Report - refpamjeql.top/L?tag=d_87653m_3030c_[]MS[]null[]null[]{adspot_id}_d26691_l14299_clickunder&pb=b3ec284c1a7a4c4aa92f9fa5f651e8ba&click_id=RznZH4qTZSQrYVLaGNUg_wiYSa799b{adspot_id}498648faglh{click

Report Overview

Visitedpublic

2025-06-12 14:45:02

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.googletagmanager.com	75	2011-11-11	2012-10-04	2025-06-11	2.1 kB	1.5 MB	142.250.74.168
www.google.com	7	1997-09-15	2015-05-10	2025-06-11	1.8 kB	1.2 kB	142.250.74.68
refpamjeql.top	73932	2019-08-22	2019-08-22	2025-06-06	666 B	272 kB	45.135.120.31
1xlite-873858.world	unknown	2025-04-29	2025-06-12	2025-06-12	23 kB	946 kB	91.186.206.101
v3.traincdn.com	unknown	2022-11-10	2022-11-25	2025-06-12	35 kB	5.6 MB	185.244.209.62
region1.analytics.google.com	unknown	1997-09-15	2022-03-17	2025-06-11	2.1 kB	1.7 kB	216.239.34.36
radar.cedexis.com	3035	2009-01-07	2013-11-27	2025-06-05	854 B	1.4 kB	45.54.49.5
www.google.no	25607	2001-02-26	2012-06-26	2025-06-11	881 B	580 B	142.250.74.131

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-06-12	medium	1xlite-873858.world	Sinkholed
2025-06-12	medium	1xlite-873858.world	Sinkholed
2025-06-12	medium	1xlite-873858.world	Sinkholed
2025-06-12	medium	1xlite-873858.world	Sinkholed
2025-06-12	medium	1xlite-873858.world	Sinkholed
2025-06-12	medium	1xlite-873858.world	Sinkholed
2025-06-12	medium	1xlite-873858.world	Sinkholed
2025-06-12	medium	1xlite-873858.world	Sinkholed
2025-06-12	medium	1xlite-873858.world	Sinkholed
2025-06-12	medium	1xlite-873858.world	Sinkholed
2025-06-12	medium	1xlite-873858.world	Sinkholed
2025-06-12	medium	1xlite-873858.world	Sinkholed
2025-06-12	medium	1xlite-873858.world	Sinkholed
2025-06-12	medium	1xlite-873858.world	Sinkholed
2025-06-12	medium	1xlite-873858.world	Sinkholed
2025-06-12	medium	1xlite-873858.world	Sinkholed
2025-06-12	medium	1xlite-873858.world	Sinkholed
2025-06-12	medium	1xlite-873858.world	Sinkholed

ThreatFox

No alerts detected

JavaScript (54)

	URL	From	Size	First Seen	Last Seen
	1xlite-873858.world/en/block	ScriptElement	1.7 kB	2025-06-12	2025-06-17
URL 1xlite-873858.world/en/block IP / ASN 91.186.206.101 #0 Introduced by ScriptElement Embedded true Resource Info First Seen 2025-06-12 Last Seen 2025-06-17 Times Seen 87 Size 1.7 kB (1736 bytes) MD5 42f409c3fe7a28ad728d3b03521b1df4 SHA1 b14d47b52e4eac327703edd7ddfdb15aa7547f65 SHA256 e0e2e40e0ce6c87b4b994f34d776a2dd8252283a21e18bc65626b15052d115cd Format Code Loading...

	v3.traincdn.com/sys-static/shared-assets/__shared_fast_deep_equal_XYWIEKOD.js	ImportedModule	865 B	2025-05-14	2025-08-02
URL v3.traincdn.com/sys-static/shared-assets/__shared_fast_deep_equal_XYWIEKOD.js IP / ASN 185.244.209.62 #199524 G-Core Labs S.A. Introduced by ImportedModule Embedded false Resource Info First Seen 2025-05-14 Last Seen 2025-08-02 Times Seen 1463 Size 865 B (865 bytes) MD5 0af3fe0c072a5bb3b6c731767187982f SHA1 55db5afb57265dc92fd121fe9ae565ffb2f53b2c SHA256 655bbe85da91e863401c6f96e24b41f5c2fe51a4245cecc2deb2b8c9600fef30 Format Code Loading...

	v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/83804de8d1.js	ImportedModule	2.4 kB	2025-06-11	2025-06-18
URL v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/83804de8d1.js IP / ASN 185.244.209.62 #199524 G-Core Labs S.A. Introduced by ImportedModule Embedded false Resource Info First Seen 2025-06-11 Last Seen 2025-06-18 Times Seen 109 Size 2.4 kB (2402 bytes) MD5 6a11f0c76b1be97a59e814bb3c8caf63 SHA1 c1b58b6aec8e50953bba65a99ff56cdb7a66648e SHA256 5de12d39fb07632046ff1b636373b183a8e81556b150df38b0acc72845e45fa1 Format Code Loading...

	1xlite-873858.world/en/block	Function	290 kB	2025-06-12	2025-06-12
URL 1xlite-873858.world/en/block IP / ASN 91.186.206.101 #0 Introduced by Function Embedded false Resource Info First Seen 2025-06-12 Last Seen 2025-06-12 Times Seen 1 Size 290 kB (290432 bytes) MD5 94a7d19d0ad3c078d17073776867f9ee SHA1 5e52f2b095daa37ee47bb75fb10838598499552c SHA256 56dbf1f1a51a90a18ca3aeb320220c96b3558c58ea43367baaaa35c885ad9037 Format Code Loading...

	v3.traincdn.com/main-static/e6b170ce/desktop/default/commons/app-3071efee.js	ScriptElement	138 kB	2025-06-11	2025-06-17
URL v3.traincdn.com/main-static/e6b170ce/desktop/default/commons/app-3071efee.js IP / ASN 185.244.209.62 #199524 G-Core Labs S.A. Introduced by ScriptElement Embedded false Resource Info First Seen 2025-06-11 Last Seen 2025-06-17 Times Seen 101 Size 138 kB (138078 bytes) MD5 a7db4567274e513ebd2ebb05bbd625e9 SHA1 d34209df37e2c735496a68adc56ae2aad3a6353b SHA256 b627e72171a9492058cc85e8cb52e7842d21682bd22e8c2558d0fef8501c5f6a Format Code Loading...

	v3.traincdn.com/main-static/e6b170ce/desktop/default/vendors/plugins.vue-js-modal-a7367d5f.js	ScriptElement	27 kB	2025-06-11	2025-06-17
URL v3.traincdn.com/main-static/e6b170ce/desktop/default/vendors/plugins.vue-js-modal-a7367d5f.js IP / ASN 185.244.209.62 #199524 G-Core Labs S.A. Introduced by ScriptElement Embedded false Resource Info First Seen 2025-06-11 Last Seen 2025-06-17 Times Seen 100 Size 27 kB (26667 bytes) MD5 ea184fef8045cfc2109ed27110506628 SHA1 da5f61af129425afa5d9e3576e21a7e172632f2a SHA256 89deaf3b58659a235ff30f7f9b202b4cd1986b22a9a9e75cf22f23bc2bddb4af Format Code Loading...

	1xlite-873858.world/en/block	Eval	2.6 kB	2025-05-29	2025-07-30
URL 1xlite-873858.world/en/block IP / ASN 91.186.206.101 #0 Introduced by Eval Embedded false Resource Info First Seen 2025-05-29 Last Seen 2025-07-30 Times Seen 867 Size 2.6 kB (2572 bytes) MD5 5236f6ffdc0b23f0b4a458e72ccc2e96 SHA1 e312439a042f4c726d9566784a0783f5b66f86e9 SHA256 ed52fb4838e482b45678a5ac8ab73644c4ea46d6a9ac659c20219094e1fdf5d3 Format Code Loading...

	v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/8f5baa79dd.js	ScriptElement	1.2 kB	2025-06-11	2025-06-18
URL v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/8f5baa79dd.js IP / ASN 185.244.209.62 #199524 G-Core Labs S.A. Introduced by ScriptElement Embedded false Resource Info First Seen 2025-06-11 Last Seen 2025-06-18 Times Seen 109 Size 1.2 kB (1206 bytes) MD5 f7e37ebd12b14d4b1601ce883158b83f SHA1 04af176e528630a964ec3b011cbceb5f64f34752 SHA256 af238d077c57927faccf25bd23f9f6647d72af7e7be300be0b04037ebaeef7a5 Format Code Loading...

	data:text/javascript,export const meta = import.meta;	ScriptElement	32 B	2023-12-06	2025-08-02
URL data:text/javascript,export const meta = import.meta; IP / ASN 0.0.0.0 #0 Introduced by ScriptElement Embedded false Resource Info First Seen 2023-12-06 Last Seen 2025-08-02 Times Seen 4155 Size 32 B (32 bytes) MD5 6d772b7d405b447ecee54ab61cdd5108 SHA1 dd65fb9cd5a7cb94a40fe161f4f72303a61eb3b7 SHA256 b90ff694e492935b6036fb7e878d365dab51aafa46f0afb1e33414e7ecc3307b Format Code Loading...

	1xlite-873858.world/en/block	ScriptElement	6.4 kB	2025-06-12	2025-06-17
URL 1xlite-873858.world/en/block IP / ASN 91.186.206.101 #0 Introduced by ScriptElement Embedded true Resource Info First Seen 2025-06-12 Last Seen 2025-06-17 Times Seen 54 Size 6.4 kB (6366 bytes) MD5 507e1b103d0498b0d106a999a9d16460 SHA1 761cbc697f1f18913798cc202ea341448f99f984 SHA256 83b4ed7633aebfe47a53e410480f0fa5a2a742fc48928e1bfa80f1b2cfdf30ee Format Code Loading...

	1xlite-873858.world/en/block	DomTimer	10 B	2024-09-21	2025-08-02
URL 1xlite-873858.world/en/block IP / ASN 91.186.206.101 #0 Introduced by DomTimer Embedded false Resource Info First Seen 2024-09-21 Last Seen 2025-08-02 Times Seen 2192 Size 10 B (10 bytes) MD5 01f4b51b4ba7edd00ad9f0a22259f06e SHA1 00723d0eda4be61a7b1c542b0a08a94a94a60017 SHA256 9fdac1c31a22f55dbb8ca225ee28c3f7e88b41cce82968af0018c9f8b3bd35ba Format Code Loading...

	v3.traincdn.com/sys-static/shared-assets/__shared_accept_language_parser_B6TW5FDZ.js	ImportedModule	1.3 kB	2025-05-14	2025-08-02
URL v3.traincdn.com/sys-static/shared-assets/__shared_accept_language_parser_B6TW5FDZ.js IP / ASN 185.244.209.62 #199524 G-Core Labs S.A. Introduced by ImportedModule Embedded false Resource Info First Seen 2025-05-14 Last Seen 2025-08-02 Times Seen 1463 Size 1.3 kB (1297 bytes) MD5 e3f1c4089db6b910890e85d97a2e2066 SHA1 85828920da3c3fd7856acde184e835ac314295cd SHA256 6c28afe5a52e0f9b1138fe498b254c8671058a058b555651ccae8e91e7534614 Format Code Loading...

	radar.cedexis.com/1/23802/radar.js	ScriptElement	390 B	2024-02-13	2025-08-02
URL radar.cedexis.com/1/23802/radar.js IP / ASN 45.54.49.5 #63911 NetActuate, Inc Introduced by ScriptElement Embedded false Resource Info First Seen 2024-02-13 Last Seen 2025-08-02 Times Seen 3394 Size 390 B (390 bytes) MD5 82dec77fd0353c7c71ce053b8601387e SHA1 fbbca95419e1d0c042e0a5fdf10f380aca66188c SHA256 39f2b7b0fa78d37d0c84d2d6618bd635d86fd683d9bcdd5729850cb2a62522f7 Format Code Loading...

	1xlite-873858.world/en/block	ScriptElement	203 kB	2025-06-12	2025-06-12
URL 1xlite-873858.world/en/block IP / ASN 91.186.206.101 #0 Introduced by ScriptElement Embedded true Resource Info First Seen 2025-06-12 Last Seen 2025-06-12 Times Seen 1 Size 203 kB (203212 bytes) MD5 96c52c64d0043137b8a59e082ed3d844 SHA1 322448d7c7c37bcbfdb4ca3376d14cf2b94c4aa3 SHA256 317529ea976854ef2d92d74e2d194cc62d3d29911d86a8b377cdd05d87ca891b Format Code Loading...

	v3.traincdn.com/main-static/e6b170ce/desktop/default/vendors/plugins.vue-notification-58c4917a.js	ScriptElement	13 kB	2025-06-11	2025-06-17
URL v3.traincdn.com/main-static/e6b170ce/desktop/default/vendors/plugins.vue-notification-58c4917a.js IP / ASN 185.244.209.62 #199524 G-Core Labs S.A. Introduced by ScriptElement Embedded false Resource Info First Seen 2025-06-11 Last Seen 2025-06-17 Times Seen 100 Size 13 kB (12563 bytes) MD5 e3a109633ace6ab35b7725a9ce258d1e SHA1 1427875a18593fc516851d95dfbe46e440e73280 SHA256 d6886d00d9f912602d05c2d4aa336c6558441c6228faad77da7916e7b0e6d082 Format Code Loading...

	v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/$_$.js	ImportedModule	69 B	2025-05-14	2025-08-02
URL v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/$_$.js IP / ASN 185.244.209.62 #199524 G-Core Labs S.A. Introduced by ImportedModule Embedded false Resource Info First Seen 2025-05-14 Last Seen 2025-08-02 Times Seen 1366 Size 69 B (69 bytes) MD5 2cdaa92927f02e0b628f1ef4d7dd8caf SHA1 9104a2e16ed080b80a42588b8aeb52ebec47ab7a SHA256 ef8101ffea52addcdcfcc3a83f96ff2d4613fb3ae6d1c16bbe4852387b73a9db Format Code Loading...

	v3.traincdn.com/sys-static/shared-assets/__shared_libphonenumber_js_Q6RMKWT6.js	ImportedModule	159 kB	2025-05-14	2025-08-02
URL v3.traincdn.com/sys-static/shared-assets/__shared_libphonenumber_js_Q6RMKWT6.js IP / ASN 185.244.209.62 #199524 G-Core Labs S.A. Introduced by ImportedModule Embedded false Resource Info First Seen 2025-05-14 Last Seen 2025-08-02 Times Seen 1463 Size 159 kB (158815 bytes) MD5 1da464d70e78b04b9b808e82e4ad9487 SHA1 0c79e65516d1525ecb43d13cfb4ccb0631095a28 SHA256 b4c72b8036ca6767ab61490178f901538646f2aa1001cb042caa134174a41595 Format Code Loading...

	v3.traincdn.com/sys-static/shared-assets/__shared_localforage_FJKG5M2E.js	ImportedModule	30 kB	2025-05-14	2025-08-02
URL v3.traincdn.com/sys-static/shared-assets/__shared_localforage_FJKG5M2E.js IP / ASN 185.244.209.62 #199524 G-Core Labs S.A. Introduced by ImportedModule Embedded false Resource Info First Seen 2025-05-14 Last Seen 2025-08-02 Times Seen 1463 Size 30 kB (30277 bytes) MD5 02cf95f00794b77df34632e34a59c5be SHA1 b64889fb6cbe78a141688ea761a627997ef8a8af SHA256 bf78b7b3dd6ecbdea04c575edfb6022ed1b2e98c7a9cb9f02ab851ca638f1b83 Format Code Loading...

	1xlite-873858.world/captcha-api/assets/hunt-captcha.js	ScriptElement	86 kB	2025-06-12	2025-06-16
URL 1xlite-873858.world/captcha-api/assets/hunt-captcha.js IP / ASN 91.186.206.101 #0 Introduced by ScriptElement Embedded false Resource Info First Seen 2025-06-12 Last Seen 2025-06-16 Times Seen 93 Size 86 kB (86467 bytes) MD5 995686fa9daadfdb9b2db88054924cec SHA1 ac0c6168ae60959598457e766cb3f691af69cdaf SHA256 a31a605f2224c083c4dc7a6212e2a0d8ee3ec56cb1ad0dc990bba408185242d2 Format Code Loading...

	1xlite-873858.world/en/block	Function	39 B	2023-04-14	2025-08-02
URL 1xlite-873858.world/en/block IP / ASN 91.186.206.101 #0 Introduced by Function Embedded false Resource Info First Seen 2023-04-14 Last Seen 2025-08-02 Times Seen 6502 Size 39 B (39 bytes) MD5 bc51ed8c76553717f10d58b2df60fd76 SHA1 e2d03a8fd8d280074b226c288880f9df299c7cb1 SHA256 bee994eaf88453f6343ba57571a069054c12c9b4e42f8cbad4f2ad75c7fb264c Format Code Loading...

	v3.traincdn.com/main-static/e6b170ce/desktop/default/analytics-d428c172.js	ScriptElement	7.1 kB	2025-06-11	2025-06-18
URL v3.traincdn.com/main-static/e6b170ce/desktop/default/analytics-d428c172.js IP / ASN 185.244.209.62 #199524 G-Core Labs S.A. Introduced by ScriptElement Embedded false Resource Info First Seen 2025-06-11 Last Seen 2025-06-18 Times Seen 102 Size 7.1 kB (7104 bytes) MD5 e53ec05a66d6e86bacf84cc6e0c064c1 SHA1 fe0076a8faec60c09e89544f2dc99d1b730992db SHA256 7126e3d0b7105338c96184be045bd68e436b66389ac2abde66c31c75991ef05c Format Code Loading...

	www.googletagmanager.com/gtag/js?id=G-7JGWL9SV66	ScriptElement	477 kB	2025-06-12	2025-06-12
URL www.googletagmanager.com/gtag/js?id=G-7JGWL9SV66 IP / ASN 142.250.74.168 #15169 GOOGLE Introduced by ScriptElement Embedded false Resource Info First Seen 2025-06-12 Last Seen 2025-06-12 Times Seen 1 Size 477 kB (477271 bytes) MD5 79a12f5eb4ae1d09bf09d8be23b2d551 SHA1 542045caf76e5d8773324b4ab67ae31e8e1da4ad SHA256 20e2376fb22d048f0e2114d1e6d4ba59138c6b9d6b9675438872258fe0eedc10 Format Code Loading...

	v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/d3211fea84.js	ImportedModule	2.0 kB	2025-06-11	2025-06-18
URL v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/d3211fea84.js IP / ASN 185.244.209.62 #199524 G-Core Labs S.A. Introduced by ImportedModule Embedded false Resource Info First Seen 2025-06-11 Last Seen 2025-06-18 Times Seen 109 Size 2.0 kB (1968 bytes) MD5 bcfa472883db0fa730cb229a34201a2d SHA1 79433aee325f51d919f2001a2b61c1d194775cb4 SHA256 eca0daaf73cae072963324918951869edc3192c5acfcfd2535a4f9c2ab0bb8ad Format Code Loading...

	v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/d804af299e.js	ImportedModule	147 B	2025-06-11	2025-06-18
URL v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/d804af299e.js IP / ASN 185.244.209.62 #199524 G-Core Labs S.A. Introduced by ImportedModule Embedded false Resource Info First Seen 2025-06-11 Last Seen 2025-06-18 Times Seen 109 Size 147 B (147 bytes) MD5 233c4fa0f7926cd21110f2dfe9861327 SHA1 99ad13ab45e17976e39eabd2101470c0c6277e8c SHA256 e3dde8ff153cc29d828e7b36050242b283707a8378b03de78e881a83486a7f28 Format Code Loading...

	www.googletagmanager.com/gtag/destination?id=DC-14030178&cx=c&gtm=45He56b0h2v9180563600za200&tag_exp=101509157~102015666~103116026~103200004~103233427~103351869~103351871~104617979~104617981~104661466~104661468	ScriptElement	306 kB	2025-06-12	2025-06-12
URL www.googletagmanager.com/gtag/destination?id=DC-14030178&cx=c&gtm=45He56b0h2v9180563600za200&tag_exp=101509157~102015666~103116026~103200004~103233427~103351869~103351871~104617979~104617981~104661466~104661468 IP / ASN 142.250.74.168 #15169 GOOGLE Introduced by ScriptElement Embedded false Resource Info First Seen 2025-06-12 Last Seen 2025-06-12 Times Seen 1 Size 306 kB (305461 bytes) MD5 71e0b59cc7dcddd7859cd69239bc75d2 SHA1 8728057b6b203d1b2132d6ac09a821b110dbbcbd SHA256 48c168e74d7329ee2f7549efd3031772d509566a7d95f1fcf34a76f9cccb5829 Format Code Loading...

	v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/6003f323ba.js	ScriptElement	3.9 kB	2025-06-11	2025-06-18
URL v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/6003f323ba.js IP / ASN 185.244.209.62 #199524 G-Core Labs S.A. Introduced by ScriptElement Embedded false Resource Info First Seen 2025-06-11 Last Seen 2025-06-18 Times Seen 109 Size 3.9 kB (3874 bytes) MD5 b886859005a3d3fea54122a9950b3c92 SHA1 bb0f7dfa9b580167eebb12b681daf89421a6ceda SHA256 f608cf4079758fd800df0b4937540ed2330d25c905d53c777d59c5d50e5c272a Format Code Loading...

	1xlite-873858.world/en/block	Function	85 kB	2025-06-12	2025-06-16
URL 1xlite-873858.world/en/block IP / ASN 91.186.206.101 #0 Introduced by Function Embedded false Resource Info First Seen 2025-06-12 Last Seen 2025-06-16 Times Seen 93 Size 85 kB (84631 bytes) MD5 cd7acd84a945a08bab4876c3c365e736 SHA1 6b3730011c4998246fc7613aa4b9df30e0f5fc52 SHA256 56765bb1b5bd159ab7d87db3ab983ba6803ccc18494363596e1be942a9ec34e7 Format Code Loading...

	1xlite-873858.world/en/block	Function	47 B	2023-04-14	2025-08-02
URL 1xlite-873858.world/en/block IP / ASN 91.186.206.101 #0 Introduced by Function Embedded false Resource Info First Seen 2023-04-14 Last Seen 2025-08-02 Times Seen 6497 Size 47 B (47 bytes) MD5 580b3e56fc9ab6e8b4655f43ee057cc1 SHA1 5dfce565e446f4a167195de9a1a5dd26163c711c SHA256 446f07b6e56de61d2c2d5b6ba408cc580b492a6d1ede8fc51cfde4ef75a2b382 Format Code Loading...

	v3.traincdn.com/main-static/e6b170ce/desktop/default/vendors/app-d7417fdd.js	ScriptElement	1.4 MB	2025-06-11	2025-06-17
URL v3.traincdn.com/main-static/e6b170ce/desktop/default/vendors/app-d7417fdd.js IP / ASN 185.244.209.62 #199524 G-Core Labs S.A. Introduced by ScriptElement Embedded false Resource Info First Seen 2025-06-11 Last Seen 2025-06-17 Times Seen 99 Size 1.4 MB (1393850 bytes) MD5 f97166985fba0599caee61b22fea1357 SHA1 16bf76843b0d9ff70c8f4594b50afe1be6290722 SHA256 9f29bab947020f829d51b2e6ff0a34f6da6b72c2e72357fcda7f26d707422ada Format Code Loading...

	v3.traincdn.com/main-static/e6b170ce/desktop/default/vendors/plugins.v-tooltip-676f1837.js	ScriptElement	77 kB	2025-06-11	2025-06-17
URL v3.traincdn.com/main-static/e6b170ce/desktop/default/vendors/plugins.v-tooltip-676f1837.js IP / ASN 185.244.209.62 #199524 G-Core Labs S.A. Introduced by ScriptElement Embedded false Resource Info First Seen 2025-06-11 Last Seen 2025-06-17 Times Seen 100 Size 77 kB (76622 bytes) MD5 ff624a7b4d6af62165edebc6dc7d87e7 SHA1 905f9edbda508fa0ca92a7262f438038ccf226a5 SHA256 ba532407a871f07ff4d23e6e940229651a6b18c1336f9bcdc2ea35a2e2161323 Format Code Loading...

	v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/entry-c3a5232530.js	ScriptElement	21 kB	2025-06-11	2025-06-18
URL v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/entry-c3a5232530.js IP / ASN 185.244.209.62 #199524 G-Core Labs S.A. Introduced by ScriptElement Embedded false Resource Info First Seen 2025-06-11 Last Seen 2025-06-18 Times Seen 109 Size 21 kB (21168 bytes) MD5 1ec295db016c12c2ce14a413608d2644 SHA1 924bc1002e1a3949c4a79d23acf5383cbae4886c SHA256 07b560d3a9f4f1302996bd086a1e1befbdc412447627db3fae16716f235ba9e0 Format Code Loading...

	v3.traincdn.com/sys-static/shared-assets/__shared_popper_js_E2H7ZPXQ.js	ImportedModule	21 kB	2025-05-14	2025-08-02
URL v3.traincdn.com/sys-static/shared-assets/__shared_popper_js_E2H7ZPXQ.js IP / ASN 185.244.209.62 #199524 G-Core Labs S.A. Introduced by ImportedModule Embedded false Resource Info First Seen 2025-05-14 Last Seen 2025-08-02 Times Seen 1439 Size 21 kB (21252 bytes) MD5 3cf0cae38afae9add22f7884e5061231 SHA1 2a41037501375a439385a76a047876619683418f SHA256 322482e3beae5a985d069beea981614510fda90a5df7295b776a324d461fc43d Format Code Loading...

	v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/6190be1ac7.js	ImportedModule	1.2 kB	2025-06-11	2025-06-18
URL v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/6190be1ac7.js IP / ASN 185.244.209.62 #199524 G-Core Labs S.A. Introduced by ImportedModule Embedded false Resource Info First Seen 2025-06-11 Last Seen 2025-06-18 Times Seen 110 Size 1.2 kB (1166 bytes) MD5 82e5b7a854636b19c7f31b9fc68a9572 SHA1 4af4f156a94818760673099c0f67485bb0c49828 SHA256 a23d12396b34e0f4897cea54b4beaab2f8d6cc13a0434d868cddb0bfb66e152d Format Code Loading...

