urlscan.io logo urlscan.io
SecurityTrails logo

1xlite-563592.top Open in urlscan Pro
178.253.28.63  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://dsfreuahi.xyz/?85gu5u
Effective URL: https://1xlite-563592.top/de/block
Submission: On January 27 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 4 countries across 5 domains to perform 28 HTTP transactions. The main IP is 178.253.28.63, located in Iran, Islamic Republic Of and belongs to SGHL1-AS, SC. The main domain is 1xlite-563592.top.
TLS certificate: Issued by R3 on December 14th 2023. Valid for: 3 months.
This is the only time 1xlite-563592.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 45.66.249.115 62005 (BV-EU-AS)
1 1 88.208.2.57 39572 (ADVANCEDH...)
1 1 83.147.204.15 202492 (SGHL1-AS)
1 10 178.253.28.63 202492 (SGHL1-AS)
19 2a03:90c0:41:... 199524 (GCORE)
28 3
1    45.66.249.115 (Los Angeles, United States)

ASN62005 (BV-EU-AS, EE)
PTR: smtp.goodchengestore.info
dsfreuahi.xyz
1    88.208.2.57 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
apretailer.com.br
1    83.147.204.15 (Iran, Islamic Republic Of)

ASN202492 (SGHL1-AS, SC)
refpa.top
10    178.253.28.63 (Iran, Islamic Republic Of)

ASN202492 (SGHL1-AS, SC)
1xlite-563592.top
19    2a03:90c0:41:2801::62 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)
v3.traincdn.com
Apex Domain
Subdomains		 Transfer
19 traincdn.com
v3.traincdn.com — Cisco Umbrella Rank: 94876
744 KB
10 1xlite-563592.top
1xlite-563592.top
546 KB
1 refpa.top
refpa.top — Cisco Umbrella Rank: 969876
296 B
1 apretailer.com.br
apretailer.com.br
1 KB
1 dsfreuahi.xyz
dsfreuahi.xyz
755 B
28 5
Domain Requested by
19 v3.traincdn.com 1xlite-563592.top
v3.traincdn.com
10 1xlite-563592.top 1 redirects 1xlite-563592.top
v3.traincdn.com
1 refpa.top 1 redirects
1 apretailer.com.br 1 redirects
1 dsfreuahi.xyz 1 redirects
28 5

This site contains no links.

Subject Issuer Validity Valid
1xlite-563592.top
R3		 2023-12-14 -
2024-03-13		 3 months crt.sh
*.traincdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-11-02 -
2024-12-02		 a year crt.sh

This page contains 1 frames:

Primary Page: https://1xlite-563592.top/de/block
Frame ID: CB8E55CDD88562B3D54B5928E19680F2
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

1xBet Buchmacher. Hohe Quoten. 24-Stunden Kundendienst

Page URL History Show full URLs

  1. https://dsfreuahi.xyz/?85gu5u HTTP 302
    https://apretailer.com.br/click/65b35fa32bfa81288d727952/159630/135353/subaccount HTTP 307
    http://refpa.top/L?tag=d_263873m_1599c_&r=%2Fregistration%2F&pb=df3f5b8eba094f0589fc41518f5d1... HTTP 307
    https://refpa.top/L?tag=d_263873m_1599c_&r=%2Fregistration%2F&pb=df3f5b8eba094f0589fc41518f5d1... HTTP 303
    https://1xlite-563592.top/de/registration?tag=d_263873m_1599c_&r=%2fregistration%2f&pb=df3f5b8eba094f0... HTTP 302
    https://1xlite-563592.top/de/block Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /_nuxt/

