1x-xredbet478860.top/promotions/campeonato-brasileiro/
178.253.47.23301 Moved Permanently 162 B URL HTTP/1.1 1x-xredbet478860.top/promotions/campeonato-brasileiro/
IP 178.253.47.23:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /promotions/campeonato-brasileiro/ HTTP/1.1
Host: 1x-xredbet478860.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 26 Oct 2022 14:13:59 GMT
Content-Type: text/html
Content-Length: 162
Connection: close
Location: https://1x-xredbet478860.top/promotions/campeonato-brasileiro/
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e36c852b5e145f2f09fe73111fb162e1
e439c6a462f86a3003d6464a8b9999b1c4d1e210
52a721168d0c41cb0854ff8c730fce3b79db2e804b383238e95ff1401922bd74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "52A721168D0C41CB0854FF8C730FCE3B79DB2E804B383238E95FF1401922BD74"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9768
Expires: Wed, 26 Oct 2022 16:56:47 GMT
Date: Wed, 26 Oct 2022 14:13:59 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 45bfdf3b823cd24564c8ac296a8b5b19
b0c442eb4f87556b3beb18ca8039dd4399b73f16
32113c679dda1f710ba67e537fdd0d435ccc186a238e3b14e48deb7b0700c693
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1654
Cache-Control: max-age=157476
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 14:14:00 GMT
Etag: "6358fe56-1d7"
Expires: Fri, 28 Oct 2022 09:58:36 GMT
Last-Modified: Wed, 26 Oct 2022 09:31:02 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a39eea1096852891690eaee02a64383e
c273000f799fc3676e8e3ef3617611a31252cffc
d9d95319013d64bc2ef6d9870f4adba902ee970b6f9e96279c9ed86f556e0001
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D9D95319013D64BC2EF6D9870F4ADBA902EE970B6F9E96279C9ED86F556E0001"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8462
Expires: Wed, 26 Oct 2022 16:35:02 GMT
Date: Wed, 26 Oct 2022 14:14:00 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: /H++7ovLwbNRLbOz1OPowcLdq9mfaGkPqOiS5vAsP7XBQsFDSWwq7967rgwK2sOc0cLX2w4s4rs=
x-amz-request-id: WXMR78JS26JSNF2R
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 26 Oct 2022 14:09:23 GMT
age: 277
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 088afe60908893f8990f05e76655a094
ad89efd93ebfa97a883bb42174b138e690b8bcd9
0f1bcacb6eb60efecd1cf41cf4fd8d2f1dd4017f7ee1dd8c0093b19dd6ea3954
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0F1BCACB6EB60EFECD1CF41CF4FD8D2F1DD4017F7EE1DD8C0093B19DD6EA3954"
Last-Modified: Mon, 24 Oct 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1250
Expires: Wed, 26 Oct 2022 14:34:50 GMT
Date: Wed, 26 Oct 2022 14:14:00 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 14:14:00 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 02a39530b6de2638527eafd0db8f3f6c
1afd982961d7170e3beb714fdf18a01124a6d02a
6c828a986dbc5eb6769e659f20a39af433febba898213cd4e84f6fa4bd0d20b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6C828A986DBC5EB6769E659F20A39AF433FEBBA898213CD4E84F6FA4BD0D20B1"
Last-Modified: Mon, 24 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17701
Expires: Wed, 26 Oct 2022 19:09:01 GMT
Date: Wed, 26 Oct 2022 14:14:00 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash dd283dfc036535bdeb8a8be1310ef930
d3b1c300dd75d7af630e0f3112e49d7492d66c17
578f9256faa188facb3f2d68b02b0c7fb2e30e02e2e74234d015429563cba7aa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3901
Cache-Control: max-age=154668
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 14:14:00 GMT
Etag: "6358ea97-1d7"
Expires: Fri, 28 Oct 2022 09:11:48 GMT
Last-Modified: Wed, 26 Oct 2022 08:06:47 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.41.253.170101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.41.253.170:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: j9rseK9J5tl8Ndv7cI8n3w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: DIP9U+yfbRs68puPBHaQPPGt4dg=
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 19132f29a8811a10f90eca2d81e5deb8
3b9e0bbf9f40f46b57dad5567b008e58b5770565
708aeab241760b108d60c1462b1979e59cf473242222e9270705ba70642b04f6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 14:14:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lite-1x768595.top/static-promotion/0348e38.modern.js
178.253.14.138200 OK 3.8 kB URL HTTP/2 lite-1x768595.top/static-promotion/0348e38.modern.js
IP 178.253.14.138:0
File type ASCII text, with very long lines (7078), with no line terminators
Hash e725bcfc6fc1df485ca1672292a840a3
fd08b69e9a248e2969c28627307e356581c181bf
abd45106523a9acef08ef8241554b6073ed414bc4679d53819f1c98f3066b77c
Analyzer Verdict Alert quad9 Sinkholed
GET /static-promotion/0348e38.modern.js HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0OimNZQKgZdSmaAwTRAg==; SESSION=88327a02f6bbe214cc22a5f5afa1cf28; lng=us
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 14:14:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 3794
last-modified: Wed, 26 Oct 2022 09:14:01 GMT
vary: Accept-Encoding
etag: "6358fa59-ed2"
content-encoding: gzip
expires: Wed, 26 Oct 2022 15:14:01 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Righteous&family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
142.250.74.10200 OK 2.2 kB URL HTTP/2 fonts.googleapis.com/css2?family=Righteous&family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
IP 142.250.74.10:0
Hash 9cfadf442809eab1d5ed5c666c427557
de369a25065246e390f5e256461e6f6cc39617a9
f13682edbd79f63c163ce9932a108980ee5bf8886cd0c843da4ba75386dadb75
GET /css2?family=Righteous&family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 26 Oct 2022 14:14:01 GMT
date: Wed, 26 Oct 2022 14:14:01 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lite-1x768595.top/static-promotion/fc54720.modern.js
178.253.14.138200 OK 80 kB URL HTTP/2 lite-1x768595.top/static-promotion/fc54720.modern.js
IP 178.253.14.138:0
File type ASCII text, with very long lines (65485)
Hash 340c971b0940cdc4c709124f51595eef
f02e3b55fcc78679143ffb402d50391c0d989510
46e78e36df877d791868d1f3006f7df1398c493fa089bc05623ed7867efa71cc
Analyzer Verdict Alert quad9 Sinkholed
GET /static-promotion/fc54720.modern.js HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0OimNZQKgZdSmaAwTRAg==; SESSION=88327a02f6bbe214cc22a5f5afa1cf28; lng=us
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 14:14:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 80417
last-modified: Wed, 26 Oct 2022 09:14:00 GMT
vary: Accept-Encoding
etag: "6358fa58-13a21"
content-encoding: gzip
expires: Wed, 26 Oct 2022 15:14:01 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x768595.top/static-promotion/f62f5f4.modern.js
178.253.14.138200 OK 126 kB URL HTTP/2 lite-1x768595.top/static-promotion/f62f5f4.modern.js
IP 178.253.14.138:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 126 kB (125814 bytes)
Hash 8307db1e5827e5d1a7e8acb06657eb25
2ecfedefb2005ce45c075297ad8104d690752d84
de4f4de5af01631810254cc51abaf3cc994fee78ce0a9c9cbaf3fc8147b375b4
Analyzer Verdict Alert quad9 Sinkholed
GET /static-promotion/f62f5f4.modern.js HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0OimNZQKgZdSmaAwTRAg==; SESSION=88327a02f6bbe214cc22a5f5afa1cf28; lng=us
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 14:14:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 125814
last-modified: Wed, 26 Oct 2022 09:14:00 GMT
vary: Accept-Encoding
etag: "6358fa58-1eb76"
content-encoding: gzip
expires: Wed, 26 Oct 2022 15:14:01 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 6cc231d59c9f4ef63b12c40ca56f6b18
c3f5436403973aa38f09edb31c56c3e92e1b72ce
aa0f36643efb5022bd0b43d975649b35547d4a33188cbfda338fcaf929aa0fe8
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 14:14:01 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 25 Oct 2022 14:31:56 GMT
Expires: Tue, 01 Nov 2022 14:31:55 GMT
Etag: "c3f5436403973aa38f09edb31c56c3e92e1b72ce"
Cache-Control: max-age=518873,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7603cbc26ea80b3d-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 6cc231d59c9f4ef63b12c40ca56f6b18
c3f5436403973aa38f09edb31c56c3e92e1b72ce
aa0f36643efb5022bd0b43d975649b35547d4a33188cbfda338fcaf929aa0fe8
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 14:14:01 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 25 Oct 2022 14:31:56 GMT
Expires: Tue, 01 Nov 2022 14:31:55 GMT
Etag: "c3f5436403973aa38f09edb31c56c3e92e1b72ce"
Cache-Control: max-age=518873,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7603cbc26c890b55-OSL
v3.cdnsfree.com/_nuxt/desktop/default/36a16b87.modern.js
8.254.252.213200 OK 6.3 kB URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/36a16b87.modern.js
IP 8.254.252.213:0
File type ASCII text, with very long lines (16434), with no line terminators
Hash 2d9834573b6e36d2caf076a143f99a59
9a447f6777d701da714ae6c91969bc40cc053c7c
f2167d7f5906499e0355f82a8c81725fbfc2155f92b5c2d6a9be7df720b864ac
