1xlite-394299.top Open in urlscan Pro
178.253.29.54 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://1xbetuz.biz/
Effective URL:
https://1xlite-394299.top/en/registration?tag=s_187535m_355c_
Submission: On April 04 via api (April 4th 2024, 1:41:20 pm UTC) from US — Scanned from US

Summary HTTP 68 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 12 domains to perform 68 HTTP transactions. The main IP is 178.253.29.54, located in Iran, Islamic Republic Of and belongs to SGHL1-AS, SC. The main domain is 1xlite-394299.top. The Cisco Umbrella rank of the primary domain is 205610.
TLS certificate: Issued by R3 on March 11th 2024. Valid for: 3 months.

This is the only time 1xlite-394299.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	172.67.200.76 172.67.200.76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:303... 2606:4700:3032::6815:4e98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a02:6b8::1:119 2a02:6b8::1:119	208398 (TELETECH) (TELETECH)
1 1	178.253.46.82 178.253.46.82	202492 (SGHL1-AS) (SGHL1-AS)
18	178.253.29.54 178.253.29.54	202492 (SGHL1-AS) (SGHL1-AS)
32	2a03:90c0:999... 2a03:90c0:9996::9996	199524 (GCORE) (GCORE)
4	2607:f8b0:400... 2607:f8b0:4004:c08::61	15169 (GOOGLE) (GOOGLE)
1 2	45.54.49.5 45.54.49.5	63911 (NETACTUAT...) (NETACTUATE-AS-AP NetActuate)
1	104.225.10.227 104.225.10.227	() ()
1	2001:4860:480... 2001:4860:4802:36::181	() ()
1	2607:f8b0:400... 2607:f8b0:4004:c19::9a	() ()
68	10

1 172.67.200.76 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

1xbetuz.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3032::6815:4e98 (United States)

ASN13335 (CLOUDFLARENET, US)

1xbetuz.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6b8::1:119 (Russian Federation)

ASN208398 (TELETECH, RS)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.253.46.82 (Iran, Islamic Republic Of) 1 redirects

ASN202492 (SGHL1-AS, SC)

refpa4293501.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 178.253.29.54 (Iran, Islamic Republic Of)

ASN202492 (SGHL1-AS, SC)

1xlite-394299.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a03:90c0:9996::9996 (United States)

ASN199524 (GCORE, LU)

v3.traincdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c08::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.54.49.5 (United States) 1 redirects

ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US)
PTR: 5.49.54.45.ptr.anycast.net

radar.cedexis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.225.10.227 (None, )

ASN- ()

i2-ozjvshrpgavzjevxnueekhnswwyhgv.init.cedexis-radar.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:36::181 (None, )

ASN- ()

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c19::9a (None, )

ASN- ()

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	traincdn.com v3.traincdn.com — Cisco Umbrella Rank: 84494	931 KB
18	1xlite-394299.top 1xlite-394299.top — Cisco Umbrella Rank: 205610	159 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 43	348 KB
3	1xbetuz.cc 1xbetuz.cc	8 KB
2	cedexis.com 1 redirects radar.cedexis.com — Cisco Umbrella Rank: 2996	19 KB
2	yandex.ru mc.yandex.ru — Cisco Umbrella Rank: 4290	146 KB
1	doubleclick.net stats.g.doubleclick.net 14030178.fls.doubleclick.net Failed	255 B
1	google.com analytics.google.com	246 B
1	cedexis-radar.net i2-ozjvshrpgavzjevxnueekhnswwyhgv.init.cedexis-radar.net	826 B
1	yandex.com mc.yandex.com — Cisco Umbrella Rank: 9289	572 B
1	refpa4293501.top 1 redirects refpa4293501.top — Cisco Umbrella Rank: 561274	215 B
1	1xbetuz.biz 1 redirects 1xbetuz.biz	443 B
68	12

	Domain	Requested by
32	v3.traincdn.com	1xlite-394299.top v3.traincdn.com
18	1xlite-394299.top	1xbetuz.cc 1xlite-394299.top v3.traincdn.com
4	www.googletagmanager.com	v3.traincdn.com www.googletagmanager.com
3	1xbetuz.cc	1xbetuz.cc
2	radar.cedexis.com	1 redirects
2	mc.yandex.ru	1xbetuz.cc v3.traincdn.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	i2-ozjvshrpgavzjevxnueekhnswwyhgv.init.cedexis-radar.net	radar.cedexis.com
1	mc.yandex.com
1	refpa4293501.top	1 redirects
1	1xbetuz.biz	1 redirects
0	14030178.fls.doubleclick.net Failed	www.googletagmanager.com
68	13

This site contains no links.

Subject Issuer	Validity	Valid
1xbetuz.cc GTS CA 1P5	`2024-04-04` - `2024-07-03`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-12-26` - `2024-06-05`	5 months	crt.sh
1xlite-394299.top R3	`2024-03-11` - `2024-06-09`	3 months	crt.sh
*.traincdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-11-02` - `2024-12-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.init.cedexis-radar.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-21` - `2025-02-20`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://1xlite-394299.top/en/registration?tag=s_187535m_355c_
Frame ID: F89246493637BC44F736A749C8A49A95
Requests: 68 HTTP requests in this frame

Frame: https://14030178.fls.doubleclick.net/activityi;dc_pre=CN6hsvTXqIUDFdUMdgYdVeIInw;src=14030178;type=xbet;cat=uniqu0;ord=1;num=6232258745815;npa=0;auiddc=1536894333.1712238080;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe4410z89180563600za201;gcd=13l3l3l3l1;dma=0;epver=2;~oref=https%3A%2F%2F1xlite-394299.top%2Fen%2Fblock
Frame ID: 2421B0998CB03D313F34365564F177C8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

1xBet registration ᐉ Sign up 1xBet ᐉ 1xlite-394299.top

Page URL History Show full URLs

https://1xbetuz.biz/ HTTP 301
https://1xbetuz.cc/ Page URL
https://refpa4293501.top/L?tag=s_187535m_355c_&site=187535&ad=355&r=registration HTTP 303
https://1xlite-394299.top/en/registration?tag=s_187535m_355c_ Page URL

Detected technologies

Nuxt.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/_nuxt/

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

68
Requests

93 %
HTTPS

55 %
IPv6

12
Domains

13
Subdomains

10
IPs

3
Countries

1613 kB
Transfer

6398 kB
Size

23
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://1xbetuz.biz/ HTTP 301
https://1xbetuz.cc/ Page URL
https://refpa4293501.top/L?tag=s_187535m_355c_&site=187535&ad=355&r=registration HTTP 303
https://1xlite-394299.top/en/registration?tag=s_187535m_355c_ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://1xbetuz.biz/ HTTP 301
https://1xbetuz.cc/

Request Chain 4

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10329.YC5_U5WDyYJfH52YFCoeq-sm3Yci5jDzbwhUKIXd2FpD2I0TkK39Hh2ghr0abJHp.7scdgBFmxfQ1sMQprn-btLR51T4%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10329.ARz-KXADdX6kzKvjIIHudbLo-a2nAMLjyxHfLCskNWCUIugka0c6GKLQoR-RhTs__Z4wT5Q5B4cTNWmA3FyQ_g-aTfXHU9ojiShsQVcesd0oV8dv49z3tjh12AK8TEKL7O-bgnicA87f1zGxw_CcDIaAb69dB6jb2aOIMe-CI9hNAO6v6zdwHAVhvkBPR6M10MA_9B5gcUeNqswKm07pTKvMSxq84ZIOa0MG0sGCM8o%2C.JJkuGxu93p0ewMnqUUMhdA3iyIU%2C HTTP 302
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10329.fqAE0EKwIDLH-krx_RuOwsdkvbXmHdac3ycRQU8Hm6Uu0CE37DKu8FQ35ZsG2W9ccPJPwFh5n9eRl_V-gnN_H0taib8LzwgS6tp8L2_hAXBd2Pf5jOyJVYK83E8rAdq2mki2Lsd4izjCTUI3hW14p2nxQS9njl1u0nqWGx0Rsh4Hmn9AqxGG6QaRrOsh-B5In7FRTy1g06GLL8XYr088Pg%2C%2C.VsOQZXflbPzyYMMej1xs32leACo%2C

Request Chain 58

https://radar.cedexis.com/1/23802/radar.js HTTP 302
https://radar.cedexis.com/1707728419/radar.js

Request Chain 65

https://14030178.fls.doubleclick.net/activityi;src=14030178;type=xbet;cat=uniqu0;ord=1;num=6232258745815;npa=0;auiddc=1536894333.1712238080;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe4410z89180563600za201;gcd=13l3l3l3l1;dma=0;epver=2;~oref=https%3A%2F%2F1xlite-394299.top%2Fen%2Fblock HTTP 302
https://14030178.fls.doubleclick.net/activityi;dc_pre=CN6hsvTXqIUDFdUMdgYdVeIInw;src=14030178;type=xbet;cat=uniqu0;ord=1;num=6232258745815;npa=0;auiddc=1536894333.1712238080;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe4410z89180563600za201;gcd=13l3l3l3l1;dma=0;epver=2;~oref=https%3A%2F%2F1xlite-394299.top%2Fen%2Fblock

68 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
1xbetuz.cc/
Redirect Chain

https://1xbetuz.biz/
https://1xbetuz.cc/

4 KB
2 KB

662ms
436ms

Document
text/html

2606:4700:3032::6815:4e98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1xbetuz.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4e98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fecea87e6a77abfd5d8d5f93e3363840f6b91b69b12d602b4b6d48477a62555a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 86f1b7010c6d67db-MIA
content-encoding: br
content-type: text/html
date: Thu, 04 Apr 2024 13:41:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1m9tEoKGQLlZat5Rgr709ygAhTm7wx68KKum0uyoam5Q21huX5Dh4g70yWwQvv1aZbf%2FZ478SDd2qC1l3a57F6EEsQGLJBGgKd0YbKcmR7AFIrQFq%2F6Wafop3vAFLVMhtMmZLoegNp8f"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 86f1b6fcfb1bb3bf-MIA
content-type: text/html
date: Thu, 04 Apr 2024 13:41:14 GMT
location: https://1xbetuz.cc
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zs%2B8TMPSM9j%2BeIkIQjs2BIcXUuJVnZaQyP1JrAEe74CzYcL9%2FjBzBQVtxCT9e%2FriAYbiyF%2BOdSE5ATTc8PCYaqmBsOWyFCyJgv3Fc8N01zyp7zS4DWp3zpTlZ6Ijyw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 api.js Show response
1xbetuz.cc/1x_dom/ 1 KB
840 B 434ms
433ms Script
application/javascript 2606:4700:3032::6815:4e98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1xbetuz.cc/1x_dom/api.js
Requested by: Host: 1xbetuz.cc
URL: https://1xbetuz.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4e98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90ca14e75b783136716922beac94fd9dc526ffeb28b8131f4b4280cb9b75d7f8

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://1xbetuz.cc/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 13:41:15 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 02 Apr 2024 04:12:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"660b85be-480"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aA%2BrCobgGXAHoSnoFVcgjaYglMTVa6ZSSMxtQQEohS8%2B97NrSWCK9fu%2B52gdP1zsUkxWXof3Xrh6AGL9yCw7Fx25ZQmEMI6vaY9dvvN3jN%2Fm1700UdTvuI2K4whenki3v7H8AP8Hvob8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 86f1b703d86a67db-MIA
alt-svc: h3=":443"; ma=86400
expires: Fri, 05 Apr 2024 13:41:15 GMT