Page Statistics

28
Requests

100 %
HTTPS

20 %
IPv6

5
Domains

5
Subdomains

3
IPs

4
Countries

1289 kB
Transfer

3709 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://dsfreuahi.xyz/?85gu5u HTTP 302
    https://apretailer.com.br/click/65b35fa32bfa81288d727952/159630/135353/subaccount HTTP 307
    http://refpa.top/L?tag=d_263873m_1599c_&r=%2Fregistration%2F&pb=df3f5b8eba094f0589fc41518f5d1ad3&click_id=a3a7006c-8bde-f46f-cdd6-018d4a333350.135353 HTTP 307
    https://refpa.top/L?tag=d_263873m_1599c_&r=%2Fregistration%2F&pb=df3f5b8eba094f0589fc41518f5d1ad3&click_id=a3a7006c-8bde-f46f-cdd6-018d4a333350.135353 HTTP 303
    https://1xlite-563592.top/de/registration?tag=d_263873m_1599c_&r=%2fregistration%2f&pb=df3f5b8eba094f0589fc41518f5d1ad3&click_id=a3a7006c-8bde-f46f-cdd6-018d4a333350.135353 HTTP 302
    https://1xlite-563592.top/de/block Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request block
1xlite-563592.top/de/
Redirect Chain
  • https://dsfreuahi.xyz/?85gu5u
  • https://apretailer.com.br/click/65b35fa32bfa81288d727952/159630/135353/subaccount
  • http://refpa.top/L?tag=d_263873m_1599c_&r=%2Fregistration%2F&pb=df3f5b8eba094f0589fc41518f5d1ad3&click_id=a3a7006c-8bde-f46f-cdd6-018d4a333350.135353
  • https://refpa.top/L?tag=d_263873m_1599c_&r=%2Fregistration%2F&pb=df3f5b8eba094f0589fc41518f5d1ad3&click_id=a3a7006c-8bde-f46f-cdd6-018d4a333350.135353
  • https://1xlite-563592.top/de/registration?tag=d_263873m_1599c_&r=%2fregistration%2f&pb=df3f5b8eba094f0589fc41518f5d1ad3&click_id=a3a7006c-8bde-f46f-cdd6-018d4a333350.135353
  • https://1xlite-563592.top/de/block
541 KB
542 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1xlite-563592.top/de/block
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.253.28.63 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC),
Reverse DNS
Software
nginx /
Resource Hash
9b52cef48998bc0a3ea03758ae020414e8c0920b507896064055924e656c4c27
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
none
content-length
553953
content-type
text/html; charset=utf-8
date
Sat, 27 Jan 2024 09:14:46 GMT
server
nginx
server-timing
total;dur=107;desc="Nuxt Server Time" dt_total;dur=121.120
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-dt
285
x-frame-options
SAMEORIGIN
x-time-ng
0.114