	1xlite-873858.world/hd-api/external/assets/hdf.js	ScriptElement	4.1 kB	2025-06-05	2025-07-24
URL 1xlite-873858.world/hd-api/external/assets/hdf.js IP / ASN 91.186.206.101 #0 Introduced by ScriptElement Embedded false Resource Info First Seen 2025-06-05 Last Seen 2025-07-24 Times Seen 1121 Size 4.1 kB (4083 bytes) MD5 40eaa62ed21bd753172f4c307e2a41d0 SHA1 f7b03c6b004562311c8ca00466179629738b2a40 SHA256 60fed8cb321dc09e4e1d910b5822bd8f67d53d0962a41ddc9f5ac33edd4e2213 Format Code Loading...

	1xlite-873858.world/en/block	Function	47 B	2023-04-14	2025-08-02
URL 1xlite-873858.world/en/block IP / ASN 91.186.206.101 #0 Introduced by Function Embedded false Resource Info First Seen 2023-04-14 Last Seen 2025-08-02 Times Seen 6496 Size 47 B (47 bytes) MD5 a01893d8e129ad16c1e0fc5c7537f411 SHA1 0e46d1bf2718f848d9d596fa269eaedb31204772 SHA256 cbe7b89533bcd75b69f3e54807308551d68242ec1761e63bee1a99fc6e560175 Format Code Loading...

	v3.traincdn.com/sys-static/shared-assets/__shared_chunk_7HDOEZTP.js	ImportedModule	1.2 kB	2025-05-14	2025-08-02
URL v3.traincdn.com/sys-static/shared-assets/__shared_chunk_7HDOEZTP.js IP / ASN 185.244.209.62 #199524 G-Core Labs S.A. Introduced by ImportedModule Embedded false Resource Info First Seen 2025-05-14 Last Seen 2025-08-02 Times Seen 1463 Size 1.2 kB (1194 bytes) MD5 7e76c08e7f16815131a5f13a10c1efba SHA1 5f800877b78a0713157fe119bc1a2d9a260f72e1 SHA256 c6f29a0c7c3ed884ccffd7a529fd2fc599e2da1f31af658146f0e36a3f4c00dc Format Code Loading...

	1xlite-873858.world/hd-api/external/apps/c5e31d5915661de4393e3f1489b00ebc4497dd48/api.js	ScriptElement	760 B	2025-05-21	2025-07-24
URL 1xlite-873858.world/hd-api/external/apps/c5e31d5915661de4393e3f1489b00ebc4497dd48/api.js IP / ASN 91.186.206.101 #0 Introduced by ScriptElement Embedded false Resource Info First Seen 2025-05-21 Last Seen 2025-07-24 Times Seen 1326 Size 760 B (760 bytes) MD5 0b911773e0df627d77f8306c86e228aa SHA1 0d584bb1a3294e4fe42df4582dcc8a2c8f77f7bb SHA256 01e4926540498a77d866259516007d41fae1213ab9607db826f011d926fd6006 Format Code Loading...

	www.googletagmanager.com/gtm.js?id=GTM-KFGPRJ2V	ScriptElement	342 kB	2025-06-12	2025-06-12
URL www.googletagmanager.com/gtm.js?id=GTM-KFGPRJ2V IP / ASN 142.250.74.168 #15169 GOOGLE Introduced by ScriptElement Embedded false Resource Info First Seen 2025-06-12 Last Seen 2025-06-12 Times Seen 1 Size 342 kB (342458 bytes) MD5 6fca5813354abd94989b80574aeb87be SHA1 9ce2335f8625d19015be080662de3faa17f6fcf0 SHA256 0639a48780334df608c1c5562a0a97339ae76069d51acf21c81a3feb741a846f Format Code Loading...

	www.googletagmanager.com/gtag/destination?id=AW-16664555628&cx=c&gtm=45He56b0h2v9180563600za200&tag_exp=101509157~102015666~103116026~103200004~103233427~103351869~103351871~104617979~104617981~104661466~104661468	ScriptElement	356 kB	2025-06-12	2025-06-12
URL www.googletagmanager.com/gtag/destination?id=AW-16664555628&cx=c&gtm=45He56b0h2v9180563600za200&tag_exp=101509157~102015666~103116026~103200004~103233427~103351869~103351871~104617979~104617981~104661466~104661468 IP / ASN 142.250.74.168 #15169 GOOGLE Introduced by ScriptElement Embedded false Resource Info First Seen 2025-06-12 Last Seen 2025-06-12 Times Seen 1 Size 356 kB (355887 bytes) MD5 b8edd7e7c99f41aaf8f4e96b45042698 SHA1 6957a629cada83996ce50889adad49bc5113b0b3 SHA256 c86fd091fbd5d8339c398ae86a2f02dfc1d46aa2591cc272bc2929d661dcfcd2 Format Code Loading...

	v3.traincdn.com/main-static/e6b170ce/desktop/default/app-3560bae1.js	ScriptElement	504 kB	2025-06-12	2025-06-17
URL v3.traincdn.com/main-static/e6b170ce/desktop/default/app-3560bae1.js IP / ASN 185.244.209.62 #199524 G-Core Labs S.A. Introduced by ScriptElement Embedded false Resource Info First Seen 2025-06-12 Last Seen 2025-06-17 Times Seen 91 Size 504 kB (503637 bytes) MD5 d0b53c4e59e523ae308988ae0a7160c9 SHA1 e6958b3bc557b1b820e0adb674d414ea85b4b194 SHA256 8f38cdc14f57860fda1f450b3821d4e616baf5d397521dc39460e59ebf78d3f8 Format Code Loading...

	v3.traincdn.com/sys-static/shared-assets/__shared_vue_deps_DYMTJONH.js	ImportedModule	19 kB	2025-05-14	2025-08-02
URL v3.traincdn.com/sys-static/shared-assets/__shared_vue_deps_DYMTJONH.js IP / ASN 185.244.209.62 #199524 G-Core Labs S.A. Introduced by ImportedModule Embedded false Resource Info First Seen 2025-05-14 Last Seen 2025-08-02 Times Seen 1463 Size 19 kB (19175 bytes) MD5 1580a3cfe81fd30910a49dfe64cc8e7b SHA1 314144dc49595482ba46c0b85b38d5f73ef73a7b SHA256 8989a021d20f0fc08c43966a287cbd99e43142a5a0ff42eb232756a101de6035 Format Code Loading...

	v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/ad227066db.js	ImportedModule	4.1 kB	2025-06-11	2025-06-18
URL v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/ad227066db.js IP / ASN 185.244.209.62 #199524 G-Core Labs S.A. Introduced by ImportedModule Embedded false Resource Info First Seen 2025-06-11 Last Seen 2025-06-18 Times Seen 109 Size 4.1 kB (4050 bytes) MD5 852d499a2dac9b9a5bff01bd2fbdd026 SHA1 6222c1646b9bb2c749ad5fd495fb64b665e54546 SHA256 f897899bcdc73452dde28dd930da497f2f805273c89e6c250df636f5b3243802 Format Code Loading...

	1xlite-873858.world/en/block	Function	44 B	2023-04-14	2025-08-02
URL 1xlite-873858.world/en/block IP / ASN 91.186.206.101 #0 Introduced by Function Embedded false Resource Info First Seen 2023-04-14 Last Seen 2025-08-02 Times Seen 6499 Size 44 B (44 bytes) MD5 00beb9884d0391b342eadd30744b539a SHA1 3124c0bd593822379d22f13d3e08e70a1bf5ea14 SHA256 92394eec5690449a4f6cfc9a7f97497a69e926b2365cb9a9aad3507a844f835c Format Code Loading...

	1xlite-873858.world/en/block	Function	34 B	2023-04-14	2025-08-02
URL 1xlite-873858.world/en/block IP / ASN 91.186.206.101 #0 Introduced by Function Embedded false Resource Info First Seen 2023-04-14 Last Seen 2025-08-02 Times Seen 6509 Size 34 B (34 bytes) MD5 7bcdb973ab8af8e24ab11cb554a1ba6e SHA1 24e8a10f240f2b06f81d7c173cd0a90606641fc1 SHA256 916ec4eb9b485eb47f43a17fe212e84e4b72600b45eb6d4588599ad495a57fcd Format Code Loading...

	v3.traincdn.com/main-static/e6b170ce/desktop/default/Page.Block-8b54715f.js	ScriptElement	476 B	2025-06-11	2025-06-17
URL v3.traincdn.com/main-static/e6b170ce/desktop/default/Page.Block-8b54715f.js IP / ASN 185.244.209.62 #199524 G-Core Labs S.A. Introduced by ScriptElement Embedded false Resource Info First Seen 2025-06-11 Last Seen 2025-06-17 Times Seen 96 Size 476 B (476 bytes) MD5 ccba684abc6529739bb0faa909e87f10 SHA1 7f2e2bb88350d341c77b618db5dfff34bdbc2d31 SHA256 2304fe3ff45de8d3c6dcbadffd141d91b9450e83c190b6dc9f5c9519085b086f Format Code Loading...

	v3.traincdn.com/main-static/e6b170ce/desktop/default/Betting.Core-ec7fa007.js	ScriptElement	2.2 kB	2025-06-12	2025-06-17
URL v3.traincdn.com/main-static/e6b170ce/desktop/default/Betting.Core-ec7fa007.js IP / ASN 185.244.209.62 #199524 G-Core Labs S.A. Introduced by ScriptElement Embedded false Resource Info First Seen 2025-06-12 Last Seen 2025-06-17 Times Seen 91 Size 2.2 kB (2180 bytes) MD5 06955b378f75de84ec4ed4a91d7ba79f SHA1 1c2084b2adc691bd68a9a12eb637b7cc294b399e SHA256 313edd4dffbbabf366fbfab64bf70bf2e125039e7c98172a298ef31c8537e86d Format Code Loading...

	1xlite-873858.world/en/block	Eval	302 kB	2025-06-12	2025-06-12
URL 1xlite-873858.world/en/block IP / ASN 91.186.206.101 #0 Introduced by Eval Embedded false Resource Info First Seen 2025-06-12 Last Seen 2025-06-12 Times Seen 1 Size 302 kB (302384 bytes) MD5 ab6d3522429e7852dc7dc06efb8d6336 SHA1 24841f80d20c40ac4295d5c0a20a7da1aa02b46c SHA256 52265ffd8a034658e9eaec88b20419701c93c3409a4902f0056c32ea17519ce7 Format Code Loading...

	v3.traincdn.com/sys-static/shared-assets/Desktop/__shared_base-app_9100f09beb.js	ImportedModule	792 kB	2025-06-11	2025-06-18
URL v3.traincdn.com/sys-static/shared-assets/Desktop/__shared_base-app_9100f09beb.js IP / ASN 185.244.209.62 #199524 G-Core Labs S.A. Introduced by ImportedModule Embedded false Resource Info First Seen 2025-06-11 Last Seen 2025-06-18 Times Seen 127 Size 792 kB (791676 bytes) MD5 f371fd97d4fc0bc36fef3fbb06f1a125 SHA1 49f5549ccdd16fab43acfba8c06f7a532e7c9e7b SHA256 997647adbe5bd9cf32041ad95e4b568bdcea347a4f4ba9da37a0e02a5c028d34 Format Code Loading...

	1xlite-873858.world/main-static/e6b170ce/check-ob.js	ScriptElement	219 B	2024-07-17	2025-08-02
URL 1xlite-873858.world/main-static/e6b170ce/check-ob.js IP / ASN 91.186.206.101 #0 Introduced by ScriptElement Embedded false Resource Info First Seen 2024-07-17 Last Seen 2025-08-02 Times Seen 2583 Size 219 B (219 bytes) MD5 c065700c9c8c493403359e1f2baa10d9 SHA1 4630fe729e70bdf63fa7ba6c84ec277fd1f51030 SHA256 1e61f0c82ae82ffcf503fcd4b4c8ae27b32c11e19b882d5d13f3c44364c893f4 Format Code Loading...

	v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/25c3998383.js	ImportedModule	864 B	2025-06-11	2025-06-18
URL v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/25c3998383.js IP / ASN 185.244.209.62 #199524 G-Core Labs S.A. Introduced by ImportedModule Embedded false Resource Info First Seen 2025-06-11 Last Seen 2025-06-18 Times Seen 109 Size 864 B (864 bytes) MD5 cd67cb70163467a629fdd571c7fe7cab SHA1 162418c6e156aa935146915e45ea0e580955086f SHA256 1ff4f85984794159c0f77930c3495d057c317fd85a1cd9f1ac117bb45b40f115 Format Code Loading...

	v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/16c95291ac.js	ImportedModule	27 kB	2025-06-11	2025-06-18
URL v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/16c95291ac.js IP / ASN 185.244.209.62 #199524 G-Core Labs S.A. Introduced by ImportedModule Embedded false Resource Info First Seen 2025-06-11 Last Seen 2025-06-18 Times Seen 109 Size 27 kB (27024 bytes) MD5 e6751f52c66d21ae12a897312d5f997f SHA1 33020b508ba182d1ea117da3dc647dad7388f0de SHA256 575099e2e78af922439f4057a2ee05911c834bdd2dd6cf380041bfed204ea58a Format Code Loading...

	1xlite-873858.world/en/block	Function	96 B	2023-12-06	2025-08-02
URL 1xlite-873858.world/en/block IP / ASN 91.186.206.101 #0 Introduced by Function Embedded false Resource Info First Seen 2023-12-06 Last Seen 2025-08-02 Times Seen 4156 Size 96 B (96 bytes) MD5 94361ed86ab9b2fbb8d805c2025df46a SHA1 3f428332f7a1c7196a85c93a373a966d75708c19 SHA256 eee4d228a49a86625f29410cf9a23d145e821a09cbb1f7a4d7557d206872715a Format Code Loading...

	v3.traincdn.com/main-static/e6b170ce/desktop/default/runtime-f2c85b9f.js	ScriptElement	19 kB	2025-06-12	2025-06-17
URL v3.traincdn.com/main-static/e6b170ce/desktop/default/runtime-f2c85b9f.js IP / ASN 185.244.209.62 #199524 G-Core Labs S.A. Introduced by ScriptElement Embedded false Resource Info First Seen 2025-06-12 Last Seen 2025-06-17 Times Seen 91 Size 19 kB (18930 bytes) MD5 57530e0cd29e94ad1fe6e2a9c48ac3cf SHA1 d430b5b036547e45e05b00028c9ce348c9afafdc SHA256 bf0b2458cfb843c03ebdd9a3b802821085285ad2a236c04bc58a19b45825b53f Format Code Loading...

	v3.traincdn.com/main-static/e6b170ce/desktop/default/DC-d8610509.js	ScriptElement	2.7 kB	2025-06-11	2025-06-17
URL v3.traincdn.com/main-static/e6b170ce/desktop/default/DC-d8610509.js IP / ASN 185.244.209.62 #199524 G-Core Labs S.A. Introduced by ScriptElement Embedded false Resource Info First Seen 2025-06-11 Last Seen 2025-06-17 Times Seen 100 Size 2.7 kB (2653 bytes) MD5 d9d8717c3e1aa56e4ea0ae354d8ca330 SHA1 58c19cc951dff928577b9862b07212006d947540 SHA256 71e0a53dd16e3b05b31a43aaa7a46f912c4a2c46c1f654965db57f43d111ea1c Format Code Loading...

HTTP Transactions (100)

URL IP Response Size

GET 1xlite-873858.world/hd-api/external/01976499-c341-7112-bb9a-ed2e9e38571f.js

91.186.206.101

200 OK

302 kB

URL

1xlite-873858.world/hd-api/external/01976499-c341-7112-bb9a-ed2e9e38571f.js

IP / ASN

91.186.206.101

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators

First Seen2025-06-12

Last Seen2025-06-12

Times Seen1

Size302 kB (302384 bytes)

MD5ab6d3522429e7852dc7dc06efb8d6336

SHA124841f80d20c40ac4295d5c0a20a7da1aa02b46c

SHA25652265ffd8a034658e9eaec88b20419701c93c3409a4902f0056c32ea17519ce7

Certificate Info

IssuerLet's Encrypt

Subject1xlite-873858.world

Fingerprint00:0C:E2:41:66:9C:66:FC:9D:9B:1D:78:F5:33:D3:B8:4E:51:BD:57

ValidityTue, 29 Apr 2025 11:29:46 GMT - Mon, 28 Jul 2025 11:29:45 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /hd-api/external/01976499-c341-7112-bb9a-ed2e9e38571f.js HTTP/1.1
Host: 1xlite-873858.world
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-873858.world/en/block
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_87653m_3030c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5D%7Badspot_id%7D_d26691_l14299_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_87653m_3030c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5D%7Badspot_id%7D_d26691_l14299_clickunder; postback_watcher=%7B%22tag%22%3A%22d_87653m_3030c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5D%7Badspot_id%7D_d26691_l14299_clickunder%22%2C%22pb%22%3A%22b3ec284c1a7a4c4aa92f9fa5f651e8ba%22%2C%22click_id%22%3A%22RznZH4qTZSQrYVLaGNUg_wiYSa799b%7Badspot_id%7D498648faglh%7Bclick_id%7D%22%7D; auid=W7rOZWhK59W51tiFAwPkAg==; window_width=1280; che_g=1c6a20dc-b553-4bd0-0abd-73d81e144eda; SESSION=0fc45ba2f8f86275ef5d59144e622c2a
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:48 GMT
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=0, must-revalidate
content-encoding: gzip
vary: Accept-Encoding
x-dt: 285
x-hd-trace-id: 017cabc9-fd0b-43a2-9c8d-044db365fb2f
x-request-guid: f811b3343262bbab569c83ce9bf6a8ae
x-time-ng: 0.002
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=0.140, wf-uht;dur=0.016
X-Firefox-Spdy: h2

GET v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2

185.244.209.62

200 OK

64 kB

URL

v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2

IP / ASN

185.244.209.62

#199524 G-Core Labs S.A.

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeWeb Open Font Format (Version 2), TrueType, length 63748, version 1.0

First Seen2023-06-14

Last Seen2025-08-02

Times Seen5342

Size64 kB (63748 bytes)

MD56887b6f24414dbc612dbf42ccdc76b70

SHA18068d3abfbc6cbf35b55919da45b1f4d2d136238

SHA256fc5c015fc32518f1ed810fa84ca28941eb9d5a3c81acc8df69a4dbbeedef7b0c

Certificate Info

IssuerSectigo Limited

Subject*.traincdn.com

Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA

ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

HTTP Headers

GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-873858.world
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:38 GMT
content-type: font/woff2
content-length: 63748
traceparent: 00-f4eb302830cc8fafa172b790a4163281-b48d2f7a168076d2-01
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "6887b6f24414dbc612dbf42ccdc76b70"
expires: Thu, 16 Jan 2025 10:32:14 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 631
cache: HIT
x-cached-since: 2025-06-12T14:34:07+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

GET v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/16c95291ac.js

185.244.209.62

200 OK

27 kB

URL

v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/16c95291ac.js

IP / ASN

185.244.209.62

#199524 G-Core Labs S.A.

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeJavaScript source, ASCII text, with very long lines (27023)

First Seen2025-06-11

Last Seen2025-06-18

Times Seen109

Size27 kB (27024 bytes)

MD5e6751f52c66d21ae12a897312d5f997f

SHA133020b508ba182d1ea117da3dc647dad7388f0de

SHA256575099e2e78af922439f4057a2ee05911c834bdd2dd6cf380041bfed204ea58a

Certificate Info

IssuerSectigo Limited

Subject*.traincdn.com

Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA

ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

HTTP Headers

GET /sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/16c95291ac.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-873858.world
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:40 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-9d84dd9127e2d5dac5d4d82761845793-71d5ede0118196a2-01
last-modified: Wed, 11 Jun 2025 10:23:53 GMT
etag: W/"e6751f52c66d21ae12a897312d5f997f"
x-amz-meta-mtime: 1749637066.110325063
content-encoding: gzip
expires: Fri, 13 Jun 2025 09:03:06 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 20289
cache: HIT
x-cached-since: 2025-06-12T09:06:31+00:00
X-Firefox-Spdy: h2

GET v3.traincdn.com/main-static/e6b170ce/desktop/default/commons/app-3071efee.js

185.244.209.62

200 OK

138 kB

URL

v3.traincdn.com/main-static/e6b170ce/desktop/default/commons/app-3071efee.js

IP / ASN

185.244.209.62

#199524 G-Core Labs S.A.

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeJavaScript source, ASCII text, with very long lines (65476)

First Seen2025-06-11

Last Seen2025-06-17

Times Seen101

Size138 kB (138078 bytes)

MD5a7db4567274e513ebd2ebb05bbd625e9

SHA1d34209df37e2c735496a68adc56ae2aad3a6353b

SHA256b627e72171a9492058cc85e8cb52e7842d21682bd22e8c2558d0fef8501c5f6a

Certificate Info

IssuerSectigo Limited

Subject*.traincdn.com

Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA

ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

HTTP Headers

GET /main-static/e6b170ce/desktop/default/commons/app-3071efee.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-873858.world/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:38 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-19deb6d57cad5a8001b808a9ed876931-0e428b9d93a68d09-01
last-modified: Thu, 12 Jun 2025 08:51:05 GMT
etag: W/"a7db4567274e513ebd2ebb05bbd625e9"
x-amz-meta-mtime: 1749718261.852055161
content-encoding: gzip
expires: Fri, 13 Jun 2025 09:02:33 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 20318
cache: HIT
x-cached-since: 2025-06-12T09:06:00+00:00
X-Firefox-Spdy: h2

GET v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/bde5118e1b76e6084cb2d30626371adb.json

185.244.209.62

200 OK

13 kB

URL

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/bde5118e1b76e6084cb2d30626371adb.json

IP / ASN

185.244.209.62

#199524 G-Core Labs S.A.

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeJSON text data

First Seen2025-06-09

Last Seen2025-06-16

Times Seen91

Size13 kB (13444 bytes)

MD50c06a2ce7b44d920632095b7968f05e7

SHA1ad620299a407c218f382d66ccc64eb95cb1f26f2

SHA256248dc3677e4de59d802fda413a105a962cb897f8e691e85ec68fadd7af37d3d9

Certificate Info

IssuerSectigo Limited

Subject*.traincdn.com

Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA

ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/bde5118e1b76e6084cb2d30626371adb.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-873858.world/
Origin: https://1xlite-873858.world
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:39 GMT
content-type: application/json
traceparent: 00-ae44e3e974945f05a9e2452a47429bc7-2ed3f7d0546e86a3-01
last-modified: Mon, 09 Jun 2025 12:47:40 GMT
etag: W/"0c06a2ce7b44d920632095b7968f05e7"
content-encoding: gzip
expires: Mon, 09 Jun 2025 14:12:59 GMT
cache-control: max-age=3600
x-time-ng: 0.044
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 1928
cache: HIT
x-cached-since: 2025-06-12T14:12:31+00:00
X-Firefox-Spdy: h2

POST 1xlite-873858.world/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json

91.186.206.101

200 OK

23 B

URL

1xlite-873858.world/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json

IP / ASN

91.186.206.101

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeJSON text data

First Seen2025-06-12

Last Seen2025-06-12

Times Seen1

Size23 B (23 bytes)

MD5404794c9ba3a1bff4a91c3772f3c29f3

SHA1c7a67ee8a89fb2ed77bc2e5ee38b47980d62d1a5

SHA256e4b65f742ff06af071e50344b2cd06ac6c3c6c958b2a0954b872908b118391cc

Certificate Info

IssuerLet's Encrypt

Subject1xlite-873858.world

Fingerprint00:0C:E2:41:66:9C:66:FC:9D:9B:1D:78:F5:33:D3:B8:4E:51:BD:57

ValidityTue, 29 Apr 2025 11:29:46 GMT - Mon, 28 Jul 2025 11:29:45 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json HTTP/1.1
Host: 1xlite-873858.world
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-873858.world/en/block
Content-Type: application/json
X-Lang: en
X-Uuid: 21366002-5d44-464d-964c-7bb51cba621a
Content-Length: 88
Origin: https://1xlite-873858.world
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_87653m_3030c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5D%7Badspot_id%7D_d26691_l14299_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_87653m_3030c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5D%7Badspot_id%7D_d26691_l14299_clickunder; postback_watcher=%7B%22tag%22%3A%22d_87653m_3030c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5D%7Badspot_id%7D_d26691_l14299_clickunder%22%2C%22pb%22%3A%22b3ec284c1a7a4c4aa92f9fa5f651e8ba%22%2C%22click_id%22%3A%22RznZH4qTZSQrYVLaGNUg_wiYSa799b%7Badspot_id%7D498648faglh%7Bclick_id%7D%22%7D; auid=W7rOZWhK59W51tiFAwPkAg==; window_width=1280; che_g=1c6a20dc-b553-4bd0-0abd-73d81e144eda
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:39 GMT
content-type: application/json
content-length: 23
x-dt: 285
x-time-ng: 0.006
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=0.082, wf-uht;dur=0.021
X-Firefox-Spdy: h2

GET v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/d3211fea84.js

185.244.209.62

200 OK

2.0 kB

URL

v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/d3211fea84.js

IP / ASN

185.244.209.62

#199524 G-Core Labs S.A.

