GET v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2
200 OK 64 kB URL GET v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2
IP
ASN #199524 G-Core Labs S.A.
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 63748, version 1.0
Hash 6887b6f24414dbc612dbf42ccdc76b70
8068d3abfbc6cbf35b55919da45b1f4d2d136238
fc5c015fc32518f1ed810fa84ca28941eb9d5a3c81acc8df69a4dbbeedef7b0c
GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-4262965.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:14 GMT
content-type: font/woff2
content-length: 63748
traceparent: 00-fe0d8796f0f13fba3f3126758dd50d67-d754cf063eb8d53f-01
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "6887b6f24414dbc612dbf42ccdc76b70"
expires: Thu, 16 Jan 2025 10:32:14 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 2035
cache: HIT
x-cached-since: 2025-03-16T00:00:19+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2
GET v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2
200 OK 64 kB URL GET v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2
IP
ASN #199524 G-Core Labs S.A.
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 63920, version 1.0
Hash a65527fcb58f66a7cfbc0e6b160538b4
45d260e7fa343401b5bb0df982a014f53e2d253b
fb13c3a1cbac60649b76f7d7f85c1645d35ac69b85ce5f4eb0692505ecc2cd45
GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-4262965.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:14 GMT
content-type: font/woff2
content-length: 63920
traceparent: 00-cefd3e7a3cb45137f2998442afadc3d6-f7935a15a8eed605-01
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "a65527fcb58f66a7cfbc0e6b160538b4"
expires: Thu, 16 Jan 2025 10:45:34 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 671
cache: HIT
x-cached-since: 2025-03-16T00:23:03+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2
GET v3.traincdn.com/main-static/224bc897/desktop/default/vendors/plugins.vue-notification-0de5b8d6.js
200 OK 13 kB URL GET v3.traincdn.com/main-static/224bc897/desktop/default/vendors/plugins.vue-notification-0de5b8d6.js
IP
ASN #199524 G-Core Labs S.A.
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (12563), with no line terminators
Hash 88adce5e4a4f73eab6173a630c0dc09c
d3d6f9b9094e50647c37d8a548d4e8b60fe4056e
9f4c5294fd4c06b628b2fd34630f453daaff7e80971cffe7b64ea526d4774d29
GET /main-static/224bc897/desktop/default/vendors/plugins.vue-notification-0de5b8d6.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-4262965.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:15 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-fe460e84447a4508e113d7873ef87a3a-5f77ed262ca40373-01
last-modified: Fri, 14 Mar 2025 12:47:08 GMT
etag: W/"88adce5e4a4f73eab6173a630c0dc09c"
x-amz-meta-mtime: 1741956427.437258494
content-encoding: gzip
expires: Sat, 15 Mar 2025 12:59:42 GMT
cache-control: max-age=86400
x-time-ng: 0.003
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 41634
cache: HIT
x-cached-since: 2025-03-15T13:00:21+00:00
X-Firefox-Spdy: h2
GET v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_main/en/dictionary_b9a714dee693defb7d597746ab581677.json
200 OK 130 kB URL GET v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_main/en/dictionary_b9a714dee693defb7d597746ab581677.json
IP
ASN #199524 G-Core Labs S.A.
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT
Size 130 kB (129788 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /genfiles/web-app-v2/dictionary2/v3_main/en/dictionary_b9a714dee693defb7d597746ab581677.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-4262965.top/
Origin: https://1xlite-4262965.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:15 GMT
content-type: application/json; charset=utf-8
traceparent: 00-35baa95fd87c3093b78ca6a85739a125-d23272da9eaa10a1-01
last-modified: Thu, 13 Mar 2025 18:05:47 GMT
etag: W/"e993ac951b52c94db34541b2ae982a0c"
cache-control: max-age=3600
content-encoding: gzip
expires: Thu, 13 Mar 2025 19:28:40 GMT
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 3382
cache: HIT
x-cached-since: 2025-03-15T23:37:53+00:00
X-Firefox-Spdy: h2
GET v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_express_day/en/dictionary_d33d208649ed1030df89e13e093c1b13.json
200 OK 831 B URL GET v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_express_day/en/dictionary_d33d208649ed1030df89e13e093c1b13.json
IP
ASN #199524 G-Core Labs S.A.
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT
File type troff or preprocessor input, ASCII text, with very long lines (888), with no line terminators
Hash 4157235fcf6bda16308d18ab6113b6fb
9c83a215e38d608b4000c51585219c057aae8bf2
588e8095ca0a3883ec271e21846d3f03f210320e50ac478b9ae73813e4482cbb
GET /genfiles/web-app-v2/dictionary2/v3_express_day/en/dictionary_d33d208649ed1030df89e13e093c1b13.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-4262965.top/
Origin: https://1xlite-4262965.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:15 GMT
content-type: application/json; charset=utf-8
content-length: 831
traceparent: 00-e001b418b1f76d19cd2a94e41c8cbeac-e43627b50dfe2c22-01
last-modified: Wed, 24 Jan 2024 16:06:20 GMT
etag: "5d35c8a9d00341303233a231c1adecdb"
cache-control: max-age=3600
expires: Thu, 16 Jan 2025 10:56:26 GMT
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 300
cache: HIT
x-cached-since: 2025-03-16T00:29:15+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2
GET v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/8192228305b202797f207eeb6842287c.png
200 OK 5.2 kB URL GET v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/8192228305b202797f207eeb6842287c.png
IP
ASN #199524 G-Core Labs S.A.
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT
File type PNG image data, 514 x 514, 8-bit colormap, non-interlaced
Hash b9a636eef54b2844b571fe7de49184a7
bf653690790ced40eb3189da075a275d951d1607
001bfcdd52b658d46543a1aec889d35b73b3909b47097cc011b95e96fc9e3743
GET /genfiles/cms/1-285/desktop/media_asset/8192228305b202797f207eeb6842287c.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-4262965.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:16 GMT
content-type: image/png
content-length: 5202
traceparent: 00-22a722bc2b05344115f665daf0c2285b-21bd533bd2fc2a10-01
last-modified: Wed, 26 Jun 2024 08:22:59 GMT
etag: "b9a636eef54b2844b571fe7de49184a7"
expires: Thu, 16 Jan 2025 11:18:57 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2
GET 1xlite-4262965.top/bff-api/config/group/get?groups=d.customize,d.technical&lang=en
200 OK 793 B URL GET 1xlite-4262965.top/bff-api/config/group/get?groups=d.customize,d.technical&lang=en
IP
ASN #202492 Silverhill Group Holding Ltd
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerLet's Encrypt
Subject1xlite-4262965.top
FingerprintAC:77:6E:40:F5:94:E4:2A:95:1E:E7:1D:38:A5:4D:1F:C6:9E:15:A5
ValidityTue, 14 Jan 2025 09:17:23 GMT - Mon, 14 Apr 2025 09:17:22 GMT
File type troff or preprocessor input, ASCII text, with very long lines (942), with no line terminators
Hash 233529b9ea57dd13fc023075f4fc171a
a5e91df59434d33f146dbdf0e887edf2a819e672
22a5e17bba64747be60d669da4c9fa3f812b65f8a6cb0b69061549f1b7772337
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /bff-api/config/group/get?groups=d.customize,d.technical&lang=en HTTP/1.1
Host: 1xlite-4262965.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-4262965.top/en/block
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
x-svc-source: __TECHNICAL_PAGES_APP__
x-app-n: __TECHNICAL_PAGES_APP__
x-geoip2-country-code: ru
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3313962m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_3313962m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_3313962m_18607c_%22%2C%22pb%22%3A%22b4343e2b4735408cbb6080dd2229d5f0%22%2C%22site_id%22%3A%221ad28b60%22%2C%22partner_id%22%3A%22t2nds%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; auid=LiC1N2fWHIWKFRxmA8LyAg==; window_width=1920; che_g=ab512254-19ad-d936-a555-c6b79c534011
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:16 GMT
content-type: application/json
content-length: 793
cache-control: no-cache, private
server-timing: dt_total;dur=0.017, bff;dur=0.92, wf-uht;dur=0.012
x-cache-expire: 897
x-cache-hit: 1
x-dt: 1557
x-pod: R-ckcbv
x-time-ng: 0.001
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
GET v3.traincdn.com/sys-ui/3.3.130/Desktop/Default/merged.css
200 OK 1.6 MB URL GET v3.traincdn.com/sys-ui/3.3.130/Desktop/Default/merged.css
IP
ASN #199524 G-Core Labs S.A.
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 1.6 MB (1584238 bytes)
Hash 2295c4404c9a1c816632ce3eec149c37
2d42507e619db533a86ab56432dffc244b72d42e
27e7644f4aee549ebb852ea5fabaad4f1de02044bc9f5d909d13b0302f09bfee
GET /sys-ui/3.3.130/Desktop/Default/merged.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-4262965.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:13 GMT
content-type: text/css; charset=utf-8
traceparent: 00-ecfcff696aec76b01b0f2925119bf6d2-b24898ef04bfaac6-01
last-modified: Fri, 14 Mar 2025 16:44:10 GMT
etag: W/"2295c4404c9a1c816632ce3eec149c37"
x-amz-meta-mtime: 1741970563.730890266
content-encoding: gzip
expires: Sat, 15 Mar 2025 16:48:37 GMT
cache-control: max-age=86400
x-time-ng: 0.004
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 27893
cache: HIT
x-cached-since: 2025-03-15T16:49:20+00:00
X-Firefox-Spdy: h2
GET v3.traincdn.com/main-static/224bc897/desktop/default/analytics-462ab2fc.js
200 OK 7.8 kB URL GET v3.traincdn.com/main-static/224bc897/desktop/default/analytics-462ab2fc.js
IP
ASN #199524 G-Core Labs S.A.
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (8037), with no line terminators
Hash e2c7350d8f2b70bf6d4abe4fd6d6a6f5
d24b812443b608fa76a86879b15899ab976721fc
d9b62913f4a76b8faf585ad0e569887043187e418d68f6e02f18aa3a1b4b4fa8
GET /main-static/224bc897/desktop/default/analytics-462ab2fc.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-4262965.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:26 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-dfd06ad5c207ead39f11d9272de1a35b-ba60a3c238daa196-01
last-modified: Fri, 14 Mar 2025 12:47:08 GMT
etag: W/"652cd88092a6f4eb9ef3890f61f56d07"
x-amz-meta-mtime: 1741956427.385258047
content-encoding: gzip
expires: Sat, 15 Mar 2025 12:59:51 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 41634
cache: HIT
x-cached-since: 2025-03-15T13:00:32+00:00
X-Firefox-Spdy: h2
GET radar.cedexis.com/1707728419/stub.js
200 OK 390 B URL GET radar.cedexis.com/1707728419/stub.js
IP
ASN #63911 NetActuate, Inc
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerDigiCert Inc
Subjectradar.cedexis.com
Fingerprint33:58:79:8E:87:A5:C3:05:CA:E2:82:50:61:CF:72:83:BD:64:80:C1
ValidityFri, 29 Mar 2024 00:00:00 GMT - Fri, 28 Mar 2025 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (401), with no line terminators
Hash 41f91def4fb1d0becfdad5450e17dba6
17135e0326da4c71d38c2b07e230fa6ffdf16ba4
2b3a3cd4c97d33ddba33c7ac624b311cd035b41391ae3fab3a6bd5ca6f384a9f
GET /1707728419/stub.js HTTP/1.1
Host: radar.cedexis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-4262965.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 16 Mar 2025 00:34:27 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 12 Feb 2024 09:51:01 GMT
Vary: Accept-Encoding
ETag: W/"65c9ea05-186"
Expires: Sun, 30 Mar 2025 00:34:27 GMT
Cache-Control: max-age=1209600, public
Content-Encoding: gzip
POST 1xlite-4262965.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/ab.json
200 OK 2 B URL POST 1xlite-4262965.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/ab.json
IP
ASN #202492 Silverhill Group Holding Ltd
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerLet's Encrypt
Subject1xlite-4262965.top
FingerprintAC:77:6E:40:F5:94:E4:2A:95:1E:E7:1D:38:A5:4D:1F:C6:9E:15:A5
ValidityTue, 14 Jan 2025 09:17:23 GMT - Mon, 14 Apr 2025 09:17:22 GMT
Hash d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/ab.json HTTP/1.1
Host: 1xlite-4262965.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-4262965.top/en/block
Content-Type: application/json
X-Lang: en
X-Uuid: c622d55d-aca3-469a-a98b-68e00080be4e
Content-Length: 19
Origin: https://1xlite-4262965.top
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3313962m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_3313962m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_3313962m_18607c_%22%2C%22pb%22%3A%22b4343e2b4735408cbb6080dd2229d5f0%22%2C%22site_id%22%3A%221ad28b60%22%2C%22partner_id%22%3A%22t2nds%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; auid=LiC1N2fWHIWKFRxmA8LyAg==; window_width=1280; che_g=ab512254-19ad-d936-a555-c6b79c534011
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:16 GMT
content-type: application/json
content-length: 2
x-dt: 1557
x-time-ng: 0.001
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=0.023, wf-uht;dur=0.012
X-Firefox-Spdy: h2
GET v3.traincdn.com/sys-static/shared-assets/__shared_libphonenumber_js_62MR2OUM.js
200 OK 159 kB URL GET v3.traincdn.com/sys-static/shared-assets/__shared_libphonenumber_js_62MR2OUM.js
IP
ASN #199524 G-Core Labs S.A.
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT
Size 159 kB (158815 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sys-static/shared-assets/__shared_libphonenumber_js_62MR2OUM.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-4262965.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:16 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-6fa7d243063c98cbbbe34d2530e70377-214e0ec709cce287-01
last-modified: Fri, 14 Mar 2025 11:46:16 GMT
etag: W/"382948808b1330a7a717d99dfd278acb"
x-amz-meta-mtime: 1741952700.139299428
content-encoding: gzip
expires: Sun, 16 Mar 2025 10:00:34 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 52422
cache: HIT
x-cached-since: 2025-03-15T10:00:34+00:00
X-Firefox-Spdy: h2
GET v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/38450fdb67.js
200 OK 1.2 kB URL GET v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/38450fdb67.js
IP
ASN #199524 G-Core Labs S.A.