Redirect headers

cache-control
no-cache
date
Sat, 27 Jan 2024 09:14:46 GMT
location
/de/block
server
nginx
server-timing
total;dur=66;desc="Nuxt Server Time" dt_total;dur=69.266 wf-uht;dur=0.114
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-dt
285
x-frame-options
SAMEORIGIN
x-time-ng
0.069
version.json
v3.traincdn.com/ 		11 B
413 B 		Other
General
Check archive.org
Download Go to
Full URL
https://v3.traincdn.com/version.json
Requested by
Host: 1xlite-563592.top
URL: https://1xlite-563592.top/de/block
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
0bbccd39b5bc2d27590bfff6eefdabe13f9529566f940132fe2d7264e31f54a7
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://1xlite-563592.top/
Origin
https://1xlite-563592.top
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc17
date
Sat, 27 Jan 2024 09:14:46 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
x-cached-since
2024-01-27T09:14:11+00:00
x-shard
fr5-shard0-default_443
content-length
44
last-modified
Fri, 26 Jan 2024 08:03:01 GMT
server
nginx
traceparent
00-2820613c2a3a98adbf440017cfc7d8b1-af602638e1756613-01
x-id-shield
am3-hw-edge-gc88
etag
"65b36735-2c"
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60, max-age=60, s-maxage=60
cache
EXPIRED, HIT
accept-ranges
bytes
expires
Fri, 26 Jan 2024 09:18:55 GMT
13f2420925687a194e4c38472ae71214.css
v3.traincdn.com/genfiles/site-admin/colors/ 		32 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://v3.traincdn.com/genfiles/site-admin/colors/13f2420925687a194e4c38472ae71214.css
Requested by
Host: 1xlite-563592.top
URL: https://1xlite-563592.top/de/block
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
121068efd3a40fafb9aebfbd35ab8670c9faa7450a7b4880cea54a9aaa2f5258
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1xlite-563592.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc29
date
Sat, 27 Jan 2024 09:14:46 GMT
content-encoding
gzip
x-time-ng
0.000
strict-transport-security
max-age=15724800; includeSubDomains
x-cached-since
2024-01-23T11:28:57+00:00, 2024-01-27T08:58:09+00:00
x-shard
fr5-shard0-default_443
last-modified
Tue, 23 Jan 2024 10:10:07 GMT
server
nginx
traceparent
00-c975c456f2223c4dcea8d20240d81da9-daeb98ca9a5dac83-01
x-id-shield
am3-hw-edge-gc89
etag
W/"424b356408d2d22635cfdfa24e24fb75"
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-age=3600,s-maxage=3600
cache
HIT, HIT
runtime-41705d52.js
v3.traincdn.com/_nuxt/desktop/default/ 		47 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v3.traincdn.com/_nuxt/desktop/default/runtime-41705d52.js
Requested by
Host: 1xlite-563592.top
URL: https://1xlite-563592.top/de/block
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
0795c58a0b2ae3064bae0314cf67dd6e4a995a0027ef3492260d2abb14c45a77
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1xlite-563592.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc22
date
Sat, 27 Jan 2024 09:14:46 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
x-cached-since
2024-01-26T09:27:05+00:00, 2024-01-26T09:27:34+00:00
x-shard
fr5-shard0-default_443
content-length
15007
last-modified
Fri, 26 Jan 2024 07:58:27 GMT
server
nginx
traceparent
00-800d9cda5849df6e1bc86e8b936cf7be-184b8f1796faa3fb-01
x-id-shield
am3-hw-edge-gc89
etag
"65b36623-3a9f"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
cache
HIT, HIT
accept-ranges
bytes
expires
Sat, 27 Jan 2024 09:27:05 GMT
app-77db762c.js
v3.traincdn.com/_nuxt/desktop/default/commons/ 		133 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v3.traincdn.com/_nuxt/desktop/default/commons/app-77db762c.js
Requested by
Host: 1xlite-563592.top
URL: https://1xlite-563592.top/de/block
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
ab64a19291dbdc679bd9be32a8e4ecc33df150815a9788d65c97cfe80ab16bf9
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1xlite-563592.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc38
date
Sat, 27 Jan 2024 09:14:46 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
x-cached-since
2024-01-26T09:27:05+00:00, 2024-01-26T09:27:34+00:00
x-shard
fr5-shard0-default_443
content-length
46093
last-modified
Fri, 26 Jan 2024 07:58:27 GMT
server
nginx
traceparent
00-fd21220fda8f39ee9027509cb2575f12-57fc4402684c8ec6-01
x-id-shield
am3-hw-edge-gc89
etag
"65b36623-b40d"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
cache
HIT, HIT
accept-ranges
bytes
expires
Sat, 27 Jan 2024 09:27:05 GMT
fbc5fa5d.css
v3.traincdn.com/_nuxt/desktop/default/css/ 		788 KB
79 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://v3.traincdn.com/_nuxt/desktop/default/css/fbc5fa5d.css
Requested by
Host: 1xlite-563592.top
URL: https://1xlite-563592.top/de/block
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
cfaf51f28e43ff55d34d09a97d40264816af870e8ca7b9476fbcb2e547ff6f29
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1xlite-563592.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc58
date
Sat, 27 Jan 2024 09:14:46 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
x-cached-since
2024-01-26T10:00:34+00:00, 2024-01-26T10:00:40+00:00
x-shard
fr5-shard0-default_443
content-length
80374
last-modified
Fri, 26 Jan 2024 07:58:27 GMT
server
nginx
traceparent
00-0a39a7941562638009a2725e3d5b40e5-285b0af2c2293433-01
x-id-shield
am3-hw-edge-gc89
etag
"65b36623-139f6"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=86400
cache
HIT, HIT
accept-ranges
bytes
expires
Sat, 27 Jan 2024 10:00:34 GMT
app-0be7632e.js
v3.traincdn.com/_nuxt/desktop/default/vendors/ 		951 KB
267 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v3.traincdn.com/_nuxt/desktop/default/vendors/app-0be7632e.js
Requested by
Host: 1xlite-563592.top
URL: https://1xlite-563592.top/de/block
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
d6bf9f59e126b523916eaf06672ff462381e44985643a4ee036aeb4ff36ed507
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1xlite-563592.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc30
date
