf1f59d5f36776c27e8cfcb7e77b3732e","sha512":"bc0360c2cfce28bc29b49404fe3e3230546cb7b7aebea9936246d7e99f78ac7a66b5143adea22a527739ba10799d93f73cde16c0363961b1b1632e39ddb5e6a7","ssdeep":"","tlshash":"c0516adef8b9d5752d33f022d70c5eb95930b527c5214e82f48c93a125c3a922aa1dae","first_seen":"2025-11-12T14:09:39.097866Z","last_seen":"2026-02-06T09:24:24.17097Z","times_seen":1064,"resource_available":false,"data":null}},"time_used":1,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":1,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v3.traincdn.com/genfiles/site-admin/css_vars/d47c7051b33fd4cf012dd1ba88ca9381.css","fqdn":"v3.traincdn.com","domain":"traincdn.com","tld":"com"},"ip":{"addr":"185.244.209.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://1xlite-45347.bar/en/block","date":"2025-12-31T09:26:38.994Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.traincdn.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 16 Dec 2025 00:00:00 GMT","end":"Fri, 15 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"2C:ED:08:D6:4A:C2:81:ED:6F:55:AB:70:5D:D3:1C:9C:1A:5A:9F:05","sha256":"8B:2C:5C:5C:1A:73:14:D9:18:4E:BF:B8:81:B4:A3:EB:D9:E7:55:08:46:E5:70:6E:6A:AA:B4:07:73:C9:57:C8"}}},"request":{"raw":"GET /genfiles/site-admin/css_vars/d47c7051b33fd4cf012dd1ba88ca9381.css HTTP/1.1\r\nHost: v3.traincdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://1xlite-45347.bar/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 31 Dec 2025 09:26:38 GMT\r\ncontent-type: text/css\r\ncontent-length: 44\r\ntraceparent: 00-a96d81b05dd8a2d41b5f93d12d7053b9-947bfdd933c557fe-01\r\nlast-modified: Tue, 18 Nov 2025 11:33:29 GMT\r\netag: \"d47c7051b33fd4cf012dd1ba88ca9381\"\r\ncache-control: max-age=3600\r\nexpires: Tue, 18 Nov 2025 14:06:30 GMT\r\nx-time-ng: 0.000\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccess-control-allow-origin: *\r\nx-id: osix-hw-edge-gc4\r\nage: 2902\r\ncache: HIT\r\nx-cached-since: 2025-12-31T08:38:16+00:00\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":44,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"d47c7051b33fd4cf012dd1ba88ca9381","sha1":"e8f4a550dc1526e29bbf41e19812174061129e0d","sha256":"d23ddf603e1bea345e3f913800e533ecea691174a25c9f0a40ea8b6eb17e4c95","sha512":"67ba4c3cbeb528f80648ab2833e973436b5f58817ebb69c754b06e50370f279bf18d0f6abb031ebbabb75867e0691cba11b3dc33ea9e85da3438a7e40510ef49","ssdeep":"","tlshash":"729004d4f50c33503455c75710dd44d111c4135f4511355cd5533c11f443c40cc505cc","first_seen":"2025-07-16T20:50:43.408412Z","last_seen":"2026-03-26T08:17:17.906604Z","times_seen":1364,"resource_available":false,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/19734a1859.js","fqdn":"v3.traincdn.com","domain":"traincdn.com","tld":"com"},"ip":{"addr":"185.244.209.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://1xlite-45347.bar/en/block","date":"2025-12-31T09:26:39.023Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.traincdn.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 16 Dec 2025 00:00:00 GMT","end":"Fri, 15 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"2C:ED:08:D6:4A:C2:81:ED:6F:55:AB:70:5D:D3:1C:9C:1A:5A:9F:05","sha256":"8B:2C:5C:5C:1A:73:14:D9:18:4E:BF:B8:81:B4:A3:EB:D9:E7:55:08:46:E5:70:6E:6A:AA:B4:07:73:C9:57:C8"}}},"request":{"raw":"GET /sys-static/sys-technical-pages-app-static/Desktop/Default/19734a1859.js HTTP/1.1\r\nHost: v3.traincdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://1xlite-45347.bar\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://v3.traincdn.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 31 Dec 2025 09:26:39 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\ncontent-length: 165\r\ntraceparent: 00-349ea070217c7e24586ec92566dc41e5-8f1e23a4e6f55829-01\r\nlast-modified: Tue, 23 Dec 2025 11:09:43 GMT\r\netag: \"0de0c156338f3d41ab95438c3d50bf21\"\r\nx-amz-meta-mtime: 1766488103.537479318\r\nexpires: Sat, 27 Dec 2025 16:13:29 GMT\r\ncache-control: max-age=86400\r\nx-time-ng: 0.000\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccess-control-allow-origin: *\r\nx-id: osix-hw-edge-gc4\r\nage: 61805\r\ncache: HIT\r\nx-cached-since: 2025-12-30T16:16:34+00:00\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":165,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"Java source, ASCII text","md5":"0de0c156338f3d41ab95438c3d50bf21","sha1":"a39a274e2f641a2ed9c25a57fb8206974ad2c262","sha256":"1af1032c4d01a1d34bc1f6932bc12fcbe55b50735cee5caefdcd5fdca4591cb7","sha512":"2a894ed85c825eb50db36a6a733e0b521d6bb5128d21fcdca4beffc12f9795b3e20ef869d5404ebef83d6c68e0a8b997e31c16a41453c2b2b947e8421970d8a7","ssdeep":"","tlshash":"9bc08c0f24a85837826e4ef8991021421e0d85e533e105c8ed0c83ba032a4d3854e62a","first_seen":"2025-12-23T20:54:41.987403Z","last_seen":"2026-01-14T07:33:59.049088Z","times_seen":114,"resource_available":true,"data":null}},"time_used":1,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v3.traincdn.com/sys-static/shared-assets/Desktop/__shared_f84004e523.css","fqdn":"v3.traincdn.com","domain":"traincdn.com","tld":"com"},"ip":{"addr":"185.244.209.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://1xlite-45347.bar/en/block","date":"2025-12-31T09:26:37.568Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.traincdn.