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT
File type ASCII text, with very long lines (1277), with no line terminators
Hash 115d00cc5101000526043bc8398b130f
44d20fc7fa6b60f0867eb1e4840a7d6bd940a0fa
2625a5170f5067820c5186a2db3cda74f321821e6a48b7cee588a6dcde1cd307
GET /sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/38450fdb67.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-4262965.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:16 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-95f1ad0f130589a9f02215528f6c2c9f-9d95dc4a98100070-01
last-modified: Thu, 13 Mar 2025 07:51:50 GMT
etag: W/"0252f43538b69c35cf35e90a82c84a84"
x-amz-meta-mtime: 1741852125.609617957
content-encoding: gzip
expires: Fri, 14 Mar 2025 10:31:52 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 50525
cache: HIT
x-cached-since: 2025-03-15T10:32:11+00:00
X-Firefox-Spdy: h2
GET 1xlite-4262965.top/hd-api/external/apps/c5e31d5915661de4393e3f1489b00ebc4497dd48/api.js
200 OK 753 B URL GET 1xlite-4262965.top/hd-api/external/apps/c5e31d5915661de4393e3f1489b00ebc4497dd48/api.js
IP
ASN #202492 Silverhill Group Holding Ltd
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerLet's Encrypt
Subject1xlite-4262965.top
FingerprintAC:77:6E:40:F5:94:E4:2A:95:1E:E7:1D:38:A5:4D:1F:C6:9E:15:A5
ValidityTue, 14 Jan 2025 09:17:23 GMT - Mon, 14 Apr 2025 09:17:22 GMT
File type JavaScript source, ASCII text, with very long lines (778), with no line terminators
Hash 23d2784b89cd66175a6da0b2c4080544
84bacdf472168b873cb0b6ecf4f5a1682af10fdd
d511b787f5ba87a06c85fe6bab7fcfee172b72ec005b8ada3977a3390dc954b1
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /hd-api/external/apps/c5e31d5915661de4393e3f1489b00ebc4497dd48/api.js HTTP/1.1
Host: 1xlite-4262965.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-4262965.top/en/block
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3313962m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_3313962m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_3313962m_18607c_%22%2C%22pb%22%3A%22b4343e2b4735408cbb6080dd2229d5f0%22%2C%22site_id%22%3A%221ad28b60%22%2C%22partner_id%22%3A%22t2nds%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; auid=LiC1N2fWHIWKFRxmA8LyAg==; window_width=1280; che_g=ab512254-19ad-d936-a555-c6b79c534011; SESSION=4d77269a3adffaa07f9ba44a1923ff1b
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:24 GMT
content-type: text/javascript; charset=utf-8
content-length: 490
cache-control: public, max-age=300
content-encoding: gzip
etag: f004562bde4d48fb0987e200eb06f3af
vary: Accept-Encoding
x-dt: 1559
x-request-guid: 823a80ee7874c1787308b960ba8bcca3
x-time-ng: 0.000
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=0.006, wf-uht;dur=
accept-ranges: bytes
X-Firefox-Spdy: h2
GET v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2
200 OK 64 kB URL GET v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2
IP
ASN #199524 G-Core Labs S.A.
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 63748, version 1.0
Hash 6887b6f24414dbc612dbf42ccdc76b70
8068d3abfbc6cbf35b55919da45b1f4d2d136238
fc5c015fc32518f1ed810fa84ca28941eb9d5a3c81acc8df69a4dbbeedef7b0c
GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-4262965.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:25 GMT
content-type: font/woff2
content-length: 63748
traceparent: 00-b491a736f6e33260978a5eece4eb9c86-0efbf19ce11ba624-01
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "6887b6f24414dbc612dbf42ccdc76b70"
expires: Thu, 16 Jan 2025 10:32:14 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 2046
cache: HIT
x-cached-since: 2025-03-16T00:00:19+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2
GET v3.traincdn.com/version.json
200 OK 11 B URL GET v3.traincdn.com/version.json
IP
ASN #199524 G-Core Labs S.A.
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash a4238811aa28edbffc31ca67ec5934bc
ec81ca9f1f329e768d6cad41fd4f651454f9dfb6
dc85277145e979bf91eb5ef9e70d7fe684957acb53ce5e232afe31e50c950926
GET /version.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-4262965.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-4262965.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:14 GMT
content-type: application/json
content-length: 11
traceparent: 00-f6f609922cc59bdeab62cf64ed43ac7a-fce32503eab9a40d-01
last-modified: Fri, 14 Mar 2025 12:47:42 GMT
etag: "d654c053eaab844ee541b547153d9047"
x-amz-meta-mtime: 1741956462.541274696
expires: Fri, 14 Mar 2025 12:49:55 GMT
cache-control: max-age=60
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 31
cache: HIT
x-cached-since: 2025-03-16T00:33:43+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2
GET v3.traincdn.com/main-static/224bc897/desktop/default/vendors/plugins.v-tooltip-4b6e9439.js
200 OK 77 kB URL GET v3.traincdn.com/main-static/224bc897/desktop/default/vendors/plugins.v-tooltip-4b6e9439.js
IP
ASN #199524 G-Core Labs S.A.
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (65476)
Hash 674d92952406eb42a282fc5bff1cd463
298b879addf48cc4e2637531577ce791f6662398
6f5cdb9001677eeab42b26423ffdfae76679911cc6f2f69dbd834104f0a6bcac
GET /main-static/224bc897/desktop/default/vendors/plugins.v-tooltip-4b6e9439.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-4262965.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:15 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-ab59a0c00be6a1904d1fc9d0b18b135a-e763c55a47071066-01
last-modified: Fri, 14 Mar 2025 12:47:08 GMT
etag: W/"674d92952406eb42a282fc5bff1cd463"
x-amz-meta-mtime: 1741956427.437258494
content-encoding: gzip
expires: Sat, 15 Mar 2025 12:59:42 GMT
cache-control: max-age=86400
x-time-ng: 0.003
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 41635
cache: HIT
x-cached-since: 2025-03-15T13:00:20+00:00
X-Firefox-Spdy: h2
GET v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_reset_password/en/dictionary_612c6e919ca15d39cc751a619a3952c7.json
200 OK 765 B URL GET v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_reset_password/en/dictionary_612c6e919ca15d39cc751a619a3952c7.json
IP
ASN #199524 G-Core Labs S.A.
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT
File type troff or preprocessor input, ASCII text, with very long lines (817), with no line terminators
Hash 650ef5c04f5755ace4a4b329cba51023
9bc6b9757126f90aa78c2912a387d7d5a076b357
b6b5ddad83547368d891603b76cbca90a8d575421b4fdef324696b98b5d178af
GET /genfiles/web-app-v2/dictionary2/v3_reset_password/en/dictionary_612c6e919ca15d39cc751a619a3952c7.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-4262965.top/
Origin: https://1xlite-4262965.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:15 GMT
content-type: application/json; charset=utf-8
content-length: 765
traceparent: 00-2592a0a5bcab1aed26f89ec77e1539a4-9ab93e00164df2ef-01
last-modified: Wed, 11 Oct 2023 12:52:53 GMT
etag: "00f980f23f1b4c1ccee99ed49e0a8feb"
cache-control: max-age=3600
expires: Thu, 16 Jan 2025 10:53:47 GMT
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 1615
cache: HIT
x-cached-since: 2025-03-16T00:07:20+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2
GET v3.traincdn.com/genfiles/cms/1-1557/desktop/media_asset/044509d3ab663909228dde9ba00e7ca7.json
200 OK 9.3 kB URL GET v3.traincdn.com/genfiles/cms/1-1557/desktop/media_asset/044509d3ab663909228dde9ba00e7ca7.json
IP
ASN #199524 G-Core Labs S.A.
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT
File type ASCII text, with very long lines (10243), with no line terminators
Hash dbb3e349af512d58c9bdc0b817a5611b
3e2c1be287cf999a8e8e05fee82c97ebe5219f72
0e16a00e731a3a1ac2740dccf1334f82f881551b94bb0297b2cba2b7ed0134a4
GET /genfiles/cms/1-1557/desktop/media_asset/044509d3ab663909228dde9ba00e7ca7.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-4262965.top/
Origin: https://1xlite-4262965.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:15 GMT
content-type: application/json
traceparent: 00-0e44cda85f68e4a2f96ed8e3c5f1b96b-e22301c8bff25070-01
last-modified: Wed, 20 Nov 2024 09:22:12 GMT
etag: W/"ca7f8dc261bfa0bedbe26c6196957093"
content-encoding: gzip
expires: Tue, 11 Mar 2025 12:36:59 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
cache: REVALIDATED
X-Firefox-Spdy: h2
GET v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_block_pages/en/dictionary_2579b0e62e11dfdc9944af80a7135015.json
200 OK 2.0 kB URL GET v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_block_pages/en/dictionary_2579b0e62e11dfdc9944af80a7135015.json
IP
ASN #199524 G-Core Labs S.A.
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT
File type troff or preprocessor input, Unicode text, UTF-8 text, with very long lines (1936), with no line terminators
Hash 13b45504cd2db723587e3ad82415e90f
d51b7113752503b3d4168441ca7f65d10b625f9d
b1f5ce09501377501da98c79869d2d2d0ee05e296cf770eee6f93d479739f3c6
GET /genfiles/web-app-v2/dictionary2/v3_block_pages/en/dictionary_2579b0e62e11dfdc9944af80a7135015.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-4262965.top/
Origin: https://1xlite-4262965.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:16 GMT
content-type: application/json; charset=utf-8
traceparent: 00-4084745577bc1f7e127c1befff77b8cd-98355277c3a0fc98-01
last-modified: Fri, 15 Nov 2024 09:45:51 GMT
etag: W/"69ebea31f035c654ca3d565d6a96540e"
cache-control: max-age=3600
content-encoding: gzip
expires: Thu, 16 Jan 2025 10:55:29 GMT
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 273
cache: HIT
x-cached-since: 2025-03-16T00:29:43+00:00
X-Firefox-Spdy: h2
GET v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/be242d76c5.js
200 OK 1.5 kB URL GET v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/be242d76c5.js
IP
ASN #199524 G-Core Labs S.A.
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT
File type ASCII text, with very long lines (1522), with no line terminators
Hash 9c7634c99c5abbebb4e811d49f1d401e
57e96d333fa808397ecaaa1b576221d83b4bb20e
42309301088e83e178363019c468e7102cd4cf3151171864af309afc5cbdfe4e
GET /sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/be242d76c5.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-4262965.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:16 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-3f2a68c6d0e67f1cbf7d6e765f9ebd99-6ee0821fa9b181c9-01
last-modified: Thu, 13 Mar 2025 07:51:50 GMT
etag: W/"901c5c87eaddd0f9a368dd83db2e0ea3"
x-amz-meta-mtime: 1741852125.611618119
content-encoding: gzip
expires: Fri, 14 Mar 2025 10:31:52 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 50525
cache: HIT
x-cached-since: 2025-03-15T10:32:11+00:00
X-Firefox-Spdy: h2
POST 1xlite-4262965.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json
200 OK 23 B URL POST 1xlite-4262965.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json
IP
ASN #202492 Silverhill Group Holding Ltd
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerLet's Encrypt
Subject1xlite-4262965.top
FingerprintAC:77:6E:40:F5:94:E4:2A:95:1E:E7:1D:38:A5:4D:1F:C6:9E:15:A5
ValidityTue, 14 Jan 2025 09:17:23 GMT - Mon, 14 Apr 2025 09:17:22 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash c63b31d072220a7386ec5110eba54010
dbfaa5e6b2f966c8659b5063a1b03e8370e48cc8
18d427cf82c55622f277ea238da493c6239096b68d0fc58c7bdea88c72fa89a4
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json HTTP/1.1
Host: 1xlite-4262965.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-4262965.top/en/block
Content-Type: application/json
X-Lang: en
X-Uuid: c622d55d-aca3-469a-a98b-68e00080be4e
Content-Length: 109
Origin: https://1xlite-4262965.top
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3313962m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_3313962m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_3313962m_18607c_%22%2C%22pb%22%3A%22b4343e2b4735408cbb6080dd2229d5f0%22%2C%22site_id%22%3A%221ad28b60%22%2C%22partner_id%22%3A%22t2nds%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; auid=LiC1N2fWHIWKFRxmA8LyAg==; window_width=1280; che_g=ab512254-19ad-d936-a555-c6b79c534011; SESSION=4d77269a3adffaa07f9ba44a1923ff1b; _ga_7JGWL9SV66=GS1.1.1742085267.1.0.1742085267.60.0.124932404; _ga=GA1.1.866454263.1742085268
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:27 GMT
content-type: application/json
content-length: 23
x-dt: 1557
x-time-ng: 0.038
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=0.008, wf-uht;dur=0.050
X-Firefox-Spdy: h2
GET v3.traincdn.com/main-static/224bc897/desktop/default/vendors/app-c1ca21c6.js
200 OK 945 kB URL GET v3.traincdn.com/main-static/224bc897/desktop/default/vendors/app-c1ca21c6.js
IP
ASN #199524 G-Core Labs S.A.
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT
Size 945 kB (945205 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /main-static/224bc897/desktop/default/vendors/app-c1ca21c6.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-4262965.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:14 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-f7a2887a821e0f4a69612acd85db4295-81c808cd4b9a47bc-01
last-modified: Fri, 14 Mar 2025 12:47:08 GMT
etag: W/"961c8d7d8f0913696c9525a82d5390a5"
x-amz-meta-mtime: 1741956427.433258459
content-encoding: gzip
expires: Sat, 15 Mar 2025 12:59:41 GMT
cache-control: max-age=86400
x-time-ng: 0.003
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 41635
cache: HIT
x-cached-since: 2025-03-15T13:00:19+00:00
X-Firefox-Spdy: h2
GET v3.traincdn.com/main-static/224bc897/desktop/default/css/a81ab59c.css
200 OK 14 kB URL GET v3.traincdn.com/main-static/224bc897/desktop/default/css/a81ab59c.css
IP
ASN #199524 G-Core Labs S.A.