Sat, 27 Jan 2024 09:14:46 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
x-cached-since
2024-01-26T09:27:05+00:00, 2024-01-26T09:27:34+00:00
x-shard
fr5-shard0-default_443
content-length
273178
last-modified
Fri, 26 Jan 2024 07:58:27 GMT
server
nginx
traceparent
00-e6ef460e5574117b6aaf8ee720d0562d-8566fb443b4ca2f2-01
x-id-shield
am3-hw-edge-gc88
etag
"65b36623-42b1a"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
cache
HIT, HIT
accept-ranges
bytes
expires
Sat, 27 Jan 2024 09:27:05 GMT
7c050a1a.css
v3.traincdn.com/_nuxt/desktop/default/css/ 		114 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://v3.traincdn.com/_nuxt/desktop/default/css/7c050a1a.css
Requested by
Host: 1xlite-563592.top
URL: https://1xlite-563592.top/de/block
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
65e7faececc8c0e778e51d623134ce13873ed292341897502be150160c3eda2d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1xlite-563592.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc32
date
Sat, 27 Jan 2024 09:14:46 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
x-cached-since
2024-01-26T11:13:08+00:00, 2024-01-26T11:13:17+00:00
x-shard
fr5-shard0-default_443
content-length
14439
last-modified
Fri, 26 Jan 2024 07:58:27 GMT
server
nginx
traceparent
00-36097c976bc55d9a9cc2e6f926e9eb28-ab40a90f45686c7e-01
x-id-shield
am3-hw-edge-gc88
etag
"65b36623-3867"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=86400
cache
HIT, HIT
accept-ranges
bytes
expires
Sat, 27 Jan 2024 11:13:08 GMT
app-97341f2d.js
v3.traincdn.com/_nuxt/desktop/default/ 		822 KB
215 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v3.traincdn.com/_nuxt/desktop/default/app-97341f2d.js
Requested by
Host: 1xlite-563592.top
URL: https://1xlite-563592.top/de/block
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
33160b1e21c933aadb6e4037a3f1aaa5b4ba2ddbc5e6a07a6ba8e244914b4836
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1xlite-563592.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc35
date
Sat, 27 Jan 2024 09:14:46 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
x-cached-since
2024-01-26T09:27:05+00:00, 2024-01-26T09:27:34+00:00
x-shard
fr5-shard0-default_443
content-length
219409
last-modified
Fri, 26 Jan 2024 07:58:27 GMT
server
nginx
traceparent
00-2554d0e6196411d292ddb3828ac607a6-d242a91319a716cb-01
x-id-shield
am3-hw-edge-gc89
etag
"65b36623-35911"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
cache
HIT, HIT
accept-ranges
bytes
expires
Sat, 27 Jan 2024 09:27:05 GMT
polyfills.js
1xlite-563592.top/ 		0
248 B 		Script
General
Check archive.org
Download Go to
Full URL
https://1xlite-563592.top/polyfills.js
Requested by
Host: 1xlite-563592.top
URL: https://1xlite-563592.top/de/block
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.253.28.63 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1xlite-563592.top/de/block
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 09:14:46 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-time-ng
0.003
server
nginx
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
vary
user-agent
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=2678400, s-maxage=2678400
server-timing
wf-uht;dur=0.046
content-length
0
check-ob.js
v3.traincdn.com/_nuxt/ 		342 B
500 B 		Script
General
Check archive.org
Download Go to
Full URL
https://v3.traincdn.com/_nuxt/check-ob.js
Requested by
Host: 1xlite-563592.top
URL: https://1xlite-563592.top/de/block
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
9dc59b4e91c1aada81294c54029320042844fe6f142eb8ad393b97227db7f531
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1xlite-563592.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-canary-gc28
date
Sat, 27 Jan 2024 09:14:47 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
x-cached-since
2024-01-26T11:32:59+00:00, 2024-01-26T11:33:05+00:00
x-shard
fr5-shard0-default_443
content-length
274
last-modified
Fri, 26 Jan 2024 07:56:48 GMT
server
nginx
traceparent
00-080564a8287042c0013ae0eb5fb36488-b69365314a4deed4-01
x-id-shield
am3-hw-edge-gc88
etag
"65b365c0-112"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
cache
HIT, HIT
accept-ranges
bytes
expires
Sat, 27 Jan 2024 11:32:59 GMT
plugins.v-tooltip-8cf1013c.js
v3.traincdn.com/_nuxt/desktop/default/vendors/ 		75 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.v-tooltip-8cf1013c.js
Requested by
Host: v3.traincdn.com
URL: https://v3.traincdn.com/_nuxt/desktop/default/runtime-41705d52.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
36ec93e97ad2f46b6eee979804bd03f2483a7815b48730df59910c8abd912fdb
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1xlite-563592.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc33
date
Sat, 27 Jan 2024 09:14:47 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
x-cached-since
2024-01-26T10:00:37+00:00, 2024-01-26T10:00:45+00:00
x-shard
fr5-shard0-default_443
content-length
21871
last-modified
Fri, 26 Jan 2024 07:58:28 GMT
server
nginx
traceparent
00-6d4d6b18b134effb204fe65f6656b673-e915fdf1f766bb77-01
x-id-shield
am3-hw-edge-gc89
etag
"65b36624-556f"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
cache
HIT, HIT
accept-ranges
bytes
expires
Sat, 27 Jan 2024 10:00:37 GMT
actualDomain
1xlite-563592.top/web-api/api/web/v1/config/ 		269 B
537 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://1xlite-563592.top/web-api/api/web/v1/config/actualDomain
Requested by
Host: v3.traincdn.com
URL: https://v3.traincdn.com/_nuxt/desktop/default/vendors/app-0be7632e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.253.28.63 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC),
Reverse DNS
Software
nginx /
Resource Hash
ffd7287bf26ea47229ed4dbf385857980a9ed93614976663e9425e3a638afb4a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept
application/json, text/plain, */*
Referer
https://1xlite-563592.top/de/block
x-requested-with
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
application/json