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 16 Dec 2025 00:00:00 GMT","end":"Fri, 15 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"2C:ED:08:D6:4A:C2:81:ED:6F:55:AB:70:5D:D3:1C:9C:1A:5A:9F:05","sha256":"8B:2C:5C:5C:1A:73:14:D9:18:4E:BF:B8:81:B4:A3:EB:D9:E7:55:08:46:E5:70:6E:6A:AA:B4:07:73:C9:57:C8"}}},"request":{"raw":"GET /sys-static/shared-assets/Desktop/__shared_f84004e523.css HTTP/1.1\r\nHost: v3.traincdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://1xlite-45347.bar\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://1xlite-45347.bar/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 31 Dec 2025 09:26:37 GMT\r\ncontent-type: text/css; charset=utf-8\r\ntraceparent: 00-19ddb8408674d9a9d970befc5c460626-9ad8fd9fd220a2f5-01\r\nlast-modified: Mon, 29 Dec 2025 11:45:31 GMT\r\netag: W/\"b52b0468a89928ac4f5491d84b23b9da\"\r\nx-amz-meta-mtime: 1767008673.649369071\r\ncontent-encoding: gzip\r\nexpires: Wed, 31 Dec 2025 11:18:58 GMT\r\ncache-control: max-age=86400\r\nx-time-ng: 0.003\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccess-control-allow-origin: *\r\nx-id: osix-hw-edge-gc4\r\nage: 78979\r\ncache: HIT\r\nx-cached-since: 2025-12-30T11:30:18+00:00\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5355,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (5354)","md5":"b52b0468a89928ac4f5491d84b23b9da","sha1":"a9ea1f64b65e6191c59676c686c51b060c7f2894","sha256":"e638e7e679d5cd6a547e47ebca2b1c6a13023e80d42fd89139ab021f6aed3c57","sha512":"faefa82305b6be705bafc627991a35f1a32d679358a72ea81cb3551b0a3708997017d946ed2984f683a5514eab417ee5806627c0db89bf3b3820c38f5bd12e4b","ssdeep":"96:y0EbBQ77VHY+R5f4wQL5cdj5JeEaiq4vupNFZFZLiG:obBQ77VHY+R5f4wQL5cdXQzZLiG","tlshash":"5ab11e8dedf5c03a8a27bc12135c8e3d1735f997d9211d9ef25c83a554c3b9201d0eaa","first_seen":"2025-12-03T12:27:09.709217Z","last_seen":"2026-01-29T09:40:33.621374Z","times_seen":485,"resource_available":false,"data":null}},"time_used":108,"timings":{"blocked":52,"dns":4,"connect":6,"send":0,"wait":1,"receive":0,"ssl":40},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2","fqdn":"v3.traincdn.com","domain":"traincdn.com","tld":"com"},"ip":{"addr":"185.244.209.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://1xlite-45347.bar/en/block","date":"2025-12-31T09:26:37.708Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.traincdn.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 16 Dec 2025 00:00:00 GMT","end":"Fri, 15 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"2C:ED:08:D6:4A:C2:81:ED:6F:55:AB:70:5D:D3:1C:9C:1A:5A:9F:05","sha256":"8B:2C:5C:5C:1A:73:14:D9:18:4E:BF:B8:81:B4:A3:EB:D9:E7:55:08:46:E5:70:6E:6A:AA:B4:07:73:C9:57:C8"}}},"request":{"raw":"GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2 HTTP/1.1\r\nHost: v3.traincdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://1xlite-45347.bar\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://v3.traincdn.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 31 Dec 2025 09:26:37 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 63748\r\ntraceparent: 00-bb4d09577824a41f48d06b17db0c2c6f-042cebabfb9696d7-01\r\nlast-modified: Wed, 14 Jun 2023 09:49:53 GMT\r\netag: \"6887b6f24414dbc612dbf42ccdc76b70\"\r\nexpires: Thu, 16 Jan 2025 10:32:14 GMT\r\ncache-control: max-age=3600\r\nx-time-ng: 0.000\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccess-control-allow-origin: *\r\nx-id: osix-hw-edge-gc4\r\nage: 2278\r\ncache: HIT\r\nx-cached-since: 2025-12-31T08:48:39+00:00\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":63748,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 63748, version 1.0","md5":"6887b6f24414dbc612dbf42ccdc76b70","sha1":"8068d3abfbc6cbf35b55919da45b1f4d2d136238","sha256":"fc5c015fc32518f1ed810fa84ca28941eb9d5a3c81acc8df69a4dbbeedef7b0c","sha512":"00f08f9dd648972c9571547e06172d5505dd13f577fe2e65a497d3856172807ac11c996984e4138d2eb2ac784257fe61864aee15752fe9e9e76f98db931e0c2a","ssdeep":"1536:KtdCG+Dz6RxAx457zL0ASEn091Y0H1mTOzI/OzMFOoTX4u:MMG+yRpzN091Y0VtI/pOoTt","tlshash":"8b5302485551fae2cac3073c0f7a89dbb37a776d519224cd98b69f830d37964bea2070","first_seen":"2023-06-14T19:15:49Z","last_seen":"2026-04-04T21:03:15.347616Z","times_seen":10301,"resource_available":false,"data":null}},"time_used":3,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":1,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v3.traincdn.com/sys-static/shared-assets/__shared_popper_js_WZJKYEQD.js","fqdn":"v3.traincdn.com","domain":"traincdn.com","tld":"com"},"ip":{"addr":"185.244.209.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://1xlite-45347.bar/en/block","date":"2025-12-31T09:26:38.075Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.traincdn.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 16 Dec 2025 00:00:00 GMT","end":"Fri, 15 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"2C:ED:08:D6:4A:C2:81:ED:6F:55:AB:70:5D:D3:1C:9C:1A:5A:9F:05","sha256":"8B:2C:5C:5C:1A:73:14:D9:18:4E:BF:B8:81:B4:A3:EB:D9:E7:55:08:46:E5:70:6E:6A:AA:B4:07:73:C9:57:C8"}}},"request":{"raw":"GET /sys-static/shared-assets/__shared_popper_js_WZJKYEQD.js HTTP/1.1\r\nHost: v3.traincdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://1xlite-45347.bar\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://v3.traincdn.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 31 Dec 2025 09:26:38 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\ntraceparent: 00-fc2f6773d6e0d7030e70d0e33f257c1e-f1e592a6ad57b8c0-01\r\nlast-modified: Mon, 29 Dec 2025 11:45:27 GMT\r\netag: W/\"bea5b052c307601192270938523fa030\"\r\nx-amz-meta-mtime: 1767008673.666370437\r\ncontent-encoding: gzip\r\nexpires: Tue, 30 Dec 2025 12:05:27 GMT\r\ncache-control: max-age=86400\r\nx-time-ng: 0.002\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccess-control-allow-origin: *\r\nx-id: osix-hw-edge-gc4\r\nage: 76711\r\ncache: HIT\r\nx-cached-since: 2025-12-30T12:08:07+00:00\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":21252,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (21232)","md5":"bea5b052c307601192270938523fa030","sha1":"937f7094c67f5a92c1032a7bc3f21ee94bec66ef","sha256":"f41290374ba615854ebb4b28a07de775581707f3b6427bcc01c0529c62476f64","sha512":"b9bff7f7d9b518ec76898a732114873c01206378c2a840c62062f05487ef773716ce841d7a5bafe3f0c65fbfdf05509852571a3a6b381661cb6f4984d6bc23a9","ssdeep":"384:ZP7iayBuR9vu3z1JXvykd2+LaqHdC6RjVnTGm/7piCXmH8kCCcvJTCyCu+meAxiZ:piZwO3XvO+NMSJt3XmckXcv4nxJAxiH5","tlshash":"7b92a28c7684b0a287a7a2a7a07f860f71376865650e9004f59cf6ec3c35dba507bc7d","first_seen":"2025-08-22T10:11:14.555802Z","last_seen":"2026-03-04T04:00:43.408775Z","times_seen":3920,"resource_available":true,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v3.traincdn.com/sys-static/shared-assets/__shared_chunk_LNU73JEK.js","fqdn":"v3.traincdn.com","domain":"traincdn.com","tld":"com"},"ip":{"addr":"185.244.209.