GET
H2 200 tag.js
mc.yandex.ru/metrika/ 210 KB
73 KB 738ms
369ms Script
application/javascript 2a02:6b8::1:119
TELETECH

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: 1xbetuz.cc
URL: https://1xbetuz.cc/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN208398 (TELETECH, RS),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://1xbetuz.cc/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 13:41:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Tue, 02 Apr 2024 10:07:01 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "660bd8c5-120aa"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 73898
expires: Thu, 04 Apr 2024 14:41:16 GMT

GET
H2 200 api.php
1xbetuz.cc/1x_dom/ 31 KB
6 KB 298ms
298ms XHR
text/html 2606:4700:3032::6815:4e98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1xbetuz.cc/1x_dom/api.php
Requested by: Host: 1xbetuz.cc
URL: https://1xbetuz.cc/1x_dom/api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4e98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://1xbetuz.cc/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 13:41:16 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d2x%2FuTpZJJOolOkQuKDtuwyLe7rctFZs7zzwV1DziHNpKluw7QjK9l1TGuywqDkOBhlpccYT6IdiIfMPGpr4HuTlwoQxvUxFOWuO3dzKWtItsupJ6d1wpxYVILaHlgY9zgDzDQC2C2kx"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 86f1b7068c4967db-MIA
alt-svc: h3=":443"; ma=86400

GET
H2

200

Primary Request registration Show response
1xlite-394299.top/en/
Redirect Chain

https://refpa4293501.top/L?tag=s_187535m_355c_&site=187535&ad=355&r=registration
https://1xlite-394299.top/en/registration?tag=s_187535m_355c_

614 KB
146 KB

721ms
287ms

Document
text/html

178.253.29.54
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1xlite-394299.top/en/registration?tag=s_187535m_355c_

Requested by

Host: 1xbetuz.cc
URL: https://1xbetuz.cc/1x_dom/api.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.29.54 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC),

Reverse DNS

Software

nginx /

Resource Hash

ca0f32891e117503a1d6bd4536c50219efb1149c3a6441720794fb7bd5df3447

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://1xbetuz.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 04 Apr 2024 13:41:17 GMT
server: nginx
server-timing: total;dur=10;desc="Nuxt Server Time" dt_total;dur=18.162 wf-uht;dur=0.038
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-dt: 285
x-frame-options: SAMEORIGIN
x-from-cache: 1
x-time-ng: 0.017

Redirect headers

cache-control: private
date: Thu, 04 Apr 2024 13:41:16 GMT
location: https://1xlite-394299.top:443/en/registration?tag=s_187535m_355c_
server: nginx
server-timing: wf-uht;dur=0.015
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-aspnetmvc-version: 5.0

GET

sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10329.YC5_U5WDyYJfH52YFCoeq-sm3Yci5jDzbwhUKIXd2FpD2I0TkK39Hh2ghr0abJHp.7scdgBFmxfQ1sMQprn-btLR51T4%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10329.ARz-KXADdX6kzKvjIIHudbLo-a2nAMLjyxHfLCskNWCUIugka0c6GKLQoR-RhTs__Z4wT5Q5B4cTNWmA3FyQ_g-aTfXHU9ojiShsQVcesd0oV8dv49z3tjh12AK8TEKL7O-bgnicA8...
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10329.fqAE0EKwIDLH-krx_RuOwsdkvbXmHdac3ycRQU8Hm6Uu0CE37DKu8FQ35ZsG2W9ccPJPwFh5n9eRl_V-gnN_H0taib8LzwgS6tp8L2_hAXBd2...

0
0

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
572 B 191ms
191ms Image
image/gif 2a02:6b8::1:119
TELETECH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN208398 (TELETECH, RS),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://1xbetuz.cc/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 13:41:16 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 02 Apr 2024 10:07:01 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "660bd8c5-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Thu, 04 Apr 2024 14:41:16 GMT

GET
H2 200 13f2420925687a194e4c38472ae71214.css
v3.traincdn.com/genfiles/site-admin/colors/ 35 KB
7 KB 422ms
29ms Stylesheet
text/css 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://v3.traincdn.com/genfiles/site-admin/colors/13f2420925687a194e4c38472ae71214.css

Requested by

Host: 1xlite-394299.top
URL: https://1xlite-394299.top/en/registration?tag=s_187535m_355c_

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

030b2d139711faa89a54a8a02c35ff06faf68b67591a26f320efc4b7d889a7e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://1xlite-394299.top/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-id: mi1-hw-edge-gc26
date: Thu, 04 Apr 2024 13:41:17 GMT
content-encoding: gzip
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
x-cached-since: 2024-04-03T11:02:13+00:00, 2024-04-04T12:43:35+00:00
x-shard: mi1-shard0-default_443
last-modified: Wed, 03 Apr 2024 09:39:49 GMT
server: nginx
traceparent: 00-839d89a7ac6354ec3345c4e01550e525-57cb1c883945a03a-01
x-id-shield: am3-hw-edge-gc89
etag: W/"197229e93c5fc726ef322c448964e0b9"
content-type: text/css
access-control-allow-origin: *
cache-control: public,max-age=3600,s-maxage=3600
cache: HIT, HIT

GET
H2 200 runtime-9db278ee.js Show response
v3.traincdn.com/_nuxt/desktop/default/ 46 KB
15 KB 484ms
92ms Script
application/javascript 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://v3.traincdn.com/_nuxt/desktop/default/runtime-9db278ee.js

Requested by

Host: 1xlite-394299.top
URL: https://1xlite-394299.top/en/registration?tag=s_187535m_355c_

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

2d1e703eae7f8eb4d112d8064d9958139bd64ef431ce3dd6ad219d58ac66a713

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://1xlite-394299.top/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-id: mi1-hw-edge-gc35
date: Thu, 04 Apr 2024 13:41:17 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
x-cached-since: 2024-04-04T10:54:02+00:00, 2024-04-04T10:54:49+00:00
x-shard: mi1-shard0-default_443
content-length: 14815
last-modified: Thu, 04 Apr 2024 10:11:32 GMT
server: nginx
traceparent: 00-36853dc4b24487c6750fe0a650139910-fb2f0ad5b1d44052-01
x-id-shield: am3-hw-edge-gc89
etag: "660e7cd4-39df"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT, HIT
accept-ranges: bytes
expires: Fri, 05 Apr 2024 10:54:02 GMT

GET
H2 200 app-a724c117.js Show response
v3.traincdn.com/_nuxt/desktop/default/commons/ 135 KB
46 KB 488ms
96ms Script
application/javascript 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://v3.traincdn.com/_nuxt/desktop/default/commons/app-a724c117.js

Requested by

Host: 1xlite-394299.top
URL: https://1xlite-394299.top/en/registration?tag=s_187535m_355c_

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

983a6c090fac471d8dfa9fa8470fb0d56151a858f13ab5f00e849212f01086a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://1xlite-394299.top/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-id: mi1-hw-edge-gc13
date: Thu, 04 Apr 2024 13:41:17 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
x-cached-since: 2024-04-04T08:27:19+00:00, 2024-04-04T08:27:58+00:00
x-shard: mi1-shard0-default_443
content-length: 46869
last-modified: Wed, 03 Apr 2024 14:01:02 GMT
server: nginx
traceparent: 00-88f499caaf58afb32be919a45154810f-53273b5d86356837-01
x-id-shield: am3-hw-edge-gc88
etag: "660d611e-b715"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT, HIT
accept-ranges: bytes
expires: Fri, 05 Apr 2024 08:27:19 GMT

GET
H2 200 18c4c3a7.css
v3.traincdn.com/_nuxt/desktop/default/css/ 1 MB
108 KB 426ms
33ms Stylesheet
text/css 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://v3.traincdn.com/_nuxt/desktop/default/css/18c4c3a7.css

Requested by

Host: 1xlite-394299.top
URL: https://1xlite-394299.top/en/registration?tag=s_187535m_355c_

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

c40c8344db38145b8535ccffc1823f45982030318056fb40c39d4727a4e455c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://1xlite-394299.top/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-id: mi1-hw-edge-gc13
date: Thu, 04 Apr 2024 13:41:17 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
x-cached-since: 2024-04-04T07:12:01+00:00, 2024-04-04T07:12:49+00:00
x-shard: mi1-shard0-default_443
content-length: 109821
last-modified: Wed, 03 Apr 2024 14:01:02 GMT
server: nginx
traceparent: 00-0ab7c5def2cdde1832597a787578bf22-072033ba02530a1d-01
x-id-shield: am3-hw-edge-gc88
etag: "660d611e-1acfd"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT, HIT
accept-ranges: bytes
expires: Fri, 05 Apr 2024 07:12:01 GMT

GET
H2 200 app-6dc4d91c.js Show response
v3.traincdn.com/_nuxt/desktop/default/vendors/ 1 MB
396 KB 490ms
98ms Script
application/javascript 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://v3.traincdn.com/_nuxt/desktop/default/vendors/app-6dc4d91c.js

Requested by

Host: 1xlite-394299.top
URL: https://1xlite-394299.top/en/registration?tag=s_187535m_355c_

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

d1c6bdf5725aada18688a3032636f0b6953eeee845e897e8c1ada0b61d09431f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://1xlite-394299.top/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-id: mi1-hw-edge-gc24
date: Thu, 04 Apr 2024 13:41:17 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
x-cached-since: 2024-04-04T10:54:07+00:00, 2024-04-04T10:54:49+00:00
x-shard: mi1-shard0-default_443
content-length: 405061
last-modified: Thu, 04 Apr 2024 10:11:32 GMT
server: nginx
traceparent: 00-0d51e69187c5605bf2a8465189c40481-8c2cd67fff20a518-01
x-id-shield: am3-hw-edge-gc89
etag: "660e7cd4-62e45"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT, HIT
accept-ranges: bytes
expires: Fri, 05 Apr 2024 10:54:07 GMT

GET
H2 200 775cbee5.css
v3.traincdn.com/_nuxt/desktop/default/css/ 106 KB
14 KB 424ms
32ms Stylesheet
text/css 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://v3.traincdn.com/_nuxt/desktop/default/css/775cbee5.css

Requested by

Host: 1xlite-394299.top
URL: https://1xlite-394299.top/en/registration?tag=s_187535m_355c_

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

9e8c2cec33a9190c029daae0e91235208a380613490274db3d62bdc420345c70

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://1xlite-394299.top/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-id: mi1-hw-edge-gc28
date: Thu, 04 Apr 2024 13:41:17 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
x-cached-since: 2024-04-04T08:33:01+00:00, 2024-04-04T08:33:22+00:00
x-shard: mi1-shard0-default_443
content-length: 14120
last-modified: Thu, 04 Apr 2024 08:08:07 GMT
server: nginx
traceparent: 00-7b5db0987bd3025b2d1c1f4d7e25e1fa-168e7319b3fe4594-01
x-id-shield: am3-hw-edge-gc89
etag: "660e5fe7-3728"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT, HIT
accept-ranges: bytes
expires: Fri, 05 Apr 2024 08:33:01 GMT