Response headers

date
Sat, 27 Jan 2024 09:14:47 GMT
content-encoding
br
x-time-ng
0.018
server
nginx
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
content-type
application/vnd.api+json
x-dt
285
cache-control
no-cache, private
server-timing
p;dur=17, dt_total;dur=18.232, wf-uht;dur=0.065
plugins.vue-notification-dedb8208.js
v3.traincdn.com/_nuxt/desktop/default/vendors/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.vue-notification-dedb8208.js
Requested by
Host: v3.traincdn.com
URL: https://v3.traincdn.com/_nuxt/desktop/default/runtime-41705d52.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
335594b7d79946786705b12a2f29742fc90a6b3892355e7ddc19494a4d3db984
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1xlite-563592.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc35
date
Sat, 27 Jan 2024 09:14:47 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
x-cached-since
2024-01-26T10:00:37+00:00, 2024-01-26T10:00:45+00:00
x-shard
fr5-shard0-default_443
content-length
4556
last-modified
Fri, 26 Jan 2024 07:58:28 GMT
server
nginx
traceparent
00-88c71a326bbb02e11d586b58f5b9e416-f730c38f56da2634-01
x-id-shield
am3-hw-edge-gc89
etag
"65b36624-11cc"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
cache
HIT, HIT
accept-ranges
bytes
expires
Sat, 27 Jan 2024 10:00:37 GMT
e1ad5afb.css
v3.traincdn.com/_nuxt/desktop/default/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://v3.traincdn.com/_nuxt/desktop/default/css/e1ad5afb.css
Requested by
Host: v3.traincdn.com
URL: https://v3.traincdn.com/_nuxt/desktop/default/runtime-41705d52.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
dec9bcae0186bee94c16b3012dcc5379eb7ab98380875cedf2342baf66ba70e5
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1xlite-563592.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc35
date
Sat, 27 Jan 2024 09:14:47 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
x-cached-since
2024-01-26T18:53:15+00:00, 2024-01-26T21:46:10+00:00
x-shard
fr5-shard0-default_443
content-length
943
last-modified
Fri, 26 Jan 2024 07:58:28 GMT
server
nginx
traceparent
00-d231bc022612a3014e0a8d1c400d1491-9b7d9706c392dab0-01
x-id-shield
am3-hw-edge-gc88
etag
"65b36624-3af"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=86400
cache
HIT, HIT
accept-ranges
bytes
expires
Sat, 27 Jan 2024 18:53:15 GMT
plugins.vue-js-modal-7b4fd6a5.js
v3.traincdn.com/_nuxt/desktop/default/vendors/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.vue-js-modal-7b4fd6a5.js
Requested by
Host: v3.traincdn.com
URL: https://v3.traincdn.com/_nuxt/desktop/default/runtime-41705d52.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
013cab659e561613da71a10a042ee6a50a2070ce5a21e5a2bd1b7f3dbadb706a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1xlite-563592.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc26
date
Sat, 27 Jan 2024 09:14:47 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
x-cached-since
2024-01-26T10:00:37+00:00, 2024-01-26T10:00:45+00:00
x-shard
fr5-shard0-default_443
content-length
8051
last-modified
Fri, 26 Jan 2024 07:58:28 GMT
server
nginx
traceparent
00-4858389b42899ae2601383c275f033b6-c30ec215bca6db9f-01
x-id-shield
am3-hw-edge-gc88
etag
"65b36624-1f73"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
cache
HIT, HIT
accept-ranges
bytes
expires
Sat, 27 Jan 2024 10:00:37 GMT
date-fns-locale-16-ab270338.js
v3.traincdn.com/_nuxt/desktop/default/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v3.traincdn.com/_nuxt/desktop/default/date-fns-locale-16-ab270338.js
Requested by
Host: v3.traincdn.com
URL: https://v3.traincdn.com/_nuxt/desktop/default/runtime-41705d52.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
1c7a42fdc1fb457443d7c7be6e5031eff7bd24a88dbbcd193ff9b90ab7e79159
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1xlite-563592.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc29
date
Sat, 27 Jan 2024 09:14:47 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
x-cached-since
2024-01-26T09:27:53+00:00
x-shard
fr5-shard0-default_443
content-length
2239
last-modified
Fri, 26 Jan 2024 07:58:27 GMT
server
nginx
traceparent
00-e428c288a10733fd87bd14dbe4850062-eb0362ed2cfd6b30-01
x-id-shield
am3-hw-edge-gc88
etag
"65b36623-8bf"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
cache
MISS, HIT
accept-ranges
bytes
expires
Sat, 27 Jan 2024 09:27:53 GMT
29ff8e35693b23d6fca06a6514cb28df.json
1xlite-563592.top/genfiles/cms/1-285/desktop/media_asset/ 		668 B
940 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://1xlite-563592.top/genfiles/cms/1-285/desktop/media_asset/29ff8e35693b23d6fca06a6514cb28df.json
Requested by
Host: v3.traincdn.com
URL: https://v3.traincdn.com/_nuxt/desktop/default/vendors/app-0be7632e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.253.28.63 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC),
Reverse DNS
Software
nginx /
Resource Hash
ea3b4c0c004ddc47d397140cb405c5934682606f1e0faeecf9308bfa30cf924e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept
application/json, text/plain, */*
Referer
https://1xlite-563592.top/de/block
x-requested-with
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
application/json

Response headers

date
Sat, 27 Jan 2024 09:14:47 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-time-ng
0.000
last-modified
Tue, 23 May 2023 10:24:59 GMT
server
nginx
etag
"b7b882bc87bd49ec0b19e15d62050091"
content-type
application/json
cache-control
public,max-age=3600,s-maxage=3600
server-timing
wf-uht;dur=
accept-ranges
bytes
content-length
668
truncated
/ 		32 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b90ff694e492935b6036fb7e878d365dab51aafa46f0afb1e33414e7ecc3307b

Request headers

Referer
Origin
https://1xlite-563592.top
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
text/javascript
analytics-counters
1xlite-563592.top/seo-module-api/api/public/v1/ 		72 B
456 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://1xlite-563592.top/seo-module-api/api/public/v1/analytics-counters?url=https:%2F%2F1xlite-563592.top&projectId=285
Requested by
Host: v3.traincdn.com
URL: https://v3.traincdn.com/_nuxt/desktop/default/vendors/app-0be7632e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.253.28.63 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC),
Reverse DNS
Software
nginx /
Resource Hash
49a0bdc20fefd4d0ad24228a690129a88fcaedb423f59162dd917f63e1eb71bb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept
application/json, text/plain, */*
Referer
https://1xlite-563592.top/de/block
x-requested-with
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
application/json

