urlscan.io logo urlscan.io
SecurityTrails logo

1xlite-643419.top Open in urlscan Pro
178.253.29.54  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bit.ly/3QX69xk
Effective URL: https://1xlite-643419.top/de/block
Submission: On June 01 via manual from BR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 4 countries across 5 domains to perform 34 HTTP transactions. The main IP is 178.253.29.54, located in Iran, Islamic Republic Of and belongs to SGHL1-AS, SC. The main domain is 1xlite-643419.top.
TLS certificate: Issued by R3 on March 26th 2024. Valid for: 3 months.
This is the only time 1xlite-643419.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.11 396982 (GOOGLE-CL...)
1 172.67.190.192 13335 (CLOUDFLAR...)
1 1 45.135.120.30 56630 (MELBICOM-...)
1 9 178.253.29.54 202492 (SGHL1-AS)
25 2a03:90c0:41:... 199524 (GCORE)
34 4
1    67.199.248.11 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly
bit.ly
1    172.67.190.192 (United States)

ASN13335 (CLOUDFLARENET, US)
1xplayers.com
1    45.135.120.30 (Amsterdam, Netherlands)

ASN56630 (MELBICOM-EU-AS Melbikomas UAB, LT)
refpahroql.top
9    178.253.29.54 (Iran, Islamic Republic Of)

ASN202492 (SGHL1-AS, SC)
1xlite-643419.top
25    2a03:90c0:41:2801::62 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)
v3.traincdn.com
Apex Domain
Subdomains		 Transfer
25 traincdn.com
v3.traincdn.com — Cisco Umbrella Rank: 84621
876 KB
9 1xlite-643419.top
1xlite-643419.top
564 KB
1 refpahroql.top
refpahroql.top
253 B
1 1xplayers.com
1xplayers.com
1 KB
1 bit.ly
bit.ly — Cisco Umbrella Rank: 6755
285 B
34 5
Domain Requested by
25 v3.traincdn.com 1xlite-643419.top
v3.traincdn.com
9 1xlite-643419.top 1 redirects 1xplayers.com
1xlite-643419.top
v3.traincdn.com
1 refpahroql.top 1 redirects
1 1xplayers.com
1 bit.ly 1 redirects
34 5

This site contains no links.

Subject Issuer Validity Valid
1xplayers.com
GTS CA 1P5		 2024-04-21 -
2024-07-20		 3 months crt.sh
1xlite-643419.top
R3		 2024-03-26 -
2024-06-24		 3 months crt.sh
*.traincdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-11-02 -
2024-12-02		 a year crt.sh

This page contains 1 frames:

Primary Page: https://1xlite-643419.top/de/block
Frame ID: 9CF4146FF0CB3E6C2AFB5C2392598F1B
Requests: 35 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://bit.ly/3QX69xk HTTP 301
    http://1xplayers.com/xTXb8878 HTTP 307
    https://1xplayers.com/xTXb8878 Page URL
  2. http://refpahroql.top/L?tag=d_3462465m_97c_SPORT1CLICK__[]general[]_d130802_l148283_reels&site=346... HTTP 307
    https://refpahroql.top/L?tag=d_3462465m_97c_SPORT1CLICK__[]general[]_d130802_l148283_reels&site=346... HTTP 303
    https://1xlite-643419.top/de/registration?tag=d_3462465m_97c_SPORT1CLICK__[]general[]_d130802_l148283_... HTTP 302
    https://1xlite-643419.top/de/block Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /_nuxt/

Page Statistics

34
Requests

100 %
HTTPS

20 %
IPv6

5
Domains

5
Subdomains

4
IPs

4
Countries

1441 kB
Transfer

4655 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bit.ly/3QX69xk HTTP 301
    http://1xplayers.com/xTXb8878 HTTP 307
    https://1xplayers.com/xTXb8878 Page URL
  2. http://refpahroql.top/L?tag=d_3462465m_97c_SPORT1CLICK__[]general[]_d130802_l148283_reels&site=3462465&ad=97&r=br/registration HTTP 307
    https://refpahroql.top/L?tag=d_3462465m_97c_SPORT1CLICK__[]general[]_d130802_l148283_reels&site=3462465&ad=97&r=br/registration HTTP 303
    https://1xlite-643419.top/de/registration?tag=d_3462465m_97c_SPORT1CLICK__[]general[]_d130802_l148283_reels HTTP 302
    https://1xlite-643419.top/de/block Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://bit.ly/3QX69xk HTTP 301
  • http://1xplayers.com/xTXb8878 HTTP 307
  • https://1xplayers.com/xTXb8878

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
xTXb8878
1xplayers.com/
Redirect Chain
  • https://bit.ly/3QX69xk
  • http://1xplayers.com/xTXb8878
  • https://1xplayers.com/xTXb8878
905 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1xplayers.com/xTXb8878
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.190.192 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
88cb8a5a0c31364a-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 01 Jun 2024 01:48:16 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2JU63a%2FYB3jAIteS5ApTrEuCB3Csk2eylgmGOBRoWcYUi94XnasRFXgmX8j3lkvpBM6CWTNdPRSIQkYMYN8DoByrYSKHhOTSTMuduVMWAKVM7elgTS7iJEdbDR6lZ2nL"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