GET
H2 200 app-f6bed147.js Show response
v3.traincdn.com/_nuxt/desktop/default/ 844 KB
223 KB 485ms
93ms Script
application/javascript 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://v3.traincdn.com/_nuxt/desktop/default/app-f6bed147.js

Requested by

Host: 1xlite-394299.top
URL: https://1xlite-394299.top/en/registration?tag=s_187535m_355c_

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

3eac3f1352aaf9a8f2591b663018b96a60166fe6044aac65f46814deaaa25493

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://1xlite-394299.top/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-id: mi1-hw-edge-gc29
date: Thu, 04 Apr 2024 13:41:17 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
x-cached-since: 2024-04-04T10:54:02+00:00, 2024-04-04T10:54:49+00:00
x-shard: mi1-shard0-default_443
content-length: 227846
last-modified: Thu, 04 Apr 2024 10:11:32 GMT
server: nginx
traceparent: 00-48d233201436a154a243f3114c3897dc-30df8e1c36f2ffe4-01
x-id-shield: am3-hw-edge-gc88
etag: "660e7cd4-37a06"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT, HIT
accept-ranges: bytes
expires: Fri, 05 Apr 2024 10:54:02 GMT

GET
H2 200 6ee8a9e4.css
v3.traincdn.com/_nuxt/desktop/default/css/ 2 KB
789 B 422ms
30ms Stylesheet
text/css 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://v3.traincdn.com/_nuxt/desktop/default/css/6ee8a9e4.css

Requested by

Host: 1xlite-394299.top
URL: https://1xlite-394299.top/en/registration?tag=s_187535m_355c_

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

2acc171311243f36d7410ebd2b41ac7d7c7899c861153198217e7e91d3d9e4cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://1xlite-394299.top/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-id: mi1-hw-edge-gc24
date: Thu, 04 Apr 2024 13:41:17 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
x-cached-since: 2024-04-04T09:32:17+00:00, 2024-04-04T11:14:22+00:00
x-shard: mi1-shard0-default_443
content-length: 591
last-modified: Thu, 04 Apr 2024 08:08:07 GMT
server: nginx
traceparent: 00-abf7dcd96b9485dc13ecfefe8c17949c-1672f64772146103-01
x-id-shield: am3-hw-edge-gc89
etag: "660e5fe7-24f"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT, HIT
accept-ranges: bytes
expires: Fri, 05 Apr 2024 09:32:17 GMT

GET
H2 200 Page.Registration-86d3dc7c.js Show response
v3.traincdn.com/_nuxt/desktop/default/ 6 KB
2 KB 490ms
98ms Script
application/javascript 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://v3.traincdn.com/_nuxt/desktop/default/Page.Registration-86d3dc7c.js

Requested by

Host: 1xlite-394299.top
URL: https://1xlite-394299.top/en/registration?tag=s_187535m_355c_

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

9bf747366f63b2664ba02018024b0b3793d02dce31d3496a095a26ed438219a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://1xlite-394299.top/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-id: mi1-hw-edge-gc25
date: Thu, 04 Apr 2024 13:41:17 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
x-cached-since: 2024-04-04T08:33:07+00:00, 2024-04-04T08:33:22+00:00
x-shard: mi1-shard0-default_443
content-length: 2236
last-modified: Thu, 04 Apr 2024 08:08:07 GMT
server: nginx
traceparent: 00-c6a5291a398c5a75d7967245b3500360-5ea4cab0fa6e761f-01
x-id-shield: am3-hw-edge-gc89
etag: "660e5fe7-8bc"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT, HIT
accept-ranges: bytes
expires: Fri, 05 Apr 2024 08:33:07 GMT

GET
H2 200 e41f68df.css
v3.traincdn.com/_nuxt/desktop/default/css/ 31 KB
4 KB 419ms
28ms Stylesheet
text/css 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://v3.traincdn.com/_nuxt/desktop/default/css/e41f68df.css

Requested by

Host: 1xlite-394299.top
URL: https://1xlite-394299.top/en/registration?tag=s_187535m_355c_

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

5f4b35b2dba9ead8496ade78e0739cf10e9864a90ab96b3be022130153f8e136

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://1xlite-394299.top/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-id: mi1-hw-edge-gc10
date: Thu, 04 Apr 2024 13:41:17 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
x-cached-since: 2024-04-03T14:32:12+00:00, 2024-04-03T14:32:33+00:00
x-shard: mi1-shard0-default_443
content-length: 3223
last-modified: Wed, 03 Apr 2024 14:01:02 GMT
server: nginx
traceparent: 00-dd1195b3baac58611d692b7e02699273-65311d4baf98bf49-01
x-id-shield: am3-hw-edge-gc89
etag: "660d611e-c97"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT, HIT
accept-ranges: bytes
expires: Thu, 04 Apr 2024 14:32:12 GMT

GET
H2 200 Layout.SeoModule.Lazy-ac34347f.js Show response
v3.traincdn.com/_nuxt/desktop/default/ 8 KB
2 KB 487ms
97ms Script
application/javascript 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://v3.traincdn.com/_nuxt/desktop/default/Layout.SeoModule.Lazy-ac34347f.js

Requested by

Host: 1xlite-394299.top
URL: https://1xlite-394299.top/en/registration?tag=s_187535m_355c_

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

00182b4d06ec67575d798b8f8196151f4e15010fbd6e44bfd770dc0786569671

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://1xlite-394299.top/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-id: mi1-hw-edge-gc29
date: Thu, 04 Apr 2024 13:41:17 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
x-cached-since: 2024-04-04T08:33:02+00:00, 2024-04-04T08:33:22+00:00
x-shard: mi1-shard0-default_443
content-length: 2301
last-modified: Thu, 04 Apr 2024 08:08:07 GMT
server: nginx
traceparent: 00-f0d3acd3476ec730e42c2edbd41a7e09-4109783d004b545b-01
x-id-shield: am3-hw-edge-gc88
etag: "660e5fe7-8fd"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT, HIT
accept-ranges: bytes
expires: Fri, 05 Apr 2024 08:33:02 GMT

GET
H2 200 7c43e6fa10d0665cf556d13ff2a1906d.svg
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/ 1 KB
912 B 75ms
74ms Image
image/svg+xml 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/7c43e6fa10d0665cf556d13ff2a1906d.svg

Requested by

Host: 1xlite-394299.top
URL: https://1xlite-394299.top/en/registration?tag=s_187535m_355c_

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

2cb7283447d210aa27e07657e00beefe6731f9771a9445be4e44e96dfe88c232

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://1xlite-394299.top/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-id: mi1-hw-edge-gc29
date: Thu, 04 Apr 2024 13:41:18 GMT
content-encoding: gzip
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
x-cached-since: 2023-12-20T20:48:00+00:00, 2024-04-04T12:56:14+00:00
x-shard: mi1-shard0-default_443
last-modified: Tue, 02 May 2023 10:06:49 GMT
server: nginx
traceparent: 00-97f41a0d2e7ccf0eda86cfe5295da7eb-f85c00ce06387ab7-01
x-id-shield: am3-hw-edge-gc89
etag: W/"7cca3986f7a5c4c164144ff11df71073"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public,max-age=3600,s-maxage=3600
cache: HIT, HIT

GET
H2 200 polyfills.js Show response
1xlite-394299.top/ 0
245 B 302ms
302ms Script
text/javascript 178.253.29.54
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1xlite-394299.top/polyfills.js

Requested by

Host: 1xlite-394299.top
URL: https://1xlite-394299.top/en/registration?tag=s_187535m_355c_

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.29.54 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://1xlite-394299.top/en/registration?tag=s_187535m_355c_
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 13:41:17 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-time-ng: 0.007
server: nginx
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
vary: user-agent
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=2678400, s-maxage=2678400
server-timing: wf-uht;dur=
content-length: 0

GET
H2 200 version.json Show response
v3.traincdn.com/ 11 B
425 B 402ms
31ms XHR
application/json 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://v3.traincdn.com/version.json

Requested by

Host: 1xlite-394299.top
URL: https://1xlite-394299.top/en/registration?tag=s_187535m_355c_

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

d4bda04b188c28cc16eade6284216675f95bef50183f809b34a8fd4c488cf725

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://1xlite-394299.top/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-id: mi1-hw-edge-gc25
date: Thu, 04 Apr 2024 13:41:17 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
x-cached-since: 2024-04-04T10:49:00+00:00, 2024-04-04T13:40:27+00:00
x-shard: mi1-shard0-default_443
content-length: 44
last-modified: Thu, 04 Apr 2024 10:15:28 GMT
server: nginx
traceparent: 00-0935c9f2be683392c8e217444166747e-d1c0e4a6cd6dfa13-01
x-id-shield: am3-hw-edge-gc88
etag: "660e7dc0-2c"
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60, max-age=60, s-maxage=60
cache: HIT, HIT
accept-ranges: bytes
expires: Thu, 04 Apr 2024 10:50:00 GMT

GET
H2 200 check-ob.js Show response
v3.traincdn.com/_nuxt/ 342 B
481 B 82ms
82ms Script
application/javascript 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://v3.traincdn.com/_nuxt/check-ob.js

Requested by

Host: 1xlite-394299.top
URL: https://1xlite-394299.top/en/registration?tag=s_187535m_355c_

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

9dc59b4e91c1aada81294c54029320042844fe6f142eb8ad393b97227db7f531

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://1xlite-394299.top/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-id: mi1-hw-edge-gc31
date: Thu, 04 Apr 2024 13:41:18 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
x-cached-since: 2024-04-03T12:44:00+00:00, 2024-04-04T11:36:24+00:00
x-shard: mi1-shard0-default_443
content-length: 274
last-modified: Wed, 03 Apr 2024 09:31:03 GMT
server: nginx
traceparent: 00-26a196bf125e4cbffe348ed30a778ed5-d8ca94ec9eb0c7f7-01
x-id-shield: am3-hw-edge-gc88
etag: "660d21d7-112"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT, HIT
accept-ranges: bytes
expires: Thu, 04 Apr 2024 12:44:00 GMT

GET
DATA 200
OK truncated Show response
/ 32 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b90ff694e492935b6036fb7e878d365dab51aafa46f0afb1e33414e7ecc3307b

Request headers

Referer
Origin: https://1xlite-394299.top
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript

GET
H2 200 plugins.v-tooltip-687cb2d4.js Show response
v3.traincdn.com/_nuxt/desktop/default/vendors/ 75 KB
21 KB 27ms
27ms Script
application/javascript 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.v-tooltip-687cb2d4.js

Requested by

Host: v3.traincdn.com
URL: https://v3.traincdn.com/_nuxt/desktop/default/runtime-9db278ee.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

2f199c9290af68d5a4e04d085a0280cbab26a5b61de8575042a37798188f6d8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://1xlite-394299.top/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-id: mi1-hw-edge-gc24
date: Thu, 04 Apr 2024 13:41:18 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
x-cached-since: 2024-04-04T08:33:03+00:00, 2024-04-04T08:33:50+00:00
x-shard: mi1-shard0-default_443
content-length: 21790
last-modified: Thu, 04 Apr 2024 08:08:07 GMT
server: nginx
traceparent: 00-fab264ca817ecc71220e021b2d06f134-7c2dd1ab579cda60-01
x-id-shield: am3-hw-edge-gc88
etag: "660e5fe7-551e"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT, HIT
accept-ranges: bytes
expires: Fri, 05 Apr 2024 08:33:03 GMT

