Report - 1x-xredbet478860.top/promotions/campeonato-brasileiro/

Report Overview

Submitted URL
1x-xredbet478860.top/promotions/campeonato-brasileiro/
IP
178.253.47.23
ASN
#0
Submitted
2022-10-26 14:14:13
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
64

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
1x-xredbet478860.top	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	844 B	1.0 kB	178.253.47.23
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	560 B	2.9 kB	142.250.74.10
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.1 kB	25 kB	34.120.237.76
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
suphelper.com	156440	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	357 B	47 kB	104.16.42.72
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	375 B	45 kB	142.250.74.168
radar.cedexis.com	3035	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	362 B	19 kB	45.54.49.5
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	598 B	709 B	173.194.222.155
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	6.2 kB	23.36.77.32
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	987 B	2.2 kB	93.184.220.29
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	4.8 kB	172.64.155.188
v3.cdnsfree.com	166517	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	10 kB	2.2 MB	8.254.252.213
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	955 B	27 kB	216.58.207.195
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	34.160.144.191
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	52.41.253.170
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.6 kB	5.6 kB	142.250.74.35
lite-1x768595.top	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	21 kB	1.1 MB	178.253.14.138
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	362 B	21 kB	142.250.74.174

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-10-26	medium	lite-1x768595.top	Sinkholed
2022-10-26	medium	lite-1x768595.top	Sinkholed
2022-10-26	medium	lite-1x768595.top	Sinkholed
2022-10-26	medium	lite-1x768595.top	Sinkholed
2022-10-26	medium	lite-1x768595.top	Sinkholed
2022-10-26	medium	lite-1x768595.top	Sinkholed
2022-10-26	medium	lite-1x768595.top	Sinkholed
2022-10-26	medium	lite-1x768595.top	Sinkholed
2022-10-26	medium	lite-1x768595.top	Sinkholed
2022-10-26	medium	lite-1x768595.top	Sinkholed
2022-10-26	medium	lite-1x768595.top	Sinkholed
2022-10-26	medium	lite-1x768595.top	Sinkholed
2022-10-26	medium	lite-1x768595.top	Sinkholed
2022-10-26	medium	lite-1x768595.top	Sinkholed
2022-10-26	medium	lite-1x768595.top	Sinkholed
2022-10-26	medium	lite-1x768595.top	Sinkholed
2022-10-26	medium	lite-1x768595.top	Sinkholed
2022-10-26	medium	lite-1x768595.top	Sinkholed
2022-10-26	medium	lite-1x768595.top	Sinkholed
2022-10-26	medium	lite-1x768595.top	Sinkholed
2022-10-26	medium	lite-1x768595.top	Sinkholed
2022-10-26	medium	lite-1x768595.top	Sinkholed
2022-10-26	medium	lite-1x768595.top	Sinkholed
2022-10-26	medium	lite-1x768595.top	Sinkholed
2022-10-26	medium	lite-1x768595.top	Sinkholed
2022-10-26	medium	lite-1x768595.top	Sinkholed
2022-10-26	medium	lite-1x768595.top	Sinkholed
2022-10-26	medium	lite-1x768595.top	Sinkholed
2022-10-26	medium	lite-1x768595.top	Sinkholed
2022-10-26	medium	lite-1x768595.top	Sinkholed
2022-10-26	medium	lite-1x768595.top	Sinkholed
2022-10-26	medium	lite-1x768595.top	Sinkholed

JavaScript (36)

	URL	Size	First Seen	Last Seen
	suphelper.com/widget/api/i18n-source/en-GB.js?bn=1663916827822	11 kB	2023-03-07	2023-03-25
Pretty URL suphelper.com/widget/api/i18n-source/en-GB.js?bn=1663916827822 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:50:04 Last Seen2023-03-25 23:59:37 Times Seen9 Hash 6a9b24361d21ec5751af0bf2964d4fc6 bc058466f4b7e91d55996f239557466561efed62 5b493621ae5785f78b83a4ac33f8df4a055ed1621e2b9fa417f5942029975302 Loading...