GET /_nuxt/desktop/default/36a16b87.modern.js HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 26 Oct 2022 14:14:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 6343
cache-control: max-age=86400
content-encoding: gzip
etag: "6359216f-18c7"
expires: Thu, 27 Oct 2022 12:23:00 GMT
last-modified: Wed, 26 Oct 2022 12:00:47 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 6698
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/_nuxt/desktop/default/css/6745247d.css
8.254.252.213200 OK 238 B URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/css/6745247d.css
IP 8.254.252.213:0
File type ASCII text, with very long lines (473), with no line terminators
Hash 1de93bae09b3735927b790a3f8d336f4
aed71583625c79e5acfa08b15bf3f559929c4ccf
46e5e661f176180493c262a07855a02fe83cd5020d8a5228bfad736a6bf8f6b1
GET /_nuxt/desktop/default/css/6745247d.css HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 14:14:01 GMT
content-type: text/css
content-length: 238
cache-control: max-age=86400
content-encoding: gzip
etag: "6357a2b3-ee"
expires: Thu, 27 Oct 2022 09:18:08 GMT
last-modified: Tue, 25 Oct 2022 08:47:47 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 18046
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/status.json
8.254.252.213200 OK 21 B URL HTTP/2 v3.cdnsfree.com/status.json
IP 8.254.252.213:0
File type JSON data\012- , ASCII text, with no line terminators
Hash c4bb18933a5fd13d100077a00adf5161
957c1ddeabbf35fcdcaf731cf9611f4703864212
a7e828c3613677202207c42052a2135aefd9af7130f8ac20bb3307277a255db0
GET /status.json HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lite-1x768595.top
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 26 Oct 2022 14:14:01 GMT
content-type: application/json
content-length: 21
server: nginx
access-control-allow-origin: *
age: 5961469
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/_nuxt/desktop/default/css/772676f9.css
8.254.252.213200 OK 76 kB URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/css/772676f9.css
IP 8.254.252.213:0
File type Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Hash e1ac7dff11a62f638915fa3154347ece
6da1dc04c5e309425e43b73c776537db0480717a
3a8423c6b352128245e413d530882919765aa0364a44d8d9da72053ebee50b0f
GET /_nuxt/desktop/default/css/772676f9.css HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 26 Oct 2022 14:14:01 GMT
content-type: text/css
content-length: 76136
cache-control: max-age=86400
content-encoding: gzip
etag: "6359216f-12968"
expires: Thu, 27 Oct 2022 12:22:56 GMT
last-modified: Wed, 26 Oct 2022 12:00:47 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 6697
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/_nuxt/desktop/default/55064564.modern.js
8.254.252.213200 OK 631 kB URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/55064564.modern.js
IP 8.254.252.213:0
File type Unicode text, UTF-8 text, with very long lines (62776)
Size 631 kB (631074 bytes)
Hash 3ea80c6b89aa9492fd689c0753bc18eb
3cce0b5a87684b44998153b52abaa16e8194905e
27daed7ef8c467ccd96c1f7dc1c7870d8eb3e4250c8b04f04c7925b958fb7bf7
GET /_nuxt/desktop/default/55064564.modern.js HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 26 Oct 2022 14:14:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 631074
cache-control: max-age=86400
content-encoding: gzip
etag: "6359216f-9a122"
expires: Thu, 27 Oct 2022 12:22:44 GMT
last-modified: Wed, 26 Oct 2022 12:00:47 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 6698
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/_nuxt/desktop/default/96ad9790.modern.js
8.254.252.213200 OK 1.8 kB URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/96ad9790.modern.js
IP 8.254.252.213:0
File type ASCII text, with very long lines (4715), with no line terminators
Hash fd9c33d4fd6caa02d90a80d04e3cf452
55ba8ce968e61259620ba620ec200b2bf578eba2
7b400235d50599f2896e52fc31ba4b1771d8b2582be0e261a9124469fb8e06a7
GET /_nuxt/desktop/default/96ad9790.modern.js HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 14:14:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 1810
cache-control: max-age=86400
content-encoding: gzip
etag: "6359216f-712"
expires: Thu, 27 Oct 2022 12:24:51 GMT
last-modified: Wed, 26 Oct 2022 12:00:47 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 6693
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/genfiles/cms/pg/285/images/e2e1a81329ec0acf4e446b6fc70e4cf1.svg
8.254.252.213200 OK 705 B URL HTTP/2 v3.cdnsfree.com/genfiles/cms/pg/285/images/e2e1a81329ec0acf4e446b6fc70e4cf1.svg
IP 8.254.252.213:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (1224), with no line terminators
Hash bb246c88651f63256e658dccd79ba91f
560cf8f76dad56a5c10a0f66cc4a200df301265d
30e59f903e6fab358b7bfb110a8bf83aefaf5376f2c60293a20f58c9f9fc45e8
GET /genfiles/cms/pg/285/images/e2e1a81329ec0acf4e446b6fc70e4cf1.svg HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 14:14:01 GMT
content-type: image/svg+xml
content-length: 705
cache-control: public, max-age=120, s-maxage=600
content-encoding: gzip
etag: W/"7cca3986f7a5c4c164144ff11df71073"
expires: Wed, 26 Oct 2022 14:07:12 GMT
last-modified: Thu, 13 Jan 2022 14:28:56 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 537
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 6cc231d59c9f4ef63b12c40ca56f6b18
c3f5436403973aa38f09edb31c56c3e92e1b72ce
aa0f36643efb5022bd0b43d975649b35547d4a33188cbfda338fcaf929aa0fe8
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 14:14:01 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 25 Oct 2022 14:31:56 GMT
Expires: Tue, 01 Nov 2022 14:31:55 GMT
Etag: "c3f5436403973aa38f09edb31c56c3e92e1b72ce"
Cache-Control: max-age=518873,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7603cbc26f2b0b02-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 6cc231d59c9f4ef63b12c40ca56f6b18
c3f5436403973aa38f09edb31c56c3e92e1b72ce
aa0f36643efb5022bd0b43d975649b35547d4a33188cbfda338fcaf929aa0fe8
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 14:14:01 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 25 Oct 2022 14:31:56 GMT
Expires: Tue, 01 Nov 2022 14:31:55 GMT
Etag: "c3f5436403973aa38f09edb31c56c3e92e1b72ce"
Cache-Control: max-age=518873,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7603cbc26ff11c0a-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 6cc231d59c9f4ef63b12c40ca56f6b18
c3f5436403973aa38f09edb31c56c3e92e1b72ce
aa0f36643efb5022bd0b43d975649b35547d4a33188cbfda338fcaf929aa0fe8
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 14:14:01 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 25 Oct 2022 14:31:56 GMT
Expires: Tue, 01 Nov 2022 14:31:55 GMT
Etag: "c3f5436403973aa38f09edb31c56c3e92e1b72ce"
Cache-Control: max-age=518873,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7603cbc26e1fb505-OSL
v3.cdnsfree.com/_nuxt/desktop/default/css/39476c26.css
8.254.252.213200 OK 137 kB URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/css/39476c26.css
IP 8.254.252.213:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 137 kB (136757 bytes)
Hash 3a5033bfe967fa12994035d6b1e00a5d
be25ace40ff3fc6ce7daf65a85bc17c1a86774b9
b00c1d9b6c5669560d98db6d45ca2adff89c9f43275d3c038255a01fff4d05d3
GET /_nuxt/desktop/default/css/39476c26.css HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 26 Oct 2022 14:14:01 GMT
content-type: text/css
content-length: 136757
cache-control: max-age=86400
content-encoding: gzip
etag: "6359216f-21635"
expires: Thu, 27 Oct 2022 12:22:44 GMT
last-modified: Wed, 26 Oct 2022 12:00:47 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 6699
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/_nuxt/desktop/default/bba54632.modern.js
8.254.252.213200 OK 490 kB URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/bba54632.modern.js
IP 8.254.252.213:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 490 kB (490316 bytes)
Hash 0ca2f054e9045e909ad342f62ba084ba
0ad6f1091960e5055ff95d03a31138a427d22e90
c83fb34ee3dfdc81119d5c799c10985ea111086c3f0d6d0016bfa82ee8f85795
GET /_nuxt/desktop/default/bba54632.modern.js HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 26 Oct 2022 14:14:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 490316
cache-control: max-age=86400
content-encoding: gzip
etag: "6359216f-77b4c"
expires: Thu, 27 Oct 2022 12:22:44 GMT
last-modified: Wed, 26 Oct 2022 12:00:47 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 6698
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/_nuxt/desktop/default/1ff77830.modern.js
8.254.252.213200 OK 92 kB URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/1ff77830.modern.js
IP 8.254.252.213:0
File type ASCII text, with very long lines (65479)
Hash 5c8204e173d68f0a4d669202751a007a
9e2d8255f4d2d4d0ffc13e56932520f2b4becdc9
687112a79c680f756a822524f474d11fb4e704ad7432dc0f1900dfe93e41685e