GET
H2 200 plugins.vue-notification-a8774952.js Show response
v3.traincdn.com/_nuxt/desktop/default/vendors/ 12 KB
5 KB 31ms
31ms Script
application/javascript 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.vue-notification-a8774952.js

Requested by

Host: v3.traincdn.com
URL: https://v3.traincdn.com/_nuxt/desktop/default/runtime-9db278ee.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

355ed9e03f8b267c5f1cdb3c6049ad8ed262f0d5d733f92e38fad5195d9118e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://1xlite-394299.top/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-id: mi1-hw-edge-gc25
date: Thu, 04 Apr 2024 13:41:18 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
x-cached-since: 2024-04-04T08:33:03+00:00, 2024-04-04T08:33:50+00:00
x-shard: mi1-shard0-default_443
content-length: 4556
last-modified: Thu, 04 Apr 2024 08:08:07 GMT
server: nginx
traceparent: 00-3042abafebe4f2babbdeb0159da8a2aa-324f2e5146cc974e-01
x-id-shield: am3-hw-edge-gc88
etag: "660e5fe7-11cc"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT, HIT
accept-ranges: bytes
expires: Fri, 05 Apr 2024 08:33:03 GMT

GET
H2 200 e5c0e314.css
v3.traincdn.com/_nuxt/desktop/default/css/ 3 KB
1 KB 31ms
31ms Stylesheet
text/css 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://v3.traincdn.com/_nuxt/desktop/default/css/e5c0e314.css

Requested by

Host: v3.traincdn.com
URL: https://v3.traincdn.com/_nuxt/desktop/default/runtime-9db278ee.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

4eaf4071f43aaa0243a4c6948131b7a3e03fe6ab1f4228da38e8588c15e01f24

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://1xlite-394299.top/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-id: mi1-hw-edge-gc30
date: Thu, 04 Apr 2024 13:41:18 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
x-cached-since: 2024-04-04T11:04:17+00:00, 2024-04-04T11:10:26+00:00
x-shard: mi1-shard0-default_443
content-length: 953
last-modified: Thu, 04 Apr 2024 10:11:32 GMT
server: nginx
traceparent: 00-992f9ceaa251aea815ae228c838db04f-949eda718ecf3434-01
x-id-shield: am3-hw-edge-gc88
etag: "660e7cd4-3b9"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT, HIT
accept-ranges: bytes
expires: Fri, 05 Apr 2024 11:04:17 GMT

GET
H2 200 plugins.vue-js-modal-c9d3564c.js Show response
v3.traincdn.com/_nuxt/desktop/default/vendors/ 26 KB
8 KB 32ms
31ms Script
application/javascript 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.vue-js-modal-c9d3564c.js

Requested by

Host: v3.traincdn.com
URL: https://v3.traincdn.com/_nuxt/desktop/default/runtime-9db278ee.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

7788eb17be26ba0cb0acb172c96750fb05e3cafaa8a275e7bc1a4fb44a7cd8b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://1xlite-394299.top/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-id: mi1-hw-edge-gc26
date: Thu, 04 Apr 2024 13:41:18 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
x-cached-since: 2024-04-04T08:33:03+00:00, 2024-04-04T08:33:50+00:00
x-shard: mi1-shard0-default_443
content-length: 8055
last-modified: Thu, 04 Apr 2024 08:08:07 GMT
server: nginx
traceparent: 00-30ac50d4989d7a983cb4188b34e49095-dff254859cb33a22-01
x-id-shield: am3-hw-edge-gc89
etag: "660e5fe7-1f77"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT, HIT
accept-ranges: bytes
expires: Fri, 05 Apr 2024 08:33:03 GMT

GET
H2 200 date-fns-locale-21-43ae1627.js Show response
v3.traincdn.com/_nuxt/desktop/default/ 7 KB
2 KB 31ms
31ms Script
application/javascript 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://v3.traincdn.com/_nuxt/desktop/default/date-fns-locale-21-43ae1627.js

Requested by

Host: v3.traincdn.com
URL: https://v3.traincdn.com/_nuxt/desktop/default/runtime-9db278ee.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

07856df1a1e0a57a8ceaf78a3d6691ea1ab6474a28335ab0b47f402a0cfb1914

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://1xlite-394299.top/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-id: mi1-hw-edge-gc13
date: Thu, 04 Apr 2024 13:41:18 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
x-cached-since: 2024-04-04T08:27:34+00:00, 2024-04-04T08:32:31+00:00
x-shard: mi1-shard0-default_443
content-length: 2120
last-modified: Wed, 03 Apr 2024 14:01:02 GMT
server: nginx
traceparent: 00-61065a0a756adcc6ddadd4f2ff17f5c8-3984a76b18e7b480-01
x-id-shield: am3-hw-edge-gc89
etag: "660d611e-848"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT, HIT
accept-ranges: bytes
expires: Fri, 05 Apr 2024 08:27:34 GMT

GET
H2 200 actualDomain Show response
1xlite-394299.top/web-api/api/web/v1/config/ 269 B
537 B 190ms
189ms Fetch
application/vnd.api+json 178.253.29.54
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1xlite-394299.top/web-api/api/web/v1/config/actualDomain

Requested by

Host: v3.traincdn.com
URL: https://v3.traincdn.com/_nuxt/desktop/default/vendors/app-6dc4d91c.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.29.54 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC),

Reverse DNS

Software

nginx /

Resource Hash

6f08363a1ed743f4e1df990451313e6693c49ffbfa472ec78567189906d404e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: application/json
accept: application/json, text/plain, */*
Referer: https://1xlite-394299.top/en/registration?tag=s_187535m_355c_
x-requested-with: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 13:41:18 GMT
content-encoding: br
x-time-ng: 0.029
server: nginx
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
content-type: application/vnd.api+json
x-dt: 285
cache-control: no-cache, private
server-timing: p;dur=16, dt_total;dur=38.177, wf-uht;dur=0.049

GET
H2 200 light Show response
1xlite-394299.top/blocks-api/api/v1/block/ 70 B
264 B 153ms
153ms Fetch
application/json 178.253.29.54
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1xlite-394299.top/blocks-api/api/v1/block/light?referralParams=1

Requested by

Host: v3.traincdn.com
URL: https://v3.traincdn.com/_nuxt/desktop/default/vendors/app-6dc4d91c.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.29.54 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC),

Reverse DNS

Software

nginx /

Resource Hash

890c9c826f4839aa332f600237605409aa02f8af65a23a808e2567ccbb5199c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: application/json
accept: application/json, text/plain, */*
Referer: https://1xlite-394299.top/en/registration?tag=s_187535m_355c_
x-requested-with: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 13:41:18 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-time-ng: 0.001
server: nginx
content-type: application/json
x-request-guid: 9155c3c6a47b454494bda7ea5a4c638e
server-timing: wf-uht;dur=0.009
content-length: 70

GET
H2 200 6a3b01d318b759a5d8cbcd76fd908037.json Show response
1xlite-394299.top/genfiles/cms/1-285/desktop/media_asset/ 2 KB
766 B 140ms
140ms Fetch
application/json 178.253.29.54
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1xlite-394299.top/genfiles/cms/1-285/desktop/media_asset/6a3b01d318b759a5d8cbcd76fd908037.json

Requested by

Host: v3.traincdn.com
URL: https://v3.traincdn.com/_nuxt/desktop/default/vendors/app-6dc4d91c.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.29.54 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC),

Reverse DNS

Software

nginx /

Resource Hash

b50904054641c30b6b4ee7ed4290b52022825f2e9e9e3a4a060b8ecddf28c898

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: application/json
accept: application/json, text/plain, */*
Referer: https://1xlite-394299.top/en/registration?tag=s_187535m_355c_
x-requested-with: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 13:41:18 GMT
content-encoding: br
x-time-ng: 0.000
last-modified: Wed, 28 Feb 2024 21:42:45 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubDomains; preload
etag: W/"eec4805fe0f6e17d5ade92a382f5b068"
vary: Accept-Encoding
content-type: application/json
cache-control: public,max-age=3600,s-maxage=3600
server-timing: wf-uht;dur=

GET
H2 200 1da51baa342984a84ca1ac8dd900998b.png
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/ 653 B
891 B 32ms
26ms Other
image/png 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/1da51baa342984a84ca1ac8dd900998b.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

c0399d478788d5d483f104a2e8cb7c32f41cb40e9df0c22e831b2bfa2db63ec0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://1xlite-394299.top/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-id: mi1-hw-edge-gc36
date: Thu, 04 Apr 2024 13:41:18 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-time-ng: 0.000
x-cached-since: 2023-12-20T21:16:44+00:00, 2024-04-04T13:26:42+00:00
x-shard: mi1-shard0-default_443
content-length: 653
last-modified: Tue, 25 Apr 2023 13:43:56 GMT
server: nginx
traceparent: 00-d511bf9304d4bfa65c5ff2d42f15874a-4fed5a10508bb9ba-01
x-id-shield: am3-hw-edge-gc89
etag: "e6f0766cbd95db33da44e7a9140648f2"
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=3600,s-maxage=3600
cache: HIT, HIT
accept-ranges: bytes

GET
H2 200 1da51baa342984a84ca1ac8dd900998b.png
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/ 653 B
763 B 28ms
27ms Other
image/png 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/1da51baa342984a84ca1ac8dd900998b.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

c0399d478788d5d483f104a2e8cb7c32f41cb40e9df0c22e831b2bfa2db63ec0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://1xlite-394299.top/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-id: mi1-hw-edge-gc36
date: Thu, 04 Apr 2024 13:41:18 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-time-ng: 0.000
x-cached-since: 2023-12-20T21:16:44+00:00, 2024-04-04T13:26:42+00:00
x-shard: mi1-shard0-default_443
content-length: 653
last-modified: Tue, 25 Apr 2023 13:43:56 GMT
server: nginx
traceparent: 00-e2c165a6a4e5f84b87f89a8c0305fac9-696df829d9e2480f-01
x-id-shield: am3-hw-edge-gc89
etag: "e6f0766cbd95db33da44e7a9140648f2"
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=3600,s-maxage=3600
cache: HIT, HIT
accept-ranges: bytes

GET
H2 200 1da51baa342984a84ca1ac8dd900998b.png
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/ 653 B
732 B 34ms
34ms Other
image/png 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/1da51baa342984a84ca1ac8dd900998b.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

c0399d478788d5d483f104a2e8cb7c32f41cb40e9df0c22e831b2bfa2db63ec0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://1xlite-394299.top/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-id: mi1-hw-edge-gc36
date: Thu, 04 Apr 2024 13:41:18 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-time-ng: 0.000
x-cached-since: 2023-12-20T21:16:44+00:00, 2024-04-04T13:26:42+00:00
x-shard: mi1-shard0-default_443
content-length: 653
last-modified: Tue, 25 Apr 2023 13:43:56 GMT
server: nginx
traceparent: 00-7017fbc3aa08d29de08bde3fd74d0285-4fad35dbf21de471-01
x-id-shield: am3-hw-edge-gc89
etag: "e6f0766cbd95db33da44e7a9140648f2"
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=3600,s-maxage=3600
cache: HIT, HIT
accept-ranges: bytes