Location
https://1xplayers.com/xTXb8878
Non-Authoritative-Reason
HttpsUpgrades
Primary Request block
1xlite-643419.top/de/
Redirect Chain
  • http://refpahroql.top/L?tag=d_3462465m_97c_SPORT1CLICK__[]general[]_d130802_l148283_reels&site=3462465&ad=97&r=br/registration
  • https://refpahroql.top/L?tag=d_3462465m_97c_SPORT1CLICK__[]general[]_d130802_l148283_reels&site=3462465&ad=97&r=br/registration
  • https://1xlite-643419.top/de/registration?tag=d_3462465m_97c_SPORT1CLICK__[]general[]_d130802_l148283_reels
  • https://1xlite-643419.top/de/block
560 KB
561 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1xlite-643419.top/de/block
Requested by
Host: 1xplayers.com
URL: https://1xplayers.com/xTXb8878
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.253.29.54 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC),
Reverse DNS
Software
nginx /
Resource Hash
bb05d48fb945fa292e51e1695ddf390e8cb542125e8c707c122a921df7f1b4bb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://1xplayers.com/xTXb8878
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

accept-ranges
none
content-length
573060
content-type
text/html; charset=utf-8
date
Sat, 01 Jun 2024 01:48:18 GMT
server
nginx
server-timing
total;dur=170;desc="Nuxt Server Time" dt_total;dur=267.160
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-facf216cd05f442a5813dd887c925ce7-1f9d4913673ade04-01
x-dt
285
x-frame-options
SAMEORIGIN
x-time-ng
0.265