GET /_nuxt/desktop/default/1ff77830.modern.js HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 26 Oct 2022 14:14:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 91837
cache-control: max-age=86400
content-encoding: gzip
etag: "6359216f-166bd"
expires: Thu, 27 Oct 2022 12:22:30 GMT
last-modified: Wed, 26 Oct 2022 12:00:47 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 6699
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e4f7139b125683bac76c2b5638a1a643
2f84ea7104d659754e5962f88f504a7189f6f914
c9c550489201a92e8bbe162bca49d4aa6b21fa22b254a6a29502186423b3b579
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 14:14:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e4f7139b125683bac76c2b5638a1a643
2f84ea7104d659754e5962f88f504a7189f6f914
c9c550489201a92e8bbe162bca49d4aa6b21fa22b254a6a29502186423b3b579
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 14:14:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lite-1x768595.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 19 Oct 2022 19:34:08 GMT
expires: Thu, 19 Oct 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 585593
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lite-1x768595.top/us/promotions/campeonato-brasileiro
178.253.14.138200 OK 117 kB URL HTTP/2 lite-1x768595.top/us/promotions/campeonato-brasileiro
IP 178.253.14.138:0
Size 117 kB (116798 bytes)
Hash da9edbeaeb2a2f262427ab5a7529a6ac
0e99227f529d86d16cb8c78e9a4898219a4f903e
86e0ded08c85d54b3825467d9b0618dfc65b08b35738f89f47013130ce388afb
Analyzer Verdict Alert quad9 Sinkholed
GET /us/promotions/campeonato-brasileiro HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: platform_type=desktop; auid=sv0OimNZQKgZdSmaAwTRAg==
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 14:14:01 GMT
content-type: text/html; charset=utf-8
accept-ranges: none
content-encoding: gzip
server-timing: total;dur=474;desc="Nuxt Server Time", dt_285;dur=481
set-cookie: SESSION=88327a02f6bbe214cc22a5f5afa1cf28; Path=/; HttpOnly; Secure; SameSite=Lax
lng=us; Path=/
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e4f7139b125683bac76c2b5638a1a643
2f84ea7104d659754e5962f88f504a7189f6f914
c9c550489201a92e8bbe162bca49d4aa6b21fa22b254a6a29502186423b3b579
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 14:14:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lite-1x768595.top/genfiles/cms/pg/default/images/c6805d21f8fccbfc75df5c556571fc74.png
178.253.14.138200 OK 352 B URL HTTP/2 lite-1x768595.top/genfiles/cms/pg/default/images/c6805d21f8fccbfc75df5c556571fc74.png
IP 178.253.14.138:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 7dff72d4146e35a8262e6845d13a8df0
a291af970d3955b35c314e85712ceea3aca25d54
a467e6a3d8e443bbbade9f04324268de101625412c1135b4cec0864a55101a78
Analyzer Verdict Alert quad9 Sinkholed
GET /genfiles/cms/pg/default/images/c6805d21f8fccbfc75df5c556571fc74.png HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/us/promotions/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0OimNZQKgZdSmaAwTRAg==; SESSION=88327a02f6bbe214cc22a5f5afa1cf28; lng=us
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 14:14:01 GMT
content-type: image/png
content-length: 352
last-modified: Wed, 10 Aug 2022 11:26:08 GMT
x-rgw-object-type: Normal
etag: "7dff72d4146e35a8262e6845d13a8df0"
x-amz-storage-class: STANDARD
access-control-allow-origin: *
cache-control: public,max-age=120,s-maxage=600
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 262ee317a7d41424cef3f541f6e538d3
1c298c901f93a95e99bdc63259f415ab84a13783
c263ddf8d0a398b0b7e11f7efa9cb901bf877d939f388eb6089a236bbbdc2be4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C263DDF8D0A398B0B7E11F7EFA9CB901BF877D939F388EB6089A236BBBDC2BE4"
Last-Modified: Wed, 26 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16726
Expires: Wed, 26 Oct 2022 18:52:48 GMT
Date: Wed, 26 Oct 2022 14:14:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 262ee317a7d41424cef3f541f6e538d3
1c298c901f93a95e99bdc63259f415ab84a13783
c263ddf8d0a398b0b7e11f7efa9cb901bf877d939f388eb6089a236bbbdc2be4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C263DDF8D0A398B0B7E11F7EFA9CB901BF877D939F388EB6089A236BBBDC2BE4"
Last-Modified: Wed, 26 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16726
Expires: Wed, 26 Oct 2022 18:52:48 GMT
Date: Wed, 26 Oct 2022 14:14:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 262ee317a7d41424cef3f541f6e538d3
1c298c901f93a95e99bdc63259f415ab84a13783
c263ddf8d0a398b0b7e11f7efa9cb901bf877d939f388eb6089a236bbbdc2be4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C263DDF8D0A398B0B7E11F7EFA9CB901BF877D939F388EB6089A236BBBDC2BE4"
Last-Modified: Wed, 26 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16726
Expires: Wed, 26 Oct 2022 18:52:48 GMT
Date: Wed, 26 Oct 2022 14:14:02 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae122c0f-a41b-4abc-a703-a5de223ae39a.png
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae122c0f-a41b-4abc-a703-a5de223ae39a.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash db946866312c734e0c5f91ca76255b2f
e8b8236baab9106a426a415eb01494cc4cc91ad1
a695e7bc87da2c6d9f5669c09e662fe22982e69cb139466efa5093429fe19866
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae122c0f-a41b-4abc-a703-a5de223ae39a.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8439
x-amzn-requestid: e0eed725-0725-4f5a-9c91-fec13ad0ebe5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ajKYQGWhIAMFdhw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63578a9b-2a0115120e75f5271cea992f;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 07:04:59 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: pf98qKWMjPBID3auXFKPhj1kt67xEWF_e2CpRMQ7_HkPJGzJ3cK1qw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 07:18:26 GMT
age: 24936
etag: "e8b8236baab9106a426a415eb01494cc4cc91ad1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadc5382d-fbb1-4d8e-8ee0-d7dcda16508e.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadc5382d-fbb1-4d8e-8ee0-d7dcda16508e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91ee720c15dc69de45080d0c951353af
5292b31a99d90bcb7071f327b93d52034bdf9dcb
7fbe9f0f6db08fd539f2e8d4ac22e3b4d5ca14f7cde69f8424cce8b361d026e6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadc5382d-fbb1-4d8e-8ee0-d7dcda16508e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4524
x-amzn-requestid: a493efe7-11c7-4032-b36b-7f838f8180bc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aljicH_6IAMFqpQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63587fa9-0f15eae7680ea7b15e5e47ec;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 00:30:33 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: NQJHFIbLMzw0aGwCkVGIEIHOMHprTpvLkLQRKgrGeVj35sk7sW4IUg==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 00:36:34 GMT
age: 49048
etag: "5292b31a99d90bcb7071f327b93d52034bdf9dcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fe27cf2-33a8-42cc-a8cd-f5e804e60e26.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fe27cf2-33a8-42cc-a8cd-f5e804e60e26.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c3ae78510434fd68063fc144bf614382
3bb87ca5274ce9f6d81da60ab940d23ccd12843b
f42d89328435cb37cba1111903a6bd5e900857d0942e1506ea2115b4e6301541
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fe27cf2-33a8-42cc-a8cd-f5e804e60e26.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7929
x-amzn-requestid: 6324abd6-8e27-4903-8bfc-a0fc6a8625be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: alK9LEeoIAMF5mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63585854-2900343b1ae208a903fe58fd;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 21:42:44 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5MR4UzoW6rVsSpEyPAWrcFb2LCRICaG-toy3JflaXRrzZwcgMs48VQ==
via: 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 25 Oct 2022 22:09:07 GMT
etag: "3bb87ca5274ce9f6d81da60ab940d23ccd12843b"
content-type: image/jpeg
age: 57895
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
lite-1x768595.top/_nuxt/desktop/default/css/6745247d.css
178.253.14.138200 OK 238 B URL HTTP/2 lite-1x768595.top/_nuxt/desktop/default/css/6745247d.css
IP 178.253.14.138:0
File type ASCII text, with very long lines (473), with no line terminators
Hash 02409a2a002f542956716fc0e620fae5
5c6cf43b7e69460e51d26514e98a49abea431db3
840b88ae47f7e95cca6e9c212b288ba446af7775042597fc9d1452abac46a869
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/desktop/default/css/6745247d.css HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/us/promotions/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0OimNZQKgZdSmaAwTRAg==; SESSION=88327a02f6bbe214cc22a5f5afa1cf28; lng=us; tzo=0; window_width=1920
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 14:14:02 GMT
content-type: text/css
content-length: 238
last-modified: Wed, 26 Oct 2022 12:00:47 GMT