GET
H2 200 common.svg Show response
v3.traincdn.com/sys-icons/1.0.316/285/ 142 KB
58 KB 29ms
29ms XHR
image/svg+xml 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://v3.traincdn.com/sys-icons/1.0.316/285/common.svg

Requested by

Host: v3.traincdn.com
URL: https://v3.traincdn.com/_nuxt/desktop/default/vendors/app-6dc4d91c.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

e197ff1d72319b28f3a67ac26da0783915d3b7fc0ab847139c9cabf5049e7d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://1xlite-394299.top/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 20 Mar 2024 11:00:56 GMT
x-id: mi1-hw-edge-gc31
date: Thu, 04 Apr 2024 13:41:18 GMT
content-encoding: gzip
x-time-ng: 0.003
strict-transport-security: max-age=15724800; includeSubDomains
x-cached-since: 2024-03-19T11:00:56+00:00, 2024-04-04T11:10:28+00:00
x-shard: mi1-shard0-default_443
last-modified: Thu, 14 Mar 2024 10:24:35 GMT
server: nginx
traceparent: 00-b7c27c34a47a724ca9a01279cd98bef5-54e7259a6d65e471-01
x-id-shield: am3-hw-edge-gc88
etag: W/"3e76c8412034b5d2f3a1bbe61917b7b5"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT, HIT
x-amz-meta-mtime: 1710411866.425917363

GET
H2 200 analytics-counters Show response
1xlite-394299.top/seo-module-api/api/public/v1/ 105 B
492 B 141ms
140ms Fetch
application/json 178.253.29.54
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1xlite-394299.top/seo-module-api/api/public/v1/analytics-counters?url=https:%2F%2F1xlite-394299.top&projectId=285

Requested by

Host: v3.traincdn.com
URL: https://v3.traincdn.com/_nuxt/desktop/default/vendors/app-6dc4d91c.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.29.54 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC),

Reverse DNS

Software

nginx /

Resource Hash

ede01772dfd8da2cc82f245e454ce360b2ceb13b7d1c330bbc1d68fe41255c19

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: application/json
accept: application/json, text/plain, */*
Referer: https://1xlite-394299.top/en/registration?tag=s_187535m_355c_
x-requested-with: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 13:41:18 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-digest: en6d0e5d6e0146a49c358c0eaad1d2ef38
x-time-ng: 0.010
server: nginx
age: 1509
content-type: application/json
x-request-guid: e6de138d5cc43e39b923274a7676c092
cache-control: max-age=1200, must-revalidate, public, s-maxage=1800, stale-if-error=86400, stale-while-revalidate=300
server-timing: p;dur=4.6820640563965, wf-uht;dur=
content-length: 105
x-request-id: 6a21e496199d81a2f64f4e1f9d8855ae

GET
H2 200 version.json Show response
1xlite-394299.top/ 11 B
390 B 148ms
148ms Fetch
application/json 178.253.29.54
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1xlite-394299.top/version.json?timestamp=1712238078754

Requested by

Host: v3.traincdn.com
URL: https://v3.traincdn.com/_nuxt/desktop/default/vendors/app-6dc4d91c.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.29.54 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC),

Reverse DNS

Software

nginx /

Resource Hash

d4bda04b188c28cc16eade6284216675f95bef50183f809b34a8fd4c488cf725

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: application/json
accept: application/json, text/plain, */*
Referer: https://1xlite-394299.top/en/registration?tag=s_187535m_355c_
x-requested-with: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 13:41:18 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Thu, 04 Apr 2024 10:15:28 GMT
server: nginx
etag: "660e7dc0-2c"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60, max-age=60, s-maxage=60
server-timing: wf-uht;dur=0.008
accept-ranges: bytes
content-length: 44
expires: Thu, 04 Apr 2024 13:42:18 GMT

GET
H2 200 DC-801dc327.js Show response
v3.traincdn.com/_nuxt/desktop/default/ 2 KB
1 KB 28ms
27ms Script
application/javascript 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://v3.traincdn.com/_nuxt/desktop/default/DC-801dc327.js

Requested by

Host: v3.traincdn.com
URL: https://v3.traincdn.com/_nuxt/desktop/default/runtime-9db278ee.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

83253758fbaf030621c835e43914547cdb3168e989dfb0f0d82c49f3eaecdd18

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://1xlite-394299.top/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-id: mi1-hw-edge-gc27
date: Thu, 04 Apr 2024 13:41:18 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
x-cached-since: 2024-04-04T08:33:03+00:00, 2024-04-04T08:33:56+00:00
x-shard: mi1-shard0-default_443
content-length: 999
last-modified: Thu, 04 Apr 2024 08:08:07 GMT
server: nginx
traceparent: 00-db0e9770cbbca9bd2141fe9153b35a10-3c9709d0bfac138d-01
x-id-shield: am3-hw-edge-gc89
etag: "660e5fe7-3e7"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT, HIT
accept-ranges: bytes
expires: Fri, 05 Apr 2024 08:33:03 GMT

POST
H2 200 event.json Show response
1xlite-394299.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/ 23 B
180 B 156ms
155ms Fetch
application/json 178.253.29.54
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1xlite-394299.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json

Requested by

Host: v3.traincdn.com
URL: https://v3.traincdn.com/_nuxt/desktop/default/vendors/app-6dc4d91c.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.29.54 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC),

Reverse DNS

Software

nginx /

Resource Hash

c62a7123a17a1dae5312bb286e8edac4381f1e6b36a575ea64d11c4efb829fd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://1xlite-394299.top/en/registration?tag=s_187535m_355c_
X-Lang: en
X-Uuid: aa93ee29-4dfa-4419-a0ba-6a3cf6333754
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 13:41:18 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-time-ng: 0.000
server: nginx
server-timing: wf-uht;dur=0.015
content-length: 23
content-type: application/json

GET
H2 200 Betting.Core-277dfc20.js Show response
v3.traincdn.com/_nuxt/desktop/default/ 2 KB
2 KB 27ms
27ms Script
application/javascript 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://v3.traincdn.com/_nuxt/desktop/default/Betting.Core-277dfc20.js

Requested by

Host: v3.traincdn.com
URL: https://v3.traincdn.com/_nuxt/desktop/default/runtime-9db278ee.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

2001d8961da43016454fb78ec7c05871f77ed5e26f0932af7256ddb08156d8bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://1xlite-394299.top/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-id: mi1-hw-edge-gc25
date: Thu, 04 Apr 2024 13:41:18 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
x-cached-since: 2024-04-04T10:54:09+00:00, 2024-04-04T10:55:49+00:00
x-shard: mi1-shard0-default_443
content-length: 1608
last-modified: Thu, 04 Apr 2024 10:11:32 GMT
server: nginx
traceparent: 00-64054fde0e6b442b99ed14090ff55b49-6fb658b6217063ed-01
x-id-shield: am3-hw-edge-gc89
etag: "660e7cd4-648"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT, HIT
accept-ranges: bytes
expires: Fri, 05 Apr 2024 10:54:09 GMT

GET
H2 200 1da51baa342984a84ca1ac8dd900998b.png
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/ 653 B
746 B 27ms
27ms Other
image/png 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/1da51baa342984a84ca1ac8dd900998b.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

c0399d478788d5d483f104a2e8cb7c32f41cb40e9df0c22e831b2bfa2db63ec0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://1xlite-394299.top/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-id: mi1-hw-edge-gc36
date: Thu, 04 Apr 2024 13:41:18 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-time-ng: 0.000
x-cached-since: 2023-12-20T21:16:44+00:00, 2024-04-04T13:26:42+00:00
x-shard: mi1-shard0-default_443
content-length: 653
last-modified: Tue, 25 Apr 2023 13:43:56 GMT
server: nginx
traceparent: 00-5d21fd89b62aeb9b51bc5d504588e860-87fbbb2a70e3cee0-01
x-id-shield: am3-hw-edge-gc89
etag: "e6f0766cbd95db33da44e7a9140648f2"
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=3600,s-maxage=3600
cache: HIT, HIT
accept-ranges: bytes

GET
H2 200 dictionary_4301fdcd0323085586094ee28a6f9fdf.json Show response
v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_block_pages/en/ 2 KB
1 KB 27ms
27ms Fetch
application/json 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_block_pages/en/dictionary_4301fdcd0323085586094ee28a6f9fdf.json

Requested by

Host: v3.traincdn.com
URL: https://v3.traincdn.com/_nuxt/desktop/default/vendors/app-6dc4d91c.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

fd2194f551bd1c9d054c4cac8242938070fe992f879f6831a72a4fa6f5d0e281

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://1xlite-394299.top/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-id: mi1-hw-edge-gc32
date: Thu, 04 Apr 2024 13:41:18 GMT
content-encoding: gzip
x-time-ng: 0.002
strict-transport-security: max-age=15724800; includeSubDomains
x-cached-since: 2024-02-14T16:13:16+00:00, 2024-04-04T12:52:16+00:00
x-shard: mi1-shard0-default_443
last-modified: Wed, 14 Feb 2024 16:06:21 GMT
server: nginx
traceparent: 00-1c84f8481c1b8f822cdb9fda1b0c170e-c41a52a9481446a5-01
x-id-shield: am3-hw-edge-gc88
etag: W/"0e8bfe6bd6603a446d50d94ecb0784aa"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=3600,s-maxage=3600
cache: HIT, HIT

GET
H2 200 / Show response
1xlite-394299.top/checker/redirect/stat/run/ 14 B
171 B 151ms
151ms Fetch
application/json 178.253.29.54
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1xlite-394299.top/checker/redirect/stat/run/

Requested by

Host: v3.traincdn.com
URL: https://v3.traincdn.com/_nuxt/desktop/default/vendors/app-6dc4d91c.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.29.54 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC),

Reverse DNS

Software

nginx /

Resource Hash

9682f312f23e078bb135f23ea5a178b178e75c02d33672f20044d18c6d258928

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: application/json
accept: application/json, text/plain, */*
Referer: https://1xlite-394299.top/en/registration?tag=s_187535m_355c_
x-requested-with: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 13:41:18 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-time-ng: 0.001
server: nginx
server-timing: wf-uht;dur=0.012
content-length: 14
content-type: application/json

GET
H2 200 a04c9da87bac820645b0b5193bf33913.json Show response
1xlite-394299.top/genfiles/cms/1-285/desktop/media_asset/ 6 KB
2 KB 172ms
169ms Fetch
application/json 178.253.29.54
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1xlite-394299.top/genfiles/cms/1-285/desktop/media_asset/a04c9da87bac820645b0b5193bf33913.json

Requested by

Host: v3.traincdn.com
URL: https://v3.traincdn.com/_nuxt/desktop/default/vendors/app-6dc4d91c.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.29.54 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC),

Reverse DNS

Software

nginx /

Resource Hash

888a4170c9b0f5600df9bb47c2d55624bb54bb4f83f69fd6c2560b7570b44b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: application/json
accept: application/json, text/plain, */*
Referer: https://1xlite-394299.top/en/registration?tag=s_187535m_355c_
x-requested-with: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 13:41:19 GMT
content-encoding: br
x-time-ng: 0.000
last-modified: Thu, 21 Mar 2024 07:07:14 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubDomains; preload
etag: W/"1921c95282dc0920559e229c1dc07bb2"
vary: Accept-Encoding
content-type: application/json
cache-control: public,max-age=3600,s-maxage=3600
server-timing: wf-uht;dur=0.025