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT
File type ASCII text, with very long lines (14375), with no line terminators
Hash f422c8bf0ea5efac64826f754f0d4905
c52b4ec9e2a1f9551fc8d6f9bdc0fa2f10ad54c2
c73ad3243b34c8aabbb16b7e08e4e82c6251c1ad656590c0b7053ef1d8d4ce5f
GET /main-static/224bc897/desktop/default/css/a81ab59c.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-4262965.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:14 GMT
content-type: text/css; charset=utf-8
traceparent: 00-d198e4e6c161705f71626b4276913c5c-22ed08d776534f22-01
last-modified: Fri, 14 Mar 2025 12:47:08 GMT
etag: W/"f422c8bf0ea5efac64826f754f0d4905"
x-amz-meta-mtime: 1741956427.389258082
content-encoding: gzip
expires: Sat, 15 Mar 2025 12:59:40 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 41636
cache: HIT
x-cached-since: 2025-03-15T13:00:18+00:00
X-Firefox-Spdy: h2
GET v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/b5cd9a5e87d930de856c92da15aa121e.png
200 OK 653 B URL GET v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/b5cd9a5e87d930de856c92da15aa121e.png
IP
ASN #199524 G-Core Labs S.A.
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT
File type PNG image data, 32 x 32, 8-bit colormap, non-interlaced
Hash e6f0766cbd95db33da44e7a9140648f2
5f196b1bfe8c3f92bd2ebcd67124e72e81ae6aaf
c0399d478788d5d483f104a2e8cb7c32f41cb40e9df0c22e831b2bfa2db63ec0
GET /genfiles/cms/1-285/desktop/media_asset/b5cd9a5e87d930de856c92da15aa121e.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-4262965.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:15 GMT
content-type: image/png
content-length: 653
traceparent: 00-9904928a39c3c5a5533931cd494fc0e8-085b4447bf9ff280-01
last-modified: Wed, 26 Jun 2024 08:18:02 GMT
etag: "e6f0766cbd95db33da44e7a9140648f2"
expires: Thu, 16 Jan 2025 10:46:36 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 3488
cache: HIT
x-cached-since: 2025-03-15T23:36:07+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2
GET 1xlite-4262965.top/checker/redirect/stat/run/
200 OK 14 B URL GET 1xlite-4262965.top/checker/redirect/stat/run/
IP
ASN #202492 Silverhill Group Holding Ltd
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerLet's Encrypt
Subject1xlite-4262965.top
FingerprintAC:77:6E:40:F5:94:E4:2A:95:1E:E7:1D:38:A5:4D:1F:C6:9E:15:A5
ValidityTue, 14 Jan 2025 09:17:23 GMT - Mon, 14 Apr 2025 09:17:22 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash d9612159e7d1b3767bdbd34943bf3653
104709407a86206ce1a7b41213b664e1adc06855
d649c3334243c98e9f6ca64e9ec6ccbdcfc0079fa95597575d0197c2bb4a366e
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /checker/redirect/stat/run/ HTTP/1.1
Host: 1xlite-4262965.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-4262965.top/en/block
content-type: application/json
x-requested-with: XMLHttpRequest
x-app-n: v3-nuxt2
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3313962m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_3313962m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_3313962m_18607c_%22%2C%22pb%22%3A%22b4343e2b4735408cbb6080dd2229d5f0%22%2C%22site_id%22%3A%221ad28b60%22%2C%22partner_id%22%3A%22t2nds%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; auid=LiC1N2fWHIWKFRxmA8LyAg==; window_width=1280; che_g=ab512254-19ad-d936-a555-c6b79c534011
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:16 GMT
content-type: application/json
content-length: 14
x-time-ng: 0.000
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.012
X-Firefox-Spdy: h2
GET v3.traincdn.com/genfiles/cms/1-1557/desktop/media_asset/dfb33d7975a7cca40b871069dc418d5a.json
200 OK 1.4 kB URL GET v3.traincdn.com/genfiles/cms/1-1557/desktop/media_asset/dfb33d7975a7cca40b871069dc418d5a.json
IP
ASN #199524 G-Core Labs S.A.
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT
File type ASCII text, with very long lines (1529), with no line terminators
Hash 73351d577e792454a1164b9547cb77e1
792a892f419400d9e17172b2e1bb370ebc5e4f0e
7058645ddd0318086c0ddd16af5a6260d8cd31358b73bef5c3a458dcda1c2390
GET /genfiles/cms/1-1557/desktop/media_asset/dfb33d7975a7cca40b871069dc418d5a.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-4262965.top/
Origin: https://1xlite-4262965.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:16 GMT
content-type: application/json
traceparent: 00-50feedfc3527aed19e9651a2ff1f8c20-044bd789d8381fa2-01
last-modified: Mon, 26 Aug 2024 16:52:36 GMT
etag: W/"60800fc6a93e48491d94e7d6447b1709"
content-encoding: gzip
expires: Thu, 13 Mar 2025 02:08:58 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
cache: REVALIDATED
X-Firefox-Spdy: h2
GET v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/139af49512.js
200 OK 1.8 kB URL GET v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/139af49512.js
IP
ASN #199524 G-Core Labs S.A.
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT
File type ASCII text, with very long lines (1838), with no line terminators
Hash 6ff50d709ff85d7085008642897b5a64
ce688931a98acb6fd6217e2f4e0c486450582ec9
983f746cea665b126fcf76db145043d206ba12a8f6442e292e60d366e8c26b61
GET /sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/139af49512.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-4262965.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:16 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-46d41128d8f690213fd36185e043f66c-14e63b4a43a37fba-01
last-modified: Thu, 13 Mar 2025 07:51:50 GMT
etag: W/"8402d1fb5e77709c15b21a44995fc679"
x-amz-meta-mtime: 1741852125.608617876
content-encoding: gzip
expires: Fri, 14 Mar 2025 10:31:52 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 50525
cache: HIT
x-cached-since: 2025-03-15T10:32:11+00:00
X-Firefox-Spdy: h2
GET 1xlite-4262965.top/hd-api/external/01959c5f-9348-7889-9d1a-92399e5436b6.js
200 OK 329 kB URL GET 1xlite-4262965.top/hd-api/external/01959c5f-9348-7889-9d1a-92399e5436b6.js
IP
ASN #202492 Silverhill Group Holding Ltd
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerLet's Encrypt
Subject1xlite-4262965.top
FingerprintAC:77:6E:40:F5:94:E4:2A:95:1E:E7:1D:38:A5:4D:1F:C6:9E:15:A5
ValidityTue, 14 Jan 2025 09:17:23 GMT - Mon, 14 Apr 2025 09:17:22 GMT
Size 329 kB (328901 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /hd-api/external/01959c5f-9348-7889-9d1a-92399e5436b6.js HTTP/1.1
Host: 1xlite-4262965.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-4262965.top/en/block
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3313962m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_3313962m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_3313962m_18607c_%22%2C%22pb%22%3A%22b4343e2b4735408cbb6080dd2229d5f0%22%2C%22site_id%22%3A%221ad28b60%22%2C%22partner_id%22%3A%22t2nds%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; auid=LiC1N2fWHIWKFRxmA8LyAg==; window_width=1280; che_g=ab512254-19ad-d936-a555-c6b79c534011; SESSION=4d77269a3adffaa07f9ba44a1923ff1b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:24 GMT
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=0, must-revalidate
content-encoding: gzip
vary: Accept-Encoding
x-dt: 1557
x-hd-trace-id: 0b63517c-0694-47ca-a312-05472d77ab54
x-request-guid: 055a27091c31c07031ef841ed363dc1f
x-time-ng: 0.003
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=0.015, wf-uht;dur=0.022
X-Firefox-Spdy: h2
GET v3.traincdn.com/sys-ui/2.3.99/Desktop/Default/client.css
200 OK 628 kB URL GET v3.traincdn.com/sys-ui/2.3.99/Desktop/Default/client.css
IP
ASN #199524 G-Core Labs S.A.
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 628 kB (628277 bytes)
Hash 7ea0f2151b9db0a0eb59c08da23eee0e
6985e61bfb2d1d3df406c30b2a238785f57a8e54
503dd32008a1240be8373e6407f1de210ef43fb8ce6e22f3e2bd3d7a77fc2dd2
GET /sys-ui/2.3.99/Desktop/Default/client.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-4262965.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:14 GMT
content-type: text/css; charset=utf-8
traceparent: 00-2b600863ff0d271c122fe71cd96994a5-c748324fc5715d4e-01
last-modified: Thu, 27 Feb 2025 10:44:27 GMT
etag: W/"7ea0f2151b9db0a0eb59c08da23eee0e"
x-amz-meta-mtime: 1740653064.943280145
content-encoding: gzip
expires: Thu, 13 Mar 2025 08:20:09 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 58348
cache: HIT
x-cached-since: 2025-03-15T08:21:46+00:00
X-Firefox-Spdy: h2
GET www.googletagmanager.com/gtag/js?id=G-5671CMJ6T4
200 OK 458 kB URL GET www.googletagmanager.com/gtag/js?id=G-5671CMJ6T4
IP
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintAE:1B:D4:56:41:F7:15:A7:24:B8:F3:55:83:91:17:2C:97:12:67:6E
ValidityWed, 26 Feb 2025 15:32:54 GMT - Wed, 21 May 2025 15:32:53 GMT
Size 458 kB (458458 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /gtag/js?id=G-5671CMJ6T4 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-4262965.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 16 Mar 2025 00:34:26 GMT
expires: Sun, 16 Mar 2025 00:34:26 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1020:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1020:0
report-to: {"group":"ascgcycc:1020:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1020:0"}],}
server: Google Tag Manager
content-length: 145634
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET v3.traincdn.com/sys-static/shared-assets/__shared_localforage_KSHPPCVF.js
200 OK 30 kB URL GET v3.traincdn.com/sys-static/shared-assets/__shared_localforage_KSHPPCVF.js
IP
ASN #199524 G-Core Labs S.A.
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (30255)
Hash d750d8afadf936c37b83cbcafdbba18d
ec95777b14c5537b0d2576363f7591cee73a9655
f7a95c0ed0b017063d1bba414ee5097f7824d34a39c33db9f289919ee47c4f12
GET /sys-static/shared-assets/__shared_localforage_KSHPPCVF.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-4262965.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:16 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-63280cadfc712fff1262a75b36ecad57-bec513f6acb808a0-01
last-modified: Fri, 14 Mar 2025 11:46:16 GMT
etag: W/"d750d8afadf936c37b83cbcafdbba18d"
x-amz-meta-mtime: 1741952700.15129926
content-encoding: gzip
expires: Sun, 16 Mar 2025 10:00:34 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 52422
cache: HIT
x-cached-since: 2025-03-15T10:00:34+00:00
X-Firefox-Spdy: h2
GET v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/48cc04d5a3.css
200 OK 650 B URL GET v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/48cc04d5a3.css
IP
ASN #199524 G-Core Labs S.A.
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT
File type ASCII text, with very long lines (651), with no line terminators
Hash 3684f805a2a4fbf9f9c3daaaa3ece06a
72d93045fb9c5d7d3b56667b593d2e078914f217
a5021c0e84ed3272e8cac0c023d734f68797b415d2acfd1d29e852905219f54c
GET /sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/48cc04d5a3.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-4262965.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:14 GMT
content-type: text/css; charset=utf-8
content-length: 650
traceparent: 00-30aa103ab3ee965095cb1c0d50145433-c29bcbbcae00cb7a-01
last-modified: Thu, 13 Mar 2025 07:51:50 GMT
etag: "2229547d50a851e3f9c39e19cdcf4751"
x-amz-meta-mtime: 1741852125.609617957
expires: Fri, 14 Mar 2025 10:31:48 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 50494
cache: HIT
x-cached-since: 2025-03-15T10:32:40+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2
GET v3.traincdn.com/genfiles/site-admin/css_vars/f506188b04c16eaa9c664ed23f7ce58e.css
200 OK 46 B URL GET v3.traincdn.com/genfiles/site-admin/css_vars/f506188b04c16eaa9c664ed23f7ce58e.css
IP
ASN #199524 G-Core Labs S.A.
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT
File type ASCII text, with no line terminators
Hash f506188b04c16eaa9c664ed23f7ce58e
08d068d7fa5a84beb06ba924a35d84d6bfdab30a
b9bfda0e940104e190b19543b94a10d120643bd1516d3ca2d266a0af6c0966e9
GET /genfiles/site-admin/css_vars/f506188b04c16eaa9c664ed23f7ce58e.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-4262965.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:15 GMT
content-type: text/css
content-length: 46
traceparent: 00-02d361c0707eb58b489ac01f8b8fb62f-cd412b06cf3f6df2-01
last-modified: Fri, 12 Apr 2024 13:46:52 GMT
etag: "f506188b04c16eaa9c664ed23f7ce58e"
cache-control: max-age=3600
expires: Thu, 16 Jan 2025 10:51:06 GMT
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 1615
cache: HIT
x-cached-since: 2025-03-16T00:07:20+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2
GET v3.traincdn.com/genfiles/cms/1-1557/desktop/media_asset/9d7386e9ce9e892c894b911873f00927.json
200 OK 182 B URL GET v3.traincdn.com/genfiles/cms/1-1557/desktop/media_asset/9d7386e9ce9e892c894b911873f00927.json
IP
ASN #199524 G-Core Labs S.A.