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeJavaScript source, ASCII text, with very long lines (1967)

First Seen2025-06-11

Last Seen2025-06-18

Times Seen109

Size2.0 kB (1968 bytes)

MD5bcfa472883db0fa730cb229a34201a2d

SHA179433aee325f51d919f2001a2b61c1d194775cb4

SHA256eca0daaf73cae072963324918951869edc3192c5acfcfd2535a4f9c2ab0bb8ad

Certificate Info

IssuerSectigo Limited

Subject*.traincdn.com

Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA

ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

HTTP Headers

GET /sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/d3211fea84.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-873858.world
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:40 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-987127235230c59592d354c8d591d853-fe5fc13164a45d46-01
last-modified: Wed, 11 Jun 2025 10:23:53 GMT
etag: W/"bcfa472883db0fa730cb229a34201a2d"
x-amz-meta-mtime: 1749637066.113325162
content-encoding: gzip
expires: Fri, 13 Jun 2025 09:03:06 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 20289
cache: HIT
x-cached-since: 2025-06-12T09:06:31+00:00
X-Firefox-Spdy: h2

GET v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/d804af299e.js

185.244.209.62

200 OK

147 B

URL

v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/d804af299e.js

IP / ASN

185.244.209.62

#199524 G-Core Labs S.A.

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeJava source, ASCII text

First Seen2025-06-11

Last Seen2025-06-18

Times Seen109

Size147 B (147 bytes)

MD5233c4fa0f7926cd21110f2dfe9861327

SHA199ad13ab45e17976e39eabd2101470c0c6277e8c

SHA256e3dde8ff153cc29d828e7b36050242b283707a8378b03de78e881a83486a7f28

Certificate Info

IssuerSectigo Limited

Subject*.traincdn.com

Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA

ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

HTTP Headers

GET /sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/d804af299e.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-873858.world
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:40 GMT
content-type: text/javascript; charset=utf-8
content-length: 147
traceparent: 00-d02ddfd8a8c7a27630cf99ef76247c23-402cb865b2fd1212-01
last-modified: Wed, 11 Jun 2025 10:23:53 GMT
etag: "233c4fa0f7926cd21110f2dfe9861327"
x-amz-meta-mtime: 1749637066.113325162
expires: Fri, 13 Jun 2025 02:43:19 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 43281
cache: HIT
x-cached-since: 2025-06-12T02:43:19+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

GET 1xlite-873858.world/seo-module-api/api/public/v1/analytics-counters?project[id]=285&domain[host]=1xlite-873858.world

91.186.206.101

200 OK

105 B

URL

1xlite-873858.world/seo-module-api/api/public/v1/analytics-counters?project[id]=285&domain[host]=1xlite-873858.world

IP / ASN

91.186.206.101

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeJSON text data

First Seen2024-05-18

Last Seen2025-08-02

Times Seen936

Size105 B (105 bytes)

MD56abfe5f6641fddde82c2ca29cf5c6a7a

SHA1958379bc84073d266358a27b3cf86b15484f5f6d

SHA256ede01772dfd8da2cc82f245e454ce360b2ceb13b7d1c330bbc1d68fe41255c19

Certificate Info

IssuerLet's Encrypt

Subject1xlite-873858.world

Fingerprint00:0C:E2:41:66:9C:66:FC:9D:9B:1D:78:F5:33:D3:B8:4E:51:BD:57

ValidityTue, 29 Apr 2025 11:29:46 GMT - Mon, 28 Jul 2025 11:29:45 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /seo-module-api/api/public/v1/analytics-counters?project[id]=285&domain[host]=1xlite-873858.world HTTP/1.1
Host: 1xlite-873858.world
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-873858.world/en/block
content-type: application/json
x-requested-with: XMLHttpRequest
x-app-n: v3-nuxt2
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_87653m_3030c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5D%7Badspot_id%7D_d26691_l14299_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_87653m_3030c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5D%7Badspot_id%7D_d26691_l14299_clickunder; postback_watcher=%7B%22tag%22%3A%22d_87653m_3030c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5D%7Badspot_id%7D_d26691_l14299_clickunder%22%2C%22pb%22%3A%22b3ec284c1a7a4c4aa92f9fa5f651e8ba%22%2C%22click_id%22%3A%22RznZH4qTZSQrYVLaGNUg_wiYSa799b%7Badspot_id%7D498648faglh%7Bclick_id%7D%22%7D; auid=W7rOZWhK59W51tiFAwPkAg==; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:39 GMT
content-type: application/json
content-length: 107
cache-control: max-age=1200, must-revalidate, public, s-maxage=1800, stale-if-error=86400, stale-while-revalidate=300
x-content-digest: en6d0e5d6e0146a49c358c0eaad1d2ef38
age: 1102
x-request-id: 5cabb36b32e125fbc14568d520cdd892
x-request-guid: 5cabb36b32e125fbc14568d520cdd892
content-encoding: br
x-time-ng: 0.006
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: p;dur=2.1390914916992, wf-uht;dur=0.017
X-Firefox-Spdy: h2

GET v3.traincdn.com/sys-ui/2.3.230/Desktop/Default/client.css

185.244.209.62

200 OK

633 kB

URL

v3.traincdn.com/sys-ui/2.3.230/Desktop/Default/client.css

IP / ASN

185.244.209.62

#199524 G-Core Labs S.A.

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeASCII text, with very long lines (65536), with no line terminators

First Seen2025-06-11

Last Seen2025-06-18

Times Seen125

Size633 kB (632939 bytes)

MD53af56983e511ca50015a24c8dabfc456

SHA1c05b7802a0b2db99bb1be0bd7b16d5463043226b

SHA25658bbe9846617d402472d1de980cb0bc607220f991cbe335bb6d0d56e5c9c13fe

Certificate Info

IssuerSectigo Limited

Subject*.traincdn.com

Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA

ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

HTTP Headers

GET /sys-ui/2.3.230/Desktop/Default/client.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-873858.world/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:38 GMT
content-type: text/css; charset=utf-8
traceparent: 00-7f164e23d07a6a0ba440e6e837730a5c-7ed818d8f068e09f-01
last-modified: Thu, 29 May 2025 07:44:19 GMT
etag: W/"3af56983e511ca50015a24c8dabfc456"
x-amz-meta-mtime: 1748504656.746417166
content-encoding: gzip
expires: Thu, 12 Jun 2025 09:55:47 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 17250
cache: HIT
x-cached-since: 2025-06-12T09:57:08+00:00
X-Firefox-Spdy: h2

GET v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2

185.244.209.62

200 OK

64 kB

URL

v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2

IP / ASN

185.244.209.62

#199524 G-Core Labs S.A.

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeWeb Open Font Format (Version 2), TrueType, length 63920, version 1.0

First Seen2023-05-07

Last Seen2025-08-02

Times Seen5252

Size64 kB (63920 bytes)

MD5a65527fcb58f66a7cfbc0e6b160538b4

SHA145d260e7fa343401b5bb0df982a014f53e2d253b

SHA256fb13c3a1cbac60649b76f7d7f85c1645d35ac69b85ce5f4eb0692505ecc2cd45

Certificate Info

IssuerSectigo Limited

Subject*.traincdn.com

Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA

ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

HTTP Headers

GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-873858.world
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:38 GMT
content-type: font/woff2
content-length: 63920
traceparent: 00-03ba7e17f22bad0cc68ef134ca90a466-5263fbe2e5475827-01
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "a65527fcb58f66a7cfbc0e6b160538b4"
expires: Thu, 16 Jan 2025 10:45:34 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 3343
cache: HIT
x-cached-since: 2025-06-12T13:48:55+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

GET v3.traincdn.com/genfiles/site-admin/css_vars/29b5cda95fa390c124de39b6aeca6d24.css

185.244.209.62

200 OK

46 B

URL

v3.traincdn.com/genfiles/site-admin/css_vars/29b5cda95fa390c124de39b6aeca6d24.css

IP / ASN

185.244.209.62

#199524 G-Core Labs S.A.

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeASCII text, with no line terminators

First Seen2025-03-20

Last Seen2025-08-02

Times Seen1736

Size46 B (46 bytes)

MD529b5cda95fa390c124de39b6aeca6d24

SHA146f68f69533c1fdc737eb36e8e7af7672178e610

SHA2566021ec0aede22eadcb8401fe945d345202320437c7be01b157f0cb282ebe7c88

Certificate Info

IssuerSectigo Limited

Subject*.traincdn.com

Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA

ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

HTTP Headers

GET /genfiles/site-admin/css_vars/29b5cda95fa390c124de39b6aeca6d24.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-873858.world/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:39 GMT
content-type: text/css
content-length: 46
traceparent: 00-5eb4c154cbcfee71c024352d5a4f0f43-43c767a9375ffccb-01
last-modified: Thu, 20 Mar 2025 13:29:31 GMT
etag: "29b5cda95fa390c124de39b6aeca6d24"
cache-control: max-age=3600
expires: Thu, 20 Mar 2025 14:32:37 GMT
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 312
cache: HIT
x-cached-since: 2025-06-12T14:39:27+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

POST 1xlite-873858.world/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json

91.186.206.101

200 OK

23 B

URL

1xlite-873858.world/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json

IP / ASN

91.186.206.101

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeJSON text data

First Seen2025-06-12

Last Seen2025-06-12

Times Seen1

Size23 B (23 bytes)

MD5747022c6e9b6c595d17f0612cb312cf5

SHA17cc53e8686207b6575b882f4368e41fce29711c8

SHA256ef234217f074f349750456cc4b67f2d7d97b78a59a97df37a73f407108785a93

Certificate Info

IssuerLet's Encrypt

Subject1xlite-873858.world

Fingerprint00:0C:E2:41:66:9C:66:FC:9D:9B:1D:78:F5:33:D3:B8:4E:51:BD:57

ValidityTue, 29 Apr 2025 11:29:46 GMT - Mon, 28 Jul 2025 11:29:45 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json HTTP/1.1
Host: 1xlite-873858.world
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-873858.world/en/block
Content-Type: application/json
X-Lang: en
X-Uuid: 21366002-5d44-464d-964c-7bb51cba621a
Content-Length: 48
Origin: https://1xlite-873858.world
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_87653m_3030c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5D%7Badspot_id%7D_d26691_l14299_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_87653m_3030c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5D%7Badspot_id%7D_d26691_l14299_clickunder; postback_watcher=%7B%22tag%22%3A%22d_87653m_3030c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5D%7Badspot_id%7D_d26691_l14299_clickunder%22%2C%22pb%22%3A%22b3ec284c1a7a4c4aa92f9fa5f651e8ba%22%2C%22click_id%22%3A%22RznZH4qTZSQrYVLaGNUg_wiYSa799b%7Badspot_id%7D498648faglh%7Bclick_id%7D%22%7D; auid=W7rOZWhK59W51tiFAwPkAg==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:39 GMT
content-type: application/json
content-length: 23
x-dt: 285
x-time-ng: 0.000
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=0.122, wf-uht;dur=0.008
X-Firefox-Spdy: h2

POST 1xlite-873858.world/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json

91.186.206.101

200 OK

23 B

URL

1xlite-873858.world/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json

IP / ASN

91.186.206.101

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeJSON text data

First Seen2025-06-12

Last Seen2025-06-12

Times Seen1

Size23 B (23 bytes)

MD5c516db628c49cbc110fddc7c4343c778

SHA1eaeeb429b1cdace6ef35184ef2d9787a513e5f84

SHA256468b7cd88ca4400353e972bedc2337910f451eb58b5bf3d715d477b72c574e84

Certificate Info

IssuerLet's Encrypt

Subject1xlite-873858.world

Fingerprint00:0C:E2:41:66:9C:66:FC:9D:9B:1D:78:F5:33:D3:B8:4E:51:BD:57

ValidityTue, 29 Apr 2025 11:29:46 GMT - Mon, 28 Jul 2025 11:29:45 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json HTTP/1.1
Host: 1xlite-873858.world
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-873858.world/en/block
Content-Type: application/json
X-Lang: en
X-Uuid: 21366002-5d44-464d-964c-7bb51cba621a
Content-Length: 72
Origin: https://1xlite-873858.world
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_87653m_3030c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5D%7Badspot_id%7D_d26691_l14299_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_87653m_3030c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5D%7Badspot_id%7D_d26691_l14299_clickunder; postback_watcher=%7B%22tag%22%3A%22d_87653m_3030c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5D%7Badspot_id%7D_d26691_l14299_clickunder%22%2C%22pb%22%3A%22b3ec284c1a7a4c4aa92f9fa5f651e8ba%22%2C%22click_id%22%3A%22RznZH4qTZSQrYVLaGNUg_wiYSa799b%7Badspot_id%7D498648faglh%7Bclick_id%7D%22%7D; auid=W7rOZWhK59W51tiFAwPkAg==; window_width=1280; che_g=1c6a20dc-b553-4bd0-0abd-73d81e144eda
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:40 GMT
content-type: application/json
content-length: 23
x-dt: 285
x-time-ng: 0.000
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=0.086, wf-uht;dur=0.008
X-Firefox-Spdy: h2

GET 1xlite-873858.world/web-api/session

91.186.206.101

204 No Content

0 B

URL

1xlite-873858.world/web-api/session

IP / ASN

91.186.206.101

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-02

Times Seen5609172

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerLet's Encrypt

Subject1xlite-873858.world

Fingerprint00:0C:E2:41:66:9C:66:FC:9D:9B:1D:78:F5:33:D3:B8:4E:51:BD:57

ValidityTue, 29 Apr 2025 11:29:46 GMT - Mon, 28 Jul 2025 11:29:45 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /web-api/session HTTP/1.1
Host: 1xlite-873858.world
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-873858.world/en/block
content-type: application/json
x-requested-with: XMLHttpRequest
x-app-n: v3-nuxt2
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_87653m_3030c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5D%7Badspot_id%7D_d26691_l14299_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_87653m_3030c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5D%7Badspot_id%7D_d26691_l14299_clickunder; postback_watcher=%7B%22tag%22%3A%22d_87653m_3030c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5D%7Badspot_id%7D_d26691_l14299_clickunder%22%2C%22pb%22%3A%22b3ec284c1a7a4c4aa92f9fa5f651e8ba%22%2C%22click_id%22%3A%22RznZH4qTZSQrYVLaGNUg_wiYSa799b%7Badspot_id%7D498648faglh%7Bclick_id%7D%22%7D; auid=W7rOZWhK59W51tiFAwPkAg==; window_width=1280; che_g=1c6a20dc-b553-4bd0-0abd-73d81e144eda
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
server: nginx
date: Thu, 12 Jun 2025 14:44:47 GMT
cache-control: no-cache, private
server-timing: dt_total;dur=0.045, p;dur=18.605, wf-uht;dur=0.032
set-cookie: ua=deleted; expires=Thu, 01 Jan 1970 00:00:01 GMT; Max-Age=0; path=/
SESSION=0fc45ba2f8f86275ef5d59144e622c2a; path=/; secure; httponly; samesite=lax
x-dt: 285
x-time-ng: 0.020, 0.020
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

POST region1.analytics.google.com/g/collect?v=2&tid=G-7JGWL9SV66&gtm=45je56a1v897130004za200&_p=1749739490012&em=tv.1~em.ODS1igyfeIhzOTHENqwIfH1sb8t0oxg8FT6iY2YCmeo&_gaz=1&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101509157~102015666~103116026~103200004~103233427~103351869~103351871~104617979~104617981~104661466~104661468~104684204~104684207&cid=451578812.1749739491&ecid=171771736&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&ec_mode=a&_s=1&sid=1749739490&sct=1&seg=0&dl=https%3A%2F%2F1xlite-873858.world%2Fen%2Fblock&dt=1xBet&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.optimize_id=GTM-5R4MT54&upn.ref_id=1&tfd=13787

216.239.34.36

204 No Content

0 B

URL

region1.analytics.google.com/g/collect?v=2&tid=G-7JGWL9SV66&gtm=45je56a1v897130004za200&_p=1749739490012&em=tv.1~em.ODS1igyfeIhzOTHENqwIfH1sb8t0oxg8FT6iY2YCmeo&_gaz=1&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101509157~102015666~103116026~103200004~103233427~103351869~103351871~104617979~104617981~104661466~104661468~104684204~104684207&cid=451578812.1749739491&ecid=171771736&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&ec_mode=a&_s=1&sid=1749739490&sct=1&seg=0&dl=https%3A%2F%2F1xlite-873858.world%2Fen%2Fblock&dt=1xBet&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.optimize_id=GTM-5R4MT54&upn.ref_id=1&tfd=13787

IP / ASN

216.239.34.36

#15169 GOOGLE

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-02

Times Seen5609172

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subject*.google-analytics.com

Fingerprint10:76:57:2F:C3:21:F2:5F:71:E4:85:A5:DB:F7:65:3F:51:03:55:07

ValidityMon, 12 May 2025 08:42:57 GMT - Mon, 04 Aug 2025 08:42:56 GMT

HTTP Headers

POST /g/collect?v=2&tid=G-7JGWL9SV66&gtm=45je56a1v897130004za200&_p=1749739490012&em=tv.1~em.ODS1igyfeIhzOTHENqwIfH1sb8t0oxg8FT6iY2YCmeo&_gaz=1&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101509157~102015666~103116026~103200004~103233427~103351869~103351871~104617979~104617981~104661466~104661468~104684204~104684207&cid=451578812.1749739491&ecid=171771736&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&ec_mode=a&_s=1&sid=1749739490&sct=1&seg=0&dl=https%3A%2F%2F1xlite-873858.world%2Fen%2Fblock&dt=1xBet&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.optimize_id=GTM-5R4MT54&upn.ref_id=1&tfd=13787 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-873858.world/
Origin: https://1xlite-873858.world
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://1xlite-873858.world
date: Thu, 12 Jun 2025 14:44:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:158:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:158:0
report-to: {"group":"ascnsrsggc:158:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:158:0"}],}
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

POST 1xlite-873858.world/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json

91.186.206.101

200 OK

23 B

URL

1xlite-873858.world/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json

IP / ASN

91.186.206.101

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeJSON text data

First Seen2025-06-12

Last Seen2025-06-12

Times Seen1

Size23 B (23 bytes)

MD569e76a0a659116b9531d264f42cd40c0

SHA1cb753980a2c418370393d9dcdd19c9adaadbad23

SHA2560b2c7d501e25abca8e87507e8053b322e3978af01bd7eed6d90f8ccc9537797c

Certificate Info

IssuerLet's Encrypt

Subject1xlite-873858.world

Fingerprint00:0C:E2:41:66:9C:66:FC:9D:9B:1D:78:F5:33:D3:B8:4E:51:BD:57

ValidityTue, 29 Apr 2025 11:29:46 GMT - Mon, 28 Jul 2025 11:29:45 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json HTTP/1.1
Host: 1xlite-873858.world
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-873858.world/en/block
Content-Type: application/json
X-Lang: en
X-Uuid: 21366002-5d44-464d-964c-7bb51cba621a
Content-Length: 109
Origin: https://1xlite-873858.world
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_87653m_3030c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5D%7Badspot_id%7D_d26691_l14299_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_87653m_3030c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5D%7Badspot_id%7D_d26691_l14299_clickunder; postback_watcher=%7B%22tag%22%3A%22d_87653m_3030c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5D%7Badspot_id%7D_d26691_l14299_clickunder%22%2C%22pb%22%3A%22b3ec284c1a7a4c4aa92f9fa5f651e8ba%22%2C%22click_id%22%3A%22RznZH4qTZSQrYVLaGNUg_wiYSa799b%7Badspot_id%7D498648faglh%7Bclick_id%7D%22%7D; auid=W7rOZWhK59W51tiFAwPkAg==; window_width=1280; che_g=1c6a20dc-b553-4bd0-0abd-73d81e144eda; SESSION=0fc45ba2f8f86275ef5d59144e622c2a; _ga_7JGWL9SV66=GS2.1.s1749739490$o1$g0$t1749739490$j60$l0$h171771736; _ga=GA1.1.451578812.1749739491; _gcl_au=1.1.1782543867.1749739491
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:51 GMT
content-type: application/json
content-length: 23
x-dt: 285
x-time-ng: 0.000
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=0.084, wf-uht;dur=0.011
X-Firefox-Spdy: h2

GET v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_registration/en/dictionary_35640ce886b5a6c19be48091b77662c1.json

185.244.209.62

200 OK

21 kB

URL

v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_registration/en/dictionary_35640ce886b5a6c19be48091b77662c1.json

IP / ASN

185.244.209.62

#199524 G-Core Labs S.A.

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeUnicode text, UTF-8 text, with very long lines (21045), with no line terminators

First Seen2025-06-11

Last Seen2025-06-16

Times Seen96

Size21 kB (21436 bytes)

MD502f5214cbe7a618b98e6bb50a9311f33

SHA1ec7e3f044d68479233859aa5d9163af789e18386

SHA2569d9104813c2388ff1e2e6b36500493a0ccc3d22f1d83d5d090daa395db65eb25

Certificate Info

IssuerSectigo Limited

Subject*.traincdn.com

Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA

ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

HTTP Headers

GET /genfiles/web-app-v2/dictionary2/v3_registration/en/dictionary_35640ce886b5a6c19be48091b77662c1.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-873858.world/
Origin: https://1xlite-873858.world
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:39 GMT
content-type: application/json; charset=utf-8
traceparent: 00-293c3b33d2f1b28a534e56d9171c632b-08ac3fc1c4ac73f6-01
last-modified: Wed, 11 Jun 2025 16:06:43 GMT
etag: W/"0ef44902585a16035748c096a3178f53"
cache-control: max-age=3600
content-encoding: gzip
expires: Wed, 11 Jun 2025 17:40:37 GMT
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 3249
cache: HIT
x-cached-since: 2025-06-12T13:50:30+00:00
X-Firefox-Spdy: h2

GET v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/6003f323ba.js

185.244.209.62

200 OK

3.9 kB

URL

v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/6003f323ba.js

IP / ASN

185.244.209.62

#199524 G-Core Labs S.A.

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeJavaScript source, ASCII text, with very long lines (3873)

First Seen2025-06-11

Last Seen2025-06-18

Times Seen109

Size3.9 kB (3874 bytes)

MD5b886859005a3d3fea54122a9950b3c92

SHA1bb0f7dfa9b580167eebb12b681daf89421a6ceda

SHA256f608cf4079758fd800df0b4937540ed2330d25c905d53c777d59c5d50e5c272a

Certificate Info

IssuerSectigo Limited

Subject*.traincdn.com

Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA

ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

HTTP Headers

GET /sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/6003f323ba.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-873858.world
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:40 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-bc8ac7f99f16c45a74aee1e88b177461-ed66f600b845a72d-01
last-modified: Wed, 11 Jun 2025 10:23:53 GMT
etag: W/"b886859005a3d3fea54122a9950b3c92"
x-amz-meta-mtime: 1749637066.108324997
content-encoding: gzip
expires: Fri, 13 Jun 2025 09:03:06 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 20289
cache: HIT
x-cached-since: 2025-06-12T09:06:31+00:00
X-Firefox-Spdy: h2

GET radar.cedexis.com/1/23802/radar.js

45.54.49.5

302 Moved Temporarily

390 B

URL

radar.cedexis.com/1/23802/radar.js

IP / ASN

45.54.49.5

#63911 NetActuate, Inc

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-02

Times Seen5609172

Size390 B (390 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerDigiCert Inc

Subjectradar.cedexis.com

FingerprintA2:3E:30:19:D5:41:3A:11:81:58:E3:B1:6F:F4:D2:78:0B:44:6F:D0

ValidityFri, 07 Mar 2025 00:00:00 GMT - Fri, 06 Mar 2026 23:59:59 GMT

HTTP Headers

GET /1/23802/radar.js HTTP/1.1
Host: radar.cedexis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-873858.world/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 12 Jun 2025 14:44:50 GMT
Content-Type: text/html
Content-Length: 138
Connection: keep-alive
Location: /1707728419/stub.js
Expires: Thu, 12 Jun 2025 14:54:50 GMT
Cache-Control: max-age=600
Vary: User-Agent,DNT

GET v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_reset_password/en/dictionary_612c6e919ca15d39cc751a619a3952c7.json

185.244.209.62

200 OK

765 B

URL

v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_reset_password/en/dictionary_612c6e919ca15d39cc751a619a3952c7.json

IP / ASN

185.244.209.62

#199524 G-Core Labs S.A.