	v3.cdnsfree.com/_nuxt/desktop/default/36a16b87.modern.js	16 kB	2023-03-10	2023-03-10
Pretty URL v3.cdnsfree.com/_nuxt/desktop/default/36a16b87.modern.js IP 8.254.252.213 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 15:15:58 Last Seen2023-03-10 16:07:03 Times Seen1 Hash ba8b31f5c926b0ff0157792eab1f67bd 939ed8f8e8b69375eedabae30e1e4abbce33efdb eb17ad8a6feb1b85a0a9a7d8ea218f5285bceb31cddeda24e1da51e04bdc5632 Loading...

	lite-1x768595.top/static-promotion/8f0076d.modern.js	292 B	2023-03-10	2023-03-10
Pretty URL lite-1x768595.top/static-promotion/8f0076d.modern.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 15:50:25 Last Seen2023-03-10 15:50:25 Times Seen1 Hash 7622c97fa8d44e37b7a5319e068cc959 ca3e637004e431347827c1f8064b00677befa709 7de41724bb387e1dc1796afcbfff53025d7b3841eaa8cda669ea7179f68bf432 Loading...

	radar.cedexis.com/1593429750/radar.js	45 kB	2023-03-07	2023-11-16
Pretty URL radar.cedexis.com/1593429750/radar.js IP 45.54.49.5 ASN #63911 NetActuate, Inc Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:20 Last Seen2023-11-16 11:36:04 Times Seen2664 Hash f0bad4e1f4843352017e0dcec735975a 7708b6d1c3966fda619af0bfb64d5c14b85e5da9 79541fbd5863b789f16e341208642f1b47bb3bc939121ed63426dd7969714390 Loading...

	www.google-analytics.com/gtm/js?id=GTM-5R4MT54&t=gtag_UA_178408567_1&cid=1907256039.1666793641	110 kB	2023-03-10	2023-03-10
Pretty URL www.google-analytics.com/gtm/js?id=GTM-5R4MT54&t=gtag_UA_178408567_1&cid=1907256039.1666793641 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 15:50:25 Last Seen2023-03-10 15:50:25 Times Seen1 Hash f62ca0309fb153cdb17197c98066e6dc 81785fc75a9403b720054f952e8dcd20622cd32f a1b33a6eb06f95b656f3e638962b272a407d1bc7ae55af6821ebee2863fc9426 Loading...

	lite-1x768595.top/static-promotion/5f87cc8.modern.js	16 kB	2023-03-10	2023-03-10
Pretty URL lite-1x768595.top/static-promotion/5f87cc8.modern.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 15:50:25 Last Seen2023-03-10 15:50:25 Times Seen1 Hash 80600336aa6c483aa1676478220bb1f9 d32dafd50aaa5f0bf5f562f1d327b5affeb61bfb 1554386af32aa93ebd9c9acc03bf82bc1df7fe9552a6419e3267d1081b45f527 Loading...

	suphelper.com/widget/?build=1663916827822&lang=en-GB&langInited=true&opener=full	203 B	2023-03-07	2024-01-20
Pretty URL suphelper.com/widget/?build=1663916827822&lang=en-GB&langInited=true&opener=full IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:52 Last Seen2024-01-20 20:21:11 Times Seen1389 Hash c762ec1a23a59894a334b9bb9fb7fa41 8751a4d124eb7a0ac54097933749b73b7a0409c0 6fd4ec66c226d3bd937a8620622453b33ab935ae30c6bbcf6cc9d62f69804ecf Loading...

	unknown	0 B	2023-03-07	2024-04-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-19 17:03:16 Times Seen36963217 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	lite-1x768595.top/us/promotions/campeonato-brasileiro	414 B	2023-03-10	2023-03-10
Pretty URL lite-1x768595.top/us/promotions/campeonato-brasileiro IP 178.253.14.138 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 15:50:25 Last Seen2023-03-10 15:50:25 Times Seen1 Hash 68a65796c85fca4f0a8c6ca6ab1aa6e6 5669cc707365f9917eac3c9af4855f9313ad081a b0fee51a9f820a5957b91d3aa117e4fd6b2d2941e69673c14c7e948362f46950 Loading...