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT
File type ASCII text, with no line terminators
Hash b26c78cc3c3695334fe768fd4d4f5a66
a5b4ee4f0051334a96ee8222c10cad929aae521b
5417352b032bfefb152781986ca786e71a484370dedc81509b45f6d734d21566
GET /genfiles/cms/1-1557/desktop/media_asset/9d7386e9ce9e892c894b911873f00927.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-4262965.top/
Origin: https://1xlite-4262965.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:15 GMT
content-type: application/json
content-length: 182
traceparent: 00-bce7f1edb557ba481e0c16a0a727ce03-f585cfa93e378924-01
last-modified: Thu, 27 Feb 2025 08:56:52 GMT
etag: "0a64a07e9a34e8a5b5e97e80a10888c5"
expires: Tue, 11 Mar 2025 12:37:00 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2
POST region1.analytics.google.com/g/collect?v=2&tid=G-7JGWL9SV66>m=45je53d0v897130004za200&_p=1742085266401&em=tv.1~em.ODS1igyfeIhzOTHENqwIfH1sb8t0oxg8FT6iY2YCmeo&_gaz=1&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=102482433~102587591~102717422~102788824~102813109~102814060~102825837~102879719&cid=866454263.1742085268&ecid=124932404&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&ec_mode=a&_s=1&sid=1742085267&sct=1&seg=0&dl=https%3A%2F%2F1xlite-4262965.top%2Fen%2Fblock&dt=1xBet&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.optimize_id=GTM-5R4MT54&upn.ref_id=1&tfd=15511
204 No Content 0 B URL POST region1.analytics.google.com/g/collect?v=2&tid=G-7JGWL9SV66>m=45je53d0v897130004za200&_p=1742085266401&em=tv.1~em.ODS1igyfeIhzOTHENqwIfH1sb8t0oxg8FT6iY2YCmeo&_gaz=1&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=102482433~102587591~102717422~102788824~102813109~102814060~102825837~102879719&cid=866454263.1742085268&ecid=124932404&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&ec_mode=a&_s=1&sid=1742085267&sct=1&seg=0&dl=https%3A%2F%2F1xlite-4262965.top%2Fen%2Fblock&dt=1xBet&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.optimize_id=GTM-5R4MT54&upn.ref_id=1&tfd=15511
IP
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintAE:1B:D4:56:41:F7:15:A7:24:B8:F3:55:83:91:17:2C:97:12:67:6E
ValidityWed, 26 Feb 2025 15:32:54 GMT - Wed, 21 May 2025 15:32:53 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-7JGWL9SV66>m=45je53d0v897130004za200&_p=1742085266401&em=tv.1~em.ODS1igyfeIhzOTHENqwIfH1sb8t0oxg8FT6iY2YCmeo&_gaz=1&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=102482433~102587591~102717422~102788824~102813109~102814060~102825837~102879719&cid=866454263.1742085268&ecid=124932404&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&ec_mode=a&_s=1&sid=1742085267&sct=1&seg=0&dl=https%3A%2F%2F1xlite-4262965.top%2Fen%2Fblock&dt=1xBet&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.optimize_id=GTM-5R4MT54&upn.ref_id=1&tfd=15511 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-4262965.top/
Origin: https://1xlite-4262965.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://1xlite-4262965.top
date: Sun, 16 Mar 2025 00:34:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:137:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:137:0
report-to: {"group":"ascnsrsggc:137:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:137:0"}],}
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET v3.traincdn.com/sys-ui/2.3.99/Desktop/Default/client.css
200 OK 628 kB URL GET v3.traincdn.com/sys-ui/2.3.99/Desktop/Default/client.css
IP
ASN #199524 G-Core Labs S.A.
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 628 kB (628277 bytes)
Hash 7ea0f2151b9db0a0eb59c08da23eee0e
6985e61bfb2d1d3df406c30b2a238785f57a8e54
503dd32008a1240be8373e6407f1de210ef43fb8ce6e22f3e2bd3d7a77fc2dd2
GET /sys-ui/2.3.99/Desktop/Default/client.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-4262965.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-4262965.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:14 GMT
content-type: text/css; charset=utf-8
traceparent: 00-57c6980af8bb5fe013792ee8704ff36c-832dc5bde37b564e-01
last-modified: Thu, 27 Feb 2025 10:44:27 GMT
etag: W/"7ea0f2151b9db0a0eb59c08da23eee0e"
x-amz-meta-mtime: 1740653064.943280145
content-encoding: gzip
expires: Thu, 13 Mar 2025 08:20:09 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 58348
cache: HIT
x-cached-since: 2025-03-15T08:21:46+00:00
X-Firefox-Spdy: h2
GET v3.traincdn.com/genfiles/cms/1-1557/desktop/media_asset/d5ddda7f2b5f9350d4d1464b5313a7cf.json
200 OK 747 B URL GET v3.traincdn.com/genfiles/cms/1-1557/desktop/media_asset/d5ddda7f2b5f9350d4d1464b5313a7cf.json
IP
ASN #199524 G-Core Labs S.A.
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT
File type ASCII text, with very long lines (823), with no line terminators
Hash af4d3f28d6492923699fe32f62172188
41ccf4eea08356b090d11cbbfc4d13467e5d688a
da0b7b8b50d0c2cf15c0fa8d37caa64f02d5cec9f16aa744b1aa2512787b147a
GET /genfiles/cms/1-1557/desktop/media_asset/d5ddda7f2b5f9350d4d1464b5313a7cf.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-4262965.top/
Origin: https://1xlite-4262965.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:15 GMT
content-type: application/json
content-length: 747
traceparent: 00-04b19ef2505badb4aa42cdeb9112a946-d6acfa216bf8f3c3-01
last-modified: Thu, 27 Feb 2025 13:28:02 GMT
etag: "f4e90636ec9cff061c4301b3cefdd0d6"
expires: Tue, 11 Mar 2025 12:38:35 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2
GET v3.traincdn.com/main-static/224bc897/desktop/default/DC-a2e4b815.js
200 OK 2.7 kB URL GET v3.traincdn.com/main-static/224bc897/desktop/default/DC-a2e4b815.js
IP
ASN #199524 G-Core Labs S.A.
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (2676), with no line terminators
Hash 64e530703948aab716592249714bc65e
cedb1fea6c1d933b983df334dda14c73b4b561a9
647230436f20952be5acbd146da2d1ce3a923e755b860b6b7f3af20c2f2f3c43
GET /main-static/224bc897/desktop/default/DC-a2e4b815.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-4262965.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:15 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-94a780b6a38f727d94f2014b1f0af06d-af619b175609f2e1-01
last-modified: Fri, 14 Mar 2025 12:47:08 GMT
etag: W/"1ebb90ef608fcfca4d15da4e767d124b"
x-amz-meta-mtime: 1741956427.381258013
content-encoding: gzip
expires: Sat, 15 Mar 2025 12:59:42 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 41634
cache: HIT
x-cached-since: 2025-03-15T13:00:21+00:00
X-Firefox-Spdy: h2
GET v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/d3a9efeb28.js
200 OK 3.9 kB URL GET v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/d3a9efeb28.js
IP
ASN #199524 G-Core Labs S.A.
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT
File type ASCII text, with very long lines (3982), with no line terminators
Hash 6c9549dd300a060c35695ce53093ab4d
e8a8ce26f47899cf257d36a07ed24ce9fc7ac198
89e27190d3dc9bd73d2efb6ab240044e78c7653aeecd73b74665a88e60d33088
GET /sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/d3a9efeb28.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-4262965.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:16 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-61279ab50c7cd189a304a8b831f6faf2-e224de4363746cc3-01
last-modified: Thu, 13 Mar 2025 07:51:50 GMT
etag: W/"14cbf451bfa5dee9253f104a6407ffbf"
x-amz-meta-mtime: 1741852125.607617796
content-encoding: gzip
expires: Fri, 14 Mar 2025 10:31:51 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 50526
cache: HIT
x-cached-since: 2025-03-15T10:32:10+00:00
X-Firefox-Spdy: h2
GET 1xlite-4262965.top/web-api/session
204 No Content 0 B URL GET 1xlite-4262965.top/web-api/session
IP
ASN #202492 Silverhill Group Holding Ltd
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerLet's Encrypt
Subject1xlite-4262965.top
FingerprintAC:77:6E:40:F5:94:E4:2A:95:1E:E7:1D:38:A5:4D:1F:C6:9E:15:A5
ValidityTue, 14 Jan 2025 09:17:23 GMT - Mon, 14 Apr 2025 09:17:22 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /web-api/session HTTP/1.1
Host: 1xlite-4262965.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-4262965.top/en/block
content-type: application/json
x-requested-with: XMLHttpRequest
x-app-n: v3-nuxt2
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3313962m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_3313962m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_3313962m_18607c_%22%2C%22pb%22%3A%22b4343e2b4735408cbb6080dd2229d5f0%22%2C%22site_id%22%3A%221ad28b60%22%2C%22partner_id%22%3A%22t2nds%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; auid=LiC1N2fWHIWKFRxmA8LyAg==; window_width=1280; che_g=ab512254-19ad-d936-a555-c6b79c534011
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
server: nginx
date: Sun, 16 Mar 2025 00:34:24 GMT
cache-control: no-cache, private
server-timing: dt_total;dur=0.009, p;dur=13.58, wf-uht;dur=0.029
set-cookie: ua=deleted; expires=Thu, 01 Jan 1970 00:00:01 GMT; Max-Age=0; path=/
SESSION=4d77269a3adffaa07f9ba44a1923ff1b; path=/; secure; httponly; samesite=lax
x-dt: 1557
x-time-ng: 0.015, 0.015
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
POST 1xlite-4262965.top/hd-api/external/verify
200 OK 721 B URL POST 1xlite-4262965.top/hd-api/external/verify
IP
ASN #202492 Silverhill Group Holding Ltd
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerLet's Encrypt
Subject1xlite-4262965.top
FingerprintAC:77:6E:40:F5:94:E4:2A:95:1E:E7:1D:38:A5:4D:1F:C6:9E:15:A5
ValidityTue, 14 Jan 2025 09:17:23 GMT - Mon, 14 Apr 2025 09:17:22 GMT
File type troff or preprocessor input, ASCII text, with very long lines (727), with no line terminators
Hash 6141d4d69ad1bb65ac332c1b19ad8093
30ffb9cec47cfb3083f0b335fde95e181554abbe
af62cca1bed8822b199dcb4c9b3382f9477f735da199966bf05488652295131b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /hd-api/external/verify HTTP/1.1
Host: 1xlite-4262965.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-4262965.top/en/block
Content-Type: text/plain;charset=UTF-8
Content-Length: 108545
Origin: https://1xlite-4262965.top
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3313962m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_3313962m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_3313962m_18607c_%22%2C%22pb%22%3A%22b4343e2b4735408cbb6080dd2229d5f0%22%2C%22site_id%22%3A%221ad28b60%22%2C%22partner_id%22%3A%22t2nds%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; auid=LiC1N2fWHIWKFRxmA8LyAg==; window_width=1280; che_g=ab512254-19ad-d936-a555-c6b79c534011; SESSION=4d77269a3adffaa07f9ba44a1923ff1b; _ga_7JGWL9SV66=GS1.1.1742085267.1.0.1742085267.60.0.124932404; _ga=GA1.1.866454263.1742085268
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:28 GMT
content-type: application/json
content-length: 593
content-encoding: gzip
vary: Accept-Encoding
x-dt: 1557
x-request-guid: 32adf2ee5831deab89615521e7c1e8a7
x-time-ng: 0.008
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=0.019, wf-uht;dur=0.057
X-Firefox-Spdy: h2
GET v3.traincdn.com/main-static/224bc897/desktop/default/app-eac46da7.js
200 OK 600 kB URL GET v3.traincdn.com/main-static/224bc897/desktop/default/app-eac46da7.js
IP
ASN #199524 G-Core Labs S.A.
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT
Size 600 kB (599516 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /main-static/224bc897/desktop/default/app-eac46da7.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-4262965.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:14 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-1b638bd058a5ee30fbf67600edea7313-5e462c7447b6eea2-01
last-modified: Fri, 14 Mar 2025 12:47:08 GMT
etag: W/"ef70a17709d8992eb558cb49d39797a6"
x-amz-meta-mtime: 1741956427.389258082
content-encoding: gzip
expires: Sat, 15 Mar 2025 12:59:40 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 41636
cache: HIT
x-cached-since: 2025-03-15T13:00:18+00:00
X-Firefox-Spdy: h2
GET v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/019a583ebe.css
200 OK 15 kB URL GET v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/019a583ebe.css
IP
ASN #199524 G-Core Labs S.A.
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT
File type ASCII text, with very long lines (15022)
Hash 270ac8ab6f95f2f634f9c0b71576da83
eb83dd0634b96d934e68da11bba4f283999e06c0
8bb7474b02f32ff7b1ad17be602913b7556026c63025c50ff1ffb414dbdcfb84
GET /sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/019a583ebe.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-4262965.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:14 GMT
content-type: text/css; charset=utf-8
traceparent: 00-8884562639610be6f5a9796a89a56490-b46e9fb1a4998583-01
last-modified: Thu, 13 Mar 2025 07:51:50 GMT
etag: W/"270ac8ab6f95f2f634f9c0b71576da83"
x-amz-meta-mtime: 1741852125.608617876
content-encoding: gzip
expires: Fri, 14 Mar 2025 10:31:48 GMT
cache-control: max-age=86400
x-time-ng: 0.001
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 50494
cache: HIT
x-cached-since: 2025-03-15T10:32:40+00:00
X-Firefox-Spdy: h2
GET v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/entry-bd0d3e4324.js
200 OK 21 kB URL GET v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/entry-bd0d3e4324.js
IP
ASN #199524 G-Core Labs S.A.
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/entry-bd0d3e4324.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-4262965.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-4262965.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:16 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-adc0bfb3d98f6e039cb3b9dcf353c9ab-b328034e705b7693-01
last-modified: Thu, 13 Mar 2025 07:51:50 GMT
etag: W/"16d1cbf5051abca88e204313724d4463"
x-amz-meta-mtime: 1741852125.615618442
content-encoding: gzip
expires: Fri, 14 Mar 2025 10:32:11 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 50493
cache: HIT
x-cached-since: 2025-03-15T10:32:43+00:00
X-Firefox-Spdy: h2
GET v3.traincdn.com/sys-static/shared-assets/__shared_chunk_6EO4CXC4.js
200 OK 610 B URL GET v3.traincdn.com/sys-static/shared-assets/__shared_chunk_6EO4CXC4.js
IP
ASN #199524 G-Core Labs S.A.
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (621), with no line terminators
Hash f5768750051a8debea17ce89837e3bf7
fa1f86f4121d91916a9657a90a189b21272ff644
178069ce2b15dde7d59f819f48a74377221ae26632a210b09af003dd6e9390bb
GET /sys-static/shared-assets/__shared_chunk_6EO4CXC4.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-4262965.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:16 GMT
content-type: text/javascript; charset=utf-8
content-length: 610
traceparent: 00-b09bcabad8bcc0405f97d558466b3bbd-a1c1b0e648cedf0e-01
last-modified: Fri, 14 Mar 2025 11:46:16 GMT
etag: "464c50409850b3095783d5b3b9a1b00d"
x-amz-meta-mtime: 1741952700.135299485
expires: Sun, 16 Mar 2025 10:00:34 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 52422
cache: HIT
x-cached-since: 2025-03-15T10:00:34+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2
GET v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/9f199ebee8.js
200 OK 3.7 kB URL GET v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/9f199ebee8.js
IP
ASN #199524 G-Core Labs S.A.