GET
H2 200 a01e05cae2f5087d31e3dd580b8c1ce3.json Show response
1xlite-394299.top/genfiles/cms/1-285/desktop/media_asset/ 14 KB
3 KB 144ms
141ms Fetch
application/json 178.253.29.54
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1xlite-394299.top/genfiles/cms/1-285/desktop/media_asset/a01e05cae2f5087d31e3dd580b8c1ce3.json

Requested by

Host: v3.traincdn.com
URL: https://v3.traincdn.com/_nuxt/desktop/default/vendors/app-6dc4d91c.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.29.54 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC),

Reverse DNS

Software

nginx /

Resource Hash

9ae42c0a8d88add1a2d54faab5d819c619cb2a2a1eec7595fe1029a91449efb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: application/json
accept: application/json, text/plain, */*
Referer: https://1xlite-394299.top/en/registration?tag=s_187535m_355c_
x-requested-with: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 13:41:19 GMT
content-encoding: br
x-time-ng: 0.000
last-modified: Tue, 14 Nov 2023 06:21:55 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubDomains; preload
etag: W/"5f6393bd6febc268d33cb235c7eec194"
vary: Accept-Encoding
content-type: application/json
cache-control: public,max-age=3600,s-maxage=3600
server-timing: wf-uht;dur=

GET
H2 200 aecbb538226cb01dc9a85286edcff171.json Show response
1xlite-394299.top/genfiles/cms/1-285/desktop/media_asset/ 182 B
454 B 144ms
142ms Fetch
application/json 178.253.29.54
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1xlite-394299.top/genfiles/cms/1-285/desktop/media_asset/aecbb538226cb01dc9a85286edcff171.json

Requested by

Host: v3.traincdn.com
URL: https://v3.traincdn.com/_nuxt/desktop/default/vendors/app-6dc4d91c.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.29.54 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC),

Reverse DNS

Software

nginx /

Resource Hash

9bbbe99b83a20d3d0bd65ab0b343de560c6d437a74a4835786bbd6a58bb0e08e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: application/json
accept: application/json, text/plain, */*
Referer: https://1xlite-394299.top/en/registration?tag=s_187535m_355c_
x-requested-with: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 13:41:19 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-time-ng: 0.000
last-modified: Tue, 11 Apr 2023 17:53:40 GMT
server: nginx
etag: "e4c69ca8e3916987138c95a26642f53a"
content-type: application/json
cache-control: public,max-age=3600,s-maxage=3600
server-timing: wf-uht;dur=
accept-ranges: bytes
content-length: 182

GET
H2 200 980afea18adc6ab83ee083faa051e13c.json Show response
1xlite-394299.top/genfiles/cms/1-285/desktop/media_asset/ 11 KB
3 KB 145ms
143ms Fetch
application/json 178.253.29.54
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1xlite-394299.top/genfiles/cms/1-285/desktop/media_asset/980afea18adc6ab83ee083faa051e13c.json

Requested by

Host: v3.traincdn.com
URL: https://v3.traincdn.com/_nuxt/desktop/default/vendors/app-6dc4d91c.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.29.54 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC),

Reverse DNS

Software

nginx /

Resource Hash

c9cf1776920ae2f8b00cd5744ee54365366168179b0f5fd20da3dcee48804006

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: application/json
accept: application/json, text/plain, */*
Referer: https://1xlite-394299.top/en/registration?tag=s_187535m_355c_
x-requested-with: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 13:41:19 GMT
content-encoding: br
x-time-ng: 0.000
last-modified: Thu, 04 Apr 2024 12:50:43 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubDomains; preload
etag: W/"3acda9745a8ec58978638696a5674a44"
vary: Accept-Encoding
content-type: application/json
cache-control: public,max-age=3600,s-maxage=3600
server-timing: wf-uht;dur=

GET
H2 200 9efdb9d027254f5340ba8677a39136cf.json Show response
1xlite-394299.top/genfiles/cms/1-285/desktop/media_asset/ 673 B
949 B 152ms
150ms Fetch
application/json 178.253.29.54
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1xlite-394299.top/genfiles/cms/1-285/desktop/media_asset/9efdb9d027254f5340ba8677a39136cf.json

Requested by

Host: v3.traincdn.com
URL: https://v3.traincdn.com/_nuxt/desktop/default/vendors/app-6dc4d91c.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.29.54 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC),

Reverse DNS

Software

nginx /

Resource Hash

eeb252831a20e08086da75a3e7bd821a3c8585d9f84be8bb7c215cd83c9a8c9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: application/json
accept: application/json, text/plain, */*
Referer: https://1xlite-394299.top/en/registration?tag=s_187535m_355c_
x-requested-with: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 13:41:19 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-time-ng: 0.000
last-modified: Fri, 24 Nov 2023 12:33:50 GMT
server: nginx
etag: "fb89b3f86b1e1fb8bcf38c14cac3ede6"
content-type: application/json
cache-control: public,max-age=3600,s-maxage=3600
server-timing: wf-uht;dur=0.010
accept-ranges: bytes
content-length: 673

GET
H2 200 1fa272bd089d598393dc197562f475b2.json Show response
1xlite-394299.top/genfiles/cms/1-285/desktop/media_asset/ 245 B
521 B 157ms
155ms Fetch
application/json 178.253.29.54
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1xlite-394299.top/genfiles/cms/1-285/desktop/media_asset/1fa272bd089d598393dc197562f475b2.json

Requested by

Host: v3.traincdn.com
URL: https://v3.traincdn.com/_nuxt/desktop/default/vendors/app-6dc4d91c.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.29.54 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC),

Reverse DNS

Software

nginx /

Resource Hash

5f250d09be4bf35ac625fb35faae0f664de6bc43b9aa3525425b3f11895084bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: application/json
accept: application/json, text/plain, */*
Referer: https://1xlite-394299.top/en/registration?tag=s_187535m_355c_
x-requested-with: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 13:41:19 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-time-ng: 0.000
last-modified: Wed, 06 Sep 2023 14:06:34 GMT
server: nginx
etag: "158d1271ad904e98b54f460bb5b828af"
content-type: application/json
cache-control: public,max-age=3600,s-maxage=3600
server-timing: wf-uht;dur=0.013
accept-ranges: bytes
content-length: 245

GET
H2 200 70cc184946a72f3e0ae5a0da994aaa1b.json Show response
1xlite-394299.top/genfiles/cms/1-285/desktop/media_asset/ 1 KB
660 B 145ms
143ms Fetch
application/json 178.253.29.54
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1xlite-394299.top/genfiles/cms/1-285/desktop/media_asset/70cc184946a72f3e0ae5a0da994aaa1b.json

Requested by

Host: v3.traincdn.com
URL: https://v3.traincdn.com/_nuxt/desktop/default/vendors/app-6dc4d91c.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.29.54 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC),

Reverse DNS

Software

nginx /

Resource Hash

a34d4d18f7ebebd5d5e8c5daebbf27603a93a552d69b84989612d76b438ced03

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: application/json
accept: application/json, text/plain, */*
Referer: https://1xlite-394299.top/en/registration?tag=s_187535m_355c_
x-requested-with: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 13:41:19 GMT
content-encoding: br
x-time-ng: 0.000
last-modified: Thu, 01 Feb 2024 15:32:25 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubDomains; preload
etag: W/"c0aa52a31825f5f29cad8c3be64f055b"
vary: Accept-Encoding
content-type: application/json
cache-control: public,max-age=3600,s-maxage=3600
server-timing: wf-uht;dur=

GET
H2 200 88a1ee46.css
v3.traincdn.com/_nuxt/desktop/default/css/ 556 B
490 B 27ms
27ms Stylesheet
text/css 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://v3.traincdn.com/_nuxt/desktop/default/css/88a1ee46.css

Requested by

Host: v3.traincdn.com
URL: https://v3.traincdn.com/_nuxt/desktop/default/runtime-9db278ee.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

c1657c0b9dd42992cf50af6a3aae1d7e2695b6a3fae70aafaf2f04980e0cb56a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://1xlite-394299.top/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-id: mi1-hw-edge-gc25
date: Thu, 04 Apr 2024 13:41:19 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
x-cached-since: 2024-04-03T13:56:51+00:00, 2024-04-03T18:14:47+00:00
x-shard: mi1-shard0-default_443
content-length: 270
last-modified: Wed, 03 Apr 2024 09:31:34 GMT
server: nginx
traceparent: 00-cb318ee49772d8d352f521e3c21b1b03-bb06770acdfbeacc-01
x-id-shield: am3-hw-edge-gc88
etag: "660d21f6-10e"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT, HIT
accept-ranges: bytes
expires: Thu, 04 Apr 2024 13:56:51 GMT

GET
H2 200 Page.Block-4452a7f2.js Show response
v3.traincdn.com/_nuxt/desktop/default/ 13 KB
4 KB 28ms
28ms Script
application/javascript 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://v3.traincdn.com/_nuxt/desktop/default/Page.Block-4452a7f2.js

Requested by

Host: v3.traincdn.com
URL: https://v3.traincdn.com/_nuxt/desktop/default/runtime-9db278ee.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

8904b5296767a3cd46371e273743a73d71027427a2313b09b75b0c39b5892204

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://1xlite-394299.top/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-id: mi1-hw-edge-gc13
date: Thu, 04 Apr 2024 13:41:19 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
x-cached-since: 2024-04-04T08:33:12+00:00, 2024-04-04T08:35:28+00:00
x-shard: mi1-shard0-default_443
content-length: 4289
last-modified: Thu, 04 Apr 2024 08:08:07 GMT
server: nginx
traceparent: 00-bf6ce7575abef3fbad85148ec41eb195-3b8d5196181863cc-01
x-id-shield: am3-hw-edge-gc88
etag: "660e5fe7-10c1"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT, HIT
accept-ranges: bytes
expires: Fri, 05 Apr 2024 08:33:12 GMT

GET
H2 200 analytics-89736509.js Show response
v3.traincdn.com/_nuxt/desktop/default/ 6 KB
3 KB 27ms
27ms Script
application/javascript 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://v3.traincdn.com/_nuxt/desktop/default/analytics-89736509.js

Requested by

Host: v3.traincdn.com
URL: https://v3.traincdn.com/_nuxt/desktop/default/runtime-9db278ee.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

1592173418def7113fd07f4a3bfb19f7e82cffa5fe6e2d62333181115cafcfbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://1xlite-394299.top/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-id: mi1-hw-edge-gc28
date: Thu, 04 Apr 2024 13:41:19 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
x-cached-since: 2024-04-04T08:27:33+00:00, 2024-04-04T08:28:56+00:00
x-shard: mi1-shard0-default_443
content-length: 2435
last-modified: Wed, 03 Apr 2024 14:01:02 GMT
server: nginx
traceparent: 00-210b5ae705fd63e8b4307bbba320240d-0e734765c982410b-01
x-id-shield: am3-hw-edge-gc89
etag: "660d611e-983"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT, HIT
accept-ranges: bytes
expires: Fri, 05 Apr 2024 08:27:33 GMT