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeJSON text data

First Seen2023-09-28

Last Seen2025-08-02

Times Seen1706

Size765 B (765 bytes)

MD500f980f23f1b4c1ccee99ed49e0a8feb

SHA14cb07094de9bffff1bf81d94446280b91013b660

SHA256bb3be3377fbb8e66a4b5a8a3866dfd865a37cb4a96482ab2f439981e03b57cea

Certificate Info

IssuerSectigo Limited

Subject*.traincdn.com

Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA

ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

HTTP Headers

GET /genfiles/web-app-v2/dictionary2/v3_reset_password/en/dictionary_612c6e919ca15d39cc751a619a3952c7.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-873858.world/
Origin: https://1xlite-873858.world
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:39 GMT
content-type: application/json; charset=utf-8
content-length: 765
traceparent: 00-828d46b99a7b268c6373758b6829da69-f73890994158096e-01
last-modified: Wed, 11 Oct 2023 12:52:53 GMT
etag: "00f980f23f1b4c1ccee99ed49e0a8feb"
cache-control: max-age=3600
expires: Thu, 16 Jan 2025 10:53:47 GMT
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 2549
cache: HIT
x-cached-since: 2025-06-12T14:02:10+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

GET 1xlite-873858.world/captcha-api/assets/hunt-captcha.js

91.186.206.101

200 OK

86 kB

URL

1xlite-873858.world/captcha-api/assets/hunt-captcha.js

IP / ASN

91.186.206.101

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators

First Seen2025-06-12

Last Seen2025-06-16

Times Seen93

Size86 kB (86467 bytes)

MD5995686fa9daadfdb9b2db88054924cec

SHA1ac0c6168ae60959598457e766cb3f691af69cdaf

SHA256a31a605f2224c083c4dc7a6212e2a0d8ee3ec56cb1ad0dc990bba408185242d2

Certificate Info

IssuerLet's Encrypt

Subject1xlite-873858.world

Fingerprint00:0C:E2:41:66:9C:66:FC:9D:9B:1D:78:F5:33:D3:B8:4E:51:BD:57

ValidityTue, 29 Apr 2025 11:29:46 GMT - Mon, 28 Jul 2025 11:29:45 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /captcha-api/assets/hunt-captcha.js HTTP/1.1
Host: 1xlite-873858.world
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-873858.world/en/block
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_87653m_3030c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5D%7Badspot_id%7D_d26691_l14299_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_87653m_3030c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5D%7Badspot_id%7D_d26691_l14299_clickunder; postback_watcher=%7B%22tag%22%3A%22d_87653m_3030c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5D%7Badspot_id%7D_d26691_l14299_clickunder%22%2C%22pb%22%3A%22b3ec284c1a7a4c4aa92f9fa5f651e8ba%22%2C%22click_id%22%3A%22RznZH4qTZSQrYVLaGNUg_wiYSa799b%7Badspot_id%7D498648faglh%7Bclick_id%7D%22%7D; auid=W7rOZWhK59W51tiFAwPkAg==; window_width=1280; che_g=1c6a20dc-b553-4bd0-0abd-73d81e144eda; SESSION=0fc45ba2f8f86275ef5d59144e622c2a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:48 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=300
content-encoding: br
vary: Accept-Encoding
x-dt: 455
x-request-id: 99aa1825f849831d941f3d620c3e2384
x-time-ng: 0.001
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=0.016, wf-uht;dur=
X-Firefox-Spdy: h2

GET 1xlite-873858.world/en/block

91.186.206.101

203 Non Authoritative

271 kB

URL

1xlite-873858.world/en/block

IP / ASN

91.186.206.101

Requested byN/A

Resource Info

File typeHTML document, ASCII text, with very long lines (53869)

First Seen2025-06-12

Last Seen2025-06-12

Times Seen1

Size271 kB (270957 bytes)

MD59ce78e77aab95bd0cdf821ead4b6a79e

SHA1cb458af23d5d3dcf1fdd8b6722324d456204285f

SHA256cd22bbcb858810337292a2774ba9aad1f2d91f3cda9574b911ccbaf5ce910ba9

Certificate Info

IssuerLet's Encrypt

Subject1xlite-873858.world

Fingerprint00:0C:E2:41:66:9C:66:FC:9D:9B:1D:78:F5:33:D3:B8:4E:51:BD:57

ValidityTue, 29 Apr 2025 11:29:46 GMT - Mon, 28 Jul 2025 11:29:45 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /en/block HTTP/1.1
Host: 1xlite-873858.world
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_87653m_3030c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5D%7Badspot_id%7D_d26691_l14299_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_87653m_3030c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5D%7Badspot_id%7D_d26691_l14299_clickunder; postback_watcher=%7B%22tag%22%3A%22d_87653m_3030c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5D%7Badspot_id%7D_d26691_l14299_clickunder%22%2C%22pb%22%3A%22b3ec284c1a7a4c4aa92f9fa5f651e8ba%22%2C%22click_id%22%3A%22RznZH4qTZSQrYVLaGNUg_wiYSa799b%7Badspot_id%7D498648faglh%7Bclick_id%7D%22%7D; auid=W7rOZWhK59W51tiFAwPkAg==
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 203 Non Authoritative
server: nginx
date: Thu, 12 Jun 2025 14:44:37 GMT
content-type: text/html; charset=utf-8
content-length: 270957
accept-ranges: none
server-timing: dt_total;dur=0.005, total;dur=55;desc="Nuxt Server Time"
set-cookie: gw-mm=; Path=/; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Secure; SameSite=None; Partitioned
lng=en; Path=/
cookies_agree_type=3; Path=/
tzo=2; Path=/
is12h=0; Path=/
x-dt: 285
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

GET v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/60608cbba85ee2e8946c25b55281a0bc.json

185.244.209.62

200 OK

328 B

URL

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/60608cbba85ee2e8946c25b55281a0bc.json

IP / ASN

185.244.209.62

#199524 G-Core Labs S.A.

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeJSON text data

First Seen2025-02-27

Last Seen2025-07-30

Times Seen1637

Size328 B (328 bytes)

MD54347fc050ebe622e30a7bf78a213b5a0

SHA1c05b3b571980b01ff9f07e6adc1c29c58be70bd1

SHA256ed1b1193a248bf273141c31b7f74dd1224416b3757e5a71f2e7d579c50d65d57

Certificate Info

IssuerSectigo Limited

Subject*.traincdn.com

Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA

ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/60608cbba85ee2e8946c25b55281a0bc.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-873858.world/
Origin: https://1xlite-873858.world
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:40 GMT
content-type: application/json
content-length: 328
traceparent: 00-d1b173f05cb5292bd587e64f1f842afb-f98911076dea0612-01
last-modified: Thu, 27 Feb 2025 10:51:50 GMT
etag: "4347fc050ebe622e30a7bf78a213b5a0"
expires: Thu, 27 Feb 2025 12:17:56 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 1928
cache: HIT
x-cached-since: 2025-06-12T14:12:32+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

GET v3.traincdn.com/sys-static/shared-assets/__shared_popper_js_E2H7ZPXQ.js

185.244.209.62

200 OK

21 kB

URL

v3.traincdn.com/sys-static/shared-assets/__shared_popper_js_E2H7ZPXQ.js

IP / ASN

185.244.209.62

#199524 G-Core Labs S.A.

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeJavaScript source, ASCII text, with very long lines (21232)

First Seen2025-05-14

Last Seen2025-08-02

Times Seen1439

Size21 kB (21252 bytes)

MD53cf0cae38afae9add22f7884e5061231

SHA12a41037501375a439385a76a047876619683418f

SHA256322482e3beae5a985d069beea981614510fda90a5df7295b776a324d461fc43d

Certificate Info

IssuerSectigo Limited

Subject*.traincdn.com

Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA

ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

HTTP Headers

GET /sys-static/shared-assets/__shared_popper_js_E2H7ZPXQ.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-873858.world
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:40 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-ad82d6c94ab6037eec204700971c69da-0c5ca14b790d15e1-01
last-modified: Thu, 12 Jun 2025 05:46:34 GMT
etag: W/"3cf0cae38afae9add22f7884e5061231"
x-amz-meta-mtime: 1749706870.533752977
content-encoding: gzip
expires: Fri, 13 Jun 2025 09:01:43 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 20577
cache: HIT
x-cached-since: 2025-06-12T09:01:43+00:00
X-Firefox-Spdy: h2

GET v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/8f5baa79dd.js

185.244.209.62

200 OK

1.2 kB

URL

v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/8f5baa79dd.js

IP / ASN

185.244.209.62

#199524 G-Core Labs S.A.

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeJavaScript source, ASCII text, with very long lines (833)

First Seen2025-06-11

Last Seen2025-06-18

Times Seen109

Size1.2 kB (1206 bytes)

MD5f7e37ebd12b14d4b1601ce883158b83f

SHA104af176e528630a964ec3b011cbceb5f64f34752

SHA256af238d077c57927faccf25bd23f9f6647d72af7e7be300be0b04037ebaeef7a5

Certificate Info

IssuerSectigo Limited

Subject*.traincdn.com

Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA

ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

HTTP Headers

GET /sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/8f5baa79dd.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-873858.world
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:40 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-f1ad027e21cda5cdb6e1e81d084f167d-ee2ca0706a923c87-01
last-modified: Wed, 11 Jun 2025 10:23:53 GMT
etag: W/"f7e37ebd12b14d4b1601ce883158b83f"
x-amz-meta-mtime: 1749637066.110325063
content-encoding: gzip
expires: Fri, 13 Jun 2025 09:03:05 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 20289
cache: HIT
x-cached-since: 2025-06-12T09:06:31+00:00
X-Firefox-Spdy: h2

GET v3.traincdn.com/main-static/e6b170ce/desktop/default/css/10b13e89.css

185.244.209.62

200 OK

56 kB

URL

v3.traincdn.com/main-static/e6b170ce/desktop/default/css/10b13e89.css

IP / ASN

185.244.209.62

#199524 G-Core Labs S.A.

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeASCII text, with very long lines (56327), with no line terminators

First Seen2025-06-12

Last Seen2025-06-18

Times Seen102

Size56 kB (56327 bytes)

MD58ab3f2e974dc6d8cd0395696a2dcbe90

SHA12da436113e43d10ff6b31ceb0e2996347a6531a0

SHA2563e82938fc0aae7fdd6b259023c159e593ae314acf3b691dc30f9693d52148bd8

Certificate Info

IssuerSectigo Limited

Subject*.traincdn.com

Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA

ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

HTTP Headers

GET /main-static/e6b170ce/desktop/default/css/10b13e89.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-873858.world/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:38 GMT
content-type: text/css; charset=utf-8
traceparent: 00-0bce2cde03497dc708d0719550e42cdc-01fd93aae3bcc89b-01
last-modified: Thu, 12 Jun 2025 08:51:05 GMT
etag: W/"8ab3f2e974dc6d8cd0395696a2dcbe90"
x-amz-meta-mtime: 1749718261.852055161
content-encoding: gzip
expires: Fri, 13 Jun 2025 09:02:33 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 20319
cache: HIT
x-cached-since: 2025-06-12T09:05:59+00:00
X-Firefox-Spdy: h2

GET v3.traincdn.com/sys-static/shared-assets/Desktop/__shared_css_6142be.css

185.244.209.62

200 OK

4.2 kB

URL

v3.traincdn.com/sys-static/shared-assets/Desktop/__shared_css_6142be.css

IP / ASN

185.244.209.62

#199524 G-Core Labs S.A.

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeASCII text, with very long lines (3743)

First Seen2025-06-03

Last Seen2025-07-04

Times Seen257

Size4.2 kB (4166 bytes)

MD5171e9a7475c71887ff37d52e24605a97

SHA1e48eb9f3fa6407ba31f405ed2320f18889e5f388

SHA2566142be1be0200ed42b10d14b9f5ffa06c4fcf9d2445d15c64d5bc16eb21a8fe5

Certificate Info

IssuerSectigo Limited

Subject*.traincdn.com

Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA

ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

HTTP Headers

GET /sys-static/shared-assets/Desktop/__shared_css_6142be.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-873858.world/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:38 GMT
content-type: text/css; charset=utf-8
traceparent: 00-069f22de7f9c7ff78e8bc6ca599efee7-31407b8920480e52-01
last-modified: Thu, 12 Jun 2025 10:45:15 GMT
etag: W/"171e9a7475c71887ff37d52e24605a97"
x-amz-meta-mtime: 1749724843.919375409
content-encoding: gzip
expires: Fri, 13 Jun 2025 10:56:10 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 13185
cache: HIT
x-cached-since: 2025-06-12T11:04:53+00:00
X-Firefox-Spdy: h2

GET v3.traincdn.com/main-static/e6b170ce/desktop/default/runtime-f2c85b9f.js

185.244.209.62

200 OK

19 kB

URL

v3.traincdn.com/main-static/e6b170ce/desktop/default/runtime-f2c85b9f.js

IP / ASN

185.244.209.62

#199524 G-Core Labs S.A.

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeJavaScript source, ASCII text, with very long lines (18930), with no line terminators

First Seen2025-06-12

Last Seen2025-06-17

Times Seen91

Size19 kB (18930 bytes)

MD557530e0cd29e94ad1fe6e2a9c48ac3cf

SHA1d430b5b036547e45e05b00028c9ce348c9afafdc

SHA256bf0b2458cfb843c03ebdd9a3b802821085285ad2a236c04bc58a19b45825b53f

Certificate Info

IssuerSectigo Limited

Subject*.traincdn.com

Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA

ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

HTTP Headers

GET /main-static/e6b170ce/desktop/default/runtime-f2c85b9f.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-873858.world/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:38 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-e6a3d6a7e840019c91d085592a9061b7-d7144ffc30c1d347-01
last-modified: Thu, 12 Jun 2025 08:51:05 GMT
etag: W/"57530e0cd29e94ad1fe6e2a9c48ac3cf"
x-amz-meta-mtime: 1749718261.860055239
content-encoding: gzip
expires: Fri, 13 Jun 2025 09:02:33 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 20318
cache: HIT
x-cached-since: 2025-06-12T09:06:00+00:00
X-Firefox-Spdy: h2

GET v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/8192228305b202797f207eeb6842287c.png

185.244.209.62

200 OK

5.2 kB

URL

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/8192228305b202797f207eeb6842287c.png

IP / ASN

185.244.209.62

#199524 G-Core Labs S.A.

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typePNG image data, 514 x 514, 8-bit colormap, non-interlaced

First Seen2023-11-17

Last Seen2025-08-02

Times Seen2567

Size5.2 kB (5202 bytes)

MD5b9a636eef54b2844b571fe7de49184a7

SHA1bf653690790ced40eb3189da075a275d951d1607

SHA256001bfcdd52b658d46543a1aec889d35b73b3909b47097cc011b95e96fc9e3743

Certificate Info

IssuerSectigo Limited

Subject*.traincdn.com

Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA

ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/8192228305b202797f207eeb6842287c.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-873858.world/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:40 GMT
content-type: image/png
content-length: 5202
traceparent: 00-dd2542bab03ad9c0f454d17e87b63f08-8ade04c5b17a88ed-01
last-modified: Wed, 26 Jun 2024 08:22:59 GMT
etag: "b9a636eef54b2844b571fe7de49184a7"
expires: Thu, 16 Jan 2025 11:18:57 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 3102
cache: HIT
x-cached-since: 2025-06-12T13:52:58+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

GET v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/fc03516ae4c718991727836d377493ff.json

185.244.209.62

200 OK

13 kB

URL

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/fc03516ae4c718991727836d377493ff.json

IP / ASN

185.244.209.62

#199524 G-Core Labs S.A.

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeJSON text data

First Seen2025-03-13

Last Seen2025-07-30

Times Seen1803

Size13 kB (13278 bytes)

MD52b474bcc2f009b70e64e2b5a95dd50a4

SHA11fd5ee2d54da7dfbf61e67efd938a89c548fc866

SHA256f86d880575f3f65ddaaf9e8a0e3746bbbefcefe7e6c0c4441e9e20ceffdca237

Certificate Info

IssuerSectigo Limited

Subject*.traincdn.com

Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA

ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/fc03516ae4c718991727836d377493ff.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-873858.world/
Origin: https://1xlite-873858.world
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:40 GMT
content-type: application/json
traceparent: 00-d0b2b2b10995cfb68e2db5984e18bc00-9822ad9f27814f76-01
last-modified: Wed, 12 Mar 2025 09:35:22 GMT
etag: W/"2b474bcc2f009b70e64e2b5a95dd50a4"
content-encoding: gzip
expires: Wed, 12 Mar 2025 11:03:31 GMT
cache-control: max-age=3600
x-time-ng: 0.001
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 1928
cache: HIT
x-cached-since: 2025-06-12T14:12:32+00:00
X-Firefox-Spdy: h2

GET v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_block_pages/en/dictionary_bc0570f08a28537dc724f4764ecf77e4.json

185.244.209.62

200 OK

2.3 kB

URL

v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_block_pages/en/dictionary_bc0570f08a28537dc724f4764ecf77e4.json

IP / ASN

185.244.209.62

#199524 G-Core Labs S.A.

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeJSON text data

First Seen2025-04-23

Last Seen2025-07-18

Times Seen1140

Size2.3 kB (2308 bytes)

MD57c12ae6fc08684f50822b3eb56779e29

SHA1036c726b8b7b2d24f987391101f3e8d1a2a183cf

SHA256a2eac45353675c82733192916712b8876c6b038b7bdbddc24df464e38b67cbfd

Certificate Info

IssuerSectigo Limited

Subject*.traincdn.com

Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA

ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

HTTP Headers

GET /genfiles/web-app-v2/dictionary2/v3_block_pages/en/dictionary_bc0570f08a28537dc724f4764ecf77e4.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-873858.world/
Origin: https://1xlite-873858.world
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:40 GMT
content-type: application/json; charset=utf-8
traceparent: 00-36a99cc2dde0a2bc844dd3a41e758a6e-fbc011942606f222-01
last-modified: Tue, 22 Apr 2025 08:06:29 GMT
etag: W/"7c12ae6fc08684f50822b3eb56779e29"
cache-control: max-age=3600
content-encoding: gzip
expires: Tue, 22 Apr 2025 09:26:34 GMT
x-time-ng: 0.001
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 3572
cache: HIT
x-cached-since: 2025-06-12T13:45:08+00:00
X-Firefox-Spdy: h2

GET v3.traincdn.com/sys-static/shared-assets/__shared_vue_deps_DYMTJONH.js

185.244.209.62

200 OK

19 kB

URL

v3.traincdn.com/sys-static/shared-assets/__shared_vue_deps_DYMTJONH.js

IP / ASN

185.244.209.62

#199524 G-Core Labs S.A.

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (19034)

First Seen2025-05-14

Last Seen2025-08-02

Times Seen1463

Size19 kB (19175 bytes)

MD51580a3cfe81fd30910a49dfe64cc8e7b

SHA1314144dc49595482ba46c0b85b38d5f73ef73a7b

SHA2568989a021d20f0fc08c43966a287cbd99e43142a5a0ff42eb232756a101de6035

Certificate Info

IssuerSectigo Limited

Subject*.traincdn.com

Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA

ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

HTTP Headers

GET /sys-static/shared-assets/__shared_vue_deps_DYMTJONH.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-873858.world
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:40 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-f76cd1423f01a9927c01ced16fb2e234-7bc45bf430bee2d0-01
last-modified: Wed, 11 Jun 2025 13:19:42 GMT
etag: W/"1580a3cfe81fd30910a49dfe64cc8e7b"
x-amz-meta-mtime: 1749647628.924112589
content-encoding: gzip
expires: Thu, 12 Jun 2025 19:03:04 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 70856
cache: HIT
x-cached-since: 2025-06-11T19:03:44+00:00
X-Firefox-Spdy: h2

GET v3.traincdn.com/sys-static/shared-assets/__shared_fast_deep_equal_XYWIEKOD.js

185.244.209.62

200 OK

865 B

URL

v3.traincdn.com/sys-static/shared-assets/__shared_fast_deep_equal_XYWIEKOD.js

IP / ASN

185.244.209.62

#199524 G-Core Labs S.A.

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeJavaScript source, ASCII text, with very long lines (840)

First Seen2025-05-14

Last Seen2025-08-02

Times Seen1463

Size865 B (865 bytes)

MD50af3fe0c072a5bb3b6c731767187982f

SHA155db5afb57265dc92fd121fe9ae565ffb2f53b2c

SHA256655bbe85da91e863401c6f96e24b41f5c2fe51a4245cecc2deb2b8c9600fef30

Certificate Info

IssuerSectigo Limited

Subject*.traincdn.com

Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA

ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

HTTP Headers

GET /sys-static/shared-assets/__shared_fast_deep_equal_XYWIEKOD.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-873858.world
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:40 GMT
content-type: text/javascript; charset=utf-8
content-length: 865
traceparent: 00-9d6fbafed53911ab9c934ceb903299f7-e33ff34a4090e1b9-01
last-modified: Thu, 12 Jun 2025 05:46:34 GMT
etag: "0af3fe0c072a5bb3b6c731767187982f"
x-amz-meta-mtime: 1749706870.533752977
expires: Fri, 13 Jun 2025 08:08:56 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 23350
cache: HIT
x-cached-since: 2025-06-12T08:15:30+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

GET v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/c0e02032d1.css

185.244.209.62

200 OK

11 kB

URL

v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/c0e02032d1.css

IP / ASN

185.244.209.62

#199524 G-Core Labs S.A.

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeASCII text, with very long lines (11072)

First Seen2025-05-21

Last Seen2025-08-02

Times Seen1282

Size11 kB (11073 bytes)

MD53d3e04f603cc58802ff96240abbdc3aa

SHA1e7e6a5d59c97236922354b40d288736f034a1ce3

SHA256611f7a963cd4aa278f1ba51f2401247df8c658929b76bfdce45bec08be83d7bd

Certificate Info

IssuerSectigo Limited

Subject*.traincdn.com

Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA

ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

HTTP Headers

GET /sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/c0e02032d1.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-873858.world/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:38 GMT
content-type: text/css; charset=utf-8
traceparent: 00-12a83231c5373d08cacc43b6a76a1ab1-e868c55618f2cbc0-01
last-modified: Wed, 11 Jun 2025 10:23:53 GMT
etag: W/"3d3e04f603cc58802ff96240abbdc3aa"
x-amz-meta-mtime: 1749637066.112325129
content-encoding: gzip
expires: Thu, 12 Jun 2025 16:05:05 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 81573
cache: HIT
x-cached-since: 2025-06-11T16:05:05+00:00
X-Firefox-Spdy: h2

GET v3.traincdn.com/main-static/e6b170ce/desktop/default/app-3560bae1.js

185.244.209.62

200 OK

504 kB

URL

v3.traincdn.com/main-static/e6b170ce/desktop/default/app-3560bae1.js

IP / ASN

185.244.209.62

#199524 G-Core Labs S.A.

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65535), with no line terminators

First Seen2025-06-12

Last Seen2025-06-17

Times Seen91

Size504 kB (503637 bytes)

MD5d0b53c4e59e523ae308988ae0a7160c9

SHA1e6958b3bc557b1b820e0adb674d414ea85b4b194

SHA2568f38cdc14f57860fda1f450b3821d4e616baf5d397521dc39460e59ebf78d3f8

Certificate Info

IssuerSectigo Limited

Subject*.traincdn.com

Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA

ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

HTTP Headers

GET /main-static/e6b170ce/desktop/default/app-3560bae1.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-873858.world/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:38 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-b80bec80b925a327fcaf16478c4dfa9d-fd8bcaef2484ece9-01
last-modified: Thu, 12 Jun 2025 08:51:03 GMT
etag: W/"d0b53c4e59e523ae308988ae0a7160c9"
x-amz-meta-mtime: 1749718261.852055161
content-encoding: gzip
expires: Fri, 13 Jun 2025 09:02:33 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 20318
cache: HIT
x-cached-since: 2025-06-12T09:06:00+00:00
X-Firefox-Spdy: h2

GET v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/e3dd2d416ede1d7659584842878349f6.json

185.244.209.62

200 OK

1.1 kB

URL

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/e3dd2d416ede1d7659584842878349f6.json

IP / ASN

185.244.209.62

#199524 G-Core Labs S.A.