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT
File type ASCII text, with very long lines (3797), with no line terminators
Hash 1d4dd411ecc1ed28a0dc1d154b880641
d68bcd1a2cf6a4894507bfeb344b7ca12bfe8511
98006be3bb1ac676e04880ba9fd1b8487d776d7f8ce22260b8aad801bc85c508
GET /sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/9f199ebee8.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-4262965.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:16 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-14a23f7fd3cb4981104b6b4a0cd42524-ff269d0357dc4a31-01
last-modified: Thu, 13 Mar 2025 07:51:50 GMT
etag: W/"aedc79380c0fc600e869e1b374c9efc4"
x-amz-meta-mtime: 1741852125.609617957
content-encoding: gzip
expires: Fri, 14 Mar 2025 10:31:51 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 50526
cache: HIT
x-cached-since: 2025-03-15T10:32:10+00:00
X-Firefox-Spdy: h2
GET v3.traincdn.com/genfiles/cms/1-1557/desktop/media_asset/f6840074d112eed1a00d900db0b5dc4d.json
200 OK 3.6 kB URL GET v3.traincdn.com/genfiles/cms/1-1557/desktop/media_asset/f6840074d112eed1a00d900db0b5dc4d.json
IP
ASN #199524 G-Core Labs S.A.
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT
File type ASCII text, with very long lines (3907), with no line terminators
Hash 89374aa8971ebacfc0f56ab20a4d3621
4a36dd142061be0ad898b548e3ed4f870c9815b5
18963d29d5c6bbbece9991e2feccfb4dc1b03de7d5b0dac109b027c0b0e5bcc6
GET /genfiles/cms/1-1557/desktop/media_asset/f6840074d112eed1a00d900db0b5dc4d.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-4262965.top/
Origin: https://1xlite-4262965.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:16 GMT
content-type: application/json
traceparent: 00-405bf679cf5651ec943359d75e8e517b-1a46124d9506d1ed-01
last-modified: Thu, 27 Feb 2025 09:07:40 GMT
etag: W/"4b08975411699bcd7464f49777e866bf"
content-encoding: gzip
expires: Thu, 13 Mar 2025 02:08:58 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
cache: REVALIDATED
X-Firefox-Spdy: h2
POST 1xlite-4262965.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json
200 OK 23 B URL POST 1xlite-4262965.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json
IP
ASN #202492 Silverhill Group Holding Ltd
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerLet's Encrypt
Subject1xlite-4262965.top
FingerprintAC:77:6E:40:F5:94:E4:2A:95:1E:E7:1D:38:A5:4D:1F:C6:9E:15:A5
ValidityTue, 14 Jan 2025 09:17:23 GMT - Mon, 14 Apr 2025 09:17:22 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash 5832b2c201bf9cb6102fe17a05ff7954
85c55f712f31793a1c5a5c6a03be6beed86ba62f
8e018a560a2bb8aff20150a650851ae5ca076c0bd36b1450f6833f9588eb52a9
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json HTTP/1.1
Host: 1xlite-4262965.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-4262965.top/en/block
Content-Type: application/json
X-Lang: en
X-Uuid: c622d55d-aca3-469a-a98b-68e00080be4e
Content-Length: 72
Origin: https://1xlite-4262965.top
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3313962m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_3313962m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_3313962m_18607c_%22%2C%22pb%22%3A%22b4343e2b4735408cbb6080dd2229d5f0%22%2C%22site_id%22%3A%221ad28b60%22%2C%22partner_id%22%3A%22t2nds%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; auid=LiC1N2fWHIWKFRxmA8LyAg==; window_width=1280; che_g=ab512254-19ad-d936-a555-c6b79c534011
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:16 GMT
content-type: application/json
content-length: 23
x-dt: 1557
x-time-ng: 0.001
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=0.010, wf-uht;dur=0.008
X-Firefox-Spdy: h2
GET 1xlite-4262965.top/main-static/224bc897/check-ob.js
200 OK 219 B URL GET 1xlite-4262965.top/main-static/224bc897/check-ob.js
IP
ASN #202492 Silverhill Group Holding Ltd
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerLet's Encrypt
Subject1xlite-4262965.top
FingerprintAC:77:6E:40:F5:94:E4:2A:95:1E:E7:1D:38:A5:4D:1F:C6:9E:15:A5
ValidityTue, 14 Jan 2025 09:17:23 GMT - Mon, 14 Apr 2025 09:17:22 GMT
File type JavaScript source, ASCII text, with no line terminators
Hash 58cfb5258c46da1996818475f9eccadf
8e043805652928354624cf70b110aaf63c2bdcb4
e70f6cbe9e517474d8f39a0ca3230570f1fbd928065b99dd292e3ce06c5d5906
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /main-static/224bc897/check-ob.js HTTP/1.1
Host: 1xlite-4262965.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-4262965.top/en/block
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3313962m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_3313962m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_3313962m_18607c_%22%2C%22pb%22%3A%22b4343e2b4735408cbb6080dd2229d5f0%22%2C%22site_id%22%3A%221ad28b60%22%2C%22partner_id%22%3A%22t2nds%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; auid=LiC1N2fWHIWKFRxmA8LyAg==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:13 GMT
content-type: text/javascript; charset=utf-8
content-length: 219
last-modified: Fri, 14 Mar 2025 12:47:42 GMT
etag: "c065700c9c8c493403359e1f2baa10d9"
x-amz-meta-mtime: 1741956461.869272888
expires: Sun, 16 Mar 2025 13:00:25 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
accept-ranges: bytes
X-Firefox-Spdy: h2
GET v3.traincdn.com/genfiles/cms/1-1557/desktop/media_asset/f594bc0d2c2679b7e8fc694537f0d9a3.json
200 OK 14 kB URL GET v3.traincdn.com/genfiles/cms/1-1557/desktop/media_asset/f594bc0d2c2679b7e8fc694537f0d9a3.json
IP
ASN #199524 G-Core Labs S.A.
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT
Hash 811ce3b7877d19901e45430cb6523d62
16a905115a678fdef3923f91c6f76cbab613e84d
10fbb74dbac63abfe9c4f5a77abc03757ef3527a479d4ae70dc977b515eec8cb
GET /genfiles/cms/1-1557/desktop/media_asset/f594bc0d2c2679b7e8fc694537f0d9a3.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-4262965.top/
Origin: https://1xlite-4262965.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:15 GMT
content-type: application/json
traceparent: 00-c3c740f24f015a9ba31e5fc3c222c6a4-6e01be97c1295bf5-01
last-modified: Thu, 27 Feb 2025 09:05:29 GMT
etag: W/"811ce3b7877d19901e45430cb6523d62"
content-encoding: gzip
expires: Tue, 11 Mar 2025 12:36:59 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
cache: REVALIDATED
X-Firefox-Spdy: h2
GET v3.traincdn.com/genfiles/cms/1-1557/desktop/media_asset/1b44632ee24d33ee68b1777a2ca65379.json
200 OK 7.3 kB URL GET v3.traincdn.com/genfiles/cms/1-1557/desktop/media_asset/1b44632ee24d33ee68b1777a2ca65379.json
IP
ASN #199524 G-Core Labs S.A.
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT
File type ASCII text, with very long lines (8082), with no line terminators
Hash dc424c56188d2fb07cbb8b3cf4cf6334
d52dc8395a4dc996af20fb0e2b1ecbd62cb04120
103f4cda8ba430dbbe6a699d14ff96789d65a4e8b8f35447d4831dbca3de63ea
GET /genfiles/cms/1-1557/desktop/media_asset/1b44632ee24d33ee68b1777a2ca65379.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-4262965.top/
Origin: https://1xlite-4262965.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:15 GMT
content-type: application/json
traceparent: 00-25465b3305dbae939c578c0ddea33a83-70e5edb6b45c4fe4-01
last-modified: Thu, 23 Jan 2025 13:23:15 GMT
etag: W/"0614058b667e6dfa1cdecc6e0e53131c"
content-encoding: gzip
expires: Tue, 11 Mar 2025 12:37:00 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
cache: REVALIDATED
X-Firefox-Spdy: h2
GET v3.traincdn.com/main-static/224bc897/desktop/default/Page.Block-7647aaa6.js
200 OK 476 B URL GET v3.traincdn.com/main-static/224bc897/desktop/default/Page.Block-7647aaa6.js
IP
ASN #199524 G-Core Labs S.A.
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (482), with no line terminators
Hash 5b16d1de9fe9cf4171c5cbff1ac48cbe
013de752a21f8832bedcfe1db3e896d1bece0c17
662e5a6e92099ba31b7110515025f18382ad680969806bc9bdcb784c7cee54e8
GET /main-static/224bc897/desktop/default/Page.Block-7647aaa6.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-4262965.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:14 GMT
content-type: text/javascript; charset=utf-8
content-length: 476
traceparent: 00-35095d56411544b10604bbca60c001df-790f6ec3f830b4f5-01
last-modified: Fri, 14 Mar 2025 12:47:08 GMT
etag: "0d2b318ca8e968dbda1d7ac5f3b56ce4"
x-amz-meta-mtime: 1741956427.381258013
expires: Sat, 15 Mar 2025 13:00:05 GMT
cache-control: max-age=86400
x-time-ng: 0.001
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 41636
cache: HIT
x-cached-since: 2025-03-15T13:00:18+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2
GET 1xlite-4262965.top/version.json?timestamp=29034754
200 OK 11 B URL GET 1xlite-4262965.top/version.json?timestamp=29034754
IP
ASN #202492 Silverhill Group Holding Ltd
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerLet's Encrypt
Subject1xlite-4262965.top
FingerprintAC:77:6E:40:F5:94:E4:2A:95:1E:E7:1D:38:A5:4D:1F:C6:9E:15:A5
ValidityTue, 14 Jan 2025 09:17:23 GMT - Mon, 14 Apr 2025 09:17:22 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash a4238811aa28edbffc31ca67ec5934bc
ec81ca9f1f329e768d6cad41fd4f651454f9dfb6
dc85277145e979bf91eb5ef9e70d7fe684957acb53ce5e232afe31e50c950926
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /version.json?timestamp=29034754 HTTP/1.1
Host: 1xlite-4262965.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-4262965.top/en/block
content-type: application/json
x-requested-with: XMLHttpRequest
x-app-n: v3-nuxt2
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3313962m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_3313962m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_3313962m_18607c_%22%2C%22pb%22%3A%22b4343e2b4735408cbb6080dd2229d5f0%22%2C%22site_id%22%3A%221ad28b60%22%2C%22partner_id%22%3A%22t2nds%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; auid=LiC1N2fWHIWKFRxmA8LyAg==; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:15 GMT
content-type: application/json
content-length: 11
last-modified: Fri, 14 Mar 2025 12:47:42 GMT
etag: "d654c053eaab844ee541b547153d9047"
x-amz-meta-mtime: 1741956462.541274696
expires: Sun, 16 Mar 2025 00:35:00 GMT
cache-control: max-age=60
x-time-ng: 0.000
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
accept-ranges: bytes
X-Firefox-Spdy: h2
GET v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/23a0bc82b1.js
200 OK 134 B URL GET v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/23a0bc82b1.js
IP
ASN #199524 G-Core Labs S.A.
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 058328e3d895a1bd0a58b6af94fd6643
22493242efe7b100c5b916049b856cdc0f61459e
161cccab037aa41cce7c1cb101fcdb89632a9d31b6ece36d0b5346cfd9dee512
GET /sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/23a0bc82b1.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-4262965.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:16 GMT
content-type: text/javascript; charset=utf-8
content-length: 134
traceparent: 00-3bedcb5bf2ba37a5efdb6dcb2411ddee-2797c4120730e74d-01
last-modified: Thu, 13 Mar 2025 07:51:50 GMT
etag: "8bdff1583e839b03507f425d53a2ac7c"
x-amz-meta-mtime: 1741852125.608617876
expires: Fri, 14 Mar 2025 10:31:52 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 50525
cache: HIT
x-cached-since: 2025-03-15T10:32:11+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2
GET v3.traincdn.com/sys-static/shared-assets/Desktop/__shared_css_7665dd.css
200 OK 6.0 kB URL GET v3.traincdn.com/sys-static/shared-assets/Desktop/__shared_css_7665dd.css
IP
ASN #199524 G-Core Labs S.A.
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT
File type ASCII text, with very long lines (5954), with no line terminators
Hash 89fb2e336ceea4329a41dbcaf1b6bb55
db4b22755c940073e662372854cb5b199166cdfd
52c29afb26a69396e34ce49e4f1e4f8e269112979268330bdc8579e349ca8f04
GET /sys-static/shared-assets/Desktop/__shared_css_7665dd.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-4262965.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:14 GMT
content-type: text/css; charset=utf-8
traceparent: 00-12d5b5e9bf4fa0302bcf5fdae96ee0ab-f35f5c981d4fe72a-01
last-modified: Fri, 14 Mar 2025 11:46:16 GMT
etag: W/"f0ffb03bb649fd20d0f05a4ade80b3ab"
x-amz-meta-mtime: 1741952700.155299204
content-encoding: gzip
expires: Sun, 16 Mar 2025 10:14:07 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 51607
cache: HIT
x-cached-since: 2025-03-15T10:14:07+00:00
X-Firefox-Spdy: h2
GET v3.traincdn.com/genfiles/site-admin/colors/2b576ab4bf357d5f5e1e9a910bb28db1.css
200 OK 40 kB URL GET v3.traincdn.com/genfiles/site-admin/colors/2b576ab4bf357d5f5e1e9a910bb28db1.css
IP
ASN #199524 G-Core Labs S.A.
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT
File type ASCII text, with very long lines (39627), with no line terminators
Hash 2b576ab4bf357d5f5e1e9a910bb28db1
bdcfe2deb76b50367c1011fabd5d2d4d3298becb
5160a1bc50b9a1120110f84fbd9ce9d8a742c39e6891f3a79af212ded7aa8055
GET /genfiles/site-admin/colors/2b576ab4bf357d5f5e1e9a910bb28db1.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-4262965.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:15 GMT
content-type: text/css
traceparent: 00-543b49637d84c572c40b22f69e8e0589-be3312d8fafa0d03-01
last-modified: Fri, 14 Mar 2025 12:18:20 GMT
etag: W/"2b576ab4bf357d5f5e1e9a910bb28db1"
cache-control: max-age=3600
content-encoding: gzip
expires: Fri, 14 Mar 2025 14:43:59 GMT
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 1358
cache: HIT
x-cached-since: 2025-03-16T00:11:37+00:00
X-Firefox-Spdy: h2
GET v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_auth/en/dictionary_fcd74860b5426757630a487d00a5bcbf.json
200 OK 9.0 kB URL GET v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_auth/en/dictionary_fcd74860b5426757630a487d00a5bcbf.json
IP
ASN #199524 G-Core Labs S.A.