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://1xlite-45347.bar/en/block","date":"2025-12-31T09:26:38.158Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.traincdn.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 16 Dec 2025 00:00:00 GMT","end":"Fri, 15 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"2C:ED:08:D6:4A:C2:81:ED:6F:55:AB:70:5D:D3:1C:9C:1A:5A:9F:05","sha256":"8B:2C:5C:5C:1A:73:14:D9:18:4E:BF:B8:81:B4:A3:EB:D9:E7:55:08:46:E5:70:6E:6A:AA:B4:07:73:C9:57:C8"}}},"request":{"raw":"GET /sys-static/shared-assets/__shared_chunk_LNU73JEK.js HTTP/1.1\r\nHost: v3.traincdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://1xlite-45347.bar\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://v3.traincdn.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 31 Dec 2025 09:26:38 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\ntraceparent: 00-ce19b831118691b61d44cd6d0d11608c-79ecd514899ac42d-01\r\nlast-modified: Mon, 29 Dec 2025 11:45:27 GMT\r\netag: W/\"d96d317966512ab8915a90670ca5a5af\"\r\nx-amz-meta-mtime: 1767008673.666370437\r\ncontent-encoding: gzip\r\nexpires: Wed, 31 Dec 2025 09:45:16 GMT\r\ncache-control: max-age=86400\r\nx-time-ng: 0.000\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccess-control-allow-origin: *\r\nx-id: osix-hw-edge-gc4\r\nage: 85282\r\ncache: HIT\r\nx-cached-since: 2025-12-30T09:45:16+00:00\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1232,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1231)","md5":"d96d317966512ab8915a90670ca5a5af","sha1":"a810be1c3e515adb49804e8d976250deb16fd77d","sha256":"f125201d62c452efba070d856821885c7cfd539a31d55846caa6ae3a7522d3cf","sha512":"460b29966e6f5ac4d34ccc714217d29686d7aff42efa92a102729d40aa36dd4fbb87116178b2f9fdece5fdb09cb2bf2024312d3f1b86abb69644f695c76aca2d","ssdeep":"","tlshash":"a521f1e56fbc7ba362be2ae4a02e0041e001d53752f4f1d4f294dfb4a4e949d035b5b6","first_seen":"2025-08-22T10:11:14.554562Z","last_seen":"2026-03-04T04:00:43.411503Z","times_seen":3921,"resource_available":true,"data":null}},"time_used":1,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"1xlite-45347.bar/bff-api/config/group/get?groups=b.core,d.core\u0026lang=en","fqdn":"1xlite-45347.bar","domain":"1xlite-45347.bar","tld":"bar"},"ip":{"addr":"178.253.24.51","port":443,"asn":202492,"as":"Silverhill Group Holding Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://1xlite-45347.bar/en/block","date":"2025-12-31T09:26:38.303Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1xlite-45347.bar","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Dec 2025 05:21:06 GMT","end":"Sun, 08 Mar 2026 05:21:05 GMT"},"fingerprint":{"sha1":"05:03:B3:49:94:6D:1A:70:98:06:F4:B4:23:25:93:A6:15:02:7A:1C","sha256":"BF:5D:D3:9F:4D:85:1E:F6:BA:3B:B5:07:1D:71:7E:55:68:EF:FB:70:D8:08:FE:B5:43:56:52:5F:1F:F9:AA:6C"}}},"request":{"raw":"GET /bff-api/config/group/get?groups=b.core,d.core\u0026lang=en HTTP/1.1\r\nHost: 1xlite-45347.bar\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://1xlite-45347.bar/en/block\r\ncontent-type: application/json\r\nx-requested-with: XMLHttpRequest\r\nis-srv: false\r\nx-svc-source: __TECHNICAL_PAGES_APP__\r\nx-app-n: __TECHNICAL_PAGES_APP__\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: platform_type=desktop; gw-blk=eyJ0ZW1wbGF0ZSI6MSwicnVsZSI6MjI5NH0=; auid=sv0YM2lU7E2nu1p1BDgFAg==\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 31 Dec 2025 09:26:38 GMT\r\ncontent-type: application/json\r\ncache-control: no-cache, private\r\ncontent-encoding: br\r\nserver-timing: dt_total;dur=0.143, bff;dur=169.70, wf-uht;dur=0.283\r\nvary: Accept-Encoding\r\nx-dt: 1254\r\nx-pod: R-pjcgq\r\nx-time-ng: 0.252\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":47234,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"4e2922b9e64fb487eac084afac33b23c","sha1":"5518f1f2cf2e7df0774dc6dc3642cac453b3dec1","sha256":"07210f3273345b45c58c31948e8de15e1a990d30161095f42e170a1c0772c950","sha512":"8ce5b497eb901e09c927d0e9dd7b31b0ec1925f3e3edd03f1e8ad05f1b934f9d3046e2dacb59bf4ac54295344500293651d6518265d5bfae65fa504f756b4287","ssdeep":"768:0sgPPyYept4f+Yig3tW2Jrq+sbk+00APvVDFwaZH78fQ:Vg3yYepef+Y9w2JrLCk+00CBwa+Q","tlshash":"e323015e7ac09a3a011f1afacca3ed0e57e82f1b5893e4575de3bd86287191444e343e","first_seen":"2025-12-31T09:27:07.377589Z","last_seen":"2025-12-31T09:27:07.377589Z","times_seen":1,"resource_available":false,"data":null}},"time_used":321,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":321,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"1xlite-45347.bar","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/2de3cb6d98.js","fqdn":"v3.traincdn.com","domain":"traincdn.com","tld":"com"},"ip":{"addr":"185.244.209.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://1xlite-45347.bar/en/block","date":"2025-12-31T09:26:38.892Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.traincdn.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 16 Dec 2025 00:00:00 GMT","end":"Fri, 15 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"2C:ED:08:D6:4A:C2:81:ED:6F:55:AB:70:5D:D3:1C:9C:1A:5A:9F:05","sha256":"8B:2C:5C:5C:1A:73:14:D9:18:4E:BF:B8:81:B4:A3:EB:D9:E7:55:08:46:E5:70:6E:6A:AA:B4:07:73:C9:57:C8"}}},"request":{"raw":"GET /sys-static/sys-technical-pages-app-static/Desktop/Default/2de3cb6d98.js HTTP/1.1\r\nHost: v3.traincdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://1xlite-45347.bar\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://v3.traincdn.