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeJSON text data

First Seen2023-05-25

Last Seen2025-07-30

Times Seen1689

Size1.1 kB (1085 bytes)

MD5338264fc869e8f0b86b0d6c9d92102b0

SHA183b4d35816df0e1486b766251e74d23f28b77824

SHA256015355a44429f40dd63b566dd1e9b1b76af3dfa28dcd25a43e82820ba0847b8d

Certificate Info

IssuerSectigo Limited

Subject*.traincdn.com

Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA

ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/e3dd2d416ede1d7659584842878349f6.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-873858.world/
Origin: https://1xlite-873858.world
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:40 GMT
content-type: application/json
traceparent: 00-e0333c1894786ae416c2dbe106d21341-5d1e3db0c49dd1d9-01
last-modified: Thu, 16 May 2024 19:05:13 GMT
etag: W/"338264fc869e8f0b86b0d6c9d92102b0"
content-encoding: gzip
expires: Thu, 16 Jan 2025 11:19:55 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 1928
cache: HIT
x-cached-since: 2025-06-12T14:12:32+00:00
X-Firefox-Spdy: h2

GET www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7JGWL9SV66&cid=451578812.1749739491&gtm=45je56a1v897130004za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=101509157~102015666~103116026~103200004~103233427~103351869~103351871~104617979~104617981~104661466~104661468~104684204~104684207&tag_exp=101509157~102015666~103116026~103200004~103233427~103351869~103351871~104617979~104617981~104661466~104661468~104684204~104684207&z=673813210

142.250.74.131

200 OK

42 B

URL

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7JGWL9SV66&cid=451578812.1749739491&gtm=45je56a1v897130004za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=101509157~102015666~103116026~103200004~103233427~103351869~103351871~104617979~104617981~104661466~104661468~104684204~104684207&tag_exp=101509157~102015666~103116026~103200004~103233427~103351869~103351871~104617979~104617981~104661466~104661468~104684204~104684207&z=673813210

IP / ASN

142.250.74.131

#15169 GOOGLE

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeGIF image data, version 89a, 1 x 1

First Seen2023-04-05

Last Seen2025-08-02

Times Seen320142

Size42 B (42 bytes)

MD5d89746888da2d9510b64a9f031eaecd5

SHA1d5fceb6532643d0d84ffe09c40c481ecdf59e15a

SHA256ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Certificate Info

IssuerGoogle Trust Services

Subject*.google.no

FingerprintF5:F3:C1:C0:97:D6:3B:FC:0B:FD:36:B3:3B:83:88:FF:EA:FE:D1:1E

ValidityMon, 12 May 2025 08:45:40 GMT - Mon, 04 Aug 2025 08:45:39 GMT

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7JGWL9SV66&cid=451578812.1749739491&gtm=45je56a1v897130004za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=101509157~102015666~103116026~103200004~103233427~103351869~103351871~104617979~104617981~104661466~104661468~104684204~104684207&tag_exp=101509157~102015666~103116026~103200004~103233427~103351869~103351871~104617979~104617981~104661466~104661468~104684204~104684207&z=673813210 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-873858.world/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 12 Jun 2025 14:44:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

POST region1.analytics.google.com/g/collect?v=2&tid=G-7JGWL9SV66&gtm=45je56a1v897130004za200&_p=1749739490012&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101509157~102015666~103116026~103200004~103233427~103351869~103351871~104617979~104617981~104661466~104661468~104684204~104684207&cid=451578812.1749739491&ecid=171771736&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=AEAAAAQ&_s=2&sid=1749739490&sct=1&seg=0&dl=https%3A%2F%2F1xlite-873858.world%2Fen%2Fblock&dt=1xBet&_tu=Kg&en=scroll&ep.optimize_id=GTM-5R4MT54&epn.percent_scrolled=90&tfd=18857

216.239.34.36

204 No Content

0 B

URL

region1.analytics.google.com/g/collect?v=2&tid=G-7JGWL9SV66&gtm=45je56a1v897130004za200&_p=1749739490012&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101509157~102015666~103116026~103200004~103233427~103351869~103351871~104617979~104617981~104661466~104661468~104684204~104684207&cid=451578812.1749739491&ecid=171771736&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=AEAAAAQ&_s=2&sid=1749739490&sct=1&seg=0&dl=https%3A%2F%2F1xlite-873858.world%2Fen%2Fblock&dt=1xBet&_tu=Kg&en=scroll&ep.optimize_id=GTM-5R4MT54&epn.percent_scrolled=90&tfd=18857

IP / ASN

216.239.34.36

#15169 GOOGLE

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-02

Times Seen5609172

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subject*.google-analytics.com

Fingerprint10:76:57:2F:C3:21:F2:5F:71:E4:85:A5:DB:F7:65:3F:51:03:55:07

ValidityMon, 12 May 2025 08:42:57 GMT - Mon, 04 Aug 2025 08:42:56 GMT

HTTP Headers

POST /g/collect?v=2&tid=G-7JGWL9SV66&gtm=45je56a1v897130004za200&_p=1749739490012&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101509157~102015666~103116026~103200004~103233427~103351869~103351871~104617979~104617981~104661466~104661468~104684204~104684207&cid=451578812.1749739491&ecid=171771736&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=AEAAAAQ&_s=2&sid=1749739490&sct=1&seg=0&dl=https%3A%2F%2F1xlite-873858.world%2Fen%2Fblock&dt=1xBet&_tu=Kg&en=scroll&ep.optimize_id=GTM-5R4MT54&epn.percent_scrolled=90&tfd=18857 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-873858.world/
Origin: https://1xlite-873858.world
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0

HTTP/3 204 No Content
access-control-allow-origin: https://1xlite-873858.world
date: Thu, 12 Jun 2025 14:44:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:158:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:158:0
report-to: {"group":"ascnsrsggc:158:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:158:0"}],}
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/46fe3f96f4140750e81ded48911f3e30.json

185.244.209.62

200 OK

747 B

URL

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/46fe3f96f4140750e81ded48911f3e30.json

IP / ASN

185.244.209.62

#199524 G-Core Labs S.A.

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeJSON text data

First Seen2025-03-01

Last Seen2025-08-02

Times Seen1514

Size747 B (747 bytes)

MD5f4e90636ec9cff061c4301b3cefdd0d6

SHA1c506efe9c3672c58434ea10021dab0ad81b1ad98

SHA25630666f138ccc12735e2f8a6405ddce4a3d8756b9445e3b2732fa2970f14dbcea

Certificate Info

IssuerSectigo Limited

Subject*.traincdn.com

Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA

ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/46fe3f96f4140750e81ded48911f3e30.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-873858.world/
Origin: https://1xlite-873858.world
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:39 GMT
content-type: application/json
content-length: 747
traceparent: 00-8f7ff48db51aa3d35c7c7441b8e46d56-14be1278140d3b80-01
last-modified: Thu, 27 Feb 2025 13:26:35 GMT
etag: "f4e90636ec9cff061c4301b3cefdd0d6"
expires: Thu, 27 Feb 2025 15:00:05 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 1928
cache: HIT
x-cached-since: 2025-06-12T14:12:31+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

GET v3.traincdn.com/sys-static/shared-assets/__shared_chunk_7HDOEZTP.js

185.244.209.62

200 OK

1.2 kB

URL

v3.traincdn.com/sys-static/shared-assets/__shared_chunk_7HDOEZTP.js

IP / ASN

185.244.209.62

#199524 G-Core Labs S.A.

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeJavaScript source, ASCII text, with very long lines (1193)

First Seen2025-05-14

Last Seen2025-08-02

Times Seen1463

Size1.2 kB (1194 bytes)

MD57e76c08e7f16815131a5f13a10c1efba

SHA15f800877b78a0713157fe119bc1a2d9a260f72e1

SHA256c6f29a0c7c3ed884ccffd7a529fd2fc599e2da1f31af658146f0e36a3f4c00dc

Certificate Info

IssuerSectigo Limited

Subject*.traincdn.com

Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA

ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

HTTP Headers

GET /sys-static/shared-assets/__shared_chunk_7HDOEZTP.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-873858.world
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:40 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-b1e97e18271469bd90ab8d0f50a668f6-9bf7744e9e59f717-01
last-modified: Thu, 12 Jun 2025 05:46:34 GMT
etag: W/"7e76c08e7f16815131a5f13a10c1efba"
x-amz-meta-mtime: 1749706870.569752754
content-encoding: gzip
expires: Fri, 13 Jun 2025 08:08:54 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 23349
cache: HIT
x-cached-since: 2025-06-12T08:15:31+00:00
X-Firefox-Spdy: h2

GET www.googletagmanager.com/gtag/js?id=G-7JGWL9SV66

142.250.74.168

200 OK

477 kB

URL

www.googletagmanager.com/gtag/js?id=G-7JGWL9SV66

IP / ASN

142.250.74.168

#15169 GOOGLE

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (12571)

First Seen2025-06-12

Last Seen2025-06-12

Times Seen1

Size477 kB (477271 bytes)

MD579a12f5eb4ae1d09bf09d8be23b2d551

SHA1542045caf76e5d8773324b4ab67ae31e8e1da4ad

SHA25620e2376fb22d048f0e2114d1e6d4ba59138c6b9d6b9675438872258fe0eedc10

Certificate Info

IssuerGoogle Trust Services

Subject*.google-analytics.com

Fingerprint10:76:57:2F:C3:21:F2:5F:71:E4:85:A5:DB:F7:65:3F:51:03:55:07

ValidityMon, 12 May 2025 08:42:57 GMT - Mon, 04 Aug 2025 08:42:56 GMT

HTTP Headers

GET /gtag/js?id=G-7JGWL9SV66 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-873858.world/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 12 Jun 2025 14:44:50 GMT
expires: Thu, 12 Jun 2025 14:44:50 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1077:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1077:0
report-to: {"group":"ascgcycc:1077:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1077:0"}],}
server: Google Tag Manager
content-length: 152019
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET 1xlite-873858.world/checker/redirect/stat/run/

91.186.206.101

200 OK

76 B

URL

1xlite-873858.world/checker/redirect/stat/run/

IP / ASN

91.186.206.101

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeJSON text data

First Seen2025-06-04

Last Seen2025-08-01

Times Seen599

Size76 B (76 bytes)

MD527c2416c1b923fecbcfc18d2fe0b93c8

SHA1c2bf774eb23aea67e9f24cb3c4aef31dc2575276

SHA256235990e7fa35e87bda0de418d7f4f59e238d6bcc4663db671e512f67f0e1a74b

Certificate Info

IssuerLet's Encrypt

Subject1xlite-873858.world

Fingerprint00:0C:E2:41:66:9C:66:FC:9D:9B:1D:78:F5:33:D3:B8:4E:51:BD:57

ValidityTue, 29 Apr 2025 11:29:46 GMT - Mon, 28 Jul 2025 11:29:45 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /checker/redirect/stat/run/ HTTP/1.1
Host: 1xlite-873858.world
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-873858.world/en/block
content-type: application/json
x-requested-with: XMLHttpRequest
x-app-n: v3-nuxt2
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_87653m_3030c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5D%7Badspot_id%7D_d26691_l14299_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_87653m_3030c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5D%7Badspot_id%7D_d26691_l14299_clickunder; postback_watcher=%7B%22tag%22%3A%22d_87653m_3030c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5D%7Badspot_id%7D_d26691_l14299_clickunder%22%2C%22pb%22%3A%22b3ec284c1a7a4c4aa92f9fa5f651e8ba%22%2C%22click_id%22%3A%22RznZH4qTZSQrYVLaGNUg_wiYSa799b%7Badspot_id%7D498648faglh%7Bclick_id%7D%22%7D; auid=W7rOZWhK59W51tiFAwPkAg==; window_width=1280; che_g=1c6a20dc-b553-4bd0-0abd-73d81e144eda
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:39 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-time-ng: 0.002
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.013
X-Firefox-Spdy: h2

POST www.google.com/gmp/conversion;src=14030178;type=xbet;cat=uniqu0;ord=1;num=8259979756300;npa=1;auiddc=1782543867.1749739491;pscdl=noapi;frm=0;_tu=KpA;gtm=45fe56b0h2v9190735530z89180563600za200zb9180563600;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;dc_fmt=4;tag_exp=101509157~103116026~103200004~103233427~103351869~103351871~104617979~104617981~104661466~104661468~104684204~104684207;epver=2;dc_random=1749739490829;~oref=https%3A%2F%2F1xlite-873858.world%2Fen%2Fblock?

142.250.74.68

200 OK

42 B

URL

www.google.com/gmp/conversion;src=14030178;type=xbet;cat=uniqu0;ord=1;num=8259979756300;npa=1;auiddc=1782543867.1749739491;pscdl=noapi;frm=0;_tu=KpA;gtm=45fe56b0h2v9190735530z89180563600za200zb9180563600;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;dc_fmt=4;tag_exp=101509157~103116026~103200004~103233427~103351869~103351871~104617979~104617981~104661466~104661468~104684204~104684207;epver=2;dc_random=1749739490829;~oref=https%3A%2F%2F1xlite-873858.world%2Fen%2Fblock?

IP / ASN

142.250.74.68

#15169 GOOGLE

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeGIF image data, version 89a, 1 x 1

First Seen2023-04-05

Last Seen2025-08-02

Times Seen320142

Size42 B (42 bytes)

MD5d89746888da2d9510b64a9f031eaecd5

SHA1d5fceb6532643d0d84ffe09c40c481ecdf59e15a

SHA256ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Certificate Info

IssuerGoogle Trust Services

Subjectwww.google.com

Fingerprint84:BD:0D:9A:51:CC:86:3E:E9:2F:6E:7C:2D:58:AC:4C:FB:B5:3D:8C

ValidityMon, 12 May 2025 08:44:44 GMT - Mon, 04 Aug 2025 08:44:43 GMT

HTTP Headers

POST /gmp/conversion;src=14030178;type=xbet;cat=uniqu0;ord=1;num=8259979756300;npa=1;auiddc=1782543867.1749739491;pscdl=noapi;frm=0;_tu=KpA;gtm=45fe56b0h2v9190735530z89180563600za200zb9180563600;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;dc_fmt=4;tag_exp=101509157~103116026~103200004~103233427~103351869~103351871~104617979~104617981~104661466~104661468~104684204~104684207;epver=2;dc_random=1749739490829;~oref=https%3A%2F%2F1xlite-873858.world%2Fen%2Fblock? HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-873858.world/
Origin: https://1xlite-873858.world
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 12 Jun 2025 14:44:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://1xlite-873858.world
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET v3.traincdn.com/main-static/e6b170ce/desktop/default/vendors/app-d7417fdd.js

185.244.209.62

200 OK

1.4 MB

URL

v3.traincdn.com/main-static/e6b170ce/desktop/default/vendors/app-d7417fdd.js

IP / ASN

185.244.209.62

#199524 G-Core Labs S.A.

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (64032)

First Seen2025-06-11

Last Seen2025-06-17

Times Seen99

Size1.4 MB (1393850 bytes)

MD5f97166985fba0599caee61b22fea1357

SHA116bf76843b0d9ff70c8f4594b50afe1be6290722

SHA2569f29bab947020f829d51b2e6ff0a34f6da6b72c2e72357fcda7f26d707422ada

Certificate Info

IssuerSectigo Limited

Subject*.traincdn.com

Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA

ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

HTTP Headers

GET /main-static/e6b170ce/desktop/default/vendors/app-d7417fdd.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-873858.world/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:38 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-4f9ca8bf8b50b6f74ceba203217180ef-464cf6d47c9ad4a9-01
last-modified: Thu, 12 Jun 2025 08:51:05 GMT
etag: W/"f97166985fba0599caee61b22fea1357"
x-amz-meta-mtime: 1749718261.860055239
content-encoding: gzip
expires: Fri, 13 Jun 2025 09:02:33 GMT
cache-control: max-age=86400
x-time-ng: 0.003
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 20318
cache: HIT
x-cached-since: 2025-06-12T09:06:00+00:00
X-Firefox-Spdy: h2

POST 1xlite-873858.world/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/ab.json

91.186.206.101

200 OK

2 B

URL

1xlite-873858.world/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/ab.json

IP / ASN

91.186.206.101

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeJSON text data

First Seen2023-03-08

Last Seen2025-08-02

Times Seen76281

Size2 B (2 bytes)

MD5d751713988987e9331980363e24189ce

SHA197d170e1550eee4afc0af065b78cda302a97674c

SHA2564f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Certificate Info

IssuerLet's Encrypt

Subject1xlite-873858.world

Fingerprint00:0C:E2:41:66:9C:66:FC:9D:9B:1D:78:F5:33:D3:B8:4E:51:BD:57

ValidityTue, 29 Apr 2025 11:29:46 GMT - Mon, 28 Jul 2025 11:29:45 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/ab.json HTTP/1.1
Host: 1xlite-873858.world
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-873858.world/en/block
Content-Type: application/json
X-Lang: en
X-Uuid: 21366002-5d44-464d-964c-7bb51cba621a
Content-Length: 19
Origin: https://1xlite-873858.world
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_87653m_3030c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5D%7Badspot_id%7D_d26691_l14299_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_87653m_3030c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5D%7Badspot_id%7D_d26691_l14299_clickunder; postback_watcher=%7B%22tag%22%3A%22d_87653m_3030c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5D%7Badspot_id%7D_d26691_l14299_clickunder%22%2C%22pb%22%3A%22b3ec284c1a7a4c4aa92f9fa5f651e8ba%22%2C%22click_id%22%3A%22RznZH4qTZSQrYVLaGNUg_wiYSa799b%7Badspot_id%7D498648faglh%7Bclick_id%7D%22%7D; auid=W7rOZWhK59W51tiFAwPkAg==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:39 GMT
content-type: application/json
content-length: 2
x-dt: 285
x-time-ng: 0.001
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=0.075, wf-uht;dur=0.028
X-Firefox-Spdy: h2

GET v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/d9842b87b9dabdc4cdc248c062355299.json

185.244.209.62

200 OK

7.3 kB

URL

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/d9842b87b9dabdc4cdc248c062355299.json

IP / ASN

185.244.209.62

#199524 G-Core Labs S.A.

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeJSON text data

First Seen2025-01-27

Last Seen2025-08-01

Times Seen1273

Size7.3 kB (7321 bytes)

MD50614058b667e6dfa1cdecc6e0e53131c

SHA14f20f88c436fb5cbd82cf1dcfeaa14e52195a369

SHA256be16474b0f19b7536ebdd3d0f8867b151eaa4638411ddb46845f887a5d51a653

Certificate Info

IssuerSectigo Limited

Subject*.traincdn.com

Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA

ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/d9842b87b9dabdc4cdc248c062355299.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-873858.world/
Origin: https://1xlite-873858.world
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:39 GMT
content-type: application/json
traceparent: 00-4135ccd8a05970ec3228efa48891f706-ae90a2f9d87a4d7e-01
last-modified: Thu, 23 Jan 2025 13:19:10 GMT
etag: W/"0614058b667e6dfa1cdecc6e0e53131c"
content-encoding: gzip
expires: Thu, 23 Jan 2025 14:50:28 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 469
cache: HIT
x-cached-since: 2025-06-12T14:36:50+00:00
X-Firefox-Spdy: h2

GET v3.traincdn.com/main-static/e6b170ce/desktop/default/Betting.Core-ec7fa007.js

185.244.209.62

200 OK

2.2 kB

URL

v3.traincdn.com/main-static/e6b170ce/desktop/default/Betting.Core-ec7fa007.js

IP / ASN

185.244.209.62

#199524 G-Core Labs S.A.

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeJavaScript source, ASCII text, with very long lines (2180), with no line terminators

First Seen2025-06-12

Last Seen2025-06-17

Times Seen91

Size2.2 kB (2180 bytes)

MD506955b378f75de84ec4ed4a91d7ba79f

SHA11c2084b2adc691bd68a9a12eb637b7cc294b399e

SHA256313edd4dffbbabf366fbfab64bf70bf2e125039e7c98172a298ef31c8537e86d

Certificate Info

IssuerSectigo Limited

Subject*.traincdn.com

Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA

ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

HTTP Headers

GET /main-static/e6b170ce/desktop/default/Betting.Core-ec7fa007.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-873858.world/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:39 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-99d39fb07766434a530dc38364958c95-e2b668f7d1035682-01
last-modified: Thu, 12 Jun 2025 08:51:02 GMT
etag: W/"06955b378f75de84ec4ed4a91d7ba79f"
x-amz-meta-mtime: 1749718261.844055083
content-encoding: gzip
expires: Fri, 13 Jun 2025 09:02:34 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 20316
cache: HIT
x-cached-since: 2025-06-12T09:06:03+00:00
X-Firefox-Spdy: h2

GET v3.traincdn.com/sys-static/shared-assets/__shared_accept_language_parser_B6TW5FDZ.js

185.244.209.62

200 OK

1.3 kB

URL

v3.traincdn.com/sys-static/shared-assets/__shared_accept_language_parser_B6TW5FDZ.js

IP / ASN

185.244.209.62

#199524 G-Core Labs S.A.

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeJavaScript source, ASCII text, with very long lines (1265)

First Seen2025-05-14

Last Seen2025-08-02

Times Seen1463

Size1.3 kB (1297 bytes)

MD5e3f1c4089db6b910890e85d97a2e2066

SHA185828920da3c3fd7856acde184e835ac314295cd

SHA2566c28afe5a52e0f9b1138fe498b254c8671058a058b555651ccae8e91e7534614

Certificate Info

IssuerSectigo Limited

Subject*.traincdn.com

Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA

ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

HTTP Headers

GET /sys-static/shared-assets/__shared_accept_language_parser_B6TW5FDZ.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-873858.world
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:40 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-6e5502cf054a133acdd5e2b1464a5f25-3f0ce8328b7c0104-01
last-modified: Wed, 11 Jun 2025 13:19:42 GMT
etag: W/"e3f1c4089db6b910890e85d97a2e2066"
x-amz-meta-mtime: 1749647628.922112546
content-encoding: gzip
expires: Thu, 12 Jun 2025 17:52:29 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 75131
cache: HIT
x-cached-since: 2025-06-11T17:52:29+00:00
X-Firefox-Spdy: h2

GET v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/8b4e10c31932a559912f415b65fba92c.json

185.244.209.62

200 OK

1.3 kB

URL

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/8b4e10c31932a559912f415b65fba92c.json

IP / ASN

185.244.209.62

#199524 G-Core Labs S.A.

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeJSON text data

First Seen2025-04-07

Last Seen2025-07-30

Times Seen1629

Size1.3 kB (1342 bytes)

MD5499d57f89b2bf5fed52d984d865fd72c

SHA1f3dd138886f2c1e257d3ac2214b7e3cba57e56b2

SHA2569467cf5576ce2a97d9e44e53915a9c4ae529c134cc1ea5a3c62ea304eebda0c8

Certificate Info

IssuerSectigo Limited

Subject*.traincdn.com

Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA

ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/8b4e10c31932a559912f415b65fba92c.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-873858.world/
Origin: https://1xlite-873858.world
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:40 GMT
content-type: application/json
traceparent: 00-3140c82e27e04f4e4d4a20dcdabc7dc4-d78780e962a89485-01
last-modified: Thu, 27 Feb 2025 08:17:13 GMT
etag: W/"499d57f89b2bf5fed52d984d865fd72c"
content-encoding: gzip
expires: Thu, 27 Feb 2025 11:06:29 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 1928
cache: HIT
x-cached-since: 2025-06-12T14:12:32+00:00
X-Firefox-Spdy: h2

GET v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/b5cd9a5e87d930de856c92da15aa121e.png

185.244.209.62

200 OK

653 B

URL

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/b5cd9a5e87d930de856c92da15aa121e.png

IP / ASN

185.244.209.62

#199524 G-Core Labs S.A.

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typePNG image data, 32 x 32, 8-bit colormap, non-interlaced

First Seen2023-04-05

Last Seen2025-08-02

Times Seen3173

Size653 B (653 bytes)

MD5e6f0766cbd95db33da44e7a9140648f2

SHA15f196b1bfe8c3f92bd2ebcd67124e72e81ae6aaf

SHA256c0399d478788d5d483f104a2e8cb7c32f41cb40e9df0c22e831b2bfa2db63ec0

Certificate Info

IssuerSectigo Limited

Subject*.traincdn.com

Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA

ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/b5cd9a5e87d930de856c92da15aa121e.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-873858.world/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:38 GMT
content-type: image/png
content-length: 653
traceparent: 00-d9812f3876ece1b9088a09650334f93d-395e9173a31fd37e-01
last-modified: Wed, 26 Jun 2024 08:18:02 GMT
etag: "e6f0766cbd95db33da44e7a9140648f2"
expires: Thu, 16 Jan 2025 10:46:36 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 2625
cache: HIT
x-cached-since: 2025-06-12T14:00:53+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

GET v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/ad227066db.js

185.244.209.62

200 OK

4.1 kB

URL

v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/ad227066db.js

IP / ASN

185.244.209.62

#199524 G-Core Labs S.A.

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (4047)

First Seen2025-06-11

Last Seen2025-06-18

Times Seen109

Size4.1 kB (4050 bytes)

MD5852d499a2dac9b9a5bff01bd2fbdd026

SHA16222c1646b9bb2c749ad5fd495fb64b665e54546

SHA256f897899bcdc73452dde28dd930da497f2f805273c89e6c250df636f5b3243802

Certificate Info

IssuerSectigo Limited

Subject*.traincdn.com

Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA

ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

HTTP Headers

GET /sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/ad227066db.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-873858.world
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:40 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-9e8ddceb4d708a9acc864af17c629d0c-7322a12aec7be5f4-01
last-modified: Wed, 11 Jun 2025 10:23:53 GMT
etag: W/"852d499a2dac9b9a5bff01bd2fbdd026"
x-amz-meta-mtime: 1749637066.110325063
content-encoding: gzip
expires: Fri, 13 Jun 2025 02:43:19 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 43281
cache: HIT
x-cached-since: 2025-06-12T02:43:19+00:00
X-Firefox-Spdy: h2

POST 1xlite-873858.world/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/ab.json

91.186.206.101

200 OK

2 B

URL

1xlite-873858.world/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/ab.json

IP / ASN

91.186.206.101

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeJSON text data

First Seen2023-03-08

Last Seen2025-08-02

Times Seen76281

Size2 B (2 bytes)

MD5d751713988987e9331980363e24189ce

SHA197d170e1550eee4afc0af065b78cda302a97674c

SHA2564f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Certificate Info

IssuerLet's Encrypt

Subject1xlite-873858.world

Fingerprint00:0C:E2:41:66:9C:66:FC:9D:9B:1D:78:F5:33:D3:B8:4E:51:BD:57

ValidityTue, 29 Apr 2025 11:29:46 GMT - Mon, 28 Jul 2025 11:29:45 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/ab.json HTTP/1.1
Host: 1xlite-873858.world
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-873858.world/en/block
Content-Type: application/json
X-Lang: en
X-Uuid: 21366002-5d44-464d-964c-7bb51cba621a
Content-Length: 19
Origin: https://1xlite-873858.world
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_87653m_3030c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5D%7Badspot_id%7D_d26691_l14299_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_87653m_3030c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5D%7Badspot_id%7D_d26691_l14299_clickunder; postback_watcher=%7B%22tag%22%3A%22d_87653m_3030c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5D%7Badspot_id%7D_d26691_l14299_clickunder%22%2C%22pb%22%3A%22b3ec284c1a7a4c4aa92f9fa5f651e8ba%22%2C%22click_id%22%3A%22RznZH4qTZSQrYVLaGNUg_wiYSa799b%7Badspot_id%7D498648faglh%7Bclick_id%7D%22%7D; auid=W7rOZWhK59W51tiFAwPkAg==; window_width=1280; che_g=1c6a20dc-b553-4bd0-0abd-73d81e144eda
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:40 GMT
content-type: application/json
content-length: 2
x-dt: 285
x-time-ng: 0.001
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=0.009, wf-uht;dur=0.014
X-Firefox-Spdy: h2

GET v3.traincdn.com/sys-ui/3.3.247/Desktop/Default/merged.css

185.244.209.62

200 OK

947 kB

URL

v3.traincdn.com/sys-ui/3.3.247/Desktop/Default/merged.css

IP / ASN

185.244.209.62

#199524 G-Core Labs S.A.