Redirect headers

date
Sat, 01 Jun 2024 01:48:17 GMT
location
/de/block
server
nginx
server-timing
total;dur=392;desc="Nuxt Server Time" dt_total;dur=673.484 wf-uht;dur=0.682
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-062afdea8ef1f264baaa812e076519c1-0fae3a1c271ebe22-01
x-dt
285
x-frame-options
SAMEORIGIN
x-time-ng
0.673
71aa1761395cb01b36e5c858e858648f.css
v3.traincdn.com/genfiles/site-admin/colors/ 		36 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://v3.traincdn.com/genfiles/site-admin/colors/71aa1761395cb01b36e5c858e858648f.css
Requested by
Host: 1xlite-643419.top
URL: https://1xlite-643419.top/de/block
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
34f8b9fa99d90bd3e5728e52079ebac3499bbed7774a07f00385a57f0605c0a1
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1xlite-643419.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-id
fr5-hw-edge-gc59
date
Sat, 01 Jun 2024 01:48:18 GMT
content-encoding
gzip
x-time-ng
0.001
strict-transport-security
max-age=15724800; includeSubDomains
x-cached-since
2024-06-01T01:23:31+00:00
x-shard
fr5-shard0-default_443
last-modified
Fri, 31 May 2024 11:40:11 GMT
server
nginx
traceparent
00-e75d2b3399169b53a638b823430e0ce8-54e87af933889755-01
x-id-shield
am3-hw-edge-gc89
etag
W/"71aa1761395cb01b36e5c858e858648f"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=3600
cache
EXPIRED, HIT
expires
Fri, 31 May 2024 13:21:41 GMT
f506188b04c16eaa9c664ed23f7ce58e.css
v3.traincdn.com/genfiles/site-admin/css_vars/ 		46 B
269 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://v3.traincdn.com/genfiles/site-admin/css_vars/f506188b04c16eaa9c664ed23f7ce58e.css
Requested by
Host: 1xlite-643419.top
URL: https://1xlite-643419.top/de/block
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
b9bfda0e940104e190b19543b94a10d120643bd1516d3ca2d266a0af6c0966e9
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1xlite-643419.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-id
fr5-hw-edge-canary-gc28
date
Sat, 01 Jun 2024 01:48:18 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-time-ng
0.000
x-cached-since
2024-04-18T12:47:35+00:00, 2024-06-01T01:39:35+00:00
x-shard
fr5-shard0-default_443
content-length
46
last-modified
Fri, 12 Apr 2024 13:46:52 GMT
server
nginx
traceparent
00-12ec43e2152abefabb3cc4b5102cfbfb-c36f38694163c43b-01
x-id-shield
am3-hw-edge-gc88
etag
"f506188b04c16eaa9c664ed23f7ce58e"
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-age=3600,s-maxage=3600
cache
HIT, HIT
accept-ranges
bytes
client.css
v3.traincdn.com/sys-ui/2.2.83/Desktop/Default/ 		2 MB
181 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://v3.traincdn.com/sys-ui/2.2.83/Desktop/Default/client.css
Requested by
Host: 1xlite-643419.top
URL: https://1xlite-643419.top/de/block
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
98f6bcf47f30c144db5872b8b0fee84804084ffa0d3cc500ea0d99c7a25ba9ac
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1xlite-643419.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Thu, 30 May 2024 09:44:14 GMT
x-id
fr5-hw-edge-gc16
date
Sat, 01 Jun 2024 01:48:18 GMT
content-encoding
gzip
x-time-ng
0.015
strict-transport-security
max-age=15724800; includeSubDomains
x-cached-since
2024-05-29T09:44:14+00:00, 2024-05-31T09:44:30+00:00
x-shard
fr5-shard0-default_443
last-modified
Mon, 27 May 2024 08:13:25 GMT
server
nginx
traceparent
00-baad11b3708d3123520377de9225cabe-1890bdb776fec364-01
x-id-shield
am3-hw-edge-gc89
etag
W/"85dc0b9ef588fb4811f6a823c55c1659"
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
cache
HIT, HIT
x-amz-meta-mtime
1716797604.15187051
runtime-871c6e60.js
v3.traincdn.com/_nuxt/desktop/default/ 		46 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v3.traincdn.com/_nuxt/desktop/default/runtime-871c6e60.js
Requested by
Host: 1xlite-643419.top
URL: https://1xlite-643419.top/de/block
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
96532b4139287f18b1fa54d0ae3a019a6783f9e9284c48554e78ca2c401c8a0c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1xlite-643419.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-id
fr5-hw-edge-gc31
date
Sat, 01 Jun 2024 01:48:18 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
x-cached-since
2024-05-31T12:59:06+00:00, 2024-05-31T12:59:12+00:00
x-shard
fr5-shard0-default_443
content-length
14857
last-modified
Fri, 31 May 2024 12:34:50 GMT
server
nginx
traceparent
00-de647cb50b00bbfd030b53a5b898015a-4c4f48b5c0397d62-01
x-id-shield
am3-hw-edge-gc88
etag
"6659c3ea-3a09"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
cache
HIT, HIT
accept-ranges
bytes
expires
Sat, 01 Jun 2024 12:59:06 GMT
app-23cfce91.js
v3.traincdn.com/_nuxt/desktop/default/commons/ 		135 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v3.traincdn.com/_nuxt/desktop/default/commons/app-23cfce91.js
Requested by
Host: 1xlite-643419.top
URL: https://1xlite-643419.top/de/block
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
4bb397524b7d0181372d11841dc343daf3656d72d3e9d2d0bc340badc1cf16b0
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1xlite-643419.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-id
fr5-hw-edge-gc15
date
Sat, 01 Jun 2024 01:48:18 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
x-cached-since
2024-05-31T08:33:34+00:00, 2024-05-31T08:33:50+00:00
x-shard
fr5-shard0-default_443
content-length
46721
last-modified
Fri, 31 May 2024 07:06:49 GMT
server
nginx
traceparent
00-0177648c24f8202abf56ef82fdd0e661-a4529301cdfc44c3-01
x-id-shield
am3-hw-edge-gc88
etag
"66597709-b681"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
cache
HIT, HIT
accept-ranges
bytes
expires
Sat, 01 Jun 2024 08:33:34 GMT
75bcd414.css
v3.traincdn.com/_nuxt/desktop/default/css/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://v3.traincdn.com/_nuxt/desktop/default/css/75bcd414.css
Requested by
Host: 1xlite-643419.top
URL: https://1xlite-643419.top/de/block
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
aa36f7a0cd4e7059cfef75dda25cd20e0bd1fbbe3d10a4ed0697cb937f009273
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1xlite-643419.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-id
fr5-hw-edge-gc52
date
Sat, 01 Jun 2024 01:48:18 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
x-cached-since