vary: Accept-Encoding
etag: "6359216f-ee"
content-encoding: gzip
expires: Wed, 26 Oct 2022 15:14:02 GMT
cache-control: max-age=3600
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x768595.top/genfiles/web-app-v2/dictionary2/v3_main/us/dictionary_b0938e9bd1d4e53daeea57bde5b71151.json
178.253.14.138200 OK 17 kB URL HTTP/2 lite-1x768595.top/genfiles/web-app-v2/dictionary2/v3_main/us/dictionary_b0938e9bd1d4e53daeea57bde5b71151.json
IP 178.253.14.138:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (50326), with no line terminators
Hash 2dc8b36e2adc57b3463f7e880f08ad30
e8c4e20aa214e64970556e74e35863cfc9b09370
b53e2a55c342449e672bf701ea21f4b5776eec8e3edbabe845d4b8db62cdad26
Analyzer Verdict Alert quad9 Sinkholed
GET /genfiles/web-app-v2/dictionary2/v3_main/us/dictionary_b0938e9bd1d4e53daeea57bde5b71151.json HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://lite-1x768595.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0OimNZQKgZdSmaAwTRAg==; SESSION=88327a02f6bbe214cc22a5f5afa1cf28; lng=us; tzo=0; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 14:14:02 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 26 Oct 2022 13:51:20 GMT
x-rgw-object-type: Normal
etag: W/"76020c20f248f806bc215e14ac3490c5"
cache-control: max-age=31536000
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x768595.top/web-api/external-api/config/getLangs
178.253.14.138200 OK 196 kB URL HTTP/2 lite-1x768595.top/web-api/external-api/config/getLangs
IP 178.253.14.138:0
Size 196 kB (195697 bytes)
Hash dc5ec2a937d3de2f221e73fa192eec2e
5546abddb72cee5a6145a8924e3d94d4a3c9b4ee
a66121d05b98b5f1eb3d334a3dcc707d7bf95d6e73e7f77e3ae24161aa64b519
Analyzer Verdict Alert quad9 Sinkholed
GET /web-api/external-api/config/getLangs HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://lite-1x768595.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0OimNZQKgZdSmaAwTRAg==; SESSION=88327a02f6bbe214cc22a5f5afa1cf28; lng=us
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 14:14:02 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=20, dt_285;dur=22
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x768595.top/static-promotion/cd7db47.modern.js
178.253.14.138200 OK 7.4 kB URL HTTP/2 lite-1x768595.top/static-promotion/cd7db47.modern.js
IP 178.253.14.138:0
File type ASCII text, with very long lines (45732), with no line terminators
Hash e527af33de817bc5d4cbcb6b5e95a02a
84549c365fbbe2c1a35b88ac4b4a88333dd39b2a
ff942bf70651b4ca2afa8af7300474f36ef5a97356219e8f93f193ae7efe00e9
Analyzer Verdict Alert quad9 Sinkholed
GET /static-promotion/cd7db47.modern.js HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0OimNZQKgZdSmaAwTRAg==; SESSION=88327a02f6bbe214cc22a5f5afa1cf28; lng=us; tzo=0; window_width=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 14:14:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 7389
last-modified: Wed, 26 Oct 2022 09:14:01 GMT
vary: Accept-Encoding
etag: "6358fa59-1cdd"
content-encoding: gzip
expires: Wed, 26 Oct 2022 15:14:03 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x768595.top/web-api/external-api/getColorTheme
178.253.14.138200 OK 71 B URL HTTP/2 lite-1x768595.top/web-api/external-api/getColorTheme
IP 178.253.14.138:0
Hash a03d5821333809b106551d076370f2ed
5dbdbdda4970a3025dea2f7df3be0cf66ded01a0
0ee7a07befab961dd250c82de5d17b412e33d793561f553a6fbd20e9114600e0
Analyzer Verdict Alert quad9 Sinkholed
GET /web-api/external-api/getColorTheme HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://lite-1x768595.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0OimNZQKgZdSmaAwTRAg==; SESSION=88327a02f6bbe214cc22a5f5afa1cf28; lng=us
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 14:14:02 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=35, dt_285;dur=36
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x768595.top/static-promotion/5d54141.modern.js
178.253.14.138200 OK 27 kB URL HTTP/2 lite-1x768595.top/static-promotion/5d54141.modern.js
IP 178.253.14.138:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 6e2f5a368f48faf1d2314e64f9c651b9
6bac76e3e8a3c74bf7b9f057aafcbf4b481c129d
15d6c810533d6803220ec45e78207e797746bbcf0a1bfb43ee0a8a301aaf02a7
Analyzer Verdict Alert quad9 Sinkholed
GET /static-promotion/5d54141.modern.js HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0OimNZQKgZdSmaAwTRAg==; SESSION=88327a02f6bbe214cc22a5f5afa1cf28; lng=us; tzo=0; window_width=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 14:14:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 27411
last-modified: Wed, 26 Oct 2022 09:14:01 GMT
vary: Accept-Encoding
etag: "6358fa59-6b13"
content-encoding: gzip
expires: Wed, 26 Oct 2022 15:14:03 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x768595.top/static-promotion/be5f6f4.modern.js
178.253.14.138200 OK 3.3 kB URL HTTP/2 lite-1x768595.top/static-promotion/be5f6f4.modern.js
IP 178.253.14.138:0
File type ASCII text, with very long lines (18517), with no line terminators
Hash 15369994aba37bd65183e31d2d161413
45d713d2f1b1e92c369e1c0458d76ff80313c557
66627f639a466b387f631d23ceb5f04633d68c76bf230db8102267f9b03f6bc6
Analyzer Verdict Alert quad9 Sinkholed
GET /static-promotion/be5f6f4.modern.js HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0OimNZQKgZdSmaAwTRAg==; SESSION=88327a02f6bbe214cc22a5f5afa1cf28; lng=us; tzo=0; window_width=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 14:14:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 3334
last-modified: Wed, 26 Oct 2022 09:14:01 GMT
vary: Accept-Encoding
etag: "6358fa59-d06"
content-encoding: gzip
expires: Wed, 26 Oct 2022 15:14:03 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x768595.top/static-promotion/d5bc3dc.modern.js
178.253.14.138200 OK 35 kB URL HTTP/2 lite-1x768595.top/static-promotion/d5bc3dc.modern.js
IP 178.253.14.138:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash e07eecc9f5671dc30ef721db6ede04f9
ee110aae0cf099fa1a49ad00a3f5f7c315458173
1e82b080eef975a68ccf509a8e1129734ebddd6cdae4f15df1f3365d867719d2
Analyzer Verdict Alert quad9 Sinkholed
GET /static-promotion/d5bc3dc.modern.js HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0OimNZQKgZdSmaAwTRAg==; SESSION=88327a02f6bbe214cc22a5f5afa1cf28; lng=us; tzo=0; window_width=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 14:14:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 35366
last-modified: Wed, 26 Oct 2022 09:14:01 GMT
vary: Accept-Encoding
etag: "6358fa59-8a26"
content-encoding: gzip
expires: Wed, 26 Oct 2022 15:14:03 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
v3.cdnsfree.com/_nuxt/desktop/default/733bdf44.modern.js
8.254.252.213200 OK 1.0 kB URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/733bdf44.modern.js
IP 8.254.252.213:0
File type ASCII text, with very long lines (2404), with no line terminators
Hash 19dd58165f03287a532816b1983e80af
6cac85bf1630c90bbdef8b718569d6f9503b43e8
358900e05e4f491795d6a429909831f5a9d76747fe1941a0e2f65bc05ac72ade
GET /_nuxt/desktop/default/733bdf44.modern.js HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 14:14:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 1031
cache-control: max-age=86400
content-encoding: gzip
etag: "6359216f-407"
expires: Thu, 27 Oct 2022 12:23:12 GMT
last-modified: Wed, 26 Oct 2022 12:00:47 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 6691
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e7f1de4025eee44eed5a0ada1e998d6c
fd8bfad40b964ffd3534ac3aff68aaf31d38ba37
fba4107e5627b68a00dc9c31a657be714c85dc7c648b8e8e1c7373cc305f8228
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 14:14:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-178408567-1
142.250.74.168200 OK 45 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-178408567-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1588)
Hash 37a69465d9c0e483f2acc339e1bbc851
34b924b0fe90c1a99dc180f89dc41401efcf3a96
672af7cb3f1382e3dfa71a1088dbb3f6b191b264e05fcc70e928cb5940c26879
GET /gtag/js?id=UA-178408567-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 26 Oct 2022 14:14:03 GMT
expires: Wed, 26 Oct 2022 14:14:03 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44633
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lite-1x768595.top/version.json?timestamp=1666793639724
178.253.14.138200 OK 11 B URL HTTP/2 lite-1x768595.top/version.json?timestamp=1666793639724
IP 178.253.14.138:0
Hash 41354997e1078e4ef08d050d78ac1b77
6bb900acdbc7c4c8173e1b386efe77641b6a2b46
8255384c539f658786393d12f514edd9d30899c90452c1bf369fdb395c435448
Analyzer Verdict Alert quad9 Sinkholed
GET /version.json?timestamp=1666793639724 HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x768595.top/us/promotions/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0OimNZQKgZdSmaAwTRAg==; SESSION=88327a02f6bbe214cc22a5f5afa1cf28; lng=us; tzo=0; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 14:14:03 GMT