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeASCII text, with very long lines (65536), with no line terminators

First Seen2025-06-11

Last Seen2025-06-13

Times Seen25

Size947 kB (947209 bytes)

MD5a47578a8fc3372348cc0b83ee4afa78f

SHA17863be574f10ad0675e845cac5584009826396b0

SHA25613b784a9d7a3b7cbf43b21c99c8d8c10cf173322806684a136b7ca086877ee51

Certificate Info

IssuerSectigo Limited

Subject*.traincdn.com

Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA

ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

HTTP Headers

GET /sys-ui/3.3.247/Desktop/Default/merged.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-873858.world/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:38 GMT
content-type: text/css; charset=utf-8
traceparent: 00-70c23dbaffdddf8d17604f4861d6a8bf-7c512c2c32158b3d-01
last-modified: Wed, 11 Jun 2025 14:14:12 GMT
etag: W/"a47578a8fc3372348cc0b83ee4afa78f"
x-amz-meta-mtime: 1749651221.810884477
content-encoding: gzip
expires: Thu, 12 Jun 2025 14:20:36 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 1356
cache: HIT
x-cached-since: 2025-06-12T14:22:02+00:00
X-Firefox-Spdy: h2

GET v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/$_$.js

185.244.209.62

200 OK

69 B

URL

v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/$_$.js

IP / ASN

185.244.209.62

#199524 G-Core Labs S.A.

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeASCII text, with no line terminators

First Seen2025-05-14

Last Seen2025-08-02

Times Seen1366

Size69 B (69 bytes)

MD52cdaa92927f02e0b628f1ef4d7dd8caf

SHA19104a2e16ed080b80a42588b8aeb52ebec47ab7a

SHA256ef8101ffea52addcdcfcc3a83f96ff2d4613fb3ae6d1c16bbe4852387b73a9db

Certificate Info

IssuerSectigo Limited

Subject*.traincdn.com

Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA

ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

HTTP Headers

GET /sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/$_$.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-873858.world
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:39 GMT
content-type: text/javascript; charset=utf-8
content-length: 69
traceparent: 00-9af38f3263193755d78ddfe63795e282-5408336ff3964d7a-01
last-modified: Wed, 11 Jun 2025 10:23:53 GMT
etag: "2cdaa92927f02e0b628f1ef4d7dd8caf"
x-amz-meta-mtime: 1749637066.106324931
expires: Thu, 12 Jun 2025 18:35:36 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 72543
cache: HIT
x-cached-since: 2025-06-11T18:35:36+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

GET v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/593f1a6d4223015f3145bf447897f4f2.json

185.244.209.62

200 OK

241 B

URL

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/593f1a6d4223015f3145bf447897f4f2.json

IP / ASN

185.244.209.62

#199524 G-Core Labs S.A.

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeJSON text data

First Seen2025-03-01

Last Seen2025-08-02

Times Seen1533

Size241 B (241 bytes)

MD539257fbb62736206d5245e08925d7b60

SHA14c11e3cb6a16b884772b88acdba30a2ad98e86b8

SHA2563a3cf0f5c60899ffb49d9825516aec475fd7b78cea8ae0b5b58dfb4e658f041e

Certificate Info

IssuerSectigo Limited

Subject*.traincdn.com

Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA

ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/593f1a6d4223015f3145bf447897f4f2.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-873858.world/
Origin: https://1xlite-873858.world
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:40 GMT
content-type: application/json
content-length: 241
traceparent: 00-8441abecb2a535b55e98e60010443b10-df941090cfe9a178-01
last-modified: Thu, 27 Feb 2025 13:24:25 GMT
etag: "39257fbb62736206d5245e08925d7b60"
expires: Thu, 27 Feb 2025 14:48:35 GMT
cache-control: max-age=3600
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 460
cache: HIT
x-cached-since: 2025-06-12T14:37:00+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

GET v3.traincdn.com/main-static/e6b170ce/desktop/default/analytics-d428c172.js

185.244.209.62

200 OK

7.1 kB

URL

v3.traincdn.com/main-static/e6b170ce/desktop/default/analytics-d428c172.js

IP / ASN

185.244.209.62

#199524 G-Core Labs S.A.

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeJavaScript source, ASCII text, with very long lines (7104), with no line terminators

First Seen2025-06-11

Last Seen2025-06-18

Times Seen102

Size7.1 kB (7104 bytes)

MD5e53ec05a66d6e86bacf84cc6e0c064c1

SHA1fe0076a8faec60c09e89544f2dc99d1b730992db

SHA2567126e3d0b7105338c96184be045bd68e436b66389ac2abde66c31c75991ef05c

Certificate Info

IssuerSectigo Limited

Subject*.traincdn.com

Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA

ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

HTTP Headers

GET /main-static/e6b170ce/desktop/default/analytics-d428c172.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-873858.world/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:49 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-a05f70b030c71563cbea7479174fa8f9-a1dda898c556926a-01
last-modified: Thu, 12 Jun 2025 08:51:03 GMT
etag: W/"e53ec05a66d6e86bacf84cc6e0c064c1"
x-amz-meta-mtime: 1749718261.852055161
content-encoding: gzip
expires: Fri, 13 Jun 2025 09:02:39 GMT
cache-control: max-age=86400
x-time-ng: 0.001
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 20316
cache: HIT
x-cached-since: 2025-06-12T09:06:13+00:00
X-Firefox-Spdy: h2

GET 1xlite-873858.world/en?tag=d_87653m_3030c_[]MS[]null[]null[]{adspot_id}_d26691_l14299_clickunder&pb=b3ec284c1a7a4c4aa92f9fa5f651e8ba&click_id=RznZH4qTZSQrYVLaGNUg_wiYSa799b{adspot_id}498648faglh{click_id}

91.186.206.101

302 Found

271 kB

URL

1xlite-873858.world/en?tag=d_87653m_3030c_[]MS[]null[]null[]{adspot_id}_d26691_l14299_clickunder&pb=b3ec284c1a7a4c4aa92f9fa5f651e8ba&click_id=RznZH4qTZSQrYVLaGNUg_wiYSa799b{adspot_id}498648faglh{click_id}

IP / ASN

91.186.206.101

Requested byN/A

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-02

Times Seen5609172

Size271 kB (270957 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerLet's Encrypt

Subject1xlite-873858.world

Fingerprint00:0C:E2:41:66:9C:66:FC:9D:9B:1D:78:F5:33:D3:B8:4E:51:BD:57

ValidityTue, 29 Apr 2025 11:29:46 GMT - Mon, 28 Jul 2025 11:29:45 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /en?tag=d_87653m_3030c_[]MS[]null[]null[]{adspot_id}_d26691_l14299_clickunder&pb=b3ec284c1a7a4c4aa92f9fa5f651e8ba&click_id=RznZH4qTZSQrYVLaGNUg_wiYSa799b{adspot_id}498648faglh{click_id} HTTP/1.1
Host: 1xlite-873858.world
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx
date: Thu, 12 Jun 2025 14:44:37 GMT
location: https://1xlite-873858.world/en/block
server-timing: dt_total;dur=0.012, total;dur=19;desc="Nuxt Server Time", wf-uht;dur=0.033
set-cookie: platform_type=desktop; Path=/; Expires=Sun, 15 Jun 2025 14:44:37 GMT; Secure; SameSite=None; Partitioned
gw-mm=; Path=/; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Secure; SameSite=None; Partitioned
lng=en; Path=/
cookies_agree_type=3; Path=/
tzo=2; Path=/
is12h=0; Path=/
referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_87653m_3030c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5D%7Badspot_id%7D_d26691_l14299_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; Path=/; Expires=Mon, 11 Aug 2025 14:44:37 GMT
reflinkid=d_87653m_3030c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5D%7Badspot_id%7D_d26691_l14299_clickunder; Path=/; Expires=Thu, 12 Jun 2025 15:44:37 GMT
postback_watcher=%7B%22tag%22%3A%22d_87653m_3030c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5D%7Badspot_id%7D_d26691_l14299_clickunder%22%2C%22pb%22%3A%22b3ec284c1a7a4c4aa92f9fa5f651e8ba%22%2C%22click_id%22%3A%22RznZH4qTZSQrYVLaGNUg_wiYSa799b%7Badspot_id%7D498648faglh%7Bclick_id%7D%22%7D; Path=/; Expires=Sat, 12 Jul 2025 14:44:37 GMT
auid=W7rOZWhK59W51tiFAwPkAg==; path=/; secure; httponly; samesite=lax
x-dt: 285
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

GET v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_auth/en/dictionary_7f838d5fc33e22c32ba4cd5c4587c0c2.json

185.244.209.62

200 OK

9.6 kB

URL

v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_auth/en/dictionary_7f838d5fc33e22c32ba4cd5c4587c0c2.json

IP / ASN

185.244.209.62

#199524 G-Core Labs S.A.

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeJSON text data

First Seen2025-06-11

Last Seen2025-06-19

Times Seen136

Size9.6 kB (9577 bytes)

MD58fe51848490ee8a9400ec1170c2ab5a0

SHA15f1adbe64d36ec676f0ee47541af94ee719af580

SHA2561c4ae5753f59ce6fc8d72baf4f84008f7b2aa61de1fb9363ffa9517ba64192f2

Certificate Info

IssuerSectigo Limited

Subject*.traincdn.com

Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA

ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

HTTP Headers

GET /genfiles/web-app-v2/dictionary2/v3_auth/en/dictionary_7f838d5fc33e22c32ba4cd5c4587c0c2.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-873858.world/
Origin: https://1xlite-873858.world
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:39 GMT
content-type: application/json; charset=utf-8
traceparent: 00-25a1720a849501ec3a6b5f8775d76a6a-4c3a9d24daf6073e-01
last-modified: Wed, 11 Jun 2025 14:06:48 GMT
etag: W/"8fe51848490ee8a9400ec1170c2ab5a0"
cache-control: max-age=3600
content-encoding: gzip
expires: Wed, 11 Jun 2025 15:40:34 GMT
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 2864
cache: HIT
x-cached-since: 2025-06-12T13:56:55+00:00
X-Firefox-Spdy: h2

GET v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/6190be1ac7.js

185.244.209.62

200 OK

1.2 kB

URL

v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/6190be1ac7.js

IP / ASN

185.244.209.62

#199524 G-Core Labs S.A.

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeJavaScript source, ASCII text, with very long lines (1165)

First Seen2025-06-11

Last Seen2025-06-18

Times Seen110

Size1.2 kB (1166 bytes)

MD582e5b7a854636b19c7f31b9fc68a9572

SHA14af4f156a94818760673099c0f67485bb0c49828

SHA256a23d12396b34e0f4897cea54b4beaab2f8d6cc13a0434d868cddb0bfb66e152d

Certificate Info

IssuerSectigo Limited

Subject*.traincdn.com

Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA

ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

HTTP Headers

GET /sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/6190be1ac7.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-873858.world
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:40 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-975a535a88a0dd5370e44ceeb78c8377-0b996d36c5b5a393-01
last-modified: Wed, 11 Jun 2025 10:23:53 GMT
etag: W/"82e5b7a854636b19c7f31b9fc68a9572"
x-amz-meta-mtime: 1749637066.10932503
content-encoding: gzip
expires: Fri, 13 Jun 2025 02:43:19 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 43281
cache: HIT
x-cached-since: 2025-06-12T02:43:19+00:00
X-Firefox-Spdy: h2

POST www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2F1xlite-873858.world%2Fen%2Fblock&scrsrc=www.googletagmanager.com&frm=0&rnd=1838596167.1749739491&dt=1xBet&auid=1782543867.1749739491&navt=n&npa=1&gtm=45He56b0h2v9180563600za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101509157~102015666~103116026~103200004~103233427~103351869~103351871~104617979~104617981~104661466~104661468&tft=1749739490661&tfd=13758&apve=1&apvf=sb

142.250.74.68

200 OK

0 B

URL

www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2F1xlite-873858.world%2Fen%2Fblock&scrsrc=www.googletagmanager.com&frm=0&rnd=1838596167.1749739491&dt=1xBet&auid=1782543867.1749739491&navt=n&npa=1&gtm=45He56b0h2v9180563600za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101509157~102015666~103116026~103200004~103233427~103351869~103351871~104617979~104617981~104661466~104661468&tft=1749739490661&tfd=13758&apve=1&apvf=sb

IP / ASN

142.250.74.68

#15169 GOOGLE

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-02

Times Seen5609172

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subject*.google.com

Fingerprint7B:D2:02:FC:58:D9:E6:6C:DB:4E:0A:85:10:91:65:A5:9A:9C:5D:12

ValidityMon, 12 May 2025 08:42:58 GMT - Mon, 04 Aug 2025 08:42:57 GMT

HTTP Headers

POST /ccm/collect?en=page_view&dl=https%3A%2F%2F1xlite-873858.world%2Fen%2Fblock&scrsrc=www.googletagmanager.com&frm=0&rnd=1838596167.1749739491&dt=1xBet&auid=1782543867.1749739491&navt=n&npa=1&gtm=45He56b0h2v9180563600za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101509157~102015666~103116026~103200004~103233427~103351869~103351871~104617979~104617981~104661466~104661468&tft=1749739490661&tfd=13758&apve=1&apvf=sb HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-873858.world
DNT: 1
Connection: keep-alive
Referer: https://1xlite-873858.world/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/3 200 OK
cache-control: no-cache, no-store, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT
date: Thu, 12 Jun 2025 14:44:51 GMT
pragma: no-cache
content-type: text/plain
vary: Origin, X-Origin, Referer
server: scaffolding on HTTPServer2
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://1xlite-873858.world
access-control-expose-headers: date,vary,vary,vary,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET v3.traincdn.com/version.json

185.244.209.62

200 OK

11 B

URL

v3.traincdn.com/version.json

IP / ASN

185.244.209.62

#199524 G-Core Labs S.A.

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeASCII text

First Seen2025-06-12

Last Seen2025-06-17

Times Seen96

Size11 B (11 bytes)

MD58d0e250e690af03be5978f390c91b788

SHA165e5cdc4838fe742af30ad5a00eba30e34c960d2

SHA256b5ff361bc6cdff807f55856d8ddfa6b847b1e6b428bdf79dc0f217445596d48c

Certificate Info

IssuerSectigo Limited

Subject*.traincdn.com

Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA

ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

HTTP Headers

GET /version.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-873858.world
DNT: 1
Connection: keep-alive
Referer: https://1xlite-873858.world/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:38 GMT
content-type: application/json
content-length: 11
traceparent: 00-ae9be5216ba292bfc639253c496ea1b8-9ba0ec2281019cc0-01
last-modified: Thu, 12 Jun 2025 08:53:28 GMT
etag: "8d0e250e690af03be5978f390c91b788"
x-amz-meta-mtime: 1749718408.105461212
expires: Thu, 12 Jun 2025 08:55:57 GMT
cache-control: max-age=60
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

GET v3.traincdn.com/sys-static/shared-assets/__shared_libphonenumber_js_Q6RMKWT6.js

185.244.209.62

200 OK

159 kB

URL

v3.traincdn.com/sys-static/shared-assets/__shared_libphonenumber_js_Q6RMKWT6.js

IP / ASN

185.244.209.62

#199524 G-Core Labs S.A.

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeASCII text, with very long lines (65509)

First Seen2025-05-14

Last Seen2025-08-02

Times Seen1463

Size159 kB (158815 bytes)

MD51da464d70e78b04b9b808e82e4ad9487

SHA10c79e65516d1525ecb43d13cfb4ccb0631095a28

SHA256b4c72b8036ca6767ab61490178f901538646f2aa1001cb042caa134174a41595

Certificate Info

IssuerSectigo Limited

Subject*.traincdn.com

Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA

ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

HTTP Headers

GET /sys-static/shared-assets/__shared_libphonenumber_js_Q6RMKWT6.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-873858.world
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:39 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-b77df8f018f5414e0cd5e54ed97c8c44-307aedcb8874eb96-01
last-modified: Thu, 12 Jun 2025 05:46:34 GMT
etag: W/"1da464d70e78b04b9b808e82e4ad9487"
x-amz-meta-mtime: 1749706870.553752853
content-encoding: gzip
expires: Fri, 13 Jun 2025 08:08:53 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 23349
cache: HIT
x-cached-since: 2025-06-12T08:15:30+00:00
X-Firefox-Spdy: h2

GET 1xlite-873858.world/hd-api/external/assets/hdf.js

91.186.206.101

200 OK

4.1 kB

URL

1xlite-873858.world/hd-api/external/assets/hdf.js

IP / ASN

91.186.206.101

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeC++ source, ASCII text, with very long lines (874)

First Seen2025-06-05

Last Seen2025-07-24

Times Seen1121

Size4.1 kB (4083 bytes)

MD540eaa62ed21bd753172f4c307e2a41d0

SHA1f7b03c6b004562311c8ca00466179629738b2a40

SHA25660fed8cb321dc09e4e1d910b5822bd8f67d53d0962a41ddc9f5ac33edd4e2213

Certificate Info

IssuerLet's Encrypt

Subject1xlite-873858.world

Fingerprint00:0C:E2:41:66:9C:66:FC:9D:9B:1D:78:F5:33:D3:B8:4E:51:BD:57

ValidityTue, 29 Apr 2025 11:29:46 GMT - Mon, 28 Jul 2025 11:29:45 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /hd-api/external/assets/hdf.js HTTP/1.1
Host: 1xlite-873858.world
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-873858.world/en/block
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_87653m_3030c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5D%7Badspot_id%7D_d26691_l14299_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_87653m_3030c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5D%7Badspot_id%7D_d26691_l14299_clickunder; postback_watcher=%7B%22tag%22%3A%22d_87653m_3030c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5D%7Badspot_id%7D_d26691_l14299_clickunder%22%2C%22pb%22%3A%22b3ec284c1a7a4c4aa92f9fa5f651e8ba%22%2C%22click_id%22%3A%22RznZH4qTZSQrYVLaGNUg_wiYSa799b%7Badspot_id%7D498648faglh%7Bclick_id%7D%22%7D; auid=W7rOZWhK59W51tiFAwPkAg==; window_width=1280; che_g=1c6a20dc-b553-4bd0-0abd-73d81e144eda; SESSION=0fc45ba2f8f86275ef5d59144e622c2a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:48 GMT
content-type: text/javascript; charset=utf-8
content-length: 1620
cache-control: public, max-age=300
content-encoding: gzip
etag: 40eaa62ed21bd753172f4c307e2a41d0
vary: Accept-Encoding
x-dt: 455
x-request-guid: b5771a423be30fd8f95fa9c92dfe73d0
x-time-ng: 0.009
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=0.009, wf-uht;dur=
accept-ranges: bytes
X-Firefox-Spdy: h2

GET v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/83804de8d1.js

185.244.209.62

200 OK

2.4 kB

URL

v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/83804de8d1.js

IP / ASN

185.244.209.62

#199524 G-Core Labs S.A.

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeJavaScript source, ASCII text, with very long lines (2401)

First Seen2025-06-11

Last Seen2025-06-18

Times Seen109

Size2.4 kB (2402 bytes)

MD56a11f0c76b1be97a59e814bb3c8caf63

SHA1c1b58b6aec8e50953bba65a99ff56cdb7a66648e

SHA2565de12d39fb07632046ff1b636373b183a8e81556b150df38b0acc72845e45fa1

Certificate Info

IssuerSectigo Limited

Subject*.traincdn.com

Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA

ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

HTTP Headers

GET /sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/83804de8d1.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-873858.world
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:40 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-c35c9b735efcca075b34475d4b11cb98-a2f09ab8dc11a27f-01
last-modified: Wed, 11 Jun 2025 10:23:53 GMT
etag: W/"6a11f0c76b1be97a59e814bb3c8caf63"
x-amz-meta-mtime: 1749637066.114325195
content-encoding: gzip
expires: Fri, 13 Jun 2025 02:43:19 GMT
cache-control: max-age=86400
x-time-ng: 0.013
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 43281
cache: HIT
x-cached-since: 2025-06-12T02:43:19+00:00
X-Firefox-Spdy: h2

GET www.googletagmanager.com/gtag/destination?id=AW-16664555628&cx=c&gtm=45He56b0h2v9180563600za200&tag_exp=101509157~102015666~103116026~103200004~103233427~103351869~103351871~104617979~104617981~104661466~104661468

142.250.74.168

200 OK

356 kB

URL

www.googletagmanager.com/gtag/destination?id=AW-16664555628&cx=c&gtm=45He56b0h2v9180563600za200&tag_exp=101509157~102015666~103116026~103200004~103233427~103351869~103351871~104617979~104617981~104661466~104661468

IP / ASN

142.250.74.168

#15169 GOOGLE

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeJavaScript source, ASCII text, with very long lines (5913)

First Seen2025-06-12

Last Seen2025-06-12

Times Seen1

Size356 kB (355887 bytes)

MD5b8edd7e7c99f41aaf8f4e96b45042698

SHA16957a629cada83996ce50889adad49bc5113b0b3

SHA256c86fd091fbd5d8339c398ae86a2f02dfc1d46aa2591cc272bc2929d661dcfcd2

Certificate Info

IssuerGoogle Trust Services

Subject*.google-analytics.com

Fingerprint10:76:57:2F:C3:21:F2:5F:71:E4:85:A5:DB:F7:65:3F:51:03:55:07

ValidityMon, 12 May 2025 08:42:57 GMT - Mon, 04 Aug 2025 08:42:56 GMT

HTTP Headers

GET /gtag/destination?id=AW-16664555628&cx=c&gtm=45He56b0h2v9180563600za200&tag_exp=101509157~102015666~103116026~103200004~103233427~103351869~103351871~104617979~104617981~104661466~104661468 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-873858.world/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 12 Jun 2025 14:44:50 GMT
expires: Thu, 12 Jun 2025 14:44:50 GMT
cache-control: private, max-age=900
last-modified: Thu, 12 Jun 2025 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcysghrgc:42:0
report-to: {"group":"ascgcysghrgc:42:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
server: Google Tag Manager
content-length: 120939
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET v3.traincdn.com/main-static/e6b170ce/desktop/default/vendors/plugins.v-tooltip-676f1837.js

185.244.209.62

200 OK

77 kB

URL

v3.traincdn.com/main-static/e6b170ce/desktop/default/vendors/plugins.v-tooltip-676f1837.js

IP / ASN

185.244.209.62

#199524 G-Core Labs S.A.

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeJavaScript source, ASCII text, with very long lines (65476)

First Seen2025-06-11

Last Seen2025-06-17

Times Seen100

Size77 kB (76622 bytes)

MD5ff624a7b4d6af62165edebc6dc7d87e7

SHA1905f9edbda508fa0ca92a7262f438038ccf226a5

SHA256ba532407a871f07ff4d23e6e940229651a6b18c1336f9bcdc2ea35a2e2161323

Certificate Info

IssuerSectigo Limited

Subject*.traincdn.com

Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA

ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

HTTP Headers

GET /main-static/e6b170ce/desktop/default/vendors/plugins.v-tooltip-676f1837.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-873858.world/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:39 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-e436ea43a10dfbb43128ca5885c2064a-4cc52502de86067d-01
last-modified: Thu, 12 Jun 2025 08:51:05 GMT
etag: W/"ff624a7b4d6af62165edebc6dc7d87e7"
x-amz-meta-mtime: 1749718261.860055239
content-encoding: gzip
expires: Fri, 13 Jun 2025 09:02:34 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 20317
cache: HIT
x-cached-since: 2025-06-12T09:06:02+00:00
X-Firefox-Spdy: h2

GET v3.traincdn.com/genfiles/site-admin/colors/11fcf67d96d7d317c64c54b46d5ec44f.css

185.244.209.62

200 OK

40 kB

URL

v3.traincdn.com/genfiles/site-admin/colors/11fcf67d96d7d317c64c54b46d5ec44f.css

IP / ASN

185.244.209.62

#199524 G-Core Labs S.A.

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeASCII text, with very long lines (39742), with no line terminators

First Seen2025-06-10

Last Seen2025-07-16

Times Seen546

Size40 kB (39742 bytes)

MD511fcf67d96d7d317c64c54b46d5ec44f

SHA1abf4e85e9e932ed64412f46ff590b39a87e26cb9

SHA25696ec24e0f388bf29d22bc262d0ed8aecf4582efa4d2031a06566442663f68658

Certificate Info

IssuerSectigo Limited

Subject*.traincdn.com

Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA

ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

HTTP Headers

GET /genfiles/site-admin/colors/11fcf67d96d7d317c64c54b46d5ec44f.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-873858.world/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:39 GMT
content-type: text/css
traceparent: 00-1e1671141ff11dc99a95dfc546ee0089-4106951e38d2711e-01
last-modified: Thu, 12 Jun 2025 10:21:10 GMT
etag: W/"11fcf67d96d7d317c64c54b46d5ec44f"
cache-control: max-age=3600
content-encoding: gzip
expires: Thu, 12 Jun 2025 11:48:12 GMT
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 1435
cache: HIT
x-cached-since: 2025-06-12T14:20:44+00:00
X-Firefox-Spdy: h2

GET v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_coupon/en/dictionary_945fd4a8d44260b2cdfe61dd0f83faa4.json

185.244.209.62

200 OK

27 kB

URL

v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_coupon/en/dictionary_945fd4a8d44260b2cdfe61dd0f83faa4.json

IP / ASN

185.244.209.62

#199524 G-Core Labs S.A.