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT
File type troff or preprocessor input, Unicode text, UTF-8 text, with very long lines (9354), with no line terminators
Hash aa6d251220bfc9a38b1ac364cbf97120
f423a039a9fae35d3d8ef13602bf6cb92f09304a
98ccb1fee5145ab1edf86d54080c3bda2faefcd93c2a11054d7a48d1fcb5e1d3
GET /genfiles/web-app-v2/dictionary2/v3_auth/en/dictionary_fcd74860b5426757630a487d00a5bcbf.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-4262965.top/
Origin: https://1xlite-4262965.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:15 GMT
content-type: application/json; charset=utf-8
traceparent: 00-ac5fd4687f40875e9c427b935ecd5141-a95a933774423db9-01
last-modified: Wed, 26 Feb 2025 06:05:54 GMT
etag: W/"947b340dd6f89aaca58dc9840be4273a"
cache-control: max-age=3600
content-encoding: gzip
expires: Wed, 26 Feb 2025 07:34:15 GMT
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 2025
cache: HIT
x-cached-since: 2025-03-16T00:00:30+00:00
X-Firefox-Spdy: h2
POST 1xlite-4262965.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json
200 OK 23 B URL POST 1xlite-4262965.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json
IP
ASN #202492 Silverhill Group Holding Ltd
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerLet's Encrypt
Subject1xlite-4262965.top
FingerprintAC:77:6E:40:F5:94:E4:2A:95:1E:E7:1D:38:A5:4D:1F:C6:9E:15:A5
ValidityTue, 14 Jan 2025 09:17:23 GMT - Mon, 14 Apr 2025 09:17:22 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash 947abebb51db34db8a351a2ccae77224
3bac89474ace3eb908adcb005917c5a8e97e5b81
7f447a2fad61c8fc48d852b9ce8ef167acfd2037e517d07a61e6b53782959d1b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json HTTP/1.1
Host: 1xlite-4262965.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-4262965.top/en/block
Content-Type: application/json
X-Lang: en
X-Uuid: c622d55d-aca3-469a-a98b-68e00080be4e
Content-Length: 48
Origin: https://1xlite-4262965.top
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3313962m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_3313962m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_3313962m_18607c_%22%2C%22pb%22%3A%22b4343e2b4735408cbb6080dd2229d5f0%22%2C%22site_id%22%3A%221ad28b60%22%2C%22partner_id%22%3A%22t2nds%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; auid=LiC1N2fWHIWKFRxmA8LyAg==; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:15 GMT
content-type: application/json
content-length: 23
x-dt: 1557
x-time-ng: 0.001
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=0.006, wf-uht;dur=0.011
X-Firefox-Spdy: h2
GET v3.traincdn.com/genfiles/cms/1-1557/desktop/media_asset/a3a052c8a0450c884c78b7c168a6867a.json
200 OK 13 kB URL GET v3.traincdn.com/genfiles/cms/1-1557/desktop/media_asset/a3a052c8a0450c884c78b7c168a6867a.json
IP
ASN #199524 G-Core Labs S.A.
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT
Hash 2b474bcc2f009b70e64e2b5a95dd50a4
1fd5ee2d54da7dfbf61e67efd938a89c548fc866
f86d880575f3f65ddaaf9e8a0e3746bbbefcefe7e6c0c4441e9e20ceffdca237
GET /genfiles/cms/1-1557/desktop/media_asset/a3a052c8a0450c884c78b7c168a6867a.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-4262965.top/
Origin: https://1xlite-4262965.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:16 GMT
content-type: application/json
traceparent: 00-1770b86c10cc6a592eda85c1d91e5b6d-27ba2a46d7568b58-01
last-modified: Wed, 12 Mar 2025 09:36:54 GMT
etag: W/"2b474bcc2f009b70e64e2b5a95dd50a4"
content-encoding: gzip
expires: Thu, 13 Mar 2025 02:08:58 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
cache: REVALIDATED
X-Firefox-Spdy: h2
GET v3.traincdn.com/genfiles/cms/1-1557/desktop/media_asset/a8f88ee9974b92376a3e5652086d81f7.json
200 OK 2.4 kB URL GET v3.traincdn.com/genfiles/cms/1-1557/desktop/media_asset/a8f88ee9974b92376a3e5652086d81f7.json
IP
ASN #199524 G-Core Labs S.A.
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT
File type ASCII text, with very long lines (2706), with no line terminators
Hash 90d7eb4ae044f7ba4af5cffe69c2c10f
c30cf10722770c4c980b4d939cf3c7812f9fff47
5715ce56d5f85cc38544c53dec18c09551c0299f97b28d2491c94e92e2f44cb1
GET /genfiles/cms/1-1557/desktop/media_asset/a8f88ee9974b92376a3e5652086d81f7.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-4262965.top/
Origin: https://1xlite-4262965.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:16 GMT
content-type: application/json
traceparent: 00-ad867a9460456a3b7c1a2f565563481b-131e4d3274845d15-01
last-modified: Thu, 13 Mar 2025 14:37:32 GMT
etag: W/"6e0a4311df54adc4bf7bdd344b3b401d"
content-encoding: gzip
expires: Fri, 14 Mar 2025 07:35:12 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
cache: REVALIDATED
X-Firefox-Spdy: h2
GET v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/2a54f0f995.js
200 OK 5.4 kB URL GET v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/2a54f0f995.js
IP
ASN #199524 G-Core Labs S.A.
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT
File type ASCII text, with very long lines (5581), with no line terminators
Hash f9fb7352c7081932925b6a5aa7d046f9
54d152aa5f88a8a735f7332ab05c4b46d0b4c232
8104edade219a808a6dfa50baaa63884885c1eef533187a1a90b174858230307
GET /sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/2a54f0f995.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-4262965.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:16 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-bd8ceb0530e8bdc7082582572b3c3027-765037b21aaba458-01
last-modified: Thu, 13 Mar 2025 07:51:50 GMT
etag: W/"5de949226d4e63814a51f305dc6585aa"
x-amz-meta-mtime: 1741852125.608617876
content-encoding: gzip
expires: Fri, 14 Mar 2025 10:31:52 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 50525
cache: HIT
x-cached-since: 2025-03-15T10:32:11+00:00
X-Firefox-Spdy: h2
GET 1xlite-4262965.top/hd-api/external/assets/hdf.js
200 OK 4.1 kB URL GET 1xlite-4262965.top/hd-api/external/assets/hdf.js
IP
ASN #202492 Silverhill Group Holding Ltd
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerLet's Encrypt
Subject1xlite-4262965.top
FingerprintAC:77:6E:40:F5:94:E4:2A:95:1E:E7:1D:38:A5:4D:1F:C6:9E:15:A5
ValidityTue, 14 Jan 2025 09:17:23 GMT - Mon, 14 Apr 2025 09:17:22 GMT
File type JavaScript source, ASCII text, with very long lines (4189), with no line terminators
Hash 0458a6bbf45a865bba7cf3546f2c3d80
9c909fe72190576c9974bdeaa602b06c94e13aa2
defc6aeeaff05b834c3a20606719b2184a6f047eb1aaf62c8cd000559a2e9b42
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /hd-api/external/assets/hdf.js HTTP/1.1
Host: 1xlite-4262965.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-4262965.top/en/block
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3313962m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_3313962m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_3313962m_18607c_%22%2C%22pb%22%3A%22b4343e2b4735408cbb6080dd2229d5f0%22%2C%22site_id%22%3A%221ad28b60%22%2C%22partner_id%22%3A%22t2nds%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; auid=LiC1N2fWHIWKFRxmA8LyAg==; window_width=1280; che_g=ab512254-19ad-d936-a555-c6b79c534011; SESSION=4d77269a3adffaa07f9ba44a1923ff1b
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:24 GMT
content-type: text/javascript; charset=utf-8
content-length: 1622
cache-control: public, max-age=300
content-encoding: gzip
etag: 2f26a679e9d54a65e6578e947cc5bdf2
vary: Accept-Encoding
x-dt: 1559
x-request-guid: 31b27f3691bc2aaa2d3a830513a21d5a
x-time-ng: 0.001
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=0.010, wf-uht;dur=
accept-ranges: bytes
X-Firefox-Spdy: h2
GET v3.traincdn.com/main-static/224bc897/desktop/default/vendors/plugins.vue-js-modal-6cf60894.js
200 OK 27 kB URL GET v3.traincdn.com/main-static/224bc897/desktop/default/vendors/plugins.vue-js-modal-6cf60894.js
IP
ASN #199524 G-Core Labs S.A.
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (26717), with no line terminators
Hash 636f92ad54d11a9bfd08e41869cad873
16e3a13f2bea709674fb1bd96f25541765a74ae2
146f1525e05444a9be24e8dd3f6f42a1a7c712dcab62d46627516632fd0c569b
GET /main-static/224bc897/desktop/default/vendors/plugins.vue-js-modal-6cf60894.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-4262965.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:15 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-7de72e31ea9c6350acdf2b37faf9164f-b7985699b8bc4d36-01
last-modified: Fri, 14 Mar 2025 12:47:08 GMT
etag: W/"636f92ad54d11a9bfd08e41869cad873"
x-amz-meta-mtime: 1741956427.437258494
content-encoding: gzip
expires: Sat, 15 Mar 2025 12:59:42 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 41634
cache: HIT
x-cached-since: 2025-03-15T13:00:21+00:00
X-Firefox-Spdy: h2
GET radar.cedexis.com/1/23802/radar.js
302 Moved Temporarily 390 B URL GET radar.cedexis.com/1/23802/radar.js
IP
ASN #63911 NetActuate, Inc
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerDigiCert Inc
Subjectradar.cedexis.com
Fingerprint33:58:79:8E:87:A5:C3:05:CA:E2:82:50:61:CF:72:83:BD:64:80:C1
ValidityFri, 29 Mar 2024 00:00:00 GMT - Fri, 28 Mar 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1/23802/radar.js HTTP/1.1
Host: radar.cedexis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-4262965.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Sun, 16 Mar 2025 00:34:26 GMT
Content-Type: text/html
Content-Length: 138
Connection: keep-alive
Location: /1707728419/stub.js
Expires: Sun, 16 Mar 2025 00:44:26 GMT
Cache-Control: max-age=600
Vary: User-Agent,DNT
GET v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_forgot_password/en/dictionary_28cb4e6b9a8be3afbcbc2a6b22ab3393.json
200 OK 3.5 kB URL GET v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_forgot_password/en/dictionary_28cb4e6b9a8be3afbcbc2a6b22ab3393.json
IP
ASN #199524 G-Core Labs S.A.
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT
File type troff or preprocessor input, ASCII text, with very long lines (3690), with no line terminators
Hash f2e705877a451c1d6297f18a0d09b8b0
78e994cf53ef3d6ef8024eda5225926b7641e38b
ed1fea1eb8e1aa7acaa8f9feba9c7f8963cee50bbca7caf4c93fa23a38d42f93
GET /genfiles/web-app-v2/dictionary2/v3_forgot_password/en/dictionary_28cb4e6b9a8be3afbcbc2a6b22ab3393.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-4262965.top/
Origin: https://1xlite-4262965.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:15 GMT
content-type: application/json; charset=utf-8
traceparent: 00-c40753c28185fc99bdc3f8d5ee271241-31ec0774911675f4-01
last-modified: Tue, 03 Dec 2024 08:05:32 GMT
etag: W/"273bec90c875f74d2f5ef70f9e32db45"
cache-control: max-age=3600
content-encoding: gzip
expires: Thu, 16 Jan 2025 10:56:28 GMT
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 2141
cache: HIT
x-cached-since: 2025-03-15T23:58:34+00:00
X-Firefox-Spdy: h2
GET v3.traincdn.com/genfiles/cms/1-1557/desktop/media_asset/d3bfddf79b491f7f887cb194367a7ef7.json
200 OK 465 B URL GET v3.traincdn.com/genfiles/cms/1-1557/desktop/media_asset/d3bfddf79b491f7f887cb194367a7ef7.json
IP
ASN #199524 G-Core Labs S.A.
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT
File type ASCII text, with very long lines (514), with no line terminators
Hash 0e994248191fbac3fbba948b1904e50e
cfbf813ca6a35fa4b2535fc98d77cd29b0f4a76c
c9a6528b3234a1e557a968dbf86666d5d8d126789c25410bf86bb994309e967c
GET /genfiles/cms/1-1557/desktop/media_asset/d3bfddf79b491f7f887cb194367a7ef7.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-4262965.top/
Origin: https://1xlite-4262965.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:16 GMT
content-type: application/json
content-length: 465
traceparent: 00-b3454dd3bbdb54eef383797186555851-cad236f4a9bd1d4d-01
last-modified: Mon, 26 Aug 2024 16:52:40 GMT
etag: "c18f57f4aff3cdc9ac4e9b71b54a5810"
expires: Thu, 13 Mar 2025 02:08:58 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2
GET v3.traincdn.com/genfiles/cms/1-1557/desktop/media_asset/d7cdddcad90ad908d81a5f684d2ca365.json
200 OK 328 B URL GET v3.traincdn.com/genfiles/cms/1-1557/desktop/media_asset/d7cdddcad90ad908d81a5f684d2ca365.json
IP
ASN #199524 G-Core Labs S.A.