Response headers

date
Sat, 27 Jan 2024 09:14:47 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-digest
ence9703551e00917684b735143455d1e7
x-time-ng
0.002
server
nginx
age
1503
content-type
application/json
x-request-guid
fbd0b04b0f64e1a1c268b487c0e6631b
cache-control
max-age=1200, must-revalidate, public, s-maxage=1800, stale-if-error=86400, stale-while-revalidate=300
server-timing
p;dur=1.0972023010254, wf-uht;dur=
content-length
72
x-request-id
07ecfd2ec52eba2b8bf2b6acc8185520
version.json
1xlite-563592.top/ 		11 B
391 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://1xlite-563592.top/version.json?timestamp=1706346887285
Requested by
Host: v3.traincdn.com
URL: https://v3.traincdn.com/_nuxt/desktop/default/vendors/app-0be7632e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.253.28.63 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC),
Reverse DNS
Software
nginx /
Resource Hash
0bbccd39b5bc2d27590bfff6eefdabe13f9529566f940132fe2d7264e31f54a7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept
application/json, text/plain, */*
Referer
https://1xlite-563592.top/de/block
x-requested-with
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
application/json

Response headers

date
Sat, 27 Jan 2024 09:14:47 GMT
content-encoding
gzip
strict-transport-security
max-age=63072000; includeSubDomains; preload
last-modified
Fri, 26 Jan 2024 08:03:01 GMT
server
nginx
etag
"65b36735-2c"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60, max-age=60, s-maxage=60
server-timing
wf-uht;dur=0.146
accept-ranges
bytes
content-length
44
expires
Sat, 27 Jan 2024 09:15:47 GMT
DC-eb555d33.js
v3.traincdn.com/_nuxt/desktop/default/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v3.traincdn.com/_nuxt/desktop/default/DC-eb555d33.js
Requested by
Host: v3.traincdn.com
URL: https://v3.traincdn.com/_nuxt/desktop/default/runtime-41705d52.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
27077a9a909c03a5d03f2933c952245619a92f561f7b9ade01bb0ded62f09f96
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1xlite-563592.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc16
date
Sat, 27 Jan 2024 09:14:47 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
x-cached-since
2024-01-26T10:00:41+00:00, 2024-01-26T10:00:45+00:00
x-shard
fr5-shard0-default_443
content-length
999
last-modified
Fri, 26 Jan 2024 07:58:27 GMT
server
nginx
traceparent
00-aa39b47fcdc7c5d7569d4fa43caa6cd6-635e488d0a0fa241-01
x-id-shield
am3-hw-edge-gc89
etag
"65b36623-3e7"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
cache
HIT, HIT
accept-ranges
bytes
expires
Sat, 27 Jan 2024 10:00:41 GMT
event.json
1xlite-563592.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/ 		23 B
214 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://1xlite-563592.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json
Requested by
Host: v3.traincdn.com
URL: https://v3.traincdn.com/_nuxt/desktop/default/vendors/app-0be7632e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.253.28.63 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC),
Reverse DNS
Software
nginx /
Resource Hash
6f82c83ee63838f985c3fad52ae0899197d9365c9e6d70cd20566442bd1a9e9e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://1xlite-563592.top/de/block
accept-language
de-DE,de;q=0.9
X-Lang
de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
X-Uuid
a7f8f1a7-0a28-4e86-bc2e-048f5f49e802
Content-Type
application/json

Response headers

date
Sat, 27 Jan 2024 09:14:47 GMT
content-encoding
br
x-time-ng
0.002
server
nginx
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
content-type
application/json
server-timing
wf-uht;dur=0.044
/
1xlite-563592.top/checker/redirect/stat/run/ 		14 B
171 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://1xlite-563592.top/checker/redirect/stat/run/
Requested by
Host: v3.traincdn.com
URL: https://v3.traincdn.com/_nuxt/desktop/default/vendors/app-0be7632e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.253.28.63 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC),
Reverse DNS
Software
nginx /
Resource Hash
9682f312f23e078bb135f23ea5a178b178e75c02d33672f20044d18c6d258928
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept
application/json, text/plain, */*
Referer
https://1xlite-563592.top/de/block
x-requested-with
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
application/json