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 31 Dec 2025 09:26:38 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\ntraceparent: 00-667310c5d1e7ab58afc8518ced792f61-b7773cab0a02ff07-01\r\nlast-modified: Tue, 23 Dec 2025 11:09:43 GMT\r\netag: W/\"748d69570f5ecc45d4e669b8c2d63b19\"\r\nx-amz-meta-mtime: 1766488103.536479234\r\ncontent-encoding: gzip\r\nexpires: Wed, 24 Dec 2025 11:12:24 GMT\r\ncache-control: max-age=86400\r\nx-time-ng: 0.002\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccess-control-allow-origin: *\r\nx-id: osix-hw-edge-gc4\r\nage: 79536\r\ncache: HIT\r\nx-cached-since: 2025-12-30T11:21:02+00:00\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1370,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (1358)","md5":"748d69570f5ecc45d4e669b8c2d63b19","sha1":"60e3bb5ea966a9fcce1d6cb502e20fd67a446b6d","sha256":"aa09e47ded5695d360fad9336da11a29e24c8a62c08b13bdca76f19caf72dd89","sha512":"193263ac8bc41f13749c0459d6f53051fbbf86abee79cdec191601edefa9f1605ea6e894834d9fdb1a78f5c5520ecd6b9f653e63ea5fff6337f090fe7ec80c45","ssdeep":"","tlshash":"3f21837badb0f03846101afebc243071038b2e57868ed59995cc03a60347095592aeb7","first_seen":"2025-12-23T20:54:41.975798Z","last_seen":"2026-01-14T07:33:59.033741Z","times_seen":114,"resource_available":true,"data":null}},"time_used":1,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":1,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_block_pages/en/dictionary_c7c82d0ec840dcaf32f6dfe636c4fafc.json","fqdn":"v3.traincdn.com","domain":"traincdn.com","tld":"com"},"ip":{"addr":"185.244.209.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://1xlite-45347.bar/en/block","date":"2025-12-31T09:26:38.919Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.traincdn.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 16 Dec 2025 00:00:00 GMT","end":"Fri, 15 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"2C:ED:08:D6:4A:C2:81:ED:6F:55:AB:70:5D:D3:1C:9C:1A:5A:9F:05","sha256":"8B:2C:5C:5C:1A:73:14:D9:18:4E:BF:B8:81:B4:A3:EB:D9:E7:55:08:46:E5:70:6E:6A:AA:B4:07:73:C9:57:C8"}}},"request":{"raw":"GET /genfiles/web-app-v2/dictionary2/v3_block_pages/en/dictionary_c7c82d0ec840dcaf32f6dfe636c4fafc.json HTTP/1.1\r\nHost: v3.traincdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://1xlite-45347.bar/\r\nOrigin: https://1xlite-45347.bar\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 31 Dec 2025 09:26:38 GMT\r\ncontent-type: application/json; charset=utf-8\r\ntraceparent: 00-2708a61b9db2e44e9e74b92fefb99e50-1ef047c67baddb80-01\r\nlast-modified: Wed, 17 Dec 2025 12:10:10 GMT\r\netag: W/\"573ca19484ed7b68628289de225c652b\"\r\ncache-control: max-age=3600\r\ncontent-encoding: gzip\r\nexpires: Wed, 17 Dec 2025 13:18:40 GMT\r\nx-time-ng: 0.001\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccess-control-allow-origin: *\r\nx-id: osix-hw-edge-gc4\r\nage: 42\r\ncache: HIT\r\nx-cached-since: 2025-12-31T09:25:56+00:00\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2975,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"573ca19484ed7b68628289de225c652b","sha1":"2999f577da4581078174d2f467bdf80a5b884337","sha256":"89b905bf9f7efa10994d329be5ed307e2c48205e0a8a06be4801ccadebeadf3c","sha512":"7cfabf5198a96f2c4992fcd0dce602464be5f8b6f31d6e9686e82210185749fbbc6b3f70b22c90374cf2d095182d6a35f561e92b8f9e22098999bf3fc8c6943e","ssdeep":"","tlshash":"a651750f733c45e5383841403d0d6e6a7b160168afa29194fa8cd85d337f5cae12b22f","first_seen":"2025-12-18T00:40:38.951295Z","last_seen":"2026-02-11T03:04:26.783249Z","times_seen":346,"resource_available":false,"data":null}},"time_used":1,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v3.traincdn.com/genfiles/cms/1-1254/desktop/media_asset/9532a94849695741e08cec8072e49ad3.json","fqdn":"v3.traincdn.com","domain":"traincdn.com","tld":"com"},"ip":{"addr":"185.244.209.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://1xlite-45347.bar/en/block","date":"2025-12-31T09:26:38.938Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.traincdn.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 16 Dec 2025 00:00:00 GMT","end":"Fri, 15 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"2C:ED:08:D6:4A:C2:81:ED:6F:55:AB:70:5D:D3:1C:9C:1A:5A:9F:05","sha256":"8B:2C:5C:5C:1A:73:14:D9:18:4E:BF:B8:81:B4:A3:EB:D9:E7:55:08:46:E5:70:6E:6A:AA:B4:07:73:C9:57:C8"}}},"request":{"raw":"GET /genfiles/cms/1-1254/desktop/media_asset/9532a94849695741e08cec8072e49ad3.json HTTP/1.1\r\nHost: v3.traincdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://1xlite-45347.bar/\r\nOrigin: https://1xlite-45347.bar\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 31 Dec 2025 09:26:38 GMT\r\ncontent-type: application/json\r\ntraceparent: 00-981188b324b6117b7acdab499f3ef517-c46319de2c9a6233-01\r\nlast-modified: Wed, 24 Dec 2025 19:01:55 GMT\r\netag: W/\"b5a6dbdf3f12e11d0c5275b2ca6dc739\"\r\ncontent-encoding: gzip\r\nexpires: Wed, 24 Dec 2025 20:38:27 GMT\r\ncache-control: max-age=3600\r\nx-time-ng: 0.046\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccess-control-allow-origin: *\r\nx-id: osix-hw-edge-gc4\r\nage: 384\r\ncache: HIT\r\nx-cached-since: 2025-12-31T09:20:14+00:00\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3091,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"b5a6dbdf3f12e11d0c5275b2ca6dc739","sha1":"a8495df42a8f1e18c12dc1723660d062bbc8fb6b","sha256":"8febfd79d9b9b1298af34575340a4288d6d5b01ee4e50c57f5a5509d602412f2","sha512":"813327003eefeef8e9772adc05530b46f52fc044d76f5ed1393854052836ae2f89a0118697367681afbab9084b4e215c3120bf09ea2713553a7e8286ca9afe2d","ssdeep":"","tlshash":"85514b4df6e41c33012f19bdc0f76a6993d84f4f694a7c283a9d6c4d1bd451900aad3e","first_seen":"2025-07-21T03:11:29.13175Z","last_seen":"2026-01-11T03:06:49.449217Z","times_seen":2816,"resource_available":false,"data":null}},"time_used":1,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"1xlite-45347.bar/en/block","fqdn":"1xlite-45347.bar","domain":"1xlite-45347.bar","tld":"bar"},"ip":{"addr":"178.253.24.51","port":443,"asn":202492,"as":"Silverhill