2024-05-31T11:28:44+00:00, 2024-05-31T11:28:59+00:00
x-shard
fr5-shard0-default_443
content-length
2277
last-modified
Fri, 31 May 2024 10:30:06 GMT
server
nginx
traceparent
00-c560ebc68ce8fa20ab79a741c8a55ebe-eefac11317856213-01
x-id-shield
am3-hw-edge-gc89
etag
"6659a6ae-8e5"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=86400
cache
HIT, HIT
accept-ranges
bytes
expires
Sat, 01 Jun 2024 11:28:44 GMT
app-0c469d2d.js
v3.traincdn.com/_nuxt/desktop/default/vendors/ 		944 KB
265 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v3.traincdn.com/_nuxt/desktop/default/vendors/app-0c469d2d.js
Requested by
Host: 1xlite-643419.top
URL: https://1xlite-643419.top/de/block
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
da27d56d5dd081566395b6c61fe2b17bd6b9d061c21e4ba86e1725853bc11f1d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1xlite-643419.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-id
fr5-hw-edge-canary-gc36
date
Sat, 01 Jun 2024 01:48:18 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
x-cached-since
2024-05-31T11:13:41+00:00, 2024-05-31T11:14:27+00:00
x-shard
fr5-shard0-default_443
content-length
270710
last-modified
Fri, 31 May 2024 10:30:06 GMT
server
nginx
traceparent
00-b9080f795b515c852a885099cfee0ac1-a1cdcf12ba270afc-01
x-id-shield
am3-hw-edge-gc88
etag
"6659a6ae-42176"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
cache
HIT, HIT
accept-ranges
bytes
expires
Sat, 01 Jun 2024 11:13:41 GMT
c0670ecb.css
v3.traincdn.com/_nuxt/desktop/default/css/ 		145 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://v3.traincdn.com/_nuxt/desktop/default/css/c0670ecb.css
Requested by
Host: 1xlite-643419.top
URL: https://1xlite-643419.top/de/block
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
c5b4870bf3871eaefa8f11fac3633d2cbf93dda23faeb92cf21dc2ed2d46a860
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1xlite-643419.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-id
fr5-hw-edge-gc27
date
Sat, 01 Jun 2024 01:48:18 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
x-cached-since
2024-05-31T09:44:32+00:00
x-shard
fr5-shard0-default_443
content-length
17909
last-modified
Fri, 31 May 2024 07:06:49 GMT
server
nginx
traceparent
00-5aeb90e936361c06e5862a7b20b86c54-522cac1bc403ec93-01
x-id-shield
am3-hw-edge-gc89
etag
"66597709-45f5"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=86400
cache
EXPIRED, HIT
accept-ranges
bytes
expires
Sat, 01 Jun 2024 09:44:32 GMT
app-3d087eb5.js
v3.traincdn.com/_nuxt/desktop/default/ 		907 KB
236 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v3.traincdn.com/_nuxt/desktop/default/app-3d087eb5.js
Requested by
Host: 1xlite-643419.top
URL: https://1xlite-643419.top/de/block
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
8e90a2c1605b888ddf0bca1e72ff42992cf981846bcc93c3cc38ddb12c0a4be2
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1xlite-643419.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-id
fr5-hw-edge-gc59
date
Sat, 01 Jun 2024 01:48:18 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
x-cached-since
2024-05-31T12:59:09+00:00, 2024-05-31T12:59:12+00:00
x-shard
fr5-shard0-default_443
content-length
241271
last-modified
Fri, 31 May 2024 12:34:50 GMT
server
nginx
traceparent
00-59d05483f40188ec39a3c3db7f6b90b5-f54673f5e037f3d8-01
x-id-shield
am3-hw-edge-gc88
etag
"6659c3ea-3ae77"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
cache
HIT, HIT
accept-ranges
bytes
expires
Sat, 01 Jun 2024 12:59:09 GMT
polyfills.js
1xlite-643419.top/ 		0
245 B 		Script
General
Check archive.org
Download Go to
Full URL
https://1xlite-643419.top/polyfills.js
Requested by
Host: 1xlite-643419.top
URL: https://1xlite-643419.top/de/block
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.253.29.54 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1xlite-643419.top/de/block
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 01:48:18 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-time-ng
0.008
server
nginx
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
vary
user-agent
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=2678400, s-maxage=2678400
server-timing
wf-uht;dur=
content-length
0
version.json
v3.traincdn.com/ 		11 B
426 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://v3.traincdn.com/version.json
Requested by
Host: 1xlite-643419.top
URL: https://1xlite-643419.top/de/block
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
fd37373b0c33a7d6cb62ea0f0c369ea48a6d2ec7f412515c52a89f20aa0d2097
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1xlite-643419.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-id
fr5-hw-edge-gc17
date
Sat, 01 Jun 2024 01:48:18 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
x-cached-since
2024-05-31T12:56:58+00:00, 2024-06-01T01:47:51+00:00
x-shard
fr5-shard0-default_443
content-length
44
last-modified
Fri, 31 May 2024 12:38:25 GMT
server
nginx
traceparent
00-d18ebacbb2528e8f3133eb9c47c94518-3510b934e17dad98-01
x-id-shield
am3-hw-edge-gc88
etag
"6659c4c1-2c"
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60, max-age=60, s-maxage=60
cache
HIT, HIT
accept-ranges
bytes
expires
Fri, 31 May 2024 12:57:57 GMT
check-ob.js
v3.traincdn.com/_nuxt/ 		211 B
381 B 		Script
General
Check archive.org
Download Go to
Full URL
https://v3.traincdn.com/_nuxt/check-ob.js
Requested by
Host: 1xlite-643419.top
URL: https://1xlite-643419.top/de/block
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
2958134c3c00f7c6320858dd66e454c2856e4842821d3523c4cc5e44e1ec8616
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1xlite-643419.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-id
fr5-hw-edge-canary-gc28
date
Sat, 01 Jun 2024 01:48:18 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
x-cached-since
2024-05-30T13:08:26+00:00, 2024-05-31T07:33:03+00:00
x-shard
fr5-shard0-default_443
content-length
187
last-modified
Thu, 30 May 2024 10:47:20 GMT
server
nginx
traceparent
00-702c126acaa404e5be628e0c17065ac2-fe64d4c943870eea-01
x-id-shield
am3-hw-edge-gc88
etag
"66585938-bb"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
cache
HIT, HIT
accept-ranges
bytes
expires
Fri, 31 May 2024 13:08:26 GMT
truncated
/ 		32 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b90ff694e492935b6036fb7e878d365dab51aafa46f0afb1e33414e7ecc3307b