content-type: application/json; charset=UTF-8
content-length: 11
etag: W/"b-a7kArNvHxMgXPhs4bv53ZBtqK0Y"
server-timing: dt_285;dur=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e7f1de4025eee44eed5a0ada1e998d6c
fd8bfad40b964ffd3534ac3aff68aaf31d38ba37
fba4107e5627b68a00dc9c31a657be714c85dc7c648b8e8e1c7373cc305f8228
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 14:14:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
radar.cedexis.com/1593429750/radar.js
45.54.49.5200 OK 19 kB URL HTTP/1.1 radar.cedexis.com/1593429750/radar.js
IP 45.54.49.5:0
ASN #63911 NetActuate, Inc
File type ASCII text, with very long lines (1782)
Hash 2acb3c3179b2646943d1a8f5166743cc
56aa31a4027fec3dd8cc78114c6b0f3604716c14
0ac8b27ab0fd5f6440f4fc51e98694a417ae1402a3ca4feb224643327c079595
GET /1593429750/radar.js HTTP/1.1
Host: radar.cedexis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 14:14:03 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 29 Jun 2020 11:30:33 GMT
Vary: Accept-Encoding
ETag: W/"5ef9d0d9-af5c"
Expires: Wed, 09 Nov 2022 14:14:03 GMT
Cache-Control: max-age=1209600, public
Content-Encoding: gzip
lite-1x768595.top/promo-frame/us/promotion/campeonato-brasileiro
178.253.14.138304 Not Modified 0 B URL HTTP/2 lite-1x768595.top/promo-frame/us/promotion/campeonato-brasileiro
IP 178.253.14.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /promo-frame/us/promotion/campeonato-brasileiro HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/us/promotions/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0OimNZQKgZdSmaAwTRAg==; SESSION=88327a02f6bbe214cc22a5f5afa1cf28; lng=us; tzo=0; window_width=1920
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
If-None-Match: "130d-RcKXCN0iIsmAHTA6TnZei9YbkcM"
TE: trailers
HTTP/2 304 Not Modified
server: nginx
date: Wed, 26 Oct 2022 14:14:03 GMT
etag: "130d-RcKXCN0iIsmAHTA6TnZei9YbkcM"
server-timing: dt_285;dur=4
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x768595.top/_nuxt/svg-sprites/common-698f8a6f34d490918d634efec2d8f268.svg
178.253.14.138200 OK 56 kB URL HTTP/2 lite-1x768595.top/_nuxt/svg-sprites/common-698f8a6f34d490918d634efec2d8f268.svg
IP 178.253.14.138:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 9d6417ea365ee1688a18aa9d2d7ebc34
24b169a26564c96584c646a7214a8f37aaba6b26
2196a1f15a924e4e86391b666eebdb59a48834f3279cb9db25517de292c1cd2b
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/svg-sprites/common-698f8a6f34d490918d634efec2d8f268.svg HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/us/promotions/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0OimNZQKgZdSmaAwTRAg==; SESSION=88327a02f6bbe214cc22a5f5afa1cf28; lng=us; tzo=0; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 14:14:03 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Wed, 26 Oct 2022 12:00:47 GMT
etag: W/"6359216f-196ca"
expires: Thu, 27 Oct 2022 13:56:19 GMT
cache-control: max-age=86400
access-control-allow-origin: *
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
216.58.207.195200 OK 9.6 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 9628, version 1.0\012- data
Hash d9ac47c7e500fb7083b8d595eaf6fe12
112a2fc5f4ff9b85ee3a706fa9b8c47f79b05933
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lite-1x768595.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9628
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 20 Oct 2022 06:19:49 GMT
expires: Fri, 20 Oct 2023 06:19:49 GMT
cache-control: public, max-age=31536000
age: 546854
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lite-1x768595.top/domain-api/api/v1/domains/lite-1x768595.top
178.253.14.138200 OK 84 B URL HTTP/2 lite-1x768595.top/domain-api/api/v1/domains/lite-1x768595.top
IP 178.253.14.138:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 9f7ce1856bb45ee9898aebdab9863fc1
6169715dfbfe5a98165ab596ee7a2e066505c598
a1e85717a80f7d928aa7da17ebc13cffdba8a67eecb9a63cb4038fcb581282e7
Analyzer Verdict Alert quad9 Sinkholed
GET /domain-api/api/v1/domains/lite-1x768595.top HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x768595.top/us/promotions/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0OimNZQKgZdSmaAwTRAg==; SESSION=88327a02f6bbe214cc22a5f5afa1cf28; lng=us; tzo=0; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 14:14:03 GMT
content-type: application/vnd.api+json
content-length: 84
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
v3.cdnsfree.com/_nuxt/desktop/default/89ac4e42.modern.js
8.254.252.213200 OK 1.1 kB URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/89ac4e42.modern.js
IP 8.254.252.213:0
File type Unicode text, UTF-8 text, with very long lines (2451), with no line terminators
Hash a9300ceac7c1887b4daef18d2d1436ef
cc2b1be722a4db7af0f4ac24f18a8ea1966cc07e
35dab111eb60598f6a1dfb9f9c580c32521db4d05c6e0c83a17577c4a88ccdc4
GET /_nuxt/desktop/default/89ac4e42.modern.js HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 14:14:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 1063
cache-control: max-age=86400
content-encoding: gzip
etag: "6359216f-427"
expires: Thu, 27 Oct 2022 12:22:55 GMT
last-modified: Wed, 26 Oct 2022 12:00:47 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 6679
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/_nuxt/desktop/default/ad7f9297.modern.js
8.254.252.213200 OK 26 kB URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/ad7f9297.modern.js
IP 8.254.252.213:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 0d9205acc8dbb31b713a1830808ca6ad
2f38d35b6c6dd198903f37c96d882f6bed1f839b
92dc11dfd6a2fef45d2380db3134daf641d5facfe88a5a75029bb3955f179e60
GET /_nuxt/desktop/default/ad7f9297.modern.js HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 14:14:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 26106
cache-control: max-age=86400
content-encoding: gzip
etag: "6359216f-65fa"
expires: Thu, 27 Oct 2022 12:23:05 GMT
last-modified: Wed, 26 Oct 2022 12:00:47 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 6671
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/_nuxt/desktop/default/a900795a.modern.js
8.254.252.213200 OK 5.4 kB URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/a900795a.modern.js
IP 8.254.252.213:0
File type ASCII text, with very long lines (13502), with no line terminators
Hash 8d7474fde9c386eea0a78d1d54a85d85
7cf16946a8f0736db53c3cc99b71cd6bd596fbe7
a4be9f9667bac7d77f5858ad01442fcb2abde48f1b08187bb8599ab5b38b79ab
GET /_nuxt/desktop/default/a900795a.modern.js HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 14:14:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 5381
cache-control: max-age=86400
content-encoding: gzip
etag: "6359216f-1505"
expires: Thu, 27 Oct 2022 12:22:54 GMT
last-modified: Wed, 26 Oct 2022 12:00:47 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 6671
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/mibr_white-logo.png
8.254.252.213200 OK 9.9 kB URL HTTP/2 v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/mibr_white-logo.png
IP 8.254.252.213:0
File type PNG image data, 834 x 434, 8-bit/color RGBA, non-interlaced\012- data
Hash c14d0b72d2885c8ae4975e64ddb29a6f
3c31e0bb67f15daada51baf892c89ef0cd061146
657992cd544e48630d90afc0b957014f0ac4fad15789c7c18a937d5b71231967
GET /genfiles/cms/1-285/desktop/footer/logos/mibr_white-logo.png HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 14:14:03 GMT
content-type: image/png
content-length: 9904
cache-control: public, max-age=120, s-maxage=600
etag: "c14d0b72d2885c8ae4975e64ddb29a6f"
expires: Wed, 26 Oct 2022 14:07:20 GMT
last-modified: Thu, 04 Aug 2022 17:36:40 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 540
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x768595.top/web-api/api/internal/v1/sessions/user
178.253.14.138200 OK 91 B URL HTTP/2 lite-1x768595.top/web-api/api/internal/v1/sessions/user
IP 178.253.14.138:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7f08529bc4a73ef6216d27a6b9408914
d35e84765ec35db78746ff044785169e847837c9
72fec33883cd2c515ce5bf34588577cac6598e3e7e8d8a3ad7fc95c1dc42150f
Analyzer Verdict Alert quad9 Sinkholed
GET /web-api/api/internal/v1/sessions/user HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x768595.top/us/promotions/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0OimNZQKgZdSmaAwTRAg==; SESSION=88327a02f6bbe214cc22a5f5afa1cf28; lng=us; tzo=0; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 14:14:03 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=43, dt_285;dur=44
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/team_spirit_black.png
8.254.252.213200 OK 169 kB URL HTTP/2 v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/team_spirit_black.png
IP 8.254.252.213:0
File type PNG image data, 4000 x 4000, 8-bit/color RGBA, non-interlaced\012- data