Group Holding Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://1xlite-45347.bar/en/block","date":"2025-12-31T09:26:37.786Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1xlite-45347.bar","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Dec 2025 05:21:06 GMT","end":"Sun, 08 Mar 2026 05:21:05 GMT"},"fingerprint":{"sha1":"05:03:B3:49:94:6D:1A:70:98:06:F4:B4:23:25:93:A6:15:02:7A:1C","sha256":"BF:5D:D3:9F:4D:85:1E:F6:BA:3B:B5:07:1D:71:7E:55:68:EF:FB:70:D8:08:FE:B5:43:56:52:5F:1F:F9:AA:6C"}}},"request":{"raw":"GET /en/block HTTP/1.1\r\nHost: 1xlite-45347.bar\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://1xlite-45347.bar/en/block\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: platform_type=desktop; gw-blk=eyJ0ZW1wbGF0ZSI6MSwicnVsZSI6MjI5NH0=; auid=sv0YM2lU7E2nu1p1BDgFAg==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 203 Non Authoritative\r\nserver: nginx\r\ndate: Wed, 31 Dec 2025 09:26:37 GMT\r\ncontent-type: text/html;charset=utf-8\r\ncontent-length: 3311\r\nserver-timing: dt_total;dur=0.042, dt_total;dur=0.004, total;dur=2;desc=\"MF\"\r\nset-cookie: gw-blk=eyJ0ZW1wbGF0ZSI6MSwicnVsZSI6MjI5NH0=; Path=/; Expires=Sat, 03 Jan 2026 09:26:37 GMT; Secure\r\nvary: Accept-Encoding\r\nx-dt: 1254, 1254\r\nx-time-ng: 0.004\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"203","status_text":"Non Authoritative","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3311,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (3030)","md5":"be378b2449c65425f3ad667e8f237a70","sha1":"0ba648d7932cd66773f5a35343644eceddb7cbcf","sha256":"b59443784651a3586ebfe17ab6d8503ffd724880bdd985b204bcccb63ddcc11c","sha512":"d24a35bddf36f583e8a46212513485b714031e43f628b9b2f1a4aaeb89cd919651bb1405de79b372fec7fd27decbdd1cd6cb03c74d07f749790ad32c9c0fdaa4","ssdeep":"","tlshash":"d161d727503ccb3f4522445d8a02fb0a8ecc287b7149e94ce67c4e8d27c62cba417a47","first_seen":"2025-12-31T09:27:07.382013Z","last_seen":"2026-01-13T02:10:46.014945Z","times_seen":3,"resource_available":false,"data":null}},"time_used":47,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":47,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"1xlite-45347.bar","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"v3.traincdn.com/genfiles/cms/desktop/media_asset/2109bdcab2eeeb5f8b317407c150d526.jpg","fqdn":"v3.traincdn.com","domain":"traincdn.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://1xlite-45347.bar/en/block","date":"2025-12-31T09:26:39.045Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.traincdn.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 16 Dec 2025 00:00:00 GMT","end":"Fri, 15 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"2C:ED:08:D6:4A:C2:81:ED:6F:55:AB:70:5D:D3:1C:9C:1A:5A:9F:05","sha256":"8B:2C:5C:5C:1A:73:14:D9:18:4E:BF:B8:81:B4:A3:EB:D9:E7:55:08:46:E5:70:6E:6A:AA:B4:07:73:C9:57:C8"}}},"request":{"raw":"GET /genfiles/cms/desktop/media_asset/2109bdcab2eeeb5f8b317407c150d526.jpg HTTP/1.1\r\nHost: v3.traincdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://1xlite-45347.bar/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T21:47:03.661814Z","times_seen":13347989,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v3.traincdn.com/sys-icons/1.0.915/285/country.svg","fqdn":"v3.traincdn.com","domain":"traincdn.com","tld":"com"},"ip":{"addr":"185.244.209.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://1xlite-45347.bar/en/block","date":"2025-12-31T09:26:39.051Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.traincdn.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 16 Dec 2025 00:00:00 GMT","end":"Fri, 15 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"2C:ED:08:D6:4A:C2:81:ED:6F:55:AB:70:5D:D3:1C:9C:1A:5A:9F:05","sha256":"8B:2C:5C:5C:1A:73:14:D9:18:4E:BF:B8:81:B4:A3:EB:D9:E7:55:08:46:E5:70:6E:6A:AA:B4:07:73:C9:57:C8"}}},"request":{"raw":"GET /sys-icons/1.0.915/285/country.svg HTTP/1.1\r\nHost: v3.traincdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://1xlite-45347.bar\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://1xlite-45347.bar/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 31 Dec 2025 09:26:39 GMT\r\ncontent-type: image/svg+xml\r\ntraceparent: 00-e3a8cf2466fdd2d1a554cf40c1064bfe-f61265ade0adbef3-01\r\nlast-modified: Tue, 23 Dec 2025 10:17:37 GMT\r\netag: W/\"e755054847ccc09de8ac9bdf2c4326d6\"\r\nx-amz-meta-mtime: 1766485039.668461346\r\ncontent-encoding: gzip\r\nexpires: Wed, 24 Dec 2025 10:18:51 GMT\r\ncache-control: max-age=86400\r\nx-time-ng: 0.002\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccess-control-allow-origin: *\r\nx-id: osix-hw-edge-gc4\r\nage: 82343\r\ncache: HIT\r\nx-cached-since: 2025-12-30T10:34:16+00:00\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":217418,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"e755054847ccc09de8ac9bdf2c4326d6","sha1":"1461e05caf5c7bfda69a9a45127a8f78dc37a9ec","sha256":"d03bc4c7e0d2d128ba647df7ef393f9e856ff0b98b09d6d2849bdaaaded8e7b9","sha512":"2a6e1617fe4b5f4039431564fdb2d90f8a4a930ea555e10133b9d07809ebe56f64cfc9000de709289b2cb9143664bb8e334cabf2d49c7c20dac9ba8ed0eee9ce","ssdeep":"3072:hgvO+igz5Wy8EjUskAnA3ZJ9QeVCLpE74OWuhgwlKqjk71xhbXVjGYLGS/suV1SM:uqCLpPOWuq5vaSueoO7","tlshash":"08245554b099b14c2a8363e8c7afa5e1133e61db71da419938e993d8520e3dffe83950","first_seen":"2025-08-28T01:30:48.467208Z","last_seen":"2026-04-04T22:24:03.792888Z","times_seen":1113,"resource_available":false,"data":null}},"time_used":1,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/b5cd9a5e87d930de856c92da15aa121e.png","fqdn":"v3.traincdn.com","domain":"traincdn.com","tld":"com"},"ip":{"addr":"185.244.209.