Request headers

Referer
Origin
https://1xlite-643419.top
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
text/javascript
plugins.v-tooltip-d060a7b0.js
v3.traincdn.com/_nuxt/desktop/default/vendors/ 		75 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.v-tooltip-d060a7b0.js
Requested by
Host: v3.traincdn.com
URL: https://v3.traincdn.com/_nuxt/desktop/default/runtime-871c6e60.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
4071fb527f9e72caeb3ca091efbdbfaa37e1d23b628abc3e77fc5fec43e0d3ee
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1xlite-643419.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-id
fr5-hw-edge-gc51
date
Sat, 01 Jun 2024 01:48:18 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
x-cached-since
2024-05-31T08:33:52+00:00, 2024-05-31T08:33:52+00:00
x-shard
fr5-shard0-default_443
content-length
21879
last-modified
Fri, 31 May 2024 07:06:49 GMT
server
nginx
traceparent
00-f12d07170d1b3db9aae1a8f8e32be3cc-9d52b5dba676ba9d-01
x-id-shield
am3-hw-edge-gc89
etag
"66597709-5577"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
cache
HIT, HIT
accept-ranges
bytes
expires
Sat, 01 Jun 2024 08:33:52 GMT
plugins.vue-notification-4cfc4521.js
v3.traincdn.com/_nuxt/desktop/default/vendors/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.vue-notification-4cfc4521.js
Requested by
Host: v3.traincdn.com
URL: https://v3.traincdn.com/_nuxt/desktop/default/runtime-871c6e60.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
e87741d86bdebfb99370ae9e2829a4efdfd6a739e3a938b4fe76337ddea3fc74
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1xlite-643419.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-id
fr5-hw-edge-gc30
date
Sat, 01 Jun 2024 01:48:18 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
x-cached-since
2024-05-31T08:33:52+00:00, 2024-05-31T08:33:52+00:00
x-shard
fr5-shard0-default_443
content-length
4555
last-modified
Fri, 31 May 2024 07:06:49 GMT
server
nginx
traceparent
00-a01db092a8aded45220e6876d4837230-d6a00d4672c44942-01
x-id-shield
am3-hw-edge-gc89
etag
"66597709-11cb"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
cache
HIT, HIT
accept-ranges
bytes
expires
Sat, 01 Jun 2024 08:33:52 GMT
7fe5f71b.css
v3.traincdn.com/_nuxt/desktop/default/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://v3.traincdn.com/_nuxt/desktop/default/css/7fe5f71b.css
Requested by
Host: v3.traincdn.com
URL: https://v3.traincdn.com/_nuxt/desktop/default/runtime-871c6e60.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
fad7111846310042401990719146401178f22e2618abf2b058e641b6495e8eba
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1xlite-643419.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-id
fr5-hw-edge-gc27
date
Sat, 01 Jun 2024 01:48:18 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
x-cached-since
2024-05-31T09:40:03+00:00, 2024-05-31T09:40:38+00:00
x-shard
fr5-shard0-default_443
content-length
945
last-modified
Fri, 31 May 2024 07:06:49 GMT
server
nginx
traceparent
00-4bd2b869e622a664b763f4ccf4f6b2d4-ffb2905b939d9ba5-01
x-id-shield
am3-hw-edge-gc89
etag
"66597709-3b1"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=86400
cache
HIT, HIT
accept-ranges
bytes
expires
Sat, 01 Jun 2024 09:40:03 GMT
plugins.vue-js-modal-79c08476.js
v3.traincdn.com/_nuxt/desktop/default/vendors/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.vue-js-modal-79c08476.js
Requested by
Host: v3.traincdn.com
URL: https://v3.traincdn.com/_nuxt/desktop/default/runtime-871c6e60.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
14be5b81e6b16bfd64d6f128e5e21d1a176e9a9c455eb2b8f1224111d5a839cc
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1xlite-643419.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-id
fr5-hw-edge-gc15
date
Sat, 01 Jun 2024 01:48:18 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
x-cached-since
2024-05-31T08:33:52+00:00, 2024-05-31T08:33:52+00:00
x-shard
fr5-shard0-default_443
content-length
8055
last-modified
Fri, 31 May 2024 07:06:49 GMT
server
nginx
traceparent
00-fcf8e18e6e0c5981d73fa9413f65f048-a8430be9bd09be97-01
x-id-shield
am3-hw-edge-gc88
etag
"66597709-1f77"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
cache
HIT, HIT
accept-ranges
bytes
expires
Sat, 01 Jun 2024 08:33:52 GMT
date-fns-locale-16-aa899f55.js
v3.traincdn.com/_nuxt/desktop/default/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v3.traincdn.com/_nuxt/desktop/default/date-fns-locale-16-aa899f55.js
Requested by
Host: v3.traincdn.com
URL: https://v3.traincdn.com/_nuxt/desktop/default/runtime-871c6e60.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6e22f3a2e5aa1545c64c2143660a9e9ffd3ad772a446cbeb2939d6501200a08c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1xlite-643419.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-id
fr5-hw-edge-gc52
date
Sat, 01 Jun 2024 01:48:18 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
x-cached-since
2024-05-31T08:54:21+00:00, 2024-05-31T08:56:04+00:00
x-shard
fr5-shard0-default_443
content-length
2236
last-modified
Fri, 31 May 2024 07:06:49 GMT
server
nginx
traceparent
00-54f7e1e0b2aca996b6d3a508a4c6574a-2861c66f1deba4aa-01
x-id-shield
am3-hw-edge-gc88
etag
"66597709-8bc"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
cache
HIT, HIT
accept-ranges
bytes
expires
Sat, 01 Jun 2024 08:54:21 GMT
a8ef9af2e85df2548555981dd8f71111.json
1xlite-643419.top/genfiles/cms/1-285/desktop/media_asset/ 		2 KB
781 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://1xlite-643419.top/genfiles/cms/1-285/desktop/media_asset/a8ef9af2e85df2548555981dd8f71111.json
Requested by
Host: v3.traincdn.com
URL: https://v3.traincdn.com/_nuxt/desktop/default/vendors/app-0c469d2d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.253.29.54 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC),
Reverse DNS
Software
nginx /
Resource Hash
b50904054641c30b6b4ee7ed4290b52022825f2e9e9e3a4a060b8ecddf28c898
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type
application/json
accept
application/json, text/plain, */*
Referer
https://1xlite-643419.top/de/block
x-requested-with
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 01:48:18 GMT
content-encoding
br
x-time-ng
0.000
last-modified
Fri, 17 May 2024 08:28:28 GMT
server
nginx
strict-transport-security
max-age=63072000; includeSubDomains; preload
etag
W/"eec4805fe0f6e17d5ade92a382f5b068"
vary
Accept-Encoding
content-type
application/json
cache-control
max-age=3600
server-timing
wf-uht;dur=
expires
Sat, 01 Jun 2024 02:43:10 GMT
1da51baa342984a84ca1ac8dd900998b.png
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/ 		653 B
895 B 		Other
General
Check archive.org
Download Go to
Full URL
https://v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/1da51baa342984a84ca1ac8dd900998b.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
c0399d478788d5d483f104a2e8cb7c32f41cb40e9df0c22e831b2bfa2db63ec0