Response headers

date
Sat, 27 Jan 2024 09:14:47 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-time-ng
0.002
server
nginx
server-timing
wf-uht;dur=0.044
content-length
14
content-type
application/json
Betting.Core-f7379023.js
v3.traincdn.com/_nuxt/desktop/default/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v3.traincdn.com/_nuxt/desktop/default/Betting.Core-f7379023.js
Requested by
Host: v3.traincdn.com
URL: https://v3.traincdn.com/_nuxt/desktop/default/runtime-41705d52.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
fcc312d6f93e06587cc7e444ea55956676e513dedcbeab324c89511452319389
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1xlite-563592.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc37
date
Sat, 27 Jan 2024 09:14:47 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
x-cached-since
2024-01-26T09:27:18+00:00, 2024-01-26T09:27:42+00:00
x-shard
fr5-shard0-default_443
content-length
1670
last-modified
Fri, 26 Jan 2024 07:58:27 GMT
server
nginx
traceparent
00-e5cab71f4e86c146cf1ac410b5cac629-9863879e38e3d8bf-01
x-id-shield
am3-hw-edge-gc88
etag
"65b36623-686"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
cache
HIT, HIT
accept-ranges
bytes
expires
Sat, 27 Jan 2024 09:27:18 GMT
155480b4.css
v3.traincdn.com/_nuxt/desktop/default/css/ 		556 B
436 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://v3.traincdn.com/_nuxt/desktop/default/css/155480b4.css
Requested by
Host: v3.traincdn.com
URL: https://v3.traincdn.com/_nuxt/desktop/default/runtime-41705d52.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
8a4b8c93ac5629ae700da3f8c11511fe75a74340b0209f4de7337b0b7b1026a9
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1xlite-563592.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc33
date
Sat, 27 Jan 2024 09:14:47 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
x-cached-since
2024-01-26T22:01:03+00:00
x-shard
fr5-shard0-default_443
content-length
271
last-modified
Fri, 26 Jan 2024 07:58:27 GMT
server
nginx
traceparent
00-e0556c697e6f83c0796a8be2855fd26a-f95512b342583f6f-01
x-id-shield
am3-hw-edge-gc88
etag
"65b36623-10f"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=86400
cache
EXPIRED, HIT
accept-ranges
bytes
expires
Sat, 27 Jan 2024 22:01:03 GMT
Page.Block-d2bfa870.js
v3.traincdn.com/_nuxt/desktop/default/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v3.traincdn.com/_nuxt/desktop/default/Page.Block-d2bfa870.js
Requested by
Host: v3.traincdn.com
URL: https://v3.traincdn.com/_nuxt/desktop/default/runtime-41705d52.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
aa5f5d1f92b5f2b0383817b96dc5454eb3a0e06ef59d89c30c69731fdd2d3ab9
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1xlite-563592.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc22
date
Sat, 27 Jan 2024 09:14:47 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
x-cached-since
2024-01-26T09:27:35+00:00, 2024-01-26T09:27:50+00:00
x-shard
fr5-shard0-default_443
content-length
3745
last-modified
Fri, 26 Jan 2024 07:58:27 GMT
server
nginx
traceparent
00-0199afc6f9ef9795fad6b94cd9fc38ce-4a30109a2830cecb-01
x-id-shield
am3-hw-edge-gc88
etag
"65b36623-ea1"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
cache
HIT, HIT
accept-ranges
bytes
expires
Sat, 27 Jan 2024 09:27:35 GMT
common.svg
v3.traincdn.com/sys-icons/1.0.257/285/ 		138 KB
56 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v3.traincdn.com/sys-icons/1.0.257/285/common.svg
Requested by
Host: v3.traincdn.com
URL: https://v3.traincdn.com/_nuxt/desktop/default/vendors/app-0be7632e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6f63cb8eff4d05f94be247743fd2801ed201b76a9debdf921b4cd8e6088328bd
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1xlite-563592.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Mon, 22 Jan 2024 16:14:35 GMT
x-id
fr5-hw-edge-gc52
date
Sat, 27 Jan 2024 09:14:47 GMT
content-encoding
gzip
x-time-ng
0.001
strict-transport-security
max-age=15724800; includeSubDomains
x-cached-since
2024-01-26T17:45:11+00:00
x-shard
fr5-shard0-default_443
last-modified
Mon, 15 Jan 2024 09:31:31 GMT
server
nginx
traceparent
00-24478e765e24a072dce183eb53670531-84fa48236ee2d197-01
x-id-shield
am3-hw-edge-gc89
etag
W/"7006b28cbccfb6f7fd3833b039848f21"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=86400
cache
REVALIDATED, HIT
x-amz-meta-mtime
1705311089.375936104
event.json
1xlite-563592.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/ 		23 B
214 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://1xlite-563592.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json
Requested by
Host: v3.traincdn.com
URL: https://v3.traincdn.com/_nuxt/desktop/default/vendors/app-0be7632e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.253.28.63 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC),
Reverse DNS
Software
nginx /
Resource Hash
b704391fb876254d9135a1c3fa0dbad1ab3fbbaf0253cac291fa277859eb7292
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://1xlite-563592.top/de/block
accept-language
de-DE,de;q=0.9
X-Lang
de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
X-Uuid
a7f8f1a7-0a28-4e86-bc2e-048f5f49e802
Content-Type
application/json

Response headers

date
Sat, 27 Jan 2024 09:14:47 GMT
content-encoding
br
x-time-ng
0.003
server
nginx
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
content-type
application/json
server-timing
wf-uht;dur=0.049

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| serverData object| __NUXT__ object| webpackJsonp function| setImmediate function| clearImmediate object| onNuxtReadyCbs function| onNuxtReady object| __unctx__ object| __unctx_async_handlers__ object| dictionary object| modulesBridge object| onLoadPromise object| $nuxt