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://1xlite-45347.bar/en/block","date":"2025-12-31T09:26:39.123Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.traincdn.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 16 Dec 2025 00:00:00 GMT","end":"Fri, 15 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"2C:ED:08:D6:4A:C2:81:ED:6F:55:AB:70:5D:D3:1C:9C:1A:5A:9F:05","sha256":"8B:2C:5C:5C:1A:73:14:D9:18:4E:BF:B8:81:B4:A3:EB:D9:E7:55:08:46:E5:70:6E:6A:AA:B4:07:73:C9:57:C8"}}},"request":{"raw":"GET /genfiles/cms/1-285/desktop/media_asset/b5cd9a5e87d930de856c92da15aa121e.png HTTP/1.1\r\nHost: v3.traincdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://1xlite-45347.bar/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 31 Dec 2025 09:26:39 GMT\r\ncontent-type: image/png\r\ncontent-length: 653\r\ntraceparent: 00-97e52328d78bdc8f286ef7a0bc7a2aa2-d585298578e48a37-01\r\nlast-modified: Wed, 26 Jun 2024 08:18:02 GMT\r\netag: \"e6f0766cbd95db33da44e7a9140648f2\"\r\nexpires: Thu, 16 Jan 2025 10:46:36 GMT\r\ncache-control: max-age=3600\r\nx-time-ng: 0.000\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccess-control-allow-origin: *\r\nx-id: osix-hw-edge-gc4\r\nage: 1766\r\ncache: HIT\r\nx-cached-since: 2025-12-31T08:57:13+00:00\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":653,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit colormap, non-interlaced","md5":"e6f0766cbd95db33da44e7a9140648f2","sha1":"5f196b1bfe8c3f92bd2ebcd67124e72e81ae6aaf","sha256":"c0399d478788d5d483f104a2e8cb7c32f41cb40e9df0c22e831b2bfa2db63ec0","sha512":"249da39baba03408de98c7fa9a9342ef120436037ab6245b3b4a5f1a206291caaf67481c6ed67064544576697d41ab82499abffec998d837812292a050bf826a","ssdeep":"","tlshash":"90f083e032254a855c02ac7fc33414448fb226cc3682bb09e012887119d24a79dd1368","first_seen":"2023-04-05T22:56:35Z","last_seen":"2026-04-03T12:07:45.643999Z","times_seen":6597,"resource_available":false,"data":null}},"time_used":1,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"radar.cedexis.com/1707728419/stub.js","fqdn":"radar.cedexis.com","domain":"cedexis.com","tld":"com"},"ip":{"addr":"45.54.49.5","port":443,"asn":63911,"as":"NetActuate, Inc","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://1xlite-45347.bar/en/block","date":"2025-12-31T09:26:48.906Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"radar.cedexis.com","organization":"Citrix Systems, Inc."},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 07 Mar 2025 00:00:00 GMT","end":"Fri, 06 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A2:3E:30:19:D5:41:3A:11:81:58:E3:B1:6F:F4:D2:78:0B:44:6F:D0","sha256":"BE:70:39:96:BA:51:8F:A7:6A:9D:E1:58:FB:D9:F7:6F:17:5C:DA:A9:6E:54:3F:8F:0B:3D:1E:DF:8C:44:B4:71"}}},"request":{"raw":"GET /1707728419/stub.js HTTP/1.1\r\nHost: radar.cedexis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://1xlite-45347.bar/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 31 Dec 2025 09:26:48 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Mon, 12 Feb 2024 09:50:42 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"65c9e9f2-186\"\r\nExpires: Wed, 14 Jan 2026 09:26:48 GMT\r\nCache-Control: max-age=1209600, public\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":390,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"82dec77fd0353c7c71ce053b8601387e","sha1":"fbbca95419e1d0c042e0a5fdf10f380aca66188c","sha256":"39f2b7b0fa78d37d0c84d2d6618bd635d86fd683d9bcdd5729850cb2a62522f7","sha512":"6872c895cb44711405e57a436dfbe15d094f9159e11ee2b89983c63b1f18f6acbdfaf0ccbb5e48b2bf24f366f16584c660bca4b6b14c048a134bb77a60f6563e","ssdeep":"","tlshash":"02e068ae9391a318537a2dbacc4e060ba0f6114888e5e4e029f5c2c00461bae072bfb4","first_seen":"2024-02-13T14:23:26Z","last_seen":"2026-01-15T12:01:08.184588Z","times_seen":7496,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/non-embedded.css","fqdn":"v3.traincdn.com","domain":"traincdn.com","tld":"com"},"ip":{"addr":"185.244.209.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://1xlite-45347.bar/en/block","date":"2025-12-31T09:26:37.571Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.traincdn.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 16 Dec 2025 00:00:00 GMT","end":"Fri, 15 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"2C:ED:08:D6:4A:C2:81:ED:6F:55:AB:70:5D:D3:1C:9C:1A:5A:9F:05","sha256":"8B:2C:5C:5C:1A:73:14:D9:18:4E:BF:B8:81:B4:A3:EB:D9:E7:55:08:46:E5:70:6E:6A:AA:B4:07:73:C9:57:C8"}}},"request":{"raw":"GET /sys-static/sys-technical-pages-app-static/Desktop/Default/non-embedded.css HTTP/1.1\r\nHost: v3.traincdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://1xlite-45347.bar/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 31 Dec 2025 09:26:37 GMT\r\ncontent-type: text/css; charset=utf-8\r\ntraceparent: 00-b05376e52040734e9940f1b63698f09b-0fd106bc51220bc5-01\r\nlast-modified: Tue, 23 Dec 2025 11:09:44 GMT\r\netag: W/\"124cc24d18351af1656eae12be6975c9\"\r\nx-amz-meta-mtime: 1766488103.527478477\r\ncontent-encoding: gzip\r\nexpires: Wed, 24 Dec 2025 13:00:06 GMT\r\ncache-control: max-age=86400\r\nx-time-ng: 0.003\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccess-control-allow-origin: *\r\nx-id: osix-hw-edge-gc4\r\nage: 72871\r\ncache: HIT\r\nx-cached-since: 