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1xlite-643419.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-id
fr5-hw-edge-gc57
date
Sat, 01 Jun 2024 01:48:18 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-time-ng
0.000
x-cached-since
2023-12-20T21:16:44+00:00, 2024-06-01T01:11:09+00:00
x-shard
fr5-shard0-default_443
content-length
653
last-modified
Tue, 25 Apr 2023 13:43:56 GMT
server
nginx
traceparent
00-6f126aaed29122b6c76fc0d9a88bfd10-897e2a57e68ad973-01
x-id-shield
am3-hw-edge-gc89
etag
"e6f0766cbd95db33da44e7a9140648f2"
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=3600,s-maxage=3600
cache
HIT, HIT
accept-ranges
bytes
1da51baa342984a84ca1ac8dd900998b.png
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/ 		653 B
0 		Other
General
Check archive.org
Download Go to
Full URL
https://v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/1da51baa342984a84ca1ac8dd900998b.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
c0399d478788d5d483f104a2e8cb7c32f41cb40e9df0c22e831b2bfa2db63ec0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1xlite-643419.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-id
fr5-hw-edge-gc57
date
Sat, 01 Jun 2024 01:48:18 GMT
x-time-ng
0.000
x-cached-since
2023-12-20T21:16:44+00:00, 2024-06-01T01:11:09+00:00
x-shard
fr5-shard0-default_443
content-length
653
last-modified
Tue, 25 Apr 2023 13:43:56 GMT
server
nginx
traceparent
00-6f126aaed29122b6c76fc0d9a88bfd10-897e2a57e68ad973-01
x-id-shield
am3-hw-edge-gc89
etag
"e6f0766cbd95db33da44e7a9140648f2"
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=3600,s-maxage=3600
cache
HIT, HIT
accept-ranges
bytes
1da51baa342984a84ca1ac8dd900998b.png
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/ 		653 B
0 		Other
General
Check archive.org
Download Go to
Full URL
https://v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/1da51baa342984a84ca1ac8dd900998b.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
c0399d478788d5d483f104a2e8cb7c32f41cb40e9df0c22e831b2bfa2db63ec0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1xlite-643419.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-id
fr5-hw-edge-gc57
date
Sat, 01 Jun 2024 01:48:18 GMT
x-time-ng
0.000
x-cached-since
2023-12-20T21:16:44+00:00, 2024-06-01T01:11:09+00:00
x-shard
fr5-shard0-default_443
content-length
653
last-modified
Tue, 25 Apr 2023 13:43:56 GMT
server
nginx
traceparent
00-6f126aaed29122b6c76fc0d9a88bfd10-897e2a57e68ad973-01
x-id-shield
am3-hw-edge-gc89
etag
"e6f0766cbd95db33da44e7a9140648f2"
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=3600,s-maxage=3600
cache
HIT, HIT
accept-ranges
bytes
1da51baa342984a84ca1ac8dd900998b.png
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/ 		653 B
0 		Other
General
Check archive.org
Download Go to
Full URL
https://v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/1da51baa342984a84ca1ac8dd900998b.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
c0399d478788d5d483f104a2e8cb7c32f41cb40e9df0c22e831b2bfa2db63ec0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1xlite-643419.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-id
fr5-hw-edge-gc57
date
Sat, 01 Jun 2024 01:48:18 GMT
x-time-ng
0.000
x-cached-since
2023-12-20T21:16:44+00:00, 2024-06-01T01:11:09+00:00
x-shard
fr5-shard0-default_443
content-length
653
last-modified
Tue, 25 Apr 2023 13:43:56 GMT
server
nginx
traceparent
00-6f126aaed29122b6c76fc0d9a88bfd10-897e2a57e68ad973-01
x-id-shield
am3-hw-edge-gc89
etag
"e6f0766cbd95db33da44e7a9140648f2"
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=3600,s-maxage=3600
cache
HIT, HIT
accept-ranges
bytes
analytics-counters
1xlite-643419.top/seo-module-api/api/public/v1/ 		105 B
490 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://1xlite-643419.top/seo-module-api/api/public/v1/analytics-counters?url=https:%2F%2F1xlite-643419.top&projectId=285
Requested by
Host: v3.traincdn.com
URL: https://v3.traincdn.com/_nuxt/desktop/default/vendors/app-0c469d2d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.253.29.54 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC),
Reverse DNS
Software
nginx /
Resource Hash
ede01772dfd8da2cc82f245e454ce360b2ceb13b7d1c330bbc1d68fe41255c19
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type
application/json
accept
application/json, text/plain, */*
Referer
https://1xlite-643419.top/de/block
x-requested-with
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 01:48:18 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-digest
en6d0e5d6e0146a49c358c0eaad1d2ef38
x-time-ng
0.001
server
nginx
age
267
content-type
application/json
x-request-guid
e87ac81d38b19611ad9e1dd4aa17ece6
cache-control
max-age=1200, must-revalidate, public, s-maxage=1800, stale-if-error=86400, stale-while-revalidate=300
server-timing
p;dur=1.0302066802979, wf-uht;dur=
content-length
105
x-request-id
e87ac81d38b19611ad9e1dd4aa17ece6
version.json
1xlite-643419.top/ 		11 B
391 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://1xlite-643419.top/version.json?timestamp=1717206498950
Requested by
Host: v3.traincdn.com
URL: https://v3.traincdn.com/_nuxt/desktop/default/vendors/app-0c469d2d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.253.29.54 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC),
Reverse DNS
Software
nginx /
Resource Hash
fd37373b0c33a7d6cb62ea0f0c369ea48a6d2ec7f412515c52a89f20aa0d2097
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type
application/json
accept
application/json, text/plain, */*
Referer
https://1xlite-643419.top/de/block
x-requested-with
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 01:48:18 GMT
content-encoding
gzip
strict-transport-security
max-age=63072000; includeSubDomains; preload
last-modified
Fri, 31 May 2024 12:38:25 GMT
server
nginx
etag
"6659c4c1-2c"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60, max-age=60, s-maxage=60
server-timing
wf-uht;dur=0.007
accept-ranges
bytes
content-length
44
expires
Sat, 01 Jun 2024 01:49:18 GMT
DC-34cd15ed.js
v3.traincdn.com/_nuxt/desktop/default/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v3.traincdn.com/_nuxt/desktop/default/DC-34cd15ed.js
Requested by
Host: v3.traincdn.com
URL: https://v3.traincdn.com/_nuxt/desktop/default/runtime-871c6e60.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
e604092a140dc600c80b43c7e5ecf22390d972c88c9de6a181e49f6577f10132
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1xlite-643419.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-id
fr5-hw-edge-gc59
date
Sat, 01 Jun 2024 01:48:18 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
x-cached-since
2024-05-31T08:33:50+00:00
x-shard
fr5-shard0-default_443
content-length
999
last-modified
Fri, 31 May 2024 07:06:49 GMT
server
nginx
traceparent
00-ad43823772d68c76339855155339769d-5be8fe430604fe7a-01
x-id-shield
am3-hw-edge-gc89
etag
"66597709-3e7"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
cache
EXPIRED, HIT
accept-ranges
bytes
expires
Sat, 01 Jun 2024 08:33:50 GMT