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT
File type ASCII text, with very long lines (363), with no line terminators
Hash 8a3ebb3d0dc11dc4f7a17c719887d1cc
0d667f17c672cca1871ffca2a1482485c563705b
d6cf8ab83ea7e080179c9cbaadc3c2642e222b93170b885b5b9ea4ac7b830586
GET /genfiles/cms/1-1557/desktop/media_asset/d7cdddcad90ad908d81a5f684d2ca365.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-4262965.top/
Origin: https://1xlite-4262965.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:16 GMT
content-type: application/json
content-length: 328
traceparent: 00-61594d73c74a798e130fcea78532f08a-528e6afd37a4a7fe-01
last-modified: Thu, 27 Feb 2025 10:57:27 GMT
etag: "4347fc050ebe622e30a7bf78a213b5a0"
expires: Thu, 13 Mar 2025 02:08:58 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2
GET www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7JGWL9SV66&cid=866454263.1742085268>m=45je53d0v897130004za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=102482433~102587591~102717422~102788824~102813109~102814060~102825837~102879719&tag_exp=102482433~102587591~102717422~102788824~102813109~102814060~102825837~102879719&z=1730992316
200 OK 42 B URL GET www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7JGWL9SV66&cid=866454263.1742085268>m=45je53d0v897130004za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=102482433~102587591~102717422~102788824~102813109~102814060~102825837~102879719&tag_exp=102482433~102587591~102717422~102788824~102813109~102814060~102825837~102879719&z=1730992316
IP
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerGoogle Trust Services
Subject*.google.no
Fingerprint26:B7:26:CB:C6:A9:06:E9:C0:85:18:1A:20:54:87:E3:8B:35:EC:7C
ValidityWed, 26 Feb 2025 15:35:45 GMT - Wed, 21 May 2025 15:35:44 GMT
File type GIF image data, version 89a, 1 x 1
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7JGWL9SV66&cid=866454263.1742085268>m=45je53d0v897130004za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=102482433~102587591~102717422~102788824~102813109~102814060~102825837~102879719&tag_exp=102482433~102587591~102717422~102788824~102813109~102814060~102825837~102879719&z=1730992316 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-4262965.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 16 Mar 2025 00:34:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET 1xlite-4262965.top/en/block
203 Non Authoritative 257 kB URL User Request GET 1xlite-4262965.top/en/block
IP
ASN #202492 Silverhill Group Holding Ltd
Certificate IssuerLet's Encrypt
Subject1xlite-4262965.top
FingerprintAC:77:6E:40:F5:94:E4:2A:95:1E:E7:1D:38:A5:4D:1F:C6:9E:15:A5
ValidityTue, 14 Jan 2025 09:17:23 GMT - Mon, 14 Apr 2025 09:17:22 GMT
Size 257 kB (257418 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /en/block HTTP/1.1
Host: 1xlite-4262965.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3313962m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_3313962m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_3313962m_18607c_%22%2C%22pb%22%3A%22b4343e2b4735408cbb6080dd2229d5f0%22%2C%22site_id%22%3A%221ad28b60%22%2C%22partner_id%22%3A%22t2nds%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; auid=LiC1N2fWHIWKFRxmA8LyAg==
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 203 Non Authoritative
server: nginx
date: Sun, 16 Mar 2025 00:34:13 GMT
content-type: text/html; charset=utf-8
content-length: 257418
accept-ranges: none
link: <https://v3.traincdn.com/sys-ui/2.3.99/Desktop/Default/client.css>; rel=preload; as=style; crossorigin=anonymous
server-timing: dt_total;dur=0.004, total;dur=99;desc="Nuxt Server Time"
set-cookie: lng=en; Path=/
cookies_agree_type=3; Path=/
tzo=1; Path=/
is12h=0; Path=/
x-dt: 1557
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
GET v3.traincdn.com/genfiles/cms/1-1557/desktop/media_asset/23c7e88ecb4524e2222a63ddad8f28b4.json
200 OK 241 B URL GET v3.traincdn.com/genfiles/cms/1-1557/desktop/media_asset/23c7e88ecb4524e2222a63ddad8f28b4.json
IP
ASN #199524 G-Core Labs S.A.
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 70d36a6d4b2a77a5c23ed708edfd8294
10a4c637f9160ad917589825909e47b758cda3dd
818d3f91c360680552cbe65ac2fb61e299eabcba42fb27b7a48af68021bb0ee0
GET /genfiles/cms/1-1557/desktop/media_asset/23c7e88ecb4524e2222a63ddad8f28b4.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-4262965.top/
Origin: https://1xlite-4262965.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:16 GMT
content-type: application/json
content-length: 241
traceparent: 00-8e4c9c61d5df06a5c6e34ae6246aecdf-5b0f5f5713e5ffaf-01
last-modified: Thu, 27 Feb 2025 13:25:52 GMT
etag: "39257fbb62736206d5245e08925d7b60"
expires: Thu, 13 Mar 2025 02:08:58 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2
GET v3.traincdn.com/sys-static/shared-assets/__shared_popper_js_5I5UQEBA.js
200 OK 21 kB URL GET v3.traincdn.com/sys-static/shared-assets/__shared_popper_js_5I5UQEBA.js
IP
ASN #199524 G-Core Labs S.A.
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (21232)
Hash 6cb09f9375675899743ac6e31bcf0b0d
01383c415481291b1d4eeedff5a394215d84ecee
b17f976b26b989ff50713207d307701334974c9c1e3b491f629adf197bc879ce
GET /sys-static/shared-assets/__shared_popper_js_5I5UQEBA.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-4262965.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:16 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-236cc6db61a3c5bfe75acac2f02ff6ce-264ef3100ff24237-01
last-modified: Fri, 14 Mar 2025 11:46:16 GMT
etag: W/"6cb09f9375675899743ac6e31bcf0b0d"
x-amz-meta-mtime: 1741952700.135299485
content-encoding: gzip
expires: Sun, 16 Mar 2025 10:22:21 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 51115
cache: HIT
x-cached-since: 2025-03-15T10:22:21+00:00
X-Firefox-Spdy: h2
GET v3.traincdn.com/main-static/224bc897/desktop/default/runtime-7393d331.js
200 OK 21 kB URL GET v3.traincdn.com/main-static/224bc897/desktop/default/runtime-7393d331.js
IP
ASN #199524 G-Core Labs S.A.
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (20732), with no line terminators
Hash 9ab996b8f503364928a1f707cf2ea18e
c3aa9c39029600d7a1586ba03fd550e2e93ef8fe
ee938124d19cb4e3fc8978df677239fb34f0565d1029cb8f03a73152f6c94c62
GET /main-static/224bc897/desktop/default/runtime-7393d331.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-4262965.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:14 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-4c3969854bacd1f14401f29007dd2c4f-86c5a3c93a986dc3-01
last-modified: Fri, 14 Mar 2025 12:47:08 GMT
etag: W/"9ab996b8f503364928a1f707cf2ea18e"
x-amz-meta-mtime: 1741956427.425258391
content-encoding: gzip
expires: Sat, 15 Mar 2025 12:59:40 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 41636
cache: HIT
x-cached-since: 2025-03-15T13:00:18+00:00
X-Firefox-Spdy: h2
GET v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_registration/en/dictionary_509e3b0f0d7f7f3b7e49767415336ffc.json
200 OK 18 kB URL GET v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_registration/en/dictionary_509e3b0f0d7f7f3b7e49767415336ffc.json
IP
ASN #199524 G-Core Labs S.A.
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /genfiles/web-app-v2/dictionary2/v3_registration/en/dictionary_509e3b0f0d7f7f3b7e49767415336ffc.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-4262965.top/
Origin: https://1xlite-4262965.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:15 GMT
content-type: application/json; charset=utf-8
traceparent: 00-051810854dcd1cbb170dc46e699a3b45-4da5a59fa5603b1c-01
last-modified: Fri, 14 Mar 2025 18:05:50 GMT
etag: W/"ee84d717a6de9d20cbe79b49d4a6900f"
cache-control: max-age=3600
content-encoding: gzip
expires: Fri, 14 Mar 2025 19:28:42 GMT
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 3542
cache: HIT
x-cached-since: 2025-03-15T23:35:13+00:00
X-Firefox-Spdy: h2
POST 1xlite-4262965.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json
200 OK 23 B URL POST 1xlite-4262965.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json
IP
ASN #202492 Silverhill Group Holding Ltd
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerLet's Encrypt
Subject1xlite-4262965.top
FingerprintAC:77:6E:40:F5:94:E4:2A:95:1E:E7:1D:38:A5:4D:1F:C6:9E:15:A5
ValidityTue, 14 Jan 2025 09:17:23 GMT - Mon, 14 Apr 2025 09:17:22 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash 9b40f62f245954d6ff68e63f8c1de9e8
fc2434fac7177d09d0350fd466473b95ba1bc45b
e14e9e4291b72a5db371bfdd083ea8e1f7ad3ab149fd7e3b14bc7466ee45e9e8
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json HTTP/1.1
Host: 1xlite-4262965.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-4262965.top/en/block
Content-Type: application/json
X-Lang: en
X-Uuid: c622d55d-aca3-469a-a98b-68e00080be4e
Content-Length: 88
Origin: https://1xlite-4262965.top
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3313962m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_3313962m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_3313962m_18607c_%22%2C%22pb%22%3A%22b4343e2b4735408cbb6080dd2229d5f0%22%2C%22site_id%22%3A%221ad28b60%22%2C%22partner_id%22%3A%22t2nds%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; auid=LiC1N2fWHIWKFRxmA8LyAg==; window_width=1280; che_g=ab512254-19ad-d936-a555-c6b79c534011
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:16 GMT
content-type: application/json
content-length: 23
x-dt: 1557
x-time-ng: 0.000
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=0.019, wf-uht;dur=0.013
X-Firefox-Spdy: h2
GET v3.traincdn.com/sys-static/shared-assets/Desktop/__shared_base-app_6cad42405e.js
200 OK 777 kB URL GET v3.traincdn.com/sys-static/shared-assets/Desktop/__shared_base-app_6cad42405e.js
IP
ASN #199524 G-Core Labs S.A.
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT
Size 777 kB (776941 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sys-static/shared-assets/Desktop/__shared_base-app_6cad42405e.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-4262965.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:16 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-7cf0d3f3885aeb5d5c0ae925ddf6437b-4eb9a669cd515f8e-01
last-modified: Fri, 14 Mar 2025 11:36:32 GMT
etag: W/"b39bb12c18ea18215b39ad2612e224a4"
x-amz-meta-mtime: 1741952003.666759306
content-encoding: gzip
expires: Sat, 15 Mar 2025 14:26:59 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 35974
cache: HIT
x-cached-since: 2025-03-15T14:34:42+00:00
X-Firefox-Spdy: h2
GET v3.traincdn.com/main-static/224bc897/desktop/default/commons/app-10f05163.js
200 OK 138 kB URL GET v3.traincdn.com/main-static/224bc897/desktop/default/commons/app-10f05163.js
IP
ASN #199524 G-Core Labs S.A.
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT
Size 138 kB (137775 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /main-static/224bc897/desktop/default/commons/app-10f05163.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-4262965.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:14 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-c977a2d644c321fef8f172fc5e2cafe4-acf92d4985fae18c-01
last-modified: Fri, 14 Mar 2025 12:47:08 GMT
etag: W/"2491a3342a1b3ee04ef5698f46d83794"
x-amz-meta-mtime: 1741956427.389258082
content-encoding: gzip
expires: Sat, 15 Mar 2025 12:59:40 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 41636
cache: HIT
x-cached-since: 2025-03-15T13:00:18+00:00
X-Firefox-Spdy: h2
POST 1xlite-4262965.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/ab.json
200 OK 2 B URL POST 1xlite-4262965.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/ab.json
IP
ASN #202492 Silverhill Group Holding Ltd
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerLet's Encrypt
Subject1xlite-4262965.top
FingerprintAC:77:6E:40:F5:94:E4:2A:95:1E:E7:1D:38:A5:4D:1F:C6:9E:15:A5
ValidityTue, 14 Jan 2025 09:17:23 GMT - Mon, 14 Apr 2025 09:17:22 GMT
Hash d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/ab.json HTTP/1.1
Host: 1xlite-4262965.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-4262965.top/en/block
Content-Type: application/json
X-Lang: en
X-Uuid: c622d55d-aca3-469a-a98b-68e00080be4e
Content-Length: 19
Origin: https://1xlite-4262965.top
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3313962m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_3313962m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_3313962m_18607c_%22%2C%22pb%22%3A%22b4343e2b4735408cbb6080dd2229d5f0%22%2C%22site_id%22%3A%221ad28b60%22%2C%22partner_id%22%3A%22t2nds%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; auid=LiC1N2fWHIWKFRxmA8LyAg==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:15 GMT
content-type: application/json
content-length: 2
x-dt: 1557
x-time-ng: 0.001
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=0.006, wf-uht;dur=0.013
X-Firefox-Spdy: h2
GET v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_game/en/dictionary_dcbe3cdb949015f240ec7d0971f60fe5.json
200 OK 21 kB URL GET v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_game/en/dictionary_dcbe3cdb949015f240ec7d0971f60fe5.json
IP
ASN #199524 G-Core Labs S.A.
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /genfiles/web-app-v2/dictionary2/v3_game/en/dictionary_dcbe3cdb949015f240ec7d0971f60fe5.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-4262965.top/
Origin: https://1xlite-4262965.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:15 GMT
content-type: application/json; charset=utf-8
traceparent: 00-e6bb4de62786ae0b9948730e5c31eaeb-5e97664fbdb70f33-01
last-modified: Thu, 06 Mar 2025 18:05:46 GMT
etag: W/"d32c14306e8033aef783f5853b595697"
cache-control: max-age=3600
content-encoding: gzip
expires: Thu, 06 Mar 2025 19:25:23 GMT
x-time-ng: 0.001
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 1319
cache: HIT
x-cached-since: 2025-03-16T00:12:16+00:00
X-Firefox-Spdy: h2
GET v3.traincdn.com/sys-static/shared-assets/__shared_vue_deps_YT7LKPBD.js
200 OK 20 kB URL GET v3.traincdn.com/sys-static/shared-assets/__shared_vue_deps_YT7LKPBD.js
IP
ASN #199524 G-Core Labs S.A.