2025-12-30T13:12:06+00:00\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":50203,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (50202)","md5":"124cc24d18351af1656eae12be6975c9","sha1":"9fcf552112c0d0405f116a0c075ebad921a599c3","sha256":"736db5bdc9562cb0d626cce25730c516183749db3f8228c5d3e566316adccc12","sha512":"7d68a9abd66737f299a36dedc3aa1406711e2ad10497ffd96dfe2ac136c5813342ad89102fb333fffed1b3a8dbf6efbca1b8b4df9aa72e78a2815e2108b62002","ssdeep":"384:FdHpVLkq1Tk9wE1rx1ixddVbVBZYYBJ+JuqQr9C4GWkHjB5lc:XcQvZYY4Qr/sHlc","tlshash":"0633750acd801257be7b893a3584fb0865e4e54bed730e2df459d0448fe7e9f26a03a5","first_seen":"2025-11-25T12:36:55.909711Z","last_seen":"2026-03-05T12:27:01.087128Z","times_seen":561,"resource_available":false,"data":null}},"time_used":98,"timings":{"blocked":46,"dns":3,"connect":1,"send":0,"wait":2,"receive":0,"ssl":41},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"1xlite-45347.bar/favicon.ico","fqdn":"1xlite-45347.bar","domain":"1xlite-45347.bar","tld":"bar"},"ip":{"addr":"178.253.24.51","port":443,"asn":202492,"as":"Silverhill Group Holding Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://1xlite-45347.bar/en/block","date":"2025-12-31T09:26:37.731Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1xlite-45347.bar","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Dec 2025 05:21:06 GMT","end":"Sun, 08 Mar 2026 05:21:05 GMT"},"fingerprint":{"sha1":"05:03:B3:49:94:6D:1A:70:98:06:F4:B4:23:25:93:A6:15:02:7A:1C","sha256":"BF:5D:D3:9F:4D:85:1E:F6:BA:3B:B5:07:1D:71:7E:55:68:EF:FB:70:D8:08:FE:B5:43:56:52:5F:1F:F9:AA:6C"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: 1xlite-45347.bar\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://1xlite-45347.bar/en/block\r\nCookie: platform_type=desktop; gw-blk=eyJ0ZW1wbGF0ZSI6MSwicnVsZSI6MjI5NH0=; auid=sv0YM2lU7E2nu1p1BDgFAg==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: nginx\r\ndate: Wed, 31 Dec 2025 09:26:37 GMT\r\ncontent-length: 0\r\nlocation: /en/block\r\nset-cookie: gw-mm=; Path=/; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Secure; SameSite=None; Partitioned\ngw-blk=eyJ0ZW1wbGF0ZSI6MSwicnVsZSI6MjI5NH0=; Path=/; Expires=Sat, 03 Jan 2026 09:26:37 GMT; Secure\r\nx-dt: 1254\r\nx-gw-blk-redirect-reason: block\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nserver-timing: dt_total;dur=0.005, wf-uht;dur=0.015\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3311,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T21:47:03.661814Z","times_seen":13347989,"resource_available":true,"data":null}},"time_used":45,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":45,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"1xlite-45347.bar","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/ec95a66bfe.js","fqdn":"v3.traincdn.com","domain":"traincdn.com","tld":"com"},"ip":{"addr":"185.244.209.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://1xlite-45347.bar/en/block","date":"2025-12-31T09:26:38.244Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.traincdn.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 16 Dec 2025 00:00:00 GMT","end":"Fri, 15 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"2C:ED:08:D6:4A:C2:81:ED:6F:55:AB:70:5D:D3:1C:9C:1A:5A:9F:05","sha256":"8B:2C:5C:5C:1A:73:14:D9:18:4E:BF:B8:81:B4:A3:EB:D9:E7:55:08:46:E5:70:6E:6A:AA:B4:07:73:C9:57:C8"}}},"request":{"raw":"GET /sys-static/sys-technical-pages-app-static/Desktop/Default/ec95a66bfe.js HTTP/1.1\r\nHost: v3.traincdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://1xlite-45347.bar\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://v3.traincdn.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 31 Dec 2025 09:26:38 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\ntraceparent: 00-7b4581812d1b70fb5b916a7c48a21795-26f3a86e14465762-01\r\nlast-modified: Tue, 23 Dec 2025 11:09:43 GMT\r\netag: W/\"ea480642e3fdad5b9118b3b2458455a7\"\r\nx-amz-meta-mtime: 1766488103.520477888\r\ncontent-encoding: gzip\r\nexpires: Wed, 24 Dec 2025 11:12:21 GMT\r\ncache-control: max-age=86400\r\nx-time-ng: 0.002\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccess-control-allow-origin: *\r\nx-id: osix-hw-edge-gc4\r\nage: 79537\r\ncache: HIT\r\nx-cached-since: 2025-12-30T11:21:01+00:00\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6742,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (6154)","md5":"ea480642e3fdad5b9118b3b2458455a7","sha1":"7d0a927ea118fd45b8b0342fff295cb3361d9387","sha256":"94cbddfb1ac92d6901543646d503a528b4132e388c6bde226782589026772e6d","sha512":"46d0e4811c5e32385998cad926bf723b16b83a610a189c731f37e84a3a4c0e7a30033e8a5c78669815201137d7c44dc22b7865c466dbeba22a65fdfe236916d1","ssdeep":"192:FhpR0b23WsQ0W99z/ULrcZkprVTrQitHZs6CS+v1d0:HpR0b23WsQ0W99z/YcZk/T7i6CS+v1y","tlshash":"abd1d6ad1ff930b420650fd8be1224b197a81d2793ec88f6ea590f64033d449c6ba967","first_seen":"2025-12-23T20:54:42.063151Z","last_seen":"2026-01-14T07:33:59.042438Z","times_seen":115,"resource_available":true,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"1xlite-45347.bar/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/ab.json","fqdn":"1xlite-45347.bar","domain":"1xlite-45347.bar","tld":"bar"},"ip":{"addr":"178.253.24.51","port":443,"asn":202492,"as":"Silverhill Group Holding Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://1xlite-45347.bar/en/block","date":"2025-12-31T09:26:38.657Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1xlite-45347.bar","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Dec 2025 05:21:06 GMT","end":"Sun, 08 Mar 2026 05:21:05 GMT"},"fingerprint":{"sha1":"05:03:B3:49:94:6D:1A:70:98:06:F4:B4:23:25:93:A6:15:02:7A:1C","sha256":"BF:5D:D3:9F:4D:85:1E:F6:BA:3B:B5:07:1D:71:7E:55:68:EF:FB:70:D8:08:FE:B5:43:56:52:5F:1F:F9:AA:6C"}}},"request":{"raw":"POST /fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/ab.json HTTP/1.1\r\nHost: 1xlite-45347.bar\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://1xlite-45347.bar/en/block\r\nContent-Type: application/json\r\nX-Lang: en\r\nX-Uuid: 344c824c-f80a-4e98-ae92-37a5a0d1b3f4\r\nContent-Length: 19\r\nOrigin: https://1xlite-45347.bar\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: platform_type=desktop; gw-blk=eyJ0ZW1wbGF0ZSI6MSwicnVsZSI6MjI5NH0=; auid=sv0YM2lU7E2nu1p1BDgFAg==; lng=en\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":19,"data":"{\"w\":55,\"state\":[]}"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 