Betting.Core-add53fa5.js
v3.traincdn.com/_nuxt/desktop/default/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v3.traincdn.com/_nuxt/desktop/default/Betting.Core-add53fa5.js
Requested by
Host: v3.traincdn.com
URL: https://v3.traincdn.com/_nuxt/desktop/default/runtime-871c6e60.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
d3001154e0987c7a97fe731d99a3462fa898f03c2009d46fde5f2ac8be272851
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1xlite-643419.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-id
fr5-hw-edge-gc12
date
Sat, 01 Jun 2024 01:48:18 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
x-cached-since
2024-05-31T12:59:11+00:00, 2024-05-31T12:59:14+00:00
x-shard
fr5-shard0-default_443
content-length
1685
last-modified
Fri, 31 May 2024 12:34:50 GMT
server
nginx
traceparent
00-6df2c86a46ec4828267708c3940daa03-eb2bdfafc475735e-01
x-id-shield
am3-hw-edge-gc89
etag
"6659c3ea-695"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
cache
HIT, HIT
accept-ranges
bytes
expires
Sat, 01 Jun 2024 12:59:11 GMT
88a1ee46.css
v3.traincdn.com/_nuxt/desktop/default/css/ 		556 B
473 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://v3.traincdn.com/_nuxt/desktop/default/css/88a1ee46.css
Requested by
Host: v3.traincdn.com
URL: https://v3.traincdn.com/_nuxt/desktop/default/runtime-871c6e60.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
c1657c0b9dd42992cf50af6a3aae1d7e2695b6a3fae70aafaf2f04980e0cb56a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1xlite-643419.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-id
fr5-hw-edge-gc26
date
Sat, 01 Jun 2024 01:48:18 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
x-cached-since
2024-05-31T14:10:48+00:00
x-shard
fr5-shard0-default_443
content-length
270
last-modified
Fri, 31 May 2024 12:34:50 GMT
server
nginx
traceparent
00-bcf344bbc6b5cc8e8897037f2de417a7-1343851a4a3416d0-01
x-id-shield
am3-hw-edge-gc88
etag
"6659c3ea-10e"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=86400
cache
EXPIRED, HIT
accept-ranges
bytes
expires
Sat, 01 Jun 2024 14:10:48 GMT
Page.Block-e9bc74aa.js
v3.traincdn.com/_nuxt/desktop/default/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v3.traincdn.com/_nuxt/desktop/default/Page.Block-e9bc74aa.js
Requested by
Host: v3.traincdn.com
URL: https://v3.traincdn.com/_nuxt/desktop/default/runtime-871c6e60.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
c85f8b7df34943ec75b216a877723a573e966f0bc4dccd0b748d2321ccb8642f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1xlite-643419.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-id
fr5-hw-edge-gc58
date
Sat, 01 Jun 2024 01:48:18 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
x-cached-since
2024-05-31T08:34:46+00:00, 2024-05-31T08:35:59+00:00
x-shard
fr5-shard0-default_443
content-length
4085
last-modified
Fri, 31 May 2024 07:06:49 GMT
server
nginx
traceparent
00-e622a410b04ab244e2c70725cf8a781e-0313f4980b2351ab-01
x-id-shield
am3-hw-edge-gc88
etag
"66597709-ff5"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
cache
HIT, HIT
accept-ranges
bytes
expires
Sat, 01 Jun 2024 08:34:46 GMT
event.json
1xlite-643419.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/ 		23 B
180 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://1xlite-643419.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json
Requested by
Host: v3.traincdn.com
URL: https://v3.traincdn.com/_nuxt/desktop/default/vendors/app-0c469d2d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.253.29.54 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC),
Reverse DNS
Software
nginx /
Resource Hash
b22ae99040f05c4cd7295200a70da2a309d4f55fd5a9d728ea87d6e9cc7a09db
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://1xlite-643419.top/de/block
X-Lang
de
X-Uuid
f4410503-eafd-470e-9f95-eea55f066cf5
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 01:48:18 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-time-ng
0.001
server
nginx
server-timing
wf-uht;dur=0.008
content-length
23
content-type
application/json
/
1xlite-643419.top/checker/redirect/stat/run/ 		14 B
171 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://1xlite-643419.top/checker/redirect/stat/run/
Requested by
Host: v3.traincdn.com
URL: https://v3.traincdn.com/_nuxt/desktop/default/vendors/app-0c469d2d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.253.29.54 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC),
Reverse DNS
Software
nginx /
Resource Hash
9682f312f23e078bb135f23ea5a178b178e75c02d33672f20044d18c6d258928
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type
application/json
accept
application/json, text/plain, */*
Referer
https://1xlite-643419.top/de/block
x-requested-with
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 01:48:19 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-time-ng
0.001
server
nginx
server-timing
wf-uht;dur=0.009
content-length
14
content-type
application/json
event.json
1xlite-643419.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/ 		23 B
180 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://1xlite-643419.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json
Requested by
Host: v3.traincdn.com
URL: https://v3.traincdn.com/_nuxt/desktop/default/vendors/app-0c469d2d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.253.29.54 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC),
Reverse DNS
Software
nginx /
Resource Hash
75677740a6f527f65d037ca6118e9d6b59c9bb378324f42378722c5777083c17
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://1xlite-643419.top/de/block
X-Lang
de
X-Uuid
f4410503-eafd-470e-9f95-eea55f066cf5
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 01:48:19 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-time-ng
0.000
server
nginx
server-timing
wf-uht;dur=0.008
content-length
23
content-type
application/json
common.svg
v3.traincdn.com/sys-icons/1.0.359/285/ 		146 KB
60 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v3.traincdn.com/sys-icons/1.0.359/285/common.svg
Requested by
Host: v3.traincdn.com
URL: https://v3.traincdn.com/_nuxt/desktop/default/vendors/app-0c469d2d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6f6fbc25f048ae8ab8a120abadcd9a5b3b4c06fa7208eb5ab63d84c4df745ed4
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1xlite-643419.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Sat, 18 May 2024 07:15:05 GMT
x-id
fr5-hw-edge-gc22
date
Sat, 01 Jun 2024 01:48:19 GMT
content-encoding
gzip
x-time-ng
0.003
strict-transport-security
max-age=15724800; includeSubDomains
x-cached-since
2024-05-17T07:15:05+00:00, 2024-05-31T07:34:10+00:00
x-shard
fr5-shard0-default_443
last-modified
Thu, 16 May 2024 06:20:31 GMT
server
nginx
traceparent
00-60f8c813c5ca88f728e1a403fac8a4eb-af34adc918c2c4cb-01
x-id-shield
am3-hw-edge-gc88
etag
W/"58a5364e52595356863da4c8e40e2ff6"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=86400
cache
HIT, HIT
x-amz-meta-mtime
1715840427.315040367