GET
H2 200 1da51baa342984a84ca1ac8dd900998b.png
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/ 653 B
760 B 28ms
27ms Other
image/png 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/1da51baa342984a84ca1ac8dd900998b.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

c0399d478788d5d483f104a2e8cb7c32f41cb40e9df0c22e831b2bfa2db63ec0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://1xlite-394299.top/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-id: mi1-hw-edge-gc36
date: Thu, 04 Apr 2024 13:41:19 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-time-ng: 0.000
x-cached-since: 2023-12-20T21:16:44+00:00, 2024-04-04T13:26:42+00:00
x-shard: mi1-shard0-default_443
content-length: 653
last-modified: Tue, 25 Apr 2023 13:43:56 GMT
server: nginx
traceparent: 00-db496d69399ba223c05d8617838789ef-4251ac8a3de500a1-01
x-id-shield: am3-hw-edge-gc89
etag: "e6f0766cbd95db33da44e7a9140648f2"
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=3600,s-maxage=3600
cache: HIT, HIT
accept-ranges: bytes

POST
H2 200 event.json Show response
1xlite-394299.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/ 23 B
180 B 153ms
152ms Fetch
application/json 178.253.29.54
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1xlite-394299.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json

Requested by

Host: v3.traincdn.com
URL: https://v3.traincdn.com/_nuxt/desktop/default/vendors/app-6dc4d91c.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.29.54 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC),

Reverse DNS

Software

nginx /

Resource Hash

d0605f0d341679a5e39ff93a3af6a17959c1054243742ea09cf9869ebd3741b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://1xlite-394299.top/en/block
X-Lang: en
X-Uuid: aa93ee29-4dfa-4419-a0ba-6a3cf6333754
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 13:41:19 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-time-ng: 0.001
server: nginx
server-timing: wf-uht;dur=0.012
content-length: 23
content-type: application/json

POST
H2 200 event.json Show response
1xlite-394299.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/ 23 B
180 B 151ms
150ms Fetch
application/json 178.253.29.54
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1xlite-394299.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json

Requested by

Host: v3.traincdn.com
URL: https://v3.traincdn.com/_nuxt/desktop/default/vendors/app-6dc4d91c.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.29.54 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC),

Reverse DNS

Software

nginx /

Resource Hash

d966f1425b6e9e36afd4246e6129b249fc15d3bd78390226229bf6c1d00e364e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://1xlite-394299.top/en/block
X-Lang: en
X-Uuid: aa93ee29-4dfa-4419-a0ba-6a3cf6333754
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 13:41:19 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-time-ng: 0.001
server: nginx
server-timing: wf-uht;dur=0.011
content-length: 23
content-type: application/json

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 301 KB
99 KB 279ms
158ms Script
application/javascript 2607:f8b0:4004:c08::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-7JGWL9SV66

Requested by

Host: v3.traincdn.com
URL: https://v3.traincdn.com/_nuxt/desktop/default/vendors/app-6dc4d91c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

42915613d72520464b013f18f67e57198de3cad1dcd0096dadfa6c8076714c2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://1xlite-394299.top/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 13:41:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 101501
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 04 Apr 2024 13:41:19 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 210 KB
73 KB 725ms
362ms Script
application/javascript 2a02:6b8::1:119
TELETECH

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: v3.traincdn.com
URL: https://v3.traincdn.com/_nuxt/desktop/default/analytics-89736509.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN208398 (TELETECH, RS),

Reverse DNS

Software

Resource Hash

90f21e0997ee4fca652d5aad8ccc321718c1eacfafc62974d3e6e8b289df95bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://1xlite-394299.top/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 13:41:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Tue, 02 Apr 2024 10:07:01 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "660bd8c5-120aa"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 73898
expires: Thu, 04 Apr 2024 14:41:19 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 220 KB
79 KB 200ms
80ms Script
application/javascript 2607:f8b0:4004:c08::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KFGPRJ2V

Requested by

Host: v3.traincdn.com
URL: https://v3.traincdn.com/_nuxt/desktop/default/analytics-89736509.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1b8a23e77d09665b7cee18f237fbd0d6005660ede58c31882d3865b92a56f9f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://1xlite-394299.top/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 13:41:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80919
x-xss-protection: 0
last-modified: Thu, 04 Apr 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 04 Apr 2024 13:41:19 GMT

GET
H/1.1

200
OK

radar.js Show response
radar.cedexis.com/1707728419/
Redirect Chain

https://radar.cedexis.com/1/23802/radar.js
https://radar.cedexis.com/1707728419/radar.js

44 KB
19 KB

119ms
119ms

Script
application/javascript

45.54.49.5
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://radar.cedexis.com/1707728419/radar.js
Protocol: HTTP/1.1
Server: 45.54.49.5 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS: 5.49.54.45.ptr.anycast.net
Software: nginx /
Resource Hash: 2c5b3aeacf827e181a8131451f9a2a2f402ce22800d2365feb071f1fb7bf666d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1xlite-394299.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date: Thu, 04 Apr 2024 13:41:19 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Feb 2024 09:50:58 GMT
Server: nginx
ETag: W/"65c9ea02-af82"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=1209600, public
Connection: keep-alive
Expires: Thu, 18 Apr 2024 13:41:19 GMT

Redirect headers

Date: Thu, 04 Apr 2024 13:41:19 GMT
Server: nginx
Vary: User-Agent,DNT
Content-Type: text/html
Location: /1707728419/radar.js
Cache-Control: max-age=600
Connection: keep-alive
Content-Length: 154
Expires: Thu, 04 Apr 2024 13:51:19 GMT

GET
H2 200 1da51baa342984a84ca1ac8dd900998b.png
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/ 653 B
738 B 27ms
26ms Other
image/png 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/1da51baa342984a84ca1ac8dd900998b.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

c0399d478788d5d483f104a2e8cb7c32f41cb40e9df0c22e831b2bfa2db63ec0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://1xlite-394299.top/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-id: mi1-hw-edge-gc36
date: Thu, 04 Apr 2024 13:41:19 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-time-ng: 0.000
x-cached-since: 2023-12-20T21:16:44+00:00, 2024-04-04T13:26:42+00:00
x-shard: mi1-shard0-default_443
content-length: 653
last-modified: Tue, 25 Apr 2023 13:43:56 GMT
server: nginx
traceparent: 00-812e90bdb24f2413a2193285bb1edc01-a69f9c4e8e5de851-01
x-id-shield: am3-hw-edge-gc89
etag: "e6f0766cbd95db33da44e7a9140648f2"
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=3600,s-maxage=3600
cache: HIT, HIT
accept-ranges: bytes

GET
H/1.1 200
Ok providers.json Show response
i2-ozjvshrpgavzjevxnueekhnswwyhgv.init.cedexis-radar.net/i2/1/23802/j1/20/124/1712238079/0/0/ 559 B
826 B 679ms
56ms XHR
application/json 104.225.10.227

General

Check archive.org

Show headers Download Go to

Full URL: https://i2-ozjvshrpgavzjevxnueekhnswwyhgv.init.cedexis-radar.net/i2/1/23802/j1/20/124/1712238079/0/0/providers.json?imagesok=1&n=1&p=1&r=1&s=1&t=1
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/23802/radar.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.225.10.227 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 2383dbcd9eb8f5dd46fef1c6a86e0a6927c1b004527d4d7efa35134af22423d1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://1xlite-394299.top/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 04 Apr 2024 13:41:20 GMT
Server: nginx
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 559

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 193 KB
71 KB 87ms
87ms Script
application/javascript 2607:f8b0:4004:c08::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-14030178&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFGPRJ2V

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dff321b5604c4a06a13c2e030b6c46e00eec8dff3a798b7d16a00ca06220f260

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://1xlite-394299.top/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 13:41:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72197
x-xss-protection: 0
last-modified: Thu, 04 Apr 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 04 Apr 2024 13:41:19 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 301 KB
99 KB 88ms
88ms Script
application/javascript 2607:f8b0:4004:c08::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-7JGWL9SV66&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFGPRJ2V

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

db9f8cc626398c452ed9e1327693aa3f12173af86ef6c2c06fa00f55e8af55ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://1xlite-394299.top/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 13:41:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 101460
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 04 Apr 2024 13:41:19 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
246 B 521ms
43ms Ping
text/plain 2001:4860:4802:36::181

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-7JGWL9SV66&gtm=45je4410v897130004za200&_p=1712238079234&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=32561862.1712238080&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1712238079&sct=1&seg=0&dl=https%3A%2F%2F1xlite-394299.top%2Fen%2Fblock&dr=https%3A%2F%2F1xbetuz.cc%2F&dt=1xBet%20registration%20%E1%90%89%20Sign%20up%201xBet%20%E1%90%89%201xlite-394299.top&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.optimize_id=GTM-5R4MT54&tfd=3497
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7JGWL9SV66
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::181 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://1xlite-394299.top/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 04 Apr 2024 13:41:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://1xlite-394299.top
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
255 B 535ms
61ms Ping
text/plain 2607:f8b0:4004:c19::9a

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-7JGWL9SV66&cid=32561862.1712238080&gtm=45je4410v897130004za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7JGWL9SV66
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c19::9a -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://1xlite-394299.top/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 04 Apr 2024 13:41:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://1xlite-394299.top
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET

activityi;dc_pre=CN6hsvTXqIUDFdUMdgYdVeIInw;src=14030178;type=xbet;cat=uniqu0;ord=1;num=6232258745815;npa=0;auiddc=1536894333.1712238080;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.105%7CNo...
14030178.fls.doubleclick.net/ Frame 2421
Redirect Chain

https://14030178.fls.doubleclick.net/activityi;src=14030178;type=xbet;cat=uniqu0;ord=1;num=6232258745815;npa=0;auiddc=1536894333.1712238080;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.105%7...
https://14030178.fls.doubleclick.net/activityi;dc_pre=CN6hsvTXqIUDFdUMdgYdVeIInw;src=14030178;type=xbet;cat=uniqu0;ord=1;num=6232258745815;npa=0;auiddc=1536894333.1712238080;uaa=x86;uab=64;uafvl=Go...

0
0

GET sync_cookie_image_check
mc.yandex.com/ 0
0

GET advert.gif
mc.yandex.com/metrika/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: mc.yandex.ru
URL: https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10329.fqAE0EKwIDLH-krx_RuOwsdkvbXmHdac3ycRQU8Hm6Uu0CE37DKu8FQ35ZsG2W9ccPJPwFh5n9eRl_V-gnN_H0taib8LzwgS6tp8L2_hAXBd2Pf5jOyJVYK83E8rAdq2mki2Lsd4izjCTUI3hW14p2nxQS9njl1u0nqWGx0Rsh4Hmn9AqxGG6QaRrOsh-B5In7FRTy1g06GLL8XYr088Pg%2C%2C.VsOQZXflbPzyYMMej1xs32leACo%2C

Domain: 14030178.fls.doubleclick.net
URL: https://14030178.fls.doubleclick.net/activityi;dc_pre=CN6hsvTXqIUDFdUMdgYdVeIInw;src=14030178;type=xbet;cat=uniqu0;ord=1;num=6232258745815;npa=0;auiddc=1536894333.1712238080;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe4410z89180563600za201;gcd=13l3l3l3l1;dma=0;epver=2;~oref=https%3A%2F%2F1xlite-394299.top%2Fen%2Fblock?