	lite-1x768595.top/promo-frame/us/promotion/campeonato-brasileiro	313 B	2023-03-07	2023-04-01
Pretty URL lite-1x768595.top/promo-frame/us/promotion/campeonato-brasileiro IP 178.253.14.138 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:09 Last Seen2023-04-01 10:25:04 Times Seen15 Hash 494ab8c88e9a8cfd9aa511a663c925c6 4816e303ad4a09ef00d54305b7b9e2e51c9bff4e 9de249453f6780a3274d7fae16d04d230aa9a5b70b57c7d094bbd764ceb8cf4e Loading...

	lite-1x768595.top/static-promotion/cd7db47.modern.js	46 kB	2023-03-10	2023-03-10
Pretty URL lite-1x768595.top/static-promotion/cd7db47.modern.js IP 178.253.14.138 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 15:50:25 Last Seen2023-03-10 15:50:25 Times Seen1 Hash 4a897be1e8753df08b9b7d16bb967b55 9aba2c72099256bd72f37f47d67fcd5cc7e489ac 3e4d95b6f15e65800d8d37efafb705946770a7c5c0d075a31b6b61a95b5cdf5c Loading...

	suphelper.com/widget/public/bundle.acf2cda684186cb2547d.js	198 kB	2023-03-07	2023-03-10
Pretty URL suphelper.com/widget/public/bundle.acf2cda684186cb2547d.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:50:04 Last Seen2023-03-10 17:56:31 Times Seen1 Hash 94c65e0e7d192f28b3ed33bce3c5e02d ceb9863c701b76b11a5c03d523a15d58e753e5ab 9ff9fb2c53d6e5393aefcf8e18f1bfc3201d7ab0f1bc624e713b78fddcea6ab5 Loading...

	lite-1x768595.top/static-promotion/0348e38.modern.js	7.1 kB	2023-03-10	2023-03-10
Pretty URL lite-1x768595.top/static-promotion/0348e38.modern.js IP 178.253.14.138 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 15:50:25 Last Seen2023-03-10 15:50:25 Times Seen1 Hash cd2109595891bde2dfaa0c801ba84fc7 aad4a9d584210940e6b5e2c0450fe3b128b3673e 04d37c303aa8b81edd965fd18f6e2e6e92d6cbbc0273f56d54687a5414696db1 Loading...

	v3.cdnsfree.com/_nuxt/desktop/default/1ff77830.modern.js	285 kB	2023-03-10	2023-03-10
Pretty URL v3.cdnsfree.com/_nuxt/desktop/default/1ff77830.modern.js IP 8.254.252.213 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 15:15:58 Last Seen2023-03-10 17:56:31 Times Seen1 Hash c227290288aaa274310129caf862bc52 e1cb3e0492b5381b3d23cf41be9d58230d36e149 66a4a61b02ffddb64e23769886ff21a224a7a363c1df56066540e19cc91fd9a1 Loading...

	v3.cdnsfree.com/_nuxt/desktop/default/89ac4e42.modern.js	2.5 kB	2023-03-10	2023-03-10
Pretty URL v3.cdnsfree.com/_nuxt/desktop/default/89ac4e42.modern.js IP 8.254.252.213 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 15:15:58 Last Seen2023-03-10 18:07:27 Times Seen1 Hash 806c21bb5756f407b88da6dfafd45c4d 15d7be16ac52d3b3b5bd10326d97daeb1b908b46 52fdd6a537efe5d992e074a099acbf86c26d4b224e738d832d422c52ef8f1674 Loading...

	www.googletagmanager.com/gtag/js?id=G-7JGWL9SV66&l=dataLayer&cx=c	219 kB	2023-03-10	2023-03-10
Pretty URL www.googletagmanager.com/gtag/js?id=G-7JGWL9SV66&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 15:50:25 Last Seen2023-03-10 15:50:25 Times Seen1 Hash 4efc99e4ba23f490c0792efb9e3fc46a 49f592982c358373d488342261257017abf41a5b d1c5f10c8da7b9b3413ffa7c59c7423f7f9319b11addc12aa8e60996894f178e Loading...

	lite-1x768595.top/static-promotion/76a5032.modern.js	361 kB	2023-03-10	2023-03-10
Pretty URL lite-1x768595.top/static-promotion/76a5032.modern.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 15:50:25 Last Seen2023-03-10 15:50:25 Times Seen1 Hash e7830fff8f4fa69aae5e5194cd6ef526 14d196aa28076933adbfadeb5ae591e04afb2d9d 274c731b79e2ad163e7c68d7bfcd90df3e94997a9703e2f080f1edbe6104636b Loading...