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| cdn object| serverData object| __NUXT__ object| webpackJsonp function| setImmediate function| clearImmediate object| __unctx__ object| __unctx_async_handlers__ object| onNuxtReadyCbs function| onNuxtReady object| __SCI object| dictionary object| modulesBridge object| onLoadPromise object| $nuxt

13 Cookies

Domain/Path Name / Value
.bit.ly/ Name: _bit
Value: o511Mg-8e4166cabcc9dec263-00k
1xplayers.com/ Name: _subid
Value: 1s283l21k1qa4
1xplayers.com/ Name: 4e71c
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE5MTk3N1wiOjE3MTcyMDY0OTZ9LFwiY2FtcGFpZ25zXCI6e1wiMTEzNDIwXCI6MTcxNzIwNjQ5Nn0sXCJ0aW1lXCI6MTcxNzIwNjQ5Nn0ifQ.d02gXKSDYEJSWDBfZhP5_EL8AAjYZ1jMxIAGgwfinfg
1xlite-643419.top/ Name: lng
Value: de
1xlite-643419.top/ Name: cookies_agree_type
Value: 3
1xlite-643419.top/ Name: tzo
Value: 2
1xlite-643419.top/ Name: is12h
Value: 0
1xlite-643419.top/ Name: referral_values
Value: %7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_3462465m_97c_SPORT1CLICK__%5B%5Dgeneral%5B%5D_d130802_l148283_reels%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D
1xlite-643419.top/ Name: reflinkid
Value: d_3462465m_97c_SPORT1CLICK__%5B%5Dgeneral%5B%5D_d130802_l148283_reels
1xlite-643419.top/ Name: platform_type
Value: desktop
1xlite-643419.top/ Name: auid
Value: sv0dNmZafeG3PzuvAxYeAg==
1xlite-643419.top/ Name: window_width
Value: 1600
1xlite-643419.top/ Name: che_g
Value: ecaccd24-dd2d-8f32-5254-dae95e0c34bb

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1xlite-643419.top
1xplayers.com
bit.ly
refpahroql.top
v3.traincdn.com
172.67.190.192
178.253.29.54
2a03:90c0:41:2801::62
45.135.120.30
67.199.248.11
14be5b81e6b16bfd64d6f128e5e21d1a176e9a9c455eb2b8f1224111d5a839cc
2958134c3c00f7c6320858dd66e454c2856e4842821d3523c4cc5e44e1ec8616
34f8b9fa99d90bd3e5728e52079ebac3499bbed7774a07f00385a57f0605c0a1
4071fb527f9e72caeb3ca091efbdbfaa37e1d23b628abc3e77fc5fec43e0d3ee
4bb397524b7d0181372d11841dc343daf3656d72d3e9d2d0bc340badc1cf16b0
6e22f3a2e5aa1545c64c2143660a9e9ffd3ad772a446cbeb2939d6501200a08c
6f6fbc25f048ae8ab8a120abadcd9a5b3b4c06fa7208eb5ab63d84c4df745ed4
75677740a6f527f65d037ca6118e9d6b59c9bb378324f42378722c5777083c17
8e90a2c1605b888ddf0bca1e72ff42992cf981846bcc93c3cc38ddb12c0a4be2
96532b4139287f18b1fa54d0ae3a019a6783f9e9284c48554e78ca2c401c8a0c
9682f312f23e078bb135f23ea5a178b178e75c02d33672f20044d18c6d258928
98f6bcf47f30c144db5872b8b0fee84804084ffa0d3cc500ea0d99c7a25ba9ac
aa36f7a0cd4e7059cfef75dda25cd20e0bd1fbbe3d10a4ed0697cb937f009273
b22ae99040f05c4cd7295200a70da2a309d4f55fd5a9d728ea87d6e9cc7a09db
b50904054641c30b6b4ee7ed4290b52022825f2e9e9e3a4a060b8ecddf28c898
b90ff694e492935b6036fb7e878d365dab51aafa46f0afb1e33414e7ecc3307b
b9bfda0e940104e190b19543b94a10d120643bd1516d3ca2d266a0af6c0966e9
bb05d48fb945fa292e51e1695ddf390e8cb542125e8c707c122a921df7f1b4bb
c0399d478788d5d483f104a2e8cb7c32f41cb40e9df0c22e831b2bfa2db63ec0
c1657c0b9dd42992cf50af6a3aae1d7e2695b6a3fae70aafaf2f04980e0cb56a
c5b4870bf3871eaefa8f11fac3633d2cbf93dda23faeb92cf21dc2ed2d46a860
c85f8b7df34943ec75b216a877723a573e966f0bc4dccd0b748d2321ccb8642f
d3001154e0987c7a97fe731d99a3462fa898f03c2009d46fde5f2ac8be272851
da27d56d5dd081566395b6c61fe2b17bd6b9d061c21e4ba86e1725853bc11f1d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e604092a140dc600c80b43c7e5ecf22390d972c88c9de6a181e49f6577f10132
e87741d86bdebfb99370ae9e2829a4efdfd6a739e3a938b4fe76337ddea3fc74
ede01772dfd8da2cc82f245e454ce360b2ceb13b7d1c330bbc1d68fe41255c19
fad7111846310042401990719146401178f22e2618abf2b058e641b6495e8eba
fd37373b0c33a7d6cb62ea0f0c369ea48a6d2ec7f412515c52a89f20aa0d2097