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeJSON text data

First Seen2025-06-11

Last Seen2025-06-16

Times Seen98

Size27 kB (26721 bytes)

MD5cc8f38014b9a73d843f59df14e1be17b

SHA12ee86c36f0adb5b9786b44437f347cfb3345ff22

SHA2562cd15e3cc3b59839872989ee7115e4c16371db02c3a1464db3edf7123c67f3cc

Certificate Info

IssuerSectigo Limited

Subject*.traincdn.com

Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA

ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

HTTP Headers

GET /genfiles/web-app-v2/dictionary2/v3_coupon/en/dictionary_945fd4a8d44260b2cdfe61dd0f83faa4.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-873858.world/
Origin: https://1xlite-873858.world
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:39 GMT
content-type: application/json; charset=utf-8
traceparent: 00-c3a218d0bd202178d182b2022fcc9201-f22aaad3e3f3d32d-01
last-modified: Wed, 11 Jun 2025 10:06:49 GMT
etag: W/"cc8f38014b9a73d843f59df14e1be17b"
cache-control: max-age=3600
content-encoding: gzip
expires: Wed, 11 Jun 2025 11:32:21 GMT
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 3249
cache: HIT
x-cached-since: 2025-06-12T13:50:30+00:00
X-Firefox-Spdy: h2

GET v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/ac02f639a86763a884adc5615fe65e72.json

185.244.209.62

200 OK

14 kB

URL

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/ac02f639a86763a884adc5615fe65e72.json

IP / ASN

185.244.209.62

#199524 G-Core Labs S.A.

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeJSON text data

First Seen2025-02-27

Last Seen2025-08-02

Times Seen1578

Size14 kB (14232 bytes)

MD5811ce3b7877d19901e45430cb6523d62

SHA116a905115a678fdef3923f91c6f76cbab613e84d

SHA25610fbb74dbac63abfe9c4f5a77abc03757ef3527a479d4ae70dc977b515eec8cb

Certificate Info

IssuerSectigo Limited

Subject*.traincdn.com

Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA

ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/ac02f639a86763a884adc5615fe65e72.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-873858.world/
Origin: https://1xlite-873858.world
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:39 GMT
content-type: application/json
traceparent: 00-51f67087bfb9c380e9de1a33079b27c5-d2719890b2c4c1d8-01
last-modified: Thu, 27 Feb 2025 09:04:01 GMT
etag: W/"811ce3b7877d19901e45430cb6523d62"
content-encoding: gzip
expires: Thu, 27 Feb 2025 10:17:13 GMT
cache-control: max-age=3600
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 1928
cache: HIT
x-cached-since: 2025-06-12T14:12:31+00:00
X-Firefox-Spdy: h2

GET v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/entry-c3a5232530.js

185.244.209.62

200 OK

21 kB

URL

v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/entry-c3a5232530.js

IP / ASN

185.244.209.62

#199524 G-Core Labs S.A.

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (20628)

First Seen2025-06-11

Last Seen2025-06-18

Times Seen109

Size21 kB (21168 bytes)

MD51ec295db016c12c2ce14a413608d2644

SHA1924bc1002e1a3949c4a79d23acf5383cbae4886c

SHA25607b560d3a9f4f1302996bd086a1e1befbdc412447627db3fae16716f235ba9e0

Certificate Info

IssuerSectigo Limited

Subject*.traincdn.com

Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA

ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

HTTP Headers

GET /sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/entry-c3a5232530.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-873858.world
DNT: 1
Connection: keep-alive
Referer: https://1xlite-873858.world/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:39 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-a69117e8db899baed9e30d1009fe9e43-10c101aa3e501586-01
last-modified: Wed, 11 Jun 2025 10:23:53 GMT
etag: W/"1ec295db016c12c2ce14a413608d2644"
x-amz-meta-mtime: 1749637066.112325129
content-encoding: gzip
expires: Fri, 13 Jun 2025 02:43:18 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 43281
cache: HIT
x-cached-since: 2025-06-12T02:43:18+00:00
X-Firefox-Spdy: h2

GET v3.traincdn.com/sys-static/shared-assets/Desktop/__shared_base-app_9100f09beb.js

185.244.209.62

200 OK

792 kB

URL

v3.traincdn.com/sys-static/shared-assets/Desktop/__shared_base-app_9100f09beb.js

IP / ASN

185.244.209.62

#199524 G-Core Labs S.A.

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeJavaScript source, ASCII text, with very long lines (22825)

First Seen2025-06-11

Last Seen2025-06-18

Times Seen127

Size792 kB (791676 bytes)

MD5f371fd97d4fc0bc36fef3fbb06f1a125

SHA149f5549ccdd16fab43acfba8c06f7a532e7c9e7b

SHA256997647adbe5bd9cf32041ad95e4b568bdcea347a4f4ba9da37a0e02a5c028d34

Certificate Info

IssuerSectigo Limited

Subject*.traincdn.com

Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA

ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

HTTP Headers

GET /sys-static/shared-assets/Desktop/__shared_base-app_9100f09beb.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-873858.world
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:39 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-9c1f03df6f1054c4987bf09963b4f0e6-eb481ec542e41def-01
last-modified: Thu, 12 Jun 2025 07:48:38 GMT
etag: W/"f371fd97d4fc0bc36fef3fbb06f1a125"
x-amz-meta-mtime: 1749714310.238688093
content-encoding: gzip
expires: Fri, 13 Jun 2025 09:54:17 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 16733
cache: HIT
x-cached-since: 2025-06-12T10:05:46+00:00
X-Firefox-Spdy: h2

GET v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2

185.244.209.62

200 OK

64 kB

URL

v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2

IP / ASN

185.244.209.62

#199524 G-Core Labs S.A.

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeWeb Open Font Format (Version 2), TrueType, length 63748, version 1.0

First Seen2023-06-14

Last Seen2025-08-02

Times Seen5342

Size64 kB (63748 bytes)

MD56887b6f24414dbc612dbf42ccdc76b70

SHA18068d3abfbc6cbf35b55919da45b1f4d2d136238

SHA256fc5c015fc32518f1ed810fa84ca28941eb9d5a3c81acc8df69a4dbbeedef7b0c

Certificate Info

IssuerSectigo Limited

Subject*.traincdn.com

Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA

ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

HTTP Headers

GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-873858.world
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:49 GMT
content-type: font/woff2
content-length: 63748
traceparent: 00-d77e257e33be22d19019402c3abf1fbb-1bb85edb13e0a3b9-01
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "6887b6f24414dbc612dbf42ccdc76b70"
expires: Thu, 16 Jan 2025 10:32:14 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 642
cache: HIT
x-cached-since: 2025-06-12T14:34:07+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

GET v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2

185.244.209.62

200 OK

64 kB

URL

v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2

IP / ASN

185.244.209.62

#199524 G-Core Labs S.A.

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeWeb Open Font Format (Version 2), TrueType, length 63920, version 1.0

First Seen2023-05-07

Last Seen2025-08-02

Times Seen5252

Size64 kB (63920 bytes)

MD5a65527fcb58f66a7cfbc0e6b160538b4

SHA145d260e7fa343401b5bb0df982a014f53e2d253b

SHA256fb13c3a1cbac60649b76f7d7f85c1645d35ac69b85ce5f4eb0692505ecc2cd45

Certificate Info

IssuerSectigo Limited

Subject*.traincdn.com

Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA

ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

HTTP Headers

GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-873858.world
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:49 GMT
content-type: font/woff2
content-length: 63920
traceparent: 00-9cb7f10f650ea2569415646050fc73e1-2fefa508b11a5e67-01
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "a65527fcb58f66a7cfbc0e6b160538b4"
expires: Thu, 16 Jan 2025 10:45:34 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 3354
cache: HIT
x-cached-since: 2025-06-12T13:48:55+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

GET www.googletagmanager.com/gtag/destination?id=DC-14030178&cx=c&gtm=45He56b0h2v9180563600za200&tag_exp=101509157~102015666~103116026~103200004~103233427~103351869~103351871~104617979~104617981~104661466~104661468

142.250.74.168

200 OK

306 kB

URL

www.googletagmanager.com/gtag/destination?id=DC-14030178&cx=c&gtm=45He56b0h2v9180563600za200&tag_exp=101509157~102015666~103116026~103200004~103233427~103351869~103351871~104617979~104617981~104661466~104661468

IP / ASN

142.250.74.168

#15169 GOOGLE

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeJavaScript source, ASCII text, with very long lines (5913)

First Seen2025-06-12

Last Seen2025-06-12

Times Seen1

Size306 kB (305461 bytes)

MD571e0b59cc7dcddd7859cd69239bc75d2

SHA18728057b6b203d1b2132d6ac09a821b110dbbcbd

SHA25648c168e74d7329ee2f7549efd3031772d509566a7d95f1fcf34a76f9cccb5829

Certificate Info

IssuerGoogle Trust Services

Subject*.google-analytics.com

Fingerprint10:76:57:2F:C3:21:F2:5F:71:E4:85:A5:DB:F7:65:3F:51:03:55:07

ValidityMon, 12 May 2025 08:42:57 GMT - Mon, 04 Aug 2025 08:42:56 GMT

HTTP Headers

GET /gtag/destination?id=DC-14030178&cx=c&gtm=45He56b0h2v9180563600za200&tag_exp=101509157~102015666~103116026~103200004~103233427~103351869~103351871~104617979~104617981~104661466~104661468 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-873858.world/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 12 Jun 2025 14:44:50 GMT
expires: Thu, 12 Jun 2025 14:44:50 GMT
cache-control: private, max-age=900
last-modified: Thu, 12 Jun 2025 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcysghrgc:42:0
report-to: {"group":"ascgcysghrgc:42:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
server: Google Tag Manager
content-length: 106861
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET 1xlite-873858.world/main-static/e6b170ce/check-ob.js

91.186.206.101

200 OK

219 B

URL

1xlite-873858.world/main-static/e6b170ce/check-ob.js

IP / ASN

91.186.206.101

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeJavaScript source, ASCII text

First Seen2024-07-17

Last Seen2025-08-02

Times Seen2583

Size219 B (219 bytes)

MD5c065700c9c8c493403359e1f2baa10d9

SHA14630fe729e70bdf63fa7ba6c84ec277fd1f51030

SHA2561e61f0c82ae82ffcf503fcd4b4c8ae27b32c11e19b882d5d13f3c44364c893f4

Certificate Info

IssuerLet's Encrypt

Subject1xlite-873858.world

Fingerprint00:0C:E2:41:66:9C:66:FC:9D:9B:1D:78:F5:33:D3:B8:4E:51:BD:57

ValidityTue, 29 Apr 2025 11:29:46 GMT - Mon, 28 Jul 2025 11:29:45 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /main-static/e6b170ce/check-ob.js HTTP/1.1
Host: 1xlite-873858.world
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-873858.world/en/block
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_87653m_3030c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5D%7Badspot_id%7D_d26691_l14299_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_87653m_3030c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5D%7Badspot_id%7D_d26691_l14299_clickunder; postback_watcher=%7B%22tag%22%3A%22d_87653m_3030c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5D%7Badspot_id%7D_d26691_l14299_clickunder%22%2C%22pb%22%3A%22b3ec284c1a7a4c4aa92f9fa5f651e8ba%22%2C%22click_id%22%3A%22RznZH4qTZSQrYVLaGNUg_wiYSa799b%7Badspot_id%7D498648faglh%7Bclick_id%7D%22%7D; auid=W7rOZWhK59W51tiFAwPkAg==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:38 GMT
content-type: text/javascript; charset=utf-8
content-length: 219
last-modified: Thu, 12 Jun 2025 08:53:28 GMT
etag: "c065700c9c8c493403359e1f2baa10d9"
x-amz-meta-mtime: 1749718407.557455909
expires: Fri, 13 Jun 2025 14:29:04 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
accept-ranges: bytes
X-Firefox-Spdy: h2

GET v3.traincdn.com/main-static/e6b170ce/desktop/default/vendors/plugins.vue-notification-58c4917a.js

185.244.209.62

200 OK

13 kB

URL

v3.traincdn.com/main-static/e6b170ce/desktop/default/vendors/plugins.vue-notification-58c4917a.js

IP / ASN

185.244.209.62

#199524 G-Core Labs S.A.

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeJavaScript source, ASCII text, with very long lines (12563), with no line terminators

First Seen2025-06-11

Last Seen2025-06-17

Times Seen100

Size13 kB (12563 bytes)

MD5e3a109633ace6ab35b7725a9ce258d1e

SHA11427875a18593fc516851d95dfbe46e440e73280

SHA256d6886d00d9f912602d05c2d4aa336c6558441c6228faad77da7916e7b0e6d082

Certificate Info

IssuerSectigo Limited

Subject*.traincdn.com

Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA

ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

HTTP Headers

GET /main-static/e6b170ce/desktop/default/vendors/plugins.vue-notification-58c4917a.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-873858.world/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:39 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-2850342f21bf1a9ff17239b47f490642-dc948061f4ca8988-01
last-modified: Thu, 12 Jun 2025 08:51:05 GMT
etag: W/"e3a109633ace6ab35b7725a9ce258d1e"
x-amz-meta-mtime: 1749718261.860055239
content-encoding: gzip
expires: Fri, 13 Jun 2025 09:02:34 GMT
cache-control: max-age=86400
x-time-ng: 0.001
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 20317
cache: HIT
x-cached-since: 2025-06-12T09:06:02+00:00
X-Firefox-Spdy: h2

GET v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/a1c3d1930127b405102a4616863435b5.json

185.244.209.62

200 OK

2.9 kB

URL

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/a1c3d1930127b405102a4616863435b5.json

IP / ASN

185.244.209.62

#199524 G-Core Labs S.A.

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeJSON text data

First Seen2025-06-05

Last Seen2025-07-21

Times Seen657

Size2.9 kB (2853 bytes)

MD5f9867cd5bf362d5d518027321410c262

SHA1c8152b1f17123f07b027c8ab359062dc5f7c1456

SHA256baa9a4f415e8e8b95c2269ac32d20c6850852d9973e47937440e2761a6d8ee65

Certificate Info

IssuerSectigo Limited

Subject*.traincdn.com

Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA

ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/a1c3d1930127b405102a4616863435b5.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-873858.world/
Origin: https://1xlite-873858.world
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:40 GMT
content-type: application/json
traceparent: 00-f7673cb4c7c81fca0e1279a09289a7ec-3f345ff953e51f45-01
last-modified: Thu, 05 Jun 2025 12:29:20 GMT
etag: W/"f9867cd5bf362d5d518027321410c262"
content-encoding: gzip
expires: Thu, 05 Jun 2025 13:42:00 GMT
cache-control: max-age=3600
x-time-ng: 0.001
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 1928
cache: HIT
x-cached-since: 2025-06-12T14:12:32+00:00
X-Firefox-Spdy: h2

GET 1xlite-873858.world/hd-api/external/apps/c5e31d5915661de4393e3f1489b00ebc4497dd48/api.js

91.186.206.101

200 OK

760 B

URL

1xlite-873858.world/hd-api/external/apps/c5e31d5915661de4393e3f1489b00ebc4497dd48/api.js

IP / ASN

91.186.206.101

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeJavaScript source, ASCII text, with very long lines (759)

First Seen2025-05-21

Last Seen2025-07-24

Times Seen1326

Size760 B (760 bytes)

MD50b911773e0df627d77f8306c86e228aa

SHA10d584bb1a3294e4fe42df4582dcc8a2c8f77f7bb

SHA25601e4926540498a77d866259516007d41fae1213ab9607db826f011d926fd6006

Certificate Info

IssuerLet's Encrypt

Subject1xlite-873858.world

Fingerprint00:0C:E2:41:66:9C:66:FC:9D:9B:1D:78:F5:33:D3:B8:4E:51:BD:57

ValidityTue, 29 Apr 2025 11:29:46 GMT - Mon, 28 Jul 2025 11:29:45 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /hd-api/external/apps/c5e31d5915661de4393e3f1489b00ebc4497dd48/api.js HTTP/1.1
Host: 1xlite-873858.world
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-873858.world/en/block
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_87653m_3030c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5D%7Badspot_id%7D_d26691_l14299_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_87653m_3030c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5D%7Badspot_id%7D_d26691_l14299_clickunder; postback_watcher=%7B%22tag%22%3A%22d_87653m_3030c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5D%7Badspot_id%7D_d26691_l14299_clickunder%22%2C%22pb%22%3A%22b3ec284c1a7a4c4aa92f9fa5f651e8ba%22%2C%22click_id%22%3A%22RznZH4qTZSQrYVLaGNUg_wiYSa799b%7Badspot_id%7D498648faglh%7Bclick_id%7D%22%7D; auid=W7rOZWhK59W51tiFAwPkAg==; window_width=1280; che_g=1c6a20dc-b553-4bd0-0abd-73d81e144eda; SESSION=0fc45ba2f8f86275ef5d59144e622c2a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:47 GMT
content-type: text/javascript; charset=utf-8
content-length: 492
cache-control: public, max-age=300
content-encoding: gzip
etag: 0b911773e0df627d77f8306c86e228aa
vary: Accept-Encoding
x-dt: 455
x-request-guid: 0c226d4e00018528cb1b2ef87a1dc0c3
x-time-ng: 0.001
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=0.009, wf-uht;dur=
accept-ranges: bytes
X-Firefox-Spdy: h2

GET v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_main/en/dictionary_5618b5004b616492ed8515454eab56f1.json

185.244.209.62

200 OK

137 kB

URL

v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_main/en/dictionary_5618b5004b616492ed8515454eab56f1.json

IP / ASN

185.244.209.62

#199524 G-Core Labs S.A.

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeJSON text data

First Seen2025-06-11

Last Seen2025-06-13

Times Seen28

Size137 kB (137137 bytes)

MD52c809c3fa5d9e0846fd7fbbc540ddcf6

SHA10e7d6e8b5e29e71990578f70fa2b19f69cb79afb

SHA256b1bc9b78ddbe278f47c1a5e641ce6b64f8bb8e91218cc526106e8f671e54191f

Certificate Info

IssuerSectigo Limited

Subject*.traincdn.com

Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA

ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

HTTP Headers

GET /genfiles/web-app-v2/dictionary2/v3_main/en/dictionary_5618b5004b616492ed8515454eab56f1.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-873858.world/
Origin: https://1xlite-873858.world
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:39 GMT
content-type: application/json; charset=utf-8
traceparent: 00-bdec8f141df270d15849bf733006ec48-157bb536479479f8-01
last-modified: Wed, 11 Jun 2025 16:06:43 GMT
etag: W/"2c809c3fa5d9e0846fd7fbbc540ddcf6"
cache-control: max-age=3600
content-encoding: gzip
expires: Wed, 11 Jun 2025 17:40:37 GMT
x-time-ng: 0.001
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 3343
cache: HIT
x-cached-since: 2025-06-12T13:48:56+00:00
X-Firefox-Spdy: h2

GET v3.traincdn.com/sys-static/shared-assets/__shared_localforage_FJKG5M2E.js

185.244.209.62

200 OK

30 kB

URL

v3.traincdn.com/sys-static/shared-assets/__shared_localforage_FJKG5M2E.js

IP / ASN

185.244.209.62

#199524 G-Core Labs S.A.

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeJavaScript source, ASCII text, with very long lines (30255)

First Seen2025-05-14

Last Seen2025-08-02

Times Seen1463

Size30 kB (30277 bytes)

MD502cf95f00794b77df34632e34a59c5be

SHA1b64889fb6cbe78a141688ea761a627997ef8a8af

SHA256bf78b7b3dd6ecbdea04c575edfb6022ed1b2e98c7a9cb9f02ab851ca638f1b83

Certificate Info

IssuerSectigo Limited

Subject*.traincdn.com

Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA

ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

HTTP Headers

GET /sys-static/shared-assets/__shared_localforage_FJKG5M2E.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-873858.world
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:40 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-32fd66cb0a4f6814d18bbad45c8d3d4f-e2cf92168baddf1c-01
last-modified: Thu, 12 Jun 2025 05:46:34 GMT
etag: W/"02cf95f00794b77df34632e34a59c5be"
x-amz-meta-mtime: 1749706870.553752853
content-encoding: gzip
expires: Fri, 13 Jun 2025 08:08:56 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 23349
cache: HIT
x-cached-since: 2025-06-12T08:15:31+00:00
X-Firefox-Spdy: h2

GET refpamjeql.top/L?tag=d_87653m_3030c_[]MS[]null[]null[]{adspot_id}_d26691_l14299_clickunder&pb=b3ec284c1a7a4c4aa92f9fa5f651e8ba&click_id=RznZH4qTZSQrYVLaGNUg_wiYSa799b{adspot_id}498648faglh{click_id}

45.135.120.31

303 See Other

271 kB

URL

refpamjeql.top/L?tag=d_87653m_3030c_[]MS[]null[]null[]{adspot_id}_d26691_l14299_clickunder&pb=b3ec284c1a7a4c4aa92f9fa5f651e8ba&click_id=RznZH4qTZSQrYVLaGNUg_wiYSa799b{adspot_id}498648faglh{click_id}

IP / ASN

45.135.120.31

#56630 Melbikomas UAB

Requested byN/A

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-02

Times Seen5609172

Size271 kB (270957 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerLet's Encrypt

Subjectrefpamjeql.top

Fingerprint83:81:FE:BA:52:2B:76:6B:B2:1D:F2:D9:9C:47:2A:49:C6:18:61:B8

ValidityMon, 14 Apr 2025 05:21:37 GMT - Sun, 13 Jul 2025 05:21:36 GMT

HTTP Headers

GET /L?tag=d_87653m_3030c_[]MS[]null[]null[]{adspot_id}_d26691_l14299_clickunder&pb=b3ec284c1a7a4c4aa92f9fa5f651e8ba&click_id=RznZH4qTZSQrYVLaGNUg_wiYSa799b{adspot_id}498648faglh{click_id} HTTP/1.1
Host: refpamjeql.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 303 See Other
server: nginx
date: Thu, 12 Jun 2025 14:44:37 GMT
location: https://1xlite-873858.world:443/en?tag=d_87653m_3030c_[]MS[]null[]null[]{adspot_id}_d26691_l14299_clickunder&pb=b3ec284c1a7a4c4aa92f9fa5f651e8ba&click_id=RznZH4qTZSQrYVLaGNUg_wiYSa799b{adspot_id}498648faglh{click_id}
set-cookie: A_3030_v=0; expires=Fri, 13 Jun 2025 14:44:37 GMT; path=/; secure
A_3030_c=1; expires=Fri, 13 Jun 2025 14:44:37 GMT; path=/; secure
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.001
X-Firefox-Spdy: h2

GET v3.traincdn.com/main-static/e6b170ce/desktop/default/DC-d8610509.js

185.244.209.62

200 OK

2.7 kB

URL

v3.traincdn.com/main-static/e6b170ce/desktop/default/DC-d8610509.js

IP / ASN

185.244.209.62

#199524 G-Core Labs S.A.

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeJavaScript source, ASCII text, with very long lines (2653), with no line terminators

First Seen2025-06-11

Last Seen2025-06-17

Times Seen100

Size2.7 kB (2653 bytes)

MD5d9d8717c3e1aa56e4ea0ae354d8ca330

SHA158c19cc951dff928577b9862b07212006d947540

SHA25671e0a53dd16e3b05b31a43aaa7a46f912c4a2c46c1f654965db57f43d111ea1c

Certificate Info

IssuerSectigo Limited

Subject*.traincdn.com

Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA

ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

HTTP Headers

GET /main-static/e6b170ce/desktop/default/DC-d8610509.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-873858.world/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:39 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-54f541cbe7f1f8228ffe31396323a9ba-6dc2d25f85e91e07-01
last-modified: Thu, 12 Jun 2025 08:51:02 GMT
etag: W/"d9d8717c3e1aa56e4ea0ae354d8ca330"
x-amz-meta-mtime: 1749718261.844055083
content-encoding: gzip
expires: Fri, 13 Jun 2025 09:02:34 GMT
cache-control: max-age=86400
x-time-ng: 0.001
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 20316
cache: HIT
x-cached-since: 2025-06-12T09:06:03+00:00
X-Firefox-Spdy: h2

GET www.googletagmanager.com/gtm.js?id=GTM-KFGPRJ2V

142.250.74.168

200 OK

342 kB

URL

www.googletagmanager.com/gtm.js?id=GTM-KFGPRJ2V

IP / ASN

142.250.74.168

#15169 GOOGLE

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (4828)

First Seen2025-06-12

Last Seen2025-06-12

Times Seen1

Size342 kB (342458 bytes)

MD56fca5813354abd94989b80574aeb87be

SHA19ce2335f8625d19015be080662de3faa17f6fcf0

SHA2560639a48780334df608c1c5562a0a97339ae76069d51acf21c81a3feb741a846f

Certificate Info

IssuerGoogle Trust Services

Subject*.google-analytics.com

Fingerprint10:76:57:2F:C3:21:F2:5F:71:E4:85:A5:DB:F7:65:3F:51:03:55:07

ValidityMon, 12 May 2025 08:42:57 GMT - Mon, 04 Aug 2025 08:42:56 GMT

HTTP Headers

GET /gtm.js?id=GTM-KFGPRJ2V HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-873858.world/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 12 Jun 2025 14:44:50 GMT
expires: Thu, 12 Jun 2025 14:44:50 GMT
cache-control: private, max-age=900
last-modified: Thu, 12 Jun 2025 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1319:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1319:0
report-to: {"group":"ascgcycc:1319:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1319:0"}],}
server: Google Tag Manager
content-length: 119276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET radar.cedexis.com/1707728419/stub.js

45.54.49.5

200 OK

390 B

URL

radar.cedexis.com/1707728419/stub.js

IP / ASN

45.54.49.5

#63911 NetActuate, Inc

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeJavaScript source, ASCII text

First Seen2024-02-13

Last Seen2025-08-02

Times Seen3394

Size390 B (390 bytes)

MD582dec77fd0353c7c71ce053b8601387e

SHA1fbbca95419e1d0c042e0a5fdf10f380aca66188c

SHA25639f2b7b0fa78d37d0c84d2d6618bd635d86fd683d9bcdd5729850cb2a62522f7

Certificate Info

IssuerDigiCert Inc

Subjectradar.cedexis.com

FingerprintA2:3E:30:19:D5:41:3A:11:81:58:E3:B1:6F:F4:D2:78:0B:44:6F:D0

ValidityFri, 07 Mar 2025 00:00:00 GMT - Fri, 06 Mar 2026 23:59:59 GMT

HTTP Headers

GET /1707728419/stub.js HTTP/1.1
Host: radar.cedexis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-873858.world/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 12 Jun 2025 14:44:50 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 12 Feb 2024 09:50:42 GMT
Vary: Accept-Encoding
ETag: W/"65c9e9f2-186"
Expires: Thu, 26 Jun 2025 14:44:50 GMT
Cache-Control: max-age=1209600, public
Content-Encoding: gzip

GET v3.traincdn.com/main-static/e6b170ce/desktop/default/Page.Block-8b54715f.js

185.244.209.62

200 OK

476 B

URL

v3.traincdn.com/main-static/e6b170ce/desktop/default/Page.Block-8b54715f.js

IP / ASN

185.244.209.62

#199524 G-Core Labs S.A.