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sys-static/shared-assets/__shared_vue_deps_YT7LKPBD.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-4262965.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:16 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-13fc5314162a66dece24d85f8f681aa0-f83684a18e75804d-01
last-modified: Fri, 14 Mar 2025 11:46:16 GMT
etag: W/"8e7b49a5ff89a30b69960b5595fc6f12"
x-amz-meta-mtime: 1741952700.15129926
content-encoding: gzip
expires: Sun, 16 Mar 2025 10:00:34 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 52422
cache: HIT
x-cached-since: 2025-03-15T10:00:34+00:00
X-Firefox-Spdy: h2
GET 1xlite-4262965.top/captcha-api/assets/hunt-captcha.js
200 OK 43 kB URL GET 1xlite-4262965.top/captcha-api/assets/hunt-captcha.js
IP
ASN #202492 Silverhill Group Holding Ltd
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerLet's Encrypt
Subject1xlite-4262965.top
FingerprintAC:77:6E:40:F5:94:E4:2A:95:1E:E7:1D:38:A5:4D:1F:C6:9E:15:A5
ValidityTue, 14 Jan 2025 09:17:23 GMT - Mon, 14 Apr 2025 09:17:22 GMT
File type JavaScript source, ASCII text, with very long lines (28161)
Hash b9d3a7c3bc54dabbfff01bf802404840
9211ea5fb20bfc97a219f1fae25f43f3482520b4
270ed9e24f5ddfa0d3bbcbd70d7c638f2c7f8777bfc427c6ac0ccac539f06f4c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /captcha-api/assets/hunt-captcha.js HTTP/1.1
Host: 1xlite-4262965.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-4262965.top/en/block
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3313962m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_3313962m_18607c_; postback_watcher=%7B%22tag%22%3A%22d_3313962m_18607c_%22%2C%22pb%22%3A%22b4343e2b4735408cbb6080dd2229d5f0%22%2C%22site_id%22%3A%221ad28b60%22%2C%22partner_id%22%3A%22t2nds%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; auid=LiC1N2fWHIWKFRxmA8LyAg==; window_width=1280; che_g=ab512254-19ad-d936-a555-c6b79c534011; SESSION=4d77269a3adffaa07f9ba44a1923ff1b
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:24 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=300
x-request-id: eae447ceeebaff21c4f68fd6ebcffc5b
content-encoding: br
x-time-ng: 0.002
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
X-Firefox-Spdy: h2
GET v3.traincdn.com/main-static/224bc897/desktop/default/css/fd0d13f7.css
200 OK 62 kB URL GET v3.traincdn.com/main-static/224bc897/desktop/default/css/fd0d13f7.css
IP
ASN #199524 G-Core Labs S.A.
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT
File type ASCII text, with very long lines (61883), with no line terminators
Hash bb4155abcaf968a039bd3a269fbbc2a5
6d30f0c468a586c6af37048f83f93c4c16463515
fbd9fd4d3c7ee4ca8598d8a917fb7a6c8f915781b2b116c460bf758bd9bb2e6e
GET /main-static/224bc897/desktop/default/css/fd0d13f7.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-4262965.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:13 GMT
content-type: text/css; charset=utf-8
traceparent: 00-ec723f9c4da4417109a2b37b9cf44ffb-032aace9a88502f5-01
last-modified: Fri, 14 Mar 2025 12:47:08 GMT
etag: W/"bb4155abcaf968a039bd3a269fbbc2a5"
x-amz-meta-mtime: 1741956427.393258116
content-encoding: gzip
expires: Sat, 15 Mar 2025 12:59:37 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 41635
cache: HIT
x-cached-since: 2025-03-15T13:00:18+00:00
X-Firefox-Spdy: h2
GET v3.traincdn.com/main-static/224bc897/desktop/default/css/7fe5f71b.css
200 OK 3.3 kB URL GET v3.traincdn.com/main-static/224bc897/desktop/default/css/7fe5f71b.css
IP
ASN #199524 G-Core Labs S.A.
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT
File type ASCII text, with very long lines (3315), with no line terminators
Hash a094ae2a980f9c9b48cfc132e74ab16c
61b5d23a03be10876ee135cc656e300653dffcb9
8539c401214dafe1264f86e601c2ba0e06d5b6d23b21d7dd343f28c3e6e738b4
GET /main-static/224bc897/desktop/default/css/7fe5f71b.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-4262965.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:15 GMT
content-type: text/css; charset=utf-8
traceparent: 00-4863d292088bb5bffc40ec82137fb679-f9ba25158d7ebf96-01
last-modified: Fri, 14 Mar 2025 12:47:08 GMT
etag: W/"c610b8710368de3bf2f1c5bb581b6a3a"
x-amz-meta-mtime: 1741956427.389258082
content-encoding: gzip
expires: Sat, 15 Mar 2025 12:59:42 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 41634
cache: HIT
x-cached-since: 2025-03-15T13:00:21+00:00
X-Firefox-Spdy: h2
GET v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_coupon/en/dictionary_ef3ff904b17f3cf9f847397857fc5454.json
200 OK 24 kB URL GET v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_coupon/en/dictionary_ef3ff904b17f3cf9f847397857fc5454.json
IP
ASN #199524 G-Core Labs S.A.
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /genfiles/web-app-v2/dictionary2/v3_coupon/en/dictionary_ef3ff904b17f3cf9f847397857fc5454.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-4262965.top/
Origin: https://1xlite-4262965.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:15 GMT
content-type: application/json; charset=utf-8
traceparent: 00-42ad5dfe7903dc010d19a922d01b8289-63bd439439d83184-01
last-modified: Thu, 27 Feb 2025 18:05:34 GMT
etag: W/"6bda662edfd805aea01f29c8fb463a08"
cache-control: max-age=3600
content-encoding: gzip
expires: Thu, 27 Feb 2025 19:17:24 GMT
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 2144
cache: HIT
x-cached-since: 2025-03-15T23:58:31+00:00
X-Firefox-Spdy: h2
GET v3.traincdn.com/genfiles/cms/1-1557/desktop/media_asset/bd4392c235239e03090435f7245648b9.json
200 OK 22 kB URL GET v3.traincdn.com/genfiles/cms/1-1557/desktop/media_asset/bd4392c235239e03090435f7245648b9.json
IP
ASN #199524 G-Core Labs S.A.
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT
Hash 2a133751bdb93172c1180e46ed639d15
33b6c98769df70b2ddda89ed119f1f45baf0c4b8
3337dec2c342cfe60602932c0c3608dc9cff7e9cd68697445c6b15dc13623358
GET /genfiles/cms/1-1557/desktop/media_asset/bd4392c235239e03090435f7245648b9.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-4262965.top/
Origin: https://1xlite-4262965.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:15 GMT
content-type: application/json
traceparent: 00-8187e82e834fee3e76f96466b55e5ac1-3c3a91f0120d25af-01
last-modified: Thu, 13 Mar 2025 13:35:24 GMT
etag: W/"2a133751bdb93172c1180e46ed639d15"
content-encoding: gzip
expires: Fri, 14 Mar 2025 07:35:10 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
cache: REVALIDATED
X-Firefox-Spdy: h2
GET v3.traincdn.com/main-static/224bc897/desktop/default/Betting.Core-ece8a0bc.js
200 OK 2.1 kB URL GET v3.traincdn.com/main-static/224bc897/desktop/default/Betting.Core-ece8a0bc.js
IP
ASN #199524 G-Core Labs S.A.
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (2132), with no line terminators
Hash 8c341922fdacac7166fd060121dc1657
40b4fdf7d5942d9666201968ea43f69ef21d3b2f
bb2cfe14939be473cb40d2329f79a6b5a0530786d22cede1789d10d1b87a0a58
GET /main-static/224bc897/desktop/default/Betting.Core-ece8a0bc.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-4262965.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:15 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-3971af9137b477a9101b2a0e2eab3d82-65c5de8cb1787522-01
last-modified: Fri, 14 Mar 2025 12:47:08 GMT
etag: W/"d886ae9107b0808c7b50cc1c676b814f"
x-amz-meta-mtime: 1741956427.381258013
content-encoding: gzip
expires: Sat, 15 Mar 2025 12:59:42 GMT
cache-control: max-age=86400
x-time-ng: 0.001
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 41634
cache: HIT
x-cached-since: 2025-03-15T13:00:21+00:00
X-Firefox-Spdy: h2
GET v3.traincdn.com/sys-static/shared-assets/__shared_fast_deep_equal_ORMYJPSV.js
200 OK 865 B URL GET v3.traincdn.com/sys-static/shared-assets/__shared_fast_deep_equal_ORMYJPSV.js
IP
ASN #199524 G-Core Labs S.A.
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (873), with no line terminators
Hash 625f9e7c0a9eb895856a03d28a85e9f3
f0e8b6113f4c0d088baca9234190ce2b484de3df
d3dc79f06ae64eef1bd29c19957cc035fdae020dc3fc29c818cfd3460f775675
GET /sys-static/shared-assets/__shared_fast_deep_equal_ORMYJPSV.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-4262965.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:16 GMT
content-type: text/javascript; charset=utf-8
content-length: 865
traceparent: 00-d118ea60a59cbf3dc3b44fbd812d4e0a-cdd437fd8fff0a01-01
last-modified: Fri, 14 Mar 2025 11:46:16 GMT
etag: "e42d2bda0bda350e6cb507a391561910"
x-amz-meta-mtime: 1741952700.139299428
expires: Sun, 16 Mar 2025 09:59:56 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 52460
cache: HIT
x-cached-since: 2025-03-15T09:59:56+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2
GET v3.traincdn.com/sys-static/shared-assets/__shared_accept_language_parser_F4H4E7NH.js
200 OK 1.3 kB URL GET v3.traincdn.com/sys-static/shared-assets/__shared_accept_language_parser_F4H4E7NH.js
IP
ASN #199524 G-Core Labs S.A.
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (1315), with no line terminators
Hash 001e2a3bbaa9f2281ce7932a2f7e2772
3316097af6f6de83378ac397312d2c6b6baabfca
2f861658e594343780dfff6b7cdbeb23436e1a7fe682884d393d557b09c739cd
GET /sys-static/shared-assets/__shared_accept_language_parser_F4H4E7NH.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-4262965.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:16 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-b5539c692535e2acc98d0e9785d3c7df-b2d383346d1346c1-01
last-modified: Fri, 14 Mar 2025 11:46:16 GMT
etag: W/"268c88e3fff4b1ae77e5109cba692e17"
x-amz-meta-mtime: 1741952700.15129926
content-encoding: gzip
expires: Sun, 16 Mar 2025 10:00:34 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 52422
cache: HIT
x-cached-since: 2025-03-15T10:00:34+00:00
X-Firefox-Spdy: h2
GET v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/2788a4ab84.js
200 OK 27 kB URL GET v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/2788a4ab84.js
IP
ASN #199524 G-Core Labs S.A.
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT
File type ASCII text, with very long lines (12766)
Hash 22ef7525668837b45d93c7da7afc225f
db00de34eaa349e051a74fff4166a8b615739bea
0bcbda7f98d3459f593590ecf1a074819cbe5a9d46cca44d6760f1c4bd303075
GET /sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/2788a4ab84.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-4262965.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:16 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-fec7642eed2286b740858923707bc431-e65884cf4d5051f4-01
last-modified: Thu, 13 Mar 2025 07:51:50 GMT
etag: W/"22ef7525668837b45d93c7da7afc225f"
x-amz-meta-mtime: 1741852125.617618604
content-encoding: gzip
expires: Fri, 14 Mar 2025 10:31:52 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 50525
cache: HIT
x-cached-since: 2025-03-15T10:32:11+00:00
X-Firefox-Spdy: h2
GET 1xlite-4262965.top/en/promotions/wheel-bet?tag=d_3313962m_18607c_&pb=b4343e2b4735408cbb6080dd2229d5f0&site_id=1ad28b60&partner_id=t2nds&r=promotions/wheel-bet
302 Found 257 kB URL User Request GET 1xlite-4262965.top/en/promotions/wheel-bet?tag=d_3313962m_18607c_&pb=b4343e2b4735408cbb6080dd2229d5f0&site_id=1ad28b60&partner_id=t2nds&r=promotions/wheel-bet
IP
ASN #202492 Silverhill Group Holding Ltd
Certificate IssuerLet's Encrypt
Subject1xlite-4262965.top
FingerprintAC:77:6E:40:F5:94:E4:2A:95:1E:E7:1D:38:A5:4D:1F:C6:9E:15:A5
ValidityTue, 14 Jan 2025 09:17:23 GMT - Mon, 14 Apr 2025 09:17:22 GMT
Size 257 kB (257418 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /en/promotions/wheel-bet?tag=d_3313962m_18607c_&pb=b4343e2b4735408cbb6080dd2229d5f0&site_id=1ad28b60&partner_id=t2nds&r=promotions/wheel-bet HTTP/1.1
Host: 1xlite-4262965.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Sun, 16 Mar 2025 00:34:13 GMT
link: <https://v3.traincdn.com/sys-ui/2.3.99/Desktop/Default/client.css>; rel=preload; as=style; crossorigin=anonymous
location: /en/block
server-timing: dt_total;dur=0.008, total;dur=288;desc="Nuxt Server Time", wf-uht;dur=0.298
set-cookie: platform_type=desktop; Path=/; Expires=Wed, 19 Mar 2025 00:34:12 GMT; Secure; SameSite=None; Partitioned
lng=en; Path=/
cookies_agree_type=3; Path=/
tzo=1; Path=/
is12h=0; Path=/
referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3313962m_18607c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; Path=/; Expires=Thu, 15 May 2025 00:34:13 GMT
reflinkid=d_3313962m_18607c_; Path=/; Expires=Sun, 16 Mar 2025 01:34:13 GMT
postback_watcher=%7B%22tag%22%3A%22d_3313962m_18607c_%22%2C%22pb%22%3A%22b4343e2b4735408cbb6080dd2229d5f0%22%2C%22site_id%22%3A%221ad28b60%22%2C%22partner_id%22%3A%22t2nds%22%2C%22r%22%3A%22promotions%2Fwheel-bet%22%7D; Path=/; Expires=Tue, 15 Apr 2025 00:34:13 GMT
auid=LiC1N2fWHIWKFRxmA8LyAg==; path=/; secure; httponly; samesite=lax
x-dt: 1557
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
GET v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2
200 OK 64 kB URL GET v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2
IP
ASN #199524 G-Core Labs S.A.
Requested by https://1xlite-4262965.top/en/block
Certificate IssuerSectigo Limited
Subject*.traincdn.com
Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA
ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 63920, version 1.0
Hash a65527fcb58f66a7cfbc0e6b160538b4
45d260e7fa343401b5bb0df982a014f53e2d253b
fb13c3a1cbac60649b76f7d7f85c1645d35ac69b85ce5f4eb0692505ecc2cd45
GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-4262965.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Mar 2025 00:34:25 GMT
content-type: font/woff2
content-length: 63920
traceparent: 00-9c54ea25fbda061376ae6999b0ca5aca-73146b5643fac4ae-01
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "a65527fcb58f66a7cfbc0e6b160538b4"
expires: Thu, 16 Jan 2025 10:45:34 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 682
cache: HIT
x-cached-since: 2025-03-16T00:23:03+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2
46.32.181.55
185.244.209.62
45.54.49.5
0.0.0.0