Size 169 kB (169025 bytes)
Hash ba6cf2e79cb532a105c8f34b1efbcb26
f05ff0a3895400ac928ac1cce6153f657e6f6d8f
8e3e826321588ba9cca7ed55a8c23ee2e64e007775a40f9f8878340b2788864e
GET /genfiles/cms/1-285/desktop/footer/logos/team_spirit_black.png HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 14:14:03 GMT
content-type: image/png
content-length: 169025
cache-control: public, max-age=120, s-maxage=600
etag: "ba6cf2e79cb532a105c8f34b1efbcb26"
expires: Wed, 26 Oct 2022 14:09:43 GMT
last-modified: Wed, 01 Jun 2022 12:16:40 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 382
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/og_red_bull.png
8.254.252.213200 OK 149 kB URL HTTP/2 v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/og_red_bull.png
IP 8.254.252.213:0
File type PNG image data, 2187 x 3222, 8-bit/color RGBA, non-interlaced\012- data
Size 149 kB (149244 bytes)
Hash ab837a9cb89291146ad8b371c052fe8d
bf89d8ec4fa8ac43004ceb74bd49199aa3436ca2
14a017c6bf332ef819755c66546f9847b291c056239bc0289d92063fcd17648b
GET /genfiles/cms/1-285/desktop/footer/logos/og_red_bull.png HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 14:14:03 GMT
content-type: image/png
content-length: 149244
cache-control: public, max-age=120, s-maxage=600
etag: "ab837a9cb89291146ad8b371c052fe8d"
expires: Wed, 26 Oct 2022 14:15:33 GMT
last-modified: Wed, 25 May 2022 11:38:09 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 101
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/caf-champions-en.png
8.254.252.213200 OK 15 kB URL HTTP/2 v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/caf-champions-en.png
IP 8.254.252.213:0
File type PNG image data, 387 x 230, 8-bit colormap, non-interlaced\012- data
Hash 805de1a5bec7c7e47c459ed79e5a7778
409804a9ad7ebd262a6125eb04cbd678ac7a9824
3dd56bfcb4bd898db532541ee1bbbcbaffc8276b155f518b5d10be553296633d
GET /genfiles/cms/1-285/desktop/footer/logos/caf-champions-en.png HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 14:14:03 GMT
content-type: image/png
content-length: 15100
cache-control: public, max-age=120, s-maxage=600
etag: "805de1a5bec7c7e47c459ed79e5a7778"
expires: Wed, 26 Oct 2022 14:09:48 GMT
last-modified: Fri, 07 May 2021 11:29:04 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 380
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/logo-fcb.png
8.254.252.213200 OK 7.4 kB URL HTTP/2 v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/logo-fcb.png
IP 8.254.252.213:0
File type PNG image data, 169 x 183, 8-bit colormap, non-interlaced\012- data
Hash 8ea23d2a7c2e152564a43453425b3301
f6e61dbb4b90ab17f23130d79af095a1267b01c3
e193b50c6e3a1657a7c7e1100b941a43c90eeda8f9d56763318ac624eeba2cbd
GET /genfiles/cms/1-285/desktop/footer/logos/logo-fcb.png HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 14:14:03 GMT
content-type: image/png
content-length: 7420
cache-control: public, max-age=120, s-maxage=600
etag: "8ea23d2a7c2e152564a43453425b3301"
expires: Wed, 26 Oct 2022 14:10:54 GMT
last-modified: Fri, 06 Nov 2020 12:55:12 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 309
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/logo-losc.png
8.254.252.213200 OK 119 kB URL HTTP/2 v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/logo-losc.png
IP 8.254.252.213:0
File type PNG image data, 2052 x 1962, 8-bit/color RGBA, non-interlaced\012- data
Size 119 kB (119254 bytes)
Hash 0b72a6591ead9e9b95a118b411b9556a
6d43538a7c2167e9046d418e0707dba8f361fd1c
012b4965e861f6073a0496f55677715279f5799468c9aa4c3d92bdbbc5e0b67b
GET /genfiles/cms/1-285/desktop/footer/logos/logo-losc.png HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 14:14:03 GMT
content-type: image/png
content-length: 119254
cache-control: public, max-age=120, s-maxage=600
etag: "0b72a6591ead9e9b95a118b411b9556a"
expires: Wed, 26 Oct 2022 14:10:47 GMT
last-modified: Fri, 09 Sep 2022 14:12:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 316
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/K23_2020_lightmode.png
8.254.252.213200 OK 168 kB URL HTTP/2 v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/K23_2020_lightmode.png
IP 8.254.252.213:0
File type PNG image data, 4455 x 2151, 8-bit/color RGBA, non-interlaced\012- data
Size 168 kB (168437 bytes)
Hash 514efcaa096bc870bbb55a0910327b9c
05f80f59b5eeb2e4cf409fc4b9d96ddec64b3e6f
a541dec3a5acfa154ce5716014bb463c6be72db6bf5ffb88dde95929e9670942
GET /genfiles/cms/1-285/desktop/footer/logos/K23_2020_lightmode.png HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 14:14:03 GMT
content-type: image/png
content-length: 168437
cache-control: public, max-age=120, s-maxage=600
etag: "514efcaa096bc870bbb55a0910327b9c"
expires: Wed, 26 Oct 2022 14:15:33 GMT
last-modified: Wed, 01 Jun 2022 12:17:09 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 101
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/esl.png
8.254.252.213200 OK 33 kB URL HTTP/2 v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/esl.png
IP 8.254.252.213:0
File type PNG image data, 1184 x 362, 8-bit/color RGBA, non-interlaced\012- data
Hash 802ac7a85f716d1a10ad5084ce6b2c14
4e3b9ea62cf588f4f8b5be3553aa53068fbe8fa6
3329ddcdb9bce051bb89a2ec7ea84fae914e31752e66656a2321642d8457f7cc
GET /genfiles/cms/1-285/desktop/footer/logos/esl.png HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 14:14:03 GMT
content-type: image/png
content-length: 33328
cache-control: public, max-age=3, s-maxage=600
etag: "802ac7a85f716d1a10ad5084ce6b2c14"
expires: Wed, 26 Oct 2022 14:13:47 GMT
last-modified: Fri, 07 May 2021 11:29:08 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 215
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/logo-serie-new.png
8.254.252.213200 OK 19 kB URL HTTP/2 v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/logo-serie-new.png
IP 8.254.252.213:0
File type PNG image data, 180 x 320, 8-bit/color RGBA, non-interlaced\012- data
Hash eebc2093ed37610949fddb757fb411c2
f7964e29e324fe613114a2d8a574819735d4e8a4
2573852f7e996aaf5d4ae5280f600e384f8b5d75e8c4de9e06100af2d9f55e5c
GET /genfiles/cms/1-285/desktop/footer/logos/logo-serie-new.png HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 14:14:03 GMT
content-type: image/png
content-length: 18675
cache-control: public, max-age=120, s-maxage=600
etag: "eebc2093ed37610949fddb757fb411c2"
expires: Wed, 26 Oct 2022 14:15:33 GMT
last-modified: Fri, 06 Nov 2020 12:55:12 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 101
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/can-2019-en.png
8.254.252.213200 OK 8.1 kB URL HTTP/2 v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/can-2019-en.png
IP 8.254.252.213:0
File type PNG image data, 243 x 144, 8-bit colormap, non-interlaced\012- data
Hash d2998762f0b00c9d1bcd90c28f0a5731
95553e4eff474b6a05ad4a6e00826ba4ab9b2c4e
09050bbfb49f160886714942b619eb95dbd92f2f6862f38aa685538f420591b8
GET /genfiles/cms/1-285/desktop/footer/logos/can-2019-en.png HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 14:14:04 GMT
content-type: image/png
content-length: 8120
cache-control: public, max-age=120, s-maxage=600
etag: "d2998762f0b00c9d1bcd90c28f0a5731"
expires: Wed, 26 Oct 2022 14:10:29 GMT
last-modified: Fri, 06 Nov 2020 12:55:12 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 369
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x768595.top/genfiles/cms/maintenance_mode/settings.json?timestamp=1666793640631
178.253.14.138200 OK 145 B URL HTTP/2 lite-1x768595.top/genfiles/cms/maintenance_mode/settings.json?timestamp=1666793640631
IP 178.253.14.138:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 81d90db48c09d6f764c4929c90eadfc1
6fe1a593e77cca8d9adff9fe5b5f40e19ccf7bd8
fa0a9c9d33937e1539ce6b9e44abf7ecd69f5032c6ba8b85308c6a388f8dc28c
Analyzer Verdict Alert quad9 Sinkholed
GET /genfiles/cms/maintenance_mode/settings.json?timestamp=1666793640631 HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x768595.top/us/promotions/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0OimNZQKgZdSmaAwTRAg==; SESSION=88327a02f6bbe214cc22a5f5afa1cf28; lng=us; tzo=0; window_width=1280; che_g=6a274cde-da00-1bc2-47db-b7b1ba3303fe
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 14:14:04 GMT
content-type: application/json
content-length: 145
last-modified: Thu, 21 Apr 2022 06:40:33 GMT
x-rgw-object-type: Normal
etag: "81d90db48c09d6f764c4929c90eadfc1"
cache-control: public,max-age=60,s-maxage=60
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/caf-confederation-en.png
8.254.252.213200 OK 15 kB URL HTTP/2 v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/caf-confederation-en.png
IP 8.254.252.213:0
File type PNG image data, 387 x 230, 8-bit colormap, non-interlaced\012- data
Hash 70e5105d03a74cc00cd9a0386fde303e
ffcd4fbcd486825d0d31e41cada108335b012d81
baabca03d9695b9475d7d0b4d736fbb093d21f2c03228a7704097e2bfb8e583a