14 Cookies

Domain/Path Name / Value
dsfreuahi.xyz/ Name: _subid
Value: 2e2mvbsbelt9
dsfreuahi.xyz/ Name: e09f0
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjIyXCI6MTcwNjM0Njg4NX0sXCJjYW1wYWlnbnNcIjp7XCI1XCI6MTcwNjM0Njg4NX0sXCJ0aW1lXCI6MTcwNjM0Njg4NX0ifQ.d3ejsCFjoZ7Cy9GOO8hPsVI8xVUBApO9U3gsnDIJ2Ag
1xlite-563592.top/ Name: platform_type
Value: desktop
1xlite-563592.top/ Name: lng
Value: de
1xlite-563592.top/ Name: cookies_agree_type
Value: 3
1xlite-563592.top/ Name: tzo
Value: 1
1xlite-563592.top/ Name: is12h
Value: 0
1xlite-563592.top/ Name: referral_values
Value: %7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_263873m_1599c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D
1xlite-563592.top/ Name: reflinkid
Value: d_263873m_1599c_
1xlite-563592.top/ Name: postback_watcher
Value: %7B%22tag%22%3A%22d_263873m_1599c_%22%2C%22r%22%3A%22%2Fregistration%2F%22%2C%22pb%22%3A%22df3f5b8eba094f0589fc41518f5d1ad3%22%2C%22click_id%22%3A%22a3a7006c-8bde-f46f-cdd6-018d4a333350.135353%22%7D
1xlite-563592.top/ Name: auid
Value: sv0cP2W0yYZZTxisAwr0Ag==
1xlite-563592.top/ Name: che_g
Value: 931ec9b1-0547-e086-7784-1e7c79b596eb
1xlite-563592.top/ Name: SESSION
Value: be5b6adc1469daa06294c7d5a64f185d
1xlite-563592.top/ Name: window_width
Value: 1600

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1xlite-563592.top
apretailer.com.br
dsfreuahi.xyz
refpa.top
v3.traincdn.com
178.253.28.63
2a03:90c0:41:2801::62
45.66.249.115
83.147.204.15
88.208.2.57
013cab659e561613da71a10a042ee6a50a2070ce5a21e5a2bd1b7f3dbadb706a
0795c58a0b2ae3064bae0314cf67dd6e4a995a0027ef3492260d2abb14c45a77
0bbccd39b5bc2d27590bfff6eefdabe13f9529566f940132fe2d7264e31f54a7
121068efd3a40fafb9aebfbd35ab8670c9faa7450a7b4880cea54a9aaa2f5258
1c7a42fdc1fb457443d7c7be6e5031eff7bd24a88dbbcd193ff9b90ab7e79159
27077a9a909c03a5d03f2933c952245619a92f561f7b9ade01bb0ded62f09f96
33160b1e21c933aadb6e4037a3f1aaa5b4ba2ddbc5e6a07a6ba8e244914b4836
335594b7d79946786705b12a2f29742fc90a6b3892355e7ddc19494a4d3db984
36ec93e97ad2f46b6eee979804bd03f2483a7815b48730df59910c8abd912fdb
49a0bdc20fefd4d0ad24228a690129a88fcaedb423f59162dd917f63e1eb71bb
65e7faececc8c0e778e51d623134ce13873ed292341897502be150160c3eda2d
6f63cb8eff4d05f94be247743fd2801ed201b76a9debdf921b4cd8e6088328bd
6f82c83ee63838f985c3fad52ae0899197d9365c9e6d70cd20566442bd1a9e9e
8a4b8c93ac5629ae700da3f8c11511fe75a74340b0209f4de7337b0b7b1026a9
9682f312f23e078bb135f23ea5a178b178e75c02d33672f20044d18c6d258928
9b52cef48998bc0a3ea03758ae020414e8c0920b507896064055924e656c4c27
9dc59b4e91c1aada81294c54029320042844fe6f142eb8ad393b97227db7f531
aa5f5d1f92b5f2b0383817b96dc5454eb3a0e06ef59d89c30c69731fdd2d3ab9
ab64a19291dbdc679bd9be32a8e4ecc33df150815a9788d65c97cfe80ab16bf9
b704391fb876254d9135a1c3fa0dbad1ab3fbbaf0253cac291fa277859eb7292
b90ff694e492935b6036fb7e878d365dab51aafa46f0afb1e33414e7ecc3307b
cfaf51f28e43ff55d34d09a97d40264816af870e8ca7b9476fbcb2e547ff6f29
d6bf9f59e126b523916eaf06672ff462381e44985643a4ee036aeb4ff36ed507
dec9bcae0186bee94c16b3012dcc5379eb7ab98380875cedf2342baf66ba70e5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea3b4c0c004ddc47d397140cb405c5934682606f1e0faeecf9308bfa30cf924e
fcc312d6f93e06587cc7e444ea55956676e513dedcbeab324c89511452319389
ffd7287bf26ea47229ed4dbf385857980a9ed93614976663e9425e3a638afb4a