	lite-1x768595.top/static-promotion/be5f6f4.modern.js	18 kB	2023-03-10	2023-03-10
Pretty URL lite-1x768595.top/static-promotion/be5f6f4.modern.js IP 178.253.14.138 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 15:50:25 Last Seen2023-03-10 15:50:25 Times Seen1 Hash a2025d791a70cfb1ff68e9bdcdbfd3a7 1962a8f04e7dedd38d1cc354d710a6ebbbe1407d b51e0bac4caec274577d12074c17938d2ad15b83c92754606eb1b9ee5e8ce6fd Loading...

	suphelper.com/widget/?build=1663916827822&lang=en-GB&langInited=true&opener=full	441 B	2023-03-07	2024-01-20
Pretty URL suphelper.com/widget/?build=1663916827822&lang=en-GB&langInited=true&opener=full IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:52 Last Seen2024-01-20 20:21:10 Times Seen1475 Hash 562c0a945070f06a208058106238c55f c5b09a8a2efe65342f36dfe49c26b717eeed82de e98fce7d083f719412d5e10b42e777b4bd0c7bf4b83e2a151de5500bd044f2cb Loading...

	suphelper.com/widget/public/chunk.1b8a1de2f841eacb373d.js	1.4 MB	2023-03-07	2023-03-11
Pretty URL suphelper.com/widget/public/chunk.1b8a1de2f841eacb373d.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:50:03 Last Seen2023-03-11 12:19:25 Times Seen1 Hash 24923d01b057deac1290aaac4005514f 872bdfab6be26047dfa0a88c350a043dd87f430b db459341198f0f535ba89240f12e8d5e77239d46a030e9c6b2d1370d869ecba3 Loading...

	lite-1x768595.top/promo-frame/us/promotion/campeonato-brasileiro	136 B	2023-03-07	2024-02-06
Pretty URL lite-1x768595.top/promo-frame/us/promotion/campeonato-brasileiro IP 178.253.14.138 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:09 Last Seen2024-02-06 18:07:50 Times Seen281 Hash 1d82394dbefeb520c846a4f8cd04f272 386231475cfc8d025bbf876b5968e2188e294d1f f550e68574bcfe2c9b2cbc83dedaa5eefecd539867e7eaafbbd4511b8d66ba03 Loading...

	lite-1x768595.top/promo-frame/us/promotion/campeonato-brasileiro	105 B	2023-03-07	2023-03-30
Pretty URL lite-1x768595.top/promo-frame/us/promotion/campeonato-brasileiro IP 178.253.14.138 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:41:47 Last Seen2023-03-30 00:01:20 Times Seen3 Hash 72517e2646cbdee8bf334c9399465c9f 001b80a7f54d6e082ccdfad8a500481b950fe805 3fa7a35f54cd29d6c0b355222a5b0cd7233f22e951b3d14b5303e9e734887628 Loading...

	v3.cdnsfree.com/_nuxt/desktop/default/a900795a.modern.js	14 kB	2023-03-10	2023-03-10
Pretty URL v3.cdnsfree.com/_nuxt/desktop/default/a900795a.modern.js IP 8.254.252.213 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 15:15:57 Last Seen2023-03-10 18:07:27 Times Seen1 Hash 6caedc049ae2f99efe4ca3fad6845a21 393bc3cf8f246d272387b156d8b2715ec0972381 1dd6080025b52d937d41e4fc0a9756267c8e2cb219f9914d908a180a6c56b7ab Loading...

	lite-1x768595.top/static-promotion/5d54141.modern.js	198 kB	2023-03-10	2023-03-10
Pretty URL lite-1x768595.top/static-promotion/5d54141.modern.js IP 178.253.14.138 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 15:50:25 Last Seen2023-03-10 15:50:25 Times Seen1 Hash ecab01378b68c2c10a75cbc7f27cb31d 76485c9997df3c9f3a4b48a9beef6d836229772d b14bd37f5c097809f575f0f5eb0f2aa1024ef8559c9bb99b656e111b970c42f5 Loading...