GET /genfiles/cms/1-285/desktop/footer/logos/caf-confederation-en.png HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 14:14:04 GMT
content-type: image/png
content-length: 14740
cache-control: public, max-age=120, s-maxage=600
etag: "70e5105d03a74cc00cd9a0386fde303e"
expires: Wed, 26 Oct 2022 14:16:04 GMT
last-modified: Fri, 07 May 2021 11:29:03 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 5
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x768595.top/web-api/api/internal/v1/proof_of_age
178.253.14.138204 No Content 0 B URL HTTP/2 lite-1x768595.top/web-api/api/internal/v1/proof_of_age
IP 178.253.14.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /web-api/api/internal/v1/proof_of_age HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/vnd.api+json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x768595.top/us/promotions/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0OimNZQKgZdSmaAwTRAg==; SESSION=88327a02f6bbe214cc22a5f5afa1cf28; lng=us; tzo=0; window_width=1280; che_g=6a274cde-da00-1bc2-47db-b7b1ba3303fe
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 26 Oct 2022 14:14:04 GMT
cache-control: no-cache, private
server-timing: p;dur=38, dt_285;dur=41
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Wed, 26 Oct 2022 12:41:09 GMT
expires: Wed, 26 Oct 2022 14:41:09 GMT
cache-control: public, max-age=7200
age: 5575
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash d68830f33c12f2aa839ecd5c96146bb2
c4eca00dde1d737943bc2980b58a7288c06f808c
0b8dd5b33360dae55b75de1bb81fc9404103824c8d987372d1c44f425052f0d7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 14:14:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-178408567-1&cid=1907256039.1666793641&jid=577557147&gjid=1576833882&_gid=285396782.1666793641&_u=aCDAAUACQAAAACAAI~&z=1863204464
173.194.222.155200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-178408567-1&cid=1907256039.1666793641&jid=577557147&gjid=1576833882&_gid=285396782.1666793641&_u=aCDAAUACQAAAACAAI~&z=1863204464
IP 173.194.222.155:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-178408567-1&cid=1907256039.1666793641&jid=577557147&gjid=1576833882&_gid=285396782.1666793641&_u=aCDAAUACQAAAACAAI~&z=1863204464 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://lite-1x768595.top
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://lite-1x768595.top
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 26 Oct 2022 14:14:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash d68830f33c12f2aa839ecd5c96146bb2
c4eca00dde1d737943bc2980b58a7288c06f808c
0b8dd5b33360dae55b75de1bb81fc9404103824c8d987372d1c44f425052f0d7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 14:14:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lite-1x768595.top/web-api/external-api/config/getLangs
178.253.14.138200 OK 1.5 kB URL HTTP/2 lite-1x768595.top/web-api/external-api/config/getLangs
IP 178.253.14.138:0
File type JSON data\012- , ASCII text, with very long lines (5016), with no line terminators
Hash 13933b82591362b214dc4470a90da551
c25a239251f075ca8ec43f4f61dc46c1bc27a710
bff2e058794e71f0014e18b9bd00b8cb6d42d62f465bb9fbcd2bbebe4a497239
Analyzer Verdict Alert quad9 Sinkholed
GET /web-api/external-api/config/getLangs HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://lite-1x768595.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0OimNZQKgZdSmaAwTRAg==; SESSION=88327a02f6bbe214cc22a5f5afa1cf28; lng=us; tzo=0; window_width=1280; che_g=6a274cde-da00-1bc2-47db-b7b1ba3303fe; _ga_7JGWL9SV66=GS1.1.1666793640.1.0.1666793640.0.0.0; _ga=GA1.2.1907256039.1666793641; _gid=GA1.2.285396782.1666793641; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 14:14:04 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=27, dt_285;dur=30
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x768595.top/translation-api/by-lang/us
178.253.14.138200 OK 9.0 kB URL HTTP/2 lite-1x768595.top/translation-api/by-lang/us
IP 178.253.14.138:0
Hash 4020e8ce1ac0589ae948ed1b9166ffd0
64e9612cad3d6afbe4d48d11c64031a2802ab29b
d54fa8692eaf3a5ce8e4a605d4777e4544e6ebcd4d05942a26b2090c60ca4a9b
Analyzer Verdict Alert quad9 Sinkholed
GET /translation-api/by-lang/us HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://lite-1x768595.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0OimNZQKgZdSmaAwTRAg==; SESSION=88327a02f6bbe214cc22a5f5afa1cf28; lng=us; tzo=0; window_width=1920; che_g=6a274cde-da00-1bc2-47db-b7b1ba3303fe; _ga_7JGWL9SV66=GS1.1.1666793640.1.0.1666793640.0.0.0; _ga=GA1.2.1907256039.1666793641; _gid=GA1.2.285396782.1666793641; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 14:14:04 GMT
content-type: application/vnd.api+json
cache-control: no-cache, private
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-max-age: 1728000
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x768595.top/web-api/external-api/config/all
178.253.14.138200 OK 99 kB URL HTTP/2 lite-1x768595.top/web-api/external-api/config/all
IP 178.253.14.138:0
Hash 7acc7d3c6ba3bf0c79ed2fb8108e6eec
8d46e6109fd4dce48de6c3e7c77642b9075867d0
b2fffce3b2686d8eb5d8d7372e0261004161095c33305da7bffa8e2cb333d75f
Analyzer Verdict Alert quad9 Sinkholed
POST /web-api/external-api/config/all HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Origin: https://lite-1x768595.top
Connection: keep-alive
Referer: https://lite-1x768595.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0OimNZQKgZdSmaAwTRAg==; SESSION=88327a02f6bbe214cc22a5f5afa1cf28; lng=us; tzo=0; window_width=1280; che_g=6a274cde-da00-1bc2-47db-b7b1ba3303fe; _ga_7JGWL9SV66=GS1.1.1666793640.1.0.1666793640.0.0.0; _ga=GA1.1.1907256039.1666793641
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 14:14:04 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=71, dt_285;dur=73
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x768595.top/genfiles/cms/1-285/desktop/errorsPage/ball.webp
178.253.14.138200 OK 2.0 kB URL HTTP/2 lite-1x768595.top/genfiles/cms/1-285/desktop/errorsPage/ball.webp
IP 178.253.14.138:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash b2e135d916673e6f1be84800198490d4
60db6095350e4b9e618aab6666650eb13a941745
3b2e95cba675bc9bdeae9308d00f629d586a6ae7e55aa60a971027cbf9ed7682
Analyzer Verdict Alert quad9 Sinkholed
GET /genfiles/cms/1-285/desktop/errorsPage/ball.webp HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/403
Cookie: platform_type=desktop; auid=sv0OimNZQKgZdSmaAwTRAg==; SESSION=88327a02f6bbe214cc22a5f5afa1cf28; lng=us; tzo=0; window_width=1280; che_g=6a274cde-da00-1bc2-47db-b7b1ba3303fe; _ga_7JGWL9SV66=GS1.1.1666793640.1.0.1666793640.0.0.0; _ga=GA1.2.1907256039.1666793641; _gid=GA1.2.285396782.1666793641; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 14:14:05 GMT
content-type: application/octet-stream
content-length: 2010
last-modified: Tue, 26 Jan 2021 08:32:04 GMT
x-rgw-object-type: Normal
etag: "b2e135d916673e6f1be84800198490d4"
access-control-allow-origin: *
cache-control: public,max-age=120,s-maxage=600
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x768595.top/genfiles/cms/1-285/desktop//errorsPage/gates.png
178.253.14.138200 OK 79 kB URL HTTP/2 lite-1x768595.top/genfiles/cms/1-285/desktop//errorsPage/gates.png
IP 178.253.14.138:0
File type PNG image data, 739 x 687, 8-bit/color RGBA, non-interlaced\012- data
Hash 0ecd34213f0d5c445cb14d6f8d2dd7ed
aadbec956b67f7247b08c7fbfdb3e9625bd6bc00
98c1b640475c09dbed13ae6ea5772634ce5d889d3f0ec97701f21bcd7e772541
Analyzer Verdict Alert quad9 Sinkholed
GET /genfiles/cms/1-285/desktop//errorsPage/gates.png HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0OimNZQKgZdSmaAwTRAg==; SESSION=88327a02f6bbe214cc22a5f5afa1cf28; lng=us; tzo=0; window_width=1280; che_g=6a274cde-da00-1bc2-47db-b7b1ba3303fe; _ga_7JGWL9SV66=GS1.1.1666793640.1.0.1666793640.0.0.0; _ga=GA1.2.1907256039.1666793641; _gid=GA1.2.285396782.1666793641; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 14:14:05 GMT
content-type: image/png
content-length: 78710
last-modified: Sat, 07 Nov 2020 11:58:55 GMT
x-rgw-object-type: Normal
etag: "0ecd34213f0d5c445cb14d6f8d2dd7ed"
access-control-allow-origin: *
cache-control: public,max-age=120,s-maxage=600
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x768595.top/web-api/external-api/promotions/campeonato-brasileiro
178.253.14.138403 Forbidden 212 kB URL HTTP/2 lite-1x768595.top/web-api/external-api/promotions/campeonato-brasileiro
IP 178.253.14.138:0
Size 212 kB (212090 bytes)
Hash 3b0f5e32a7c4b023bb286acb60462fca
cd8ff39b24caf819fa47cffc19c28612d19f2c10
1c30324922b2770ccabe28645fc123bc4b14c62ba8b548600beeb4f6768cc1da
Analyzer Verdict Alert quad9 Sinkholed