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeJavaScript source, ASCII text, with very long lines (476), with no line terminators

First Seen2025-06-11

Last Seen2025-06-17

Times Seen96

Size476 B (476 bytes)

MD5ccba684abc6529739bb0faa909e87f10

SHA17f2e2bb88350d341c77b618db5dfff34bdbc2d31

SHA2562304fe3ff45de8d3c6dcbadffd141d91b9450e83c190b6dc9f5c9519085b086f

Certificate Info

IssuerSectigo Limited

Subject*.traincdn.com

Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA

ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

HTTP Headers

GET /main-static/e6b170ce/desktop/default/Page.Block-8b54715f.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-873858.world/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:38 GMT
content-type: text/javascript; charset=utf-8
content-length: 476
traceparent: 00-f079d0f4530370551c7fb69207a2f17b-4395dade9d191596-01
last-modified: Thu, 12 Jun 2025 08:51:02 GMT
etag: "ccba684abc6529739bb0faa909e87f10"
x-amz-meta-mtime: 1749718261.844055083
expires: Fri, 13 Jun 2025 09:02:45 GMT
cache-control: max-age=86400
x-time-ng: 0.001
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 20291
cache: HIT
x-cached-since: 2025-06-12T09:06:27+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

GET v3.traincdn.com/main-static/e6b170ce/desktop/default/vendors/plugins.vue-js-modal-a7367d5f.js

185.244.209.62

200 OK

27 kB

URL

v3.traincdn.com/main-static/e6b170ce/desktop/default/vendors/plugins.vue-js-modal-a7367d5f.js

IP / ASN

185.244.209.62

#199524 G-Core Labs S.A.

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeJavaScript source, ASCII text, with very long lines (26667), with no line terminators

First Seen2025-06-11

Last Seen2025-06-17

Times Seen100

Size27 kB (26667 bytes)

MD5ea184fef8045cfc2109ed27110506628

SHA1da5f61af129425afa5d9e3576e21a7e172632f2a

SHA25689deaf3b58659a235ff30f7f9b202b4cd1986b22a9a9e75cf22f23bc2bddb4af

Certificate Info

IssuerSectigo Limited

Subject*.traincdn.com

Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA

ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

HTTP Headers

GET /main-static/e6b170ce/desktop/default/vendors/plugins.vue-js-modal-a7367d5f.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-873858.world/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:39 GMT
content-type: text/javascript; charset=utf-8
traceparent: 00-9a1d503ed737edbcdc5f953d58df94b6-9dd03cd2bea432a9-01
last-modified: Thu, 12 Jun 2025 08:51:05 GMT
etag: W/"ea184fef8045cfc2109ed27110506628"
x-amz-meta-mtime: 1749718261.860055239
content-encoding: gzip
expires: Fri, 13 Jun 2025 09:02:34 GMT
cache-control: max-age=86400
x-time-ng: 0.001
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 20317
cache: HIT
x-cached-since: 2025-06-12T09:06:02+00:00
X-Firefox-Spdy: h2

GET v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/bfa3e9fd30e7d63c0906602f42c13468.json

185.244.209.62

200 OK

182 B

URL

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/bfa3e9fd30e7d63c0906602f42c13468.json

IP / ASN

185.244.209.62

#199524 G-Core Labs S.A.

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeJSON text data

First Seen2025-02-27

Last Seen2025-08-02

Times Seen1273

Size182 B (182 bytes)

MD50a64a07e9a34e8a5b5e97e80a10888c5

SHA182545cbc39b7dcc031dd10dea841a0b3698243d6

SHA2567201497e7e8cdf9d35bf6998e43dcde5feea535f9828ce3ee98785781016126c

Certificate Info

IssuerSectigo Limited

Subject*.traincdn.com

Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA

ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/bfa3e9fd30e7d63c0906602f42c13468.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-873858.world/
Origin: https://1xlite-873858.world
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:39 GMT
content-type: application/json
content-length: 182
traceparent: 00-76ed3abe41fc6cb11b8a677e2fd09d92-1b9b0f79be9579d5-01
last-modified: Thu, 27 Feb 2025 08:55:26 GMT
etag: "0a64a07e9a34e8a5b5e97e80a10888c5"
expires: Thu, 27 Feb 2025 10:17:13 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 1928
cache: HIT
x-cached-since: 2025-06-12T14:12:31+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

GET 1xlite-873858.world/bff-api/config/group/get?groups=d.technical&lang=en

91.186.206.101

200 OK

730 B

URL

1xlite-873858.world/bff-api/config/group/get?groups=d.technical&lang=en

IP / ASN

91.186.206.101

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeJSON text data

First Seen2025-05-14

Last Seen2025-07-18

Times Seen325

Size730 B (730 bytes)

MD511002f1dbd8a9420fc8b8ea06ac26f67

SHA168a8d4e1b90e7b598155d29c2a534c6a48d53883

SHA2565fba5a83c66c58ff7790c8157f9ed3bb4a24de81d9b7f2dd8d0b2421c4c80ccf

Certificate Info

IssuerLet's Encrypt

Subject1xlite-873858.world

Fingerprint00:0C:E2:41:66:9C:66:FC:9D:9B:1D:78:F5:33:D3:B8:4E:51:BD:57

ValidityTue, 29 Apr 2025 11:29:46 GMT - Mon, 28 Jul 2025 11:29:45 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /bff-api/config/group/get?groups=d.technical&lang=en HTTP/1.1
Host: 1xlite-873858.world
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-873858.world/en/block
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
x-svc-source: __TECHNICAL_PAGES_APP__
x-app-n: __TECHNICAL_PAGES_APP__
x-geoip2-country-code: ru
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_87653m_3030c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5D%7Badspot_id%7D_d26691_l14299_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_87653m_3030c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5D%7Badspot_id%7D_d26691_l14299_clickunder; postback_watcher=%7B%22tag%22%3A%22d_87653m_3030c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5D%7Badspot_id%7D_d26691_l14299_clickunder%22%2C%22pb%22%3A%22b3ec284c1a7a4c4aa92f9fa5f651e8ba%22%2C%22click_id%22%3A%22RznZH4qTZSQrYVLaGNUg_wiYSa799b%7Badspot_id%7D498648faglh%7Bclick_id%7D%22%7D; auid=W7rOZWhK59W51tiFAwPkAg==; window_width=1920; che_g=1c6a20dc-b553-4bd0-0abd-73d81e144eda
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:40 GMT
content-type: application/json
content-length: 730
cache-control: no-cache, private
server-timing: dt_total;dur=0.104, bff;dur=1.49, wf-uht;dur=0.014
x-cache-expire: 710
x-cache-hit: 1
x-dt: 285
x-pod: R-xhwbk
x-time-ng: 0.003
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

GET v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/56f58c6d078ff0e8f698576f33bb478d.json

185.244.209.62

200 OK

3.6 kB

URL

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/56f58c6d078ff0e8f698576f33bb478d.json

IP / ASN

185.244.209.62

#199524 G-Core Labs S.A.

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeJSON text data

First Seen2025-03-01

Last Seen2025-07-30

Times Seen1618

Size3.6 kB (3557 bytes)

MD54b08975411699bcd7464f49777e866bf

SHA12a9b0a0f3eadf5f3e1ef688bacd9560dd59c73d2

SHA256b6208d18413f8988db2e0040ff72516c0cb5e06d3d9692b5b098808ab46fc378

Certificate Info

IssuerSectigo Limited

Subject*.traincdn.com

Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA

ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/56f58c6d078ff0e8f698576f33bb478d.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-873858.world/
Origin: https://1xlite-873858.world
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:40 GMT
content-type: application/json
traceparent: 00-fb29608344eadc57963443baa499acb1-16a7c78abebfd8ea-01
last-modified: Thu, 27 Feb 2025 09:06:12 GMT
etag: W/"4b08975411699bcd7464f49777e866bf"
content-encoding: gzip
expires: Thu, 27 Feb 2025 10:17:14 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 1928
cache: HIT
x-cached-since: 2025-06-12T14:12:32+00:00
X-Firefox-Spdy: h2

GET v3.traincdn.com/main-static/e6b170ce/desktop/default/css/684d7545.css

185.244.209.62

200 OK

14 kB

URL

v3.traincdn.com/main-static/e6b170ce/desktop/default/css/684d7545.css

IP / ASN

185.244.209.62

#199524 G-Core Labs S.A.

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeASCII text, with very long lines (14391), with no line terminators

First Seen2025-03-26

Last Seen2025-06-24

Times Seen834

Size14 kB (14391 bytes)

MD5a552d5db890b7f16e370b33cc587e807

SHA1a9dc47737b3e1d8ef6fcbb48c7c0b026c6fda545

SHA2560d7e00204297499711ae1da574d4635b31d8238ab4a663b382c44d850d24f3ec

Certificate Info

IssuerSectigo Limited

Subject*.traincdn.com

Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA

ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

HTTP Headers

GET /main-static/e6b170ce/desktop/default/css/684d7545.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-873858.world/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:38 GMT
content-type: text/css; charset=utf-8
traceparent: 00-5535056f5d8fa1517ebb51d2848538b6-9d93530409d2d2a7-01
last-modified: Thu, 12 Jun 2025 08:51:05 GMT
etag: W/"a552d5db890b7f16e370b33cc587e807"
x-amz-meta-mtime: 1749718261.852055161
content-encoding: gzip
expires: Fri, 13 Jun 2025 09:02:33 GMT
cache-control: max-age=86400
x-time-ng: 0.001
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 20319
cache: HIT
x-cached-since: 2025-06-12T09:05:59+00:00
X-Firefox-Spdy: h2

GET v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_game/en/dictionary_c475e7b28b6b22307751b2c2c28273a7.json

185.244.209.62

200 OK

23 kB

URL

v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_game/en/dictionary_c475e7b28b6b22307751b2c2c28273a7.json

IP / ASN

185.244.209.62

#199524 G-Core Labs S.A.

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeJSON text data

First Seen2025-06-03

Last Seen2025-06-24

Times Seen324

Size23 kB (22559 bytes)

MD57889ae7db096d748d942dbf58bd893b6

SHA1e9fc563f031d510363a597702fd9c4ca070aa870

SHA256a5145ccfed8e62882a5e36ab1bacad3c6fd36f203bf8b37e0ec20298fe7df20c

Certificate Info

IssuerSectigo Limited

Subject*.traincdn.com

Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA

ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

HTTP Headers

GET /genfiles/web-app-v2/dictionary2/v3_game/en/dictionary_c475e7b28b6b22307751b2c2c28273a7.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-873858.world/
Origin: https://1xlite-873858.world
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:39 GMT
content-type: application/json; charset=utf-8
traceparent: 00-62d1d128fb44c50e7b5cb45141d35a0d-d13c382d4f39181c-01
last-modified: Tue, 03 Jun 2025 08:06:56 GMT
etag: W/"c08ec4640f6ba3d9b8a7363620465d67"
cache-control: max-age=3600
content-encoding: gzip
expires: Tue, 03 Jun 2025 09:40:13 GMT
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 189
cache: HIT
x-cached-since: 2025-06-12T14:41:30+00:00
X-Firefox-Spdy: h2

GET v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/a49ddc9ed7b115238ef2263b253f2225.json

185.244.209.62

200 OK

22 kB

URL

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/a49ddc9ed7b115238ef2263b253f2225.json

IP / ASN

185.244.209.62

#199524 G-Core Labs S.A.

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeJSON text data

First Seen2025-04-16

Last Seen2025-06-24

Times Seen618

Size22 kB (21827 bytes)

MD5ff5d81879a491bb1cfe091c5817a89b4

SHA12a1d20f61eb8c513b270b8d123e3a9f66c89f808

SHA256538bffce9fa55e37a08e6b7f5148f8e7884c02a82b13e8426553061ff2475f90

Certificate Info

IssuerSectigo Limited

Subject*.traincdn.com

Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA

ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/a49ddc9ed7b115238ef2263b253f2225.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-873858.world/
Origin: https://1xlite-873858.world
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:39 GMT
content-type: application/json
traceparent: 00-2fd3a95c741adc36478fb87bda3b6255-bd421fc8888c9cdd-01
last-modified: Tue, 20 May 2025 11:01:53 GMT
etag: W/"ff5d81879a491bb1cfe091c5817a89b4"
content-encoding: gzip
expires: Tue, 20 May 2025 12:23:08 GMT
cache-control: max-age=3600
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 1928
cache: HIT
x-cached-since: 2025-06-12T14:12:31+00:00
X-Firefox-Spdy: h2

GET v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/25c3998383.js

185.244.209.62

200 OK

864 B

URL

v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/25c3998383.js

IP / ASN

185.244.209.62

#199524 G-Core Labs S.A.

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeJavaScript source, ASCII text, with very long lines (863)

First Seen2025-06-11

Last Seen2025-06-18

Times Seen109

Size864 B (864 bytes)

MD5cd67cb70163467a629fdd571c7fe7cab

SHA1162418c6e156aa935146915e45ea0e580955086f

SHA2561ff4f85984794159c0f77930c3495d057c317fd85a1cd9f1ac117bb45b40f115

Certificate Info

IssuerSectigo Limited

Subject*.traincdn.com

Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA

ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

HTTP Headers

GET /sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/25c3998383.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-873858.world
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:40 GMT
content-type: text/javascript; charset=utf-8
content-length: 864
traceparent: 00-7c7fae7c13cda21d9f30abb6403ce1ee-341f3071a5866926-01
last-modified: Wed, 11 Jun 2025 10:23:53 GMT
etag: "cd67cb70163467a629fdd571c7fe7cab"
x-amz-meta-mtime: 1749637066.108324997
expires: Fri, 13 Jun 2025 02:43:19 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 43281
cache: HIT
x-cached-since: 2025-06-12T02:43:19+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

GET v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/6293f1a8ca.css

185.244.209.62

200 OK

650 B

URL

v3.traincdn.com/sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/6293f1a8ca.css

IP / ASN

185.244.209.62

#199524 G-Core Labs S.A.

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeASCII text, with very long lines (649)

First Seen2025-05-19

Last Seen2025-07-29

Times Seen1291

Size650 B (650 bytes)

MD55d70ac7829c3ae41ce5c0971c798fbcf

SHA19996ce3a09f56d3e37d67fbe7e1efb301ea2f261

SHA2560e76b1cd191bd618caea37cb7fb6673d12c7cdff7ea47e939758eda5764a140b

Certificate Info

IssuerSectigo Limited

Subject*.traincdn.com

Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA

ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

HTTP Headers

GET /sys-static/sys-technical-pages-app-static/Desktop/Default/44136fa355b3/6293f1a8ca.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-873858.world/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:38 GMT
content-type: text/css; charset=utf-8
content-length: 650
traceparent: 00-828a40419eff12eff43999b49af60ac1-e3b21581d8341ec3-01
last-modified: Wed, 11 Jun 2025 10:23:53 GMT
etag: "5d70ac7829c3ae41ce5c0971c798fbcf"
x-amz-meta-mtime: 1749637066.10932503
expires: Fri, 13 Jun 2025 09:17:06 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 19652
cache: HIT
x-cached-since: 2025-06-12T09:17:06+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2

GET v3.traincdn.com/main-static/e6b170ce/desktop/default/css/7fe5f71b.css

185.244.209.62

200 OK

3.3 kB

URL

v3.traincdn.com/main-static/e6b170ce/desktop/default/css/7fe5f71b.css

IP / ASN

185.244.209.62

#199524 G-Core Labs S.A.

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeASCII text, with very long lines (3313), with no line terminators

First Seen2024-05-14

Last Seen2025-08-02

Times Seen2071

Size3.3 kB (3313 bytes)

MD5c610b8710368de3bf2f1c5bb581b6a3a

SHA1f67bc86785d434adb2e81a356a7926b8818ac567

SHA256fad7111846310042401990719146401178f22e2618abf2b058e641b6495e8eba

Certificate Info

IssuerSectigo Limited

Subject*.traincdn.com

Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA

ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

HTTP Headers

GET /main-static/e6b170ce/desktop/default/css/7fe5f71b.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-873858.world/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:39 GMT
content-type: text/css; charset=utf-8
traceparent: 00-a08cc6608fb3598e92438b8f635b617f-a57c21ef3bd6660d-01
last-modified: Thu, 12 Jun 2025 08:51:05 GMT
etag: W/"c610b8710368de3bf2f1c5bb581b6a3a"
x-amz-meta-mtime: 1749718261.852055161
content-encoding: gzip
expires: Fri, 13 Jun 2025 09:02:34 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 20317
cache: HIT
x-cached-since: 2025-06-12T09:06:02+00:00
X-Firefox-Spdy: h2

GET v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_forgot_password/en/dictionary_5095aa3502de5d23a304096fded0ec7c.json

185.244.209.62

200 OK

3.8 kB

URL

v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_forgot_password/en/dictionary_5095aa3502de5d23a304096fded0ec7c.json

IP / ASN

185.244.209.62

#199524 G-Core Labs S.A.

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeJSON text data

First Seen2025-06-11

Last Seen2025-06-16

Times Seen101

Size3.8 kB (3778 bytes)

MD5760aef6021a23b9b00d12d79b667c249

SHA1f9020e25d1de99e79badce8270abb9cfb56f863a

SHA25619f38f82ab75a3cecf3a85dc8f19f0bf52594d1252d8a3b0f2ebee667598a0fa

Certificate Info

IssuerSectigo Limited

Subject*.traincdn.com

Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA

ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

HTTP Headers

GET /genfiles/web-app-v2/dictionary2/v3_forgot_password/en/dictionary_5095aa3502de5d23a304096fded0ec7c.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-873858.world/
Origin: https://1xlite-873858.world
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:39 GMT
content-type: application/json; charset=utf-8
traceparent: 00-cc6071cafdde54bd15969c419e1aa002-48f07feecfaac852-01
last-modified: Wed, 11 Jun 2025 08:06:50 GMT
etag: W/"760aef6021a23b9b00d12d79b667c249"
cache-control: max-age=3600
content-encoding: gzip
expires: Wed, 11 Jun 2025 09:40:11 GMT
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 2726
cache: HIT
x-cached-since: 2025-06-12T13:59:13+00:00
X-Firefox-Spdy: h2

POST 1xlite-873858.world/hd-api/external/verify

91.186.206.101

200 OK

715 B

URL

1xlite-873858.world/hd-api/external/verify

IP / ASN

91.186.206.101

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeJSON text data

First Seen2025-06-12

Last Seen2025-06-12

Times Seen1

Size715 B (715 bytes)

MD568df6aa67b9ea57655fa33b9307290e7

SHA1f3f8d5976d5a7e65e54e22abe9621cc164bce885

SHA2566f8ddc122a1acef0790534ad9a204a95da21f9a111803e0bc4742396f8cb0fed

Certificate Info

IssuerLet's Encrypt

Subject1xlite-873858.world

Fingerprint00:0C:E2:41:66:9C:66:FC:9D:9B:1D:78:F5:33:D3:B8:4E:51:BD:57

ValidityTue, 29 Apr 2025 11:29:46 GMT - Mon, 28 Jul 2025 11:29:45 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /hd-api/external/verify HTTP/1.1
Host: 1xlite-873858.world
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-873858.world/en/block
Content-Type: text/plain;charset=UTF-8
Content-Length: 108853
Origin: https://1xlite-873858.world
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_87653m_3030c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5D%7Badspot_id%7D_d26691_l14299_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_87653m_3030c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5D%7Badspot_id%7D_d26691_l14299_clickunder; postback_watcher=%7B%22tag%22%3A%22d_87653m_3030c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5D%7Badspot_id%7D_d26691_l14299_clickunder%22%2C%22pb%22%3A%22b3ec284c1a7a4c4aa92f9fa5f651e8ba%22%2C%22click_id%22%3A%22RznZH4qTZSQrYVLaGNUg_wiYSa799b%7Badspot_id%7D498648faglh%7Bclick_id%7D%22%7D; auid=W7rOZWhK59W51tiFAwPkAg==; window_width=1280; che_g=1c6a20dc-b553-4bd0-0abd-73d81e144eda; SESSION=0fc45ba2f8f86275ef5d59144e622c2a
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:50 GMT
content-type: application/json
content-length: 585
content-encoding: gzip
vary: Accept-Encoding
x-dt: 285
x-request-guid: 60e1bc3cfa4fbfe39817b51d752af20b
x-time-ng: 0.011
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=0.006, wf-uht;dur=0.047
X-Firefox-Spdy: h2

GET v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_express_day/en/dictionary_1971e4038469f37ec9a819d99d5b8f4a.json

185.244.209.62

200 OK

1.1 kB

URL

v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_express_day/en/dictionary_1971e4038469f37ec9a819d99d5b8f4a.json

IP / ASN

185.244.209.62

#199524 G-Core Labs S.A.

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeJSON text data

First Seen2025-05-10

Last Seen2025-06-18

Times Seen523

Size1.1 kB (1129 bytes)

MD5a3810b04fc93c6b4f295ceb812f9f212

SHA16cff2c69f8e43259380952d6c0df7ba563b7da8d

SHA256c1afcca19f61498f21aab6c0ca6b1992f5c8b4baf281dfa14b780ed780035c54

Certificate Info

IssuerSectigo Limited

Subject*.traincdn.com

Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA

ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

HTTP Headers

GET /genfiles/web-app-v2/dictionary2/v3_express_day/en/dictionary_1971e4038469f37ec9a819d99d5b8f4a.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-873858.world/
Origin: https://1xlite-873858.world
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:39 GMT
content-type: application/json; charset=utf-8
traceparent: 00-2eedebc86b74bc54092f96e0f11914f4-aa477f26c3c11248-01
last-modified: Fri, 09 May 2025 16:06:27 GMT
etag: W/"a3810b04fc93c6b4f295ceb812f9f212"
cache-control: max-age=3600
content-encoding: gzip
expires: Fri, 09 May 2025 17:11:01 GMT
x-time-ng: 0.001
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 1070
cache: HIT
x-cached-since: 2025-06-12T14:26:49+00:00
X-Firefox-Spdy: h2

GET v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/1c0cd0740fccd19a9816be06e69f0a1b.json

185.244.209.62

200 OK

473 B

URL

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/1c0cd0740fccd19a9816be06e69f0a1b.json

IP / ASN

185.244.209.62

#199524 G-Core Labs S.A.

Requested byhttps://1xlite-873858.world/en/block

Resource Info

File typeJSON text data

First Seen2023-06-08

Last Seen2025-07-30

Times Seen1942

Size473 B (473 bytes)

MD5e67aa19ef00fd2285c7b4ecbb6018306

SHA15b01d4786d6fbfbd5de7901eb4359a55466f434a

SHA256135c1042c31e3674d8a1b3b9e7179f4f36868048ca6058ea458ff291b8880b5e

Certificate Info

IssuerSectigo Limited

Subject*.traincdn.com

Fingerprint71:CC:F4:85:58:3C:F4:8C:55:97:B4:2F:47:54:D1:16:BE:D5:A3:CA

ValidityTue, 26 Nov 2024 00:00:00 GMT - Fri, 26 Dec 2025 23:59:59 GMT

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/1c0cd0740fccd19a9816be06e69f0a1b.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-873858.world/
Origin: https://1xlite-873858.world
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jun 2025 14:44:40 GMT
content-type: application/json
content-length: 473
traceparent: 00-36e75839786205372e90b447a3672682-198b73ba9b6dce7f-01
last-modified: Thu, 16 May 2024 20:41:30 GMT
etag: "e67aa19ef00fd2285c7b4ecbb6018306"
expires: Fri, 16 May 2025 19:56:49 GMT
cache-control: max-age=3600
x-time-ng: 0.000
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
x-id: osix-hw-edge-gc4
age: 1928
cache: HIT
x-cached-since: 2025-06-12T14:12:32+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2