Domain: mc.yandex.com
URL: https://mc.yandex.com/sync_cookie_image_check

Domain: mc.yandex.com
URL: https://mc.yandex.com/metrika/advert.gif

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.yandex.ru/	1970-01-21 05:13:18	Name: i Value: 26sJCym41aIWkY3YNC/s3iA8go1AIZ1p7N3SVKAy2EqH6in+ysuOSuu74ftf4sSVmy5Zt7D9DWYyLsIC6ukBqEe3gtQ=
.yandex.ru/	1970-01-21 05:13:18	Name: yandexuid Value: 9390829671712238076
.yandex.ru/	1970-01-21 04:22:54	Name: yashr Value: 3334149581712238076
mc.yandex.ru/	1970-01-21 04:22:54	Name: bh Value: EkAiR29vZ2xlIENocm9tZSI7dj0iMTIzIiwgIk5vdDpBLUJyYW5kIjt2PSI4IiwgIkNocm9taXVtIjt2PSIxMjMiKgI/MDoHIldpbjMyIg==
.1xbetuz.cc/	1970-01-21 04:22:54	Name: _ym_uid Value: 1712238077681526870
.1xbetuz.cc/	1970-01-21 04:22:54	Name: _ym_d Value: 1712238077
.mc.yandex.com/	1970-01-20 19:37:18	Name: sync_cookie_csrf Value: 113333370fake
mc.yandex.com/	1970-01-21 04:22:54	Name: bh Value: EkAiR29vZ2xlIENocm9tZSI7dj0iMTIzIiwgIk5vdDpBLUJyYW5kIjt2PSI4IiwgIkNocm9taXVtIjt2PSIxMjMiKgI/MDoHIldpbjMyIg==
.yandex.com/	1970-01-21 05:13:18	Name: i Value: HqvlmUzrRpfVeG6ZVdmtSjzTLYqudbWEXmpswjqLkikscukhBI0H8u1BIkg53KDSezJ6UrzB2KpwntOPvwWZSJVyob4=
.yandex.com/	1970-01-21 05:13:18	Name: yandexuid Value: 1911431311712238076
.yandex.com/	1970-01-21 04:22:54	Name: yashr Value: 2760298031712238076
.1xbetuz.cc/	1970-01-20 19:38:30	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 19:37:18	Name: sync_cookie_csrf Value: 2230692006fake
.mc.yandex.com/	1970-01-20 19:38:44	Name: sync_cookie_ok Value: synced
1xlite-394299.top/	1970-01-20 19:41:37	Name: platform_type Value: desktop
1xlite-394299.top/	1969-12-31 23:59:59	Name: auid Value: sv0dNmYOrf0Dfm6VAwf4Ag==
1xlite-394299.top/	1969-12-31 23:59:59	Name: lng Value: en
1xlite-394299.top/	1969-12-31 23:59:59	Name: SESSION Value: 377c47cfc36671f7c052acced4e43b5d
1xlite-394299.top/	1970-01-20 21:03:42	Name: referral_values Value: %7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_187535m_355c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D
1xlite-394299.top/	1970-01-20 19:37:21	Name: reflinkid Value: s_187535m_355c_
1xlite-394299.top/	1970-01-20 19:37:18	Name: postback_watcher Value:
1xlite-394299.top/	1970-01-20 20:20:30	Name: che_g Value: 508f7f3f-e8d4-c10e-5ff7-aac4444736dc
1xlite-394299.top/	1969-12-31 23:59:59	Name: window_width Value: 1600

20 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://1xbetuz.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1xbetuz.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1xbetuz.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1xbetuz.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1xbetuz.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1xbetuz.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1xbetuz.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1xbetuz.cc/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1xlite-394299.top/en/block Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1xlite-394299.top/en/block Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1xlite-394299.top/en/block Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1xlite-394299.top/en/block Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1xlite-394299.top/en/block Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1xlite-394299.top/en/block Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1xlite-394299.top/en/block Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1xlite-394299.top/en/block Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1xlite-394299.top/en/block Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1xlite-394299.top/en/block Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1xlite-394299.top/en/block Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1xlite-394299.top/en/block Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

14030178.fls.doubleclick.net
1xbetuz.biz
1xbetuz.cc
1xlite-394299.top
analytics.google.com
i2-ozjvshrpgavzjevxnueekhnswwyhgv.init.cedexis-radar.net
mc.yandex.com
mc.yandex.ru
radar.cedexis.com
refpa4293501.top
stats.g.doubleclick.net
v3.traincdn.com
www.googletagmanager.com
14030178.fls.doubleclick.net
mc.yandex.com
mc.yandex.ru
104.225.10.227
172.67.200.76
178.253.29.54
178.253.46.82
2001:4860:4802:36::181
2606:4700:3032::6815:4e98
2607:f8b0:4004:c08::61
2607:f8b0:4004:c19::9a
2a02:6b8::1:119
2a03:90c0:9996::9996
45.54.49.5
00182b4d06ec67575d798b8f8196151f4e15010fbd6e44bfd770dc0786569671
030b2d139711faa89a54a8a02c35ff06faf68b67591a26f320efc4b7d889a7e0
07856df1a1e0a57a8ceaf78a3d6691ea1ab6474a28335ab0b47f402a0cfb1914
1592173418def7113fd07f4a3bfb19f7e82cffa5fe6e2d62333181115cafcfbb
1b8a23e77d09665b7cee18f237fbd0d6005660ede58c31882d3865b92a56f9f6
2001d8961da43016454fb78ec7c05871f77ed5e26f0932af7256ddb08156d8bb
2383dbcd9eb8f5dd46fef1c6a86e0a6927c1b004527d4d7efa35134af22423d1
2acc171311243f36d7410ebd2b41ac7d7c7899c861153198217e7e91d3d9e4cf
2c5b3aeacf827e181a8131451f9a2a2f402ce22800d2365feb071f1fb7bf666d
2cb7283447d210aa27e07657e00beefe6731f9771a9445be4e44e96dfe88c232
2d1e703eae7f8eb4d112d8064d9958139bd64ef431ce3dd6ad219d58ac66a713
2f199c9290af68d5a4e04d085a0280cbab26a5b61de8575042a37798188f6d8e
355ed9e03f8b267c5f1cdb3c6049ad8ed262f0d5d733f92e38fad5195d9118e0
3eac3f1352aaf9a8f2591b663018b96a60166fe6044aac65f46814deaaa25493
42915613d72520464b013f18f67e57198de3cad1dcd0096dadfa6c8076714c2c
4eaf4071f43aaa0243a4c6948131b7a3e03fe6ab1f4228da38e8588c15e01f24
5f250d09be4bf35ac625fb35faae0f664de6bc43b9aa3525425b3f11895084bf
5f4b35b2dba9ead8496ade78e0739cf10e9864a90ab96b3be022130153f8e136
6f08363a1ed743f4e1df990451313e6693c49ffbfa472ec78567189906d404e9
7788eb17be26ba0cb0acb172c96750fb05e3cafaa8a275e7bc1a4fb44a7cd8b1
83253758fbaf030621c835e43914547cdb3168e989dfb0f0d82c49f3eaecdd18
888a4170c9b0f5600df9bb47c2d55624bb54bb4f83f69fd6c2560b7570b44b5f
8904b5296767a3cd46371e273743a73d71027427a2313b09b75b0c39b5892204
890c9c826f4839aa332f600237605409aa02f8af65a23a808e2567ccbb5199c9
90ca14e75b783136716922beac94fd9dc526ffeb28b8131f4b4280cb9b75d7f8
90f21e0997ee4fca652d5aad8ccc321718c1eacfafc62974d3e6e8b289df95bd
9682f312f23e078bb135f23ea5a178b178e75c02d33672f20044d18c6d258928
983a6c090fac471d8dfa9fa8470fb0d56151a858f13ab5f00e849212f01086a5
9ae42c0a8d88add1a2d54faab5d819c619cb2a2a1eec7595fe1029a91449efb0
9bbbe99b83a20d3d0bd65ab0b343de560c6d437a74a4835786bbd6a58bb0e08e
9bf747366f63b2664ba02018024b0b3793d02dce31d3496a095a26ed438219a7
9dc59b4e91c1aada81294c54029320042844fe6f142eb8ad393b97227db7f531
9e8c2cec33a9190c029daae0e91235208a380613490274db3d62bdc420345c70
a34d4d18f7ebebd5d5e8c5daebbf27603a93a552d69b84989612d76b438ced03
b50904054641c30b6b4ee7ed4290b52022825f2e9e9e3a4a060b8ecddf28c898
b90ff694e492935b6036fb7e878d365dab51aafa46f0afb1e33414e7ecc3307b
c0399d478788d5d483f104a2e8cb7c32f41cb40e9df0c22e831b2bfa2db63ec0
c1657c0b9dd42992cf50af6a3aae1d7e2695b6a3fae70aafaf2f04980e0cb56a
c40c8344db38145b8535ccffc1823f45982030318056fb40c39d4727a4e455c5
c62a7123a17a1dae5312bb286e8edac4381f1e6b36a575ea64d11c4efb829fd1
c9cf1776920ae2f8b00cd5744ee54365366168179b0f5fd20da3dcee48804006
ca0f32891e117503a1d6bd4536c50219efb1149c3a6441720794fb7bd5df3447
d0605f0d341679a5e39ff93a3af6a17959c1054243742ea09cf9869ebd3741b0
d1c6bdf5725aada18688a3032636f0b6953eeee845e897e8c1ada0b61d09431f
d4bda04b188c28cc16eade6284216675f95bef50183f809b34a8fd4c488cf725
d966f1425b6e9e36afd4246e6129b249fc15d3bd78390226229bf6c1d00e364e
db9f8cc626398c452ed9e1327693aa3f12173af86ef6c2c06fa00f55e8af55ce
dff321b5604c4a06a13c2e030b6c46e00eec8dff3a798b7d16a00ca06220f260
e197ff1d72319b28f3a67ac26da0783915d3b7fc0ab847139c9cabf5049e7d96
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ede01772dfd8da2cc82f245e454ce360b2ceb13b7d1c330bbc1d68fe41255c19
eeb252831a20e08086da75a3e7bd821a3c8585d9f84be8bb7c215cd83c9a8c9f
fd2194f551bd1c9d054c4cac8242938070fe992f879f6831a72a4fa6f5d0e281
fecea87e6a77abfd5d8d5f93e3363840f6b91b69b12d602b4b6d48477a62555a

1xlite-394299.top Open in urlscan Pro 178.253.29.54 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

68 Requests

93 %HTTPS

55 %IPv6

12 Domains

13 Subdomains

10 IPs

3 Countries

1613 kBTransfer

6398 kBSize

23 Cookies

0 Outgoing links

Page URL History

Redirected requests

68 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

1xlite-394299.top Open in urlscan Pro
178.253.29.54 Public Scan

Screenshot
Live screenshot

Full Image

68
Requests

93 %
HTTPS

55 %
IPv6

12
Domains

13
Subdomains

10
IPs

3
Countries

1613 kB
Transfer

6398 kB
Size

23
Cookies

68 HTTP transactions
1 data transactions