GET /web-api/external-api/promotions/campeonato-brasileiro HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://lite-1x768595.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0OimNZQKgZdSmaAwTRAg==; SESSION=88327a02f6bbe214cc22a5f5afa1cf28; lng=us; tzo=0; window_width=1280; che_g=6a274cde-da00-1bc2-47db-b7b1ba3303fe; _ga_7JGWL9SV66=GS1.1.1666793640.1.0.1666793640.0.0.0; _ga=GA1.2.1907256039.1666793641; _gid=GA1.2.285396782.1666793641; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
server: nginx
date: Wed, 26 Oct 2022 14:14:05 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=32, dt_285;dur=34
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash cc8e218cff9a028f8a2f6a0c05240d79
90b1a4f388972eb81eb71ebec32aeb90b3ea2b62
c1fec0b1a76ce4273403632ce86ac680a11f21f413e31414b73bc9ee68b78c0b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4049
Cache-Control: max-age=161274
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 14:14:05 GMT
Etag: "635903d6-117"
Expires: Fri, 28 Oct 2022 11:01:59 GMT
Last-Modified: Wed, 26 Oct 2022 09:54:30 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 279
suphelper.com/widget/injector.js
104.16.42.72200 OK 45 kB URL HTTP/2 suphelper.com/widget/injector.js
IP 104.16.42.72:0
File type Unicode text, UTF-8 text, with very long lines (38365)
Hash 89f80378c00dfa30dc802b643963d8c6
81c759413d124bb2bf338ae3cb8badabd4447dd3
2c51bfcb7423796585628f9f4101d573819f6721a9df2c2686538be4b03c96ad
GET /widget/injector.js HTTP/1.1
Host: suphelper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 26 Oct 2022 14:14:05 GMT
content-type: application/javascript; charset=UTF-8
x-dns-prefetch-control: off
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'strict-dynamic' 'nonce-4fa3454e-107f-48cf-ae24-cdd68f6bc4a1' https://www.googletagmanager.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' https: data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self' ws://localhost:8085 https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://mc.yandex.ru https://api.github.com http://192.168.208.23:11999 https://suphelper.com wss://suphelper.com *.suphelper.com https://suphelper.ru wss://suphelper.ru *.suphelper.ru https://cons.insystem.su wss://cons.insystem.su *.cons.insystem.su wss://chat.insystem.su https://chat.insystem.su *.chat.insystem.su; frame-src 'self' https://www.google.com https://www.google.com/recaptcha/; report-uri /widget/api/report-csp/
cache-control: public, max-age=300
last-modified: Fri, 23 Sep 2022 07:08:12 GMT
etag: W/"28d83-183692cdf60"
vary: Accept-Encoding
cf-cache-status: HIT
age: 98
server: cloudflare
cf-ray: 7603cbdbecf50a40-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
lite-1x768595.top/web-api/external-api/getFirstDepositBonus
178.253.14.138200 OK 0 B URL HTTP/2 lite-1x768595.top/web-api/external-api/getFirstDepositBonus
IP 178.253.14.138:0
Analyzer Verdict Alert quad9 Sinkholed
GET /web-api/external-api/getFirstDepositBonus HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x768595.top/us/promotions/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0OimNZQKgZdSmaAwTRAg==; SESSION=88327a02f6bbe214cc22a5f5afa1cf28; lng=us; tzo=0; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 14:14:03 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=30, dt_285;dur=31
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x768595.top/web-api/external-api/getColorTheme
178.253.14.138200 OK 0 B URL HTTP/2 lite-1x768595.top/web-api/external-api/getColorTheme
IP 178.253.14.138:0
Analyzer Verdict Alert quad9 Sinkholed
GET /web-api/external-api/getColorTheme HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://lite-1x768595.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0OimNZQKgZdSmaAwTRAg==; SESSION=88327a02f6bbe214cc22a5f5afa1cf28; lng=us; tzo=0; window_width=1280; che_g=6a274cde-da00-1bc2-47db-b7b1ba3303fe; _ga_7JGWL9SV66=GS1.1.1666793640.1.0.1666793640.0.0.0; _ga=GA1.2.1907256039.1666793641; _gid=GA1.2.285396782.1666793641; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 14:14:04 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=29, dt_285;dur=30
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x768595.top/web-api/api/converslon/load
178.253.14.138200 OK 0 B URL HTTP/2 lite-1x768595.top/web-api/api/converslon/load
IP 178.253.14.138:0
Analyzer Verdict Alert quad9 Sinkholed
GET /web-api/api/converslon/load HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x768595.top/us/promotions/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0OimNZQKgZdSmaAwTRAg==; SESSION=88327a02f6bbe214cc22a5f5afa1cf28; lng=us; tzo=0; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 14:14:03 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=30, dt_285;dur=31
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x768595.top/web-api/external-api/getFirstDepositBonus
178.253.14.138200 OK 0 B URL HTTP/2 lite-1x768595.top/web-api/external-api/getFirstDepositBonus
IP 178.253.14.138:0
Analyzer Verdict Alert quad9 Sinkholed
GET /web-api/external-api/getFirstDepositBonus HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x768595.top/us/promotions/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0OimNZQKgZdSmaAwTRAg==; SESSION=88327a02f6bbe214cc22a5f5afa1cf28; lng=us; tzo=0; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 14:14:03 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=35, dt_285;dur=36
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x768595.top/web-api/g/df833b5dbb4593d16e6e7cc0a3379dba527922fe
178.253.14.138200 OK 0 B URL HTTP/2 lite-1x768595.top/web-api/g/df833b5dbb4593d16e6e7cc0a3379dba527922fe
IP 178.253.14.138:0
Analyzer Verdict Alert quad9 Sinkholed
POST /web-api/g/df833b5dbb4593d16e6e7cc0a3379dba527922fe HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lite-1x768595.top/us/promotions/campeonato-brasileiro
X-Requested-With: XMLHttpRequest
Content-Type: application/json
Origin: https://lite-1x768595.top
Content-Length: 31240
Connection: keep-alive
Cookie: platform_type=desktop; auid=sv0OimNZQKgZdSmaAwTRAg==; SESSION=88327a02f6bbe214cc22a5f5afa1cf28; lng=us; tzo=0; window_width=1280; che_g=6a274cde-da00-1bc2-47db-b7b1ba3303fe; _ga_7JGWL9SV66=GS1.1.1666793640.1.0.1666793640.0.0.0; _ga=GA1.2.1907256039.1666793641; _gid=GA1.2.285396782.1666793641; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 14:14:05 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=34, dt_285;dur=37
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1x-xredbet478860.top/promotions/campeonato-brasileiro/
178.253.47.23307 Temporary Redirect 0 B URL HTTP/2 1x-xredbet478860.top/promotions/campeonato-brasileiro/
IP 178.253.47.23:0
GET /promotions/campeonato-brasileiro/ HTTP/1.1
Host: 1x-xredbet478860.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 307 Temporary Redirect
server: nginx
date: Wed, 26 Oct 2022 14:14:00 GMT
content-type: text/html; charset=utf-8
location: https://lite-1x768595.top/promotions/campeonato-brasileiro/
x-frame-options: SAMEORIGIN
set-cookie: SESSION=6eb6f67e9032cc0e0b40cc4f65570689; path=/; secure; HttpOnly; SameSite=Lax
ua=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
auid=sv0vF2NZQKilSCn3AwTQAg==; expires=Thu, 26-Oct-23 14:14:00 GMT; path=/
x-reason: 1080,1078,1074,1015,1021
cache-control: no-cache, private
server-timing: p;dur=65
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x768595.top/promotions/campeonato-brasileiro/
178.253.14.138302 Found 0 B URL HTTP/2 lite-1x768595.top/promotions/campeonato-brasileiro/
IP 178.253.14.138:0
Analyzer Verdict Alert quad9 Sinkholed
GET /promotions/campeonato-brasileiro/ HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Wed, 26 Oct 2022 14:14:00 GMT
location: /us/promotions/campeonato-brasileiro
reason-v3: empty_lang
server-timing: total;dur=0;desc="Nuxt Server Time", dt_285;dur=2
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
set-cookie: platform_type=desktop; Path=/; Expires=Sat, 29 Oct 2022 14:14:00 GMT
auid=sv0OimNZQKgZdSmaAwTRAg==; expires=Thu, 26-Oct-23 14:14:00 GMT; path=/
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc635673e-499c-4d9c-8bc5-a713fb19e221.jpeg
34.120.237.76200 OK 0 B URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc635673e-499c-4d9c-8bc5-a713fb19e221.jpeg
IP 34.120.237.76:0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc635673e-499c-4d9c-8bc5-a713fb19e221.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13796
x-amzn-requestid: 90b1e032-78c6-499d-b564-f25c15e20304
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: alJ2OG0SoAMFx-w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6358568e-599d0f526fc6a01f77b67dcf;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 21:35:10 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: sVS9nFgRyVconkkFTOrCO2zA0cICFNQFB2E1q7SQcVQm5_Dm6khvrA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Tue, 25 Oct 2022 21:48:40 GMT
age: 59122
etag: "c3856686b98e1883133aa1824c496d34512769a0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2