31 Dec 2025 09:26:38 GMT\r\ncontent-type: application/json\r\ncontent-length: 2\r\nx-dt: 1254\r\nx-time-ng: 0.000\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nserver-timing: dt_total;dur=0.160, wf-uht;dur=0.008\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"d751713988987e9331980363e24189ce","sha1":"97d170e1550eee4afc0af065b78cda302a97674c","sha256":"4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945","sha512":"b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af","ssdeep":"","tlshash":"c7100000000000000000000000000000000003000000c0000000000000000000000000","first_seen":"2023-03-08T00:02:47Z","last_seen":"2026-04-04T21:39:43.131593Z","times_seen":227048,"resource_available":true,"data":null}},"time_used":39,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":39,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"1xlite-45347.bar","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"1xlite-45347.bar/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json","fqdn":"1xlite-45347.bar","domain":"1xlite-45347.bar","tld":"bar"},"ip":{"addr":"178.253.24.51","port":443,"asn":202492,"as":"Silverhill Group Holding Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://1xlite-45347.bar/en/block","date":"2025-12-31T09:26:38.706Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1xlite-45347.bar","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Dec 2025 05:21:06 GMT","end":"Sun, 08 Mar 2026 05:21:05 GMT"},"fingerprint":{"sha1":"05:03:B3:49:94:6D:1A:70:98:06:F4:B4:23:25:93:A6:15:02:7A:1C","sha256":"BF:5D:D3:9F:4D:85:1E:F6:BA:3B:B5:07:1D:71:7E:55:68:EF:FB:70:D8:08:FE:B5:43:56:52:5F:1F:F9:AA:6C"}}},"request":{"raw":"POST /fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json HTTP/1.1\r\nHost: 1xlite-45347.bar\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://1xlite-45347.bar/en/block\r\nContent-Type: application/json\r\nX-Lang: en\r\nX-Uuid: 344c824c-f80a-4e98-ae92-37a5a0d1b3f4\r\nContent-Length: 48\r\nOrigin: https://1xlite-45347.bar\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: platform_type=desktop; gw-blk=eyJ0ZW1wbGF0ZSI6MSwicnVsZSI6MjI5NH0=; auid=sv0YM2lU7E2nu1p1BDgFAg==; lng=en; tzo=3\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":48,"data":"{\"w\":55,\"sw\":1280,\"sh\":1024,\"e\":10273,\"sids\":[]}"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 31 Dec 2025 09:26:38 GMT\r\ncontent-type: application/json\r\ncontent-length: 23\r\nx-dt: 1254\r\nx-time-ng: 0.000\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nserver-timing: dt_total;dur=0.078, wf-uht;dur=0.011\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":23,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"f469ac705bf8baa9c58b38352279de0a","sha1":"62d0b03f48072d29ab19b3ca7102e3ca6f19365d","sha256":"6fd738e0cabdc4398c670256bec491299be4b89d61343a427de2ee851419c2ab","sha512":"2f79214d5d94551f2d7a9832e448484db38eba14cd0afe62519ae01530eb041e44258be767d08c9c72cf71b0a2ba7fedb3e5fe1baffaa47b2a5d1b5685a71c5f","ssdeep":"","tlshash":"e07000800300e080888e00300a00880c2830880080020220208000a80008caae02a002","first_seen":"2025-12-31T09:27:07.388421Z","last_seen":"2025-12-31T09:27:07.388421Z","times_seen":1,"resource_available":false,"data":null}},"time_used":42,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":42,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"1xlite-45347.bar","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"1xlite-45347.bar/en/block","fqdn":"1xlite-45347.bar","domain":"1xlite-45347.bar","tld":"bar"},"ip":{"addr":"178.253.24.51","port":443,"asn":202492,"as":"Silverhill Group Holding Ltd","country":"Iran","country_code":"IR"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-31T09:26:37.271Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1xlite-45347.bar","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Dec 2025 05:21:06 GMT","end":"Sun, 08 Mar 2026 05:21:05 GMT"},"fingerprint":{"sha1":"05:03:B3:49:94:6D:1A:70:98:06:F4:B4:23:25:93:A6:15:02:7A:1C","sha256":"BF:5D:D3:9F:4D:85:1E:F6:BA:3B:B5:07:1D:71:7E:55:68:EF:FB:70:D8:08:FE:B5:43:56:52:5F:1F:F9:AA:6C"}}},"request":{"raw":"GET /en/block HTTP/1.1\r\nHost: 1xlite-45347.bar\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: platform_type=desktop; gw-blk=eyJ0ZW1wbGF0ZSI6MSwicnVsZSI6MjI5NH0=; auid=sv0YM2lU7E2nu1p1BDgFAg==\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 203 Non Authoritative\r\nserver: nginx\r\ndate: Wed, 31 Dec 2025 09:26:37 GMT\r\ncontent-type: text/html;charset=utf-8\r\ncontent-length: 3311\r\nserver-timing: dt_total;dur=0.106, dt_total;dur=0.006, total;dur=2;desc=\"MF\"\r\nset-cookie: gw-blk=eyJ0ZW1wbGF0ZSI6MSwicnVsZSI6MjI5NH0=; Path=/; Expires=Sat, 03 Jan 2026 09:26:37 GMT; Secure\r\nvary: Accept-Encoding\r\nx-dt: 1254, 1254\r\nx-time-ng: 0.006\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"203","status_text":"Non Authoritative","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3311,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (3030)","md5":"be378b2449c65425f3ad667e8f237a70","sha1":"0ba648d7932cd66773f5a35343644eceddb7cbcf","sha256":"b59443784651a3586ebfe17ab6d8503ffd724880bdd985b204bcccb63ddcc11c","sha512":"d24a35bddf36f583e8a46212513485b714031e43f628b9b2f1a4aaeb89cd919651bb1405de79b372fec7fd27decbdd1cd6cb03c74d07f749790ad32c9c0fdaa4","ssdeep":"","tlshash":"d161d727503ccb3f4522445d8a02fb0a8ecc287b7149e94ce67c4e8d27c62cba417a47","first_seen":"2025-12-31T09:27:07.382013Z","last_seen":"2026-01-13T02:10:46.014945Z","times_seen":3,"resource_available":false,"data":null}},"time_used":52,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":51,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"1xlite-45347.bar","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}