	lite-1x768595.top/promo-frame/us/promotion/campeonato-brasileiro	702 B	2023-03-07	2024-02-05
Pretty URL lite-1x768595.top/promo-frame/us/promotion/campeonato-brasileiro IP 178.253.14.138 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:41:47 Last Seen2024-02-05 23:23:56 Times Seen126 Hash 0e9165fb92460d96f7a0649386dcdffb 549e55d2990816b5e4d699c35d1ad56a33a1a341 8f732e0ef5d47fa6d56dbe1311a218b659fddc0e57c7b1f7e8240cce6d88d984 Loading...

	www.googletagmanager.com/gtag/js?id=UA-178408567-1	115 kB	2023-03-10	2023-03-10
Pretty URL www.googletagmanager.com/gtag/js?id=UA-178408567-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 15:50:25 Last Seen2023-03-10 15:50:25 Times Seen1 Hash 60280a286f0489e3bd17b183750eb2f1 9fb5a99b787b9cf23570de1b5d89415e73b220e8 a955ca701186f49eb3c7cbff12aad52a2caff111dfb2ec154e0ed5f260f962c9 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-19
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-19 07:47:47 Times Seen1515 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	lite-1x768595.top/us/promotions/campeonato-brasileiro	343 kB	2023-03-10	2023-03-10
Pretty URL lite-1x768595.top/us/promotions/campeonato-brasileiro IP 178.253.14.138 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 15:50:25 Last Seen2023-03-10 15:50:25 Times Seen1 Hash 8332409c02f82cf0661d3a3ada880f2e 666350a74296bf8b51595200c60fe1155213927b 1bd28f9e61498c0c6dbc9d2eb599f370a2432bf728653ef308c4aae785449862 Loading...

	lite-1x768595.top/us/promotions/campeonato-brasileiro	794 B	2023-03-10	2023-03-10
Pretty URL lite-1x768595.top/us/promotions/campeonato-brasileiro IP 178.253.14.138 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 09:29:03 Last Seen2023-03-10 17:39:17 Times Seen1 Hash 86a8964f883e61b32af4f087247ca361 8a4f98be7f9bdfd611d44f54888b51e544e3487a b78380f356a11c685eea6c2c51be7f7dfcca4d7242c0d3fdcd5d0f7798e26d2d Loading...

	v3.cdnsfree.com/_nuxt/desktop/default/96ad9790.modern.js	4.7 kB	2023-03-10	2023-03-10
Pretty URL v3.cdnsfree.com/_nuxt/desktop/default/96ad9790.modern.js IP 8.254.252.213 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 15:50:25 Last Seen2023-03-10 15:50:25 Times Seen1 Hash cb14254bb9e36c3c7c7a7bf32840ac3f 17a228261b75a30aeee172d1580cefc029f3af78 7d341a946aae47e4f48be352df55a398a632762f029d5c919f93f11a9c94ab18 Loading...

	lite-1x768595.top/static-promotion/fc54720.modern.js	236 kB	2023-03-10	2023-03-10
Pretty URL lite-1x768595.top/static-promotion/fc54720.modern.js IP 178.253.14.138 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 15:50:26 Last Seen2023-03-10 15:50:26 Times Seen1 Hash b859f06e65cf3278beae235a65a213c2 9f1e107d616da8672c792e826f87a5cebed6d7ac 286c60ce1bd3dbf47ddffd3aff9f66cd9a43a29ef565834959fd5c81e706c4f5 Loading...

	lite-1x768595.top/static-promotion/f62f5f4.modern.js	405 kB	2023-03-10	2023-03-10
Pretty URL lite-1x768595.top/static-promotion/f62f5f4.modern.js IP 178.253.14.138 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 15:50:26 Last Seen2023-03-10 15:50:26 Times Seen1 Hash cd8d9615487a74da966a3feb767366e3 f68707104e297aac46b4e79fee40362dc3ed3480 5393cad320c784b1c3c881250781ba2ba4896b21032ad6d11e9d1b01430f1f29 Loading...

	v3.cdnsfree.com/_nuxt/desktop/default/733bdf44.modern.js	2.4 kB	2023-03-10	2023-03-10
Pretty URL v3.cdnsfree.com/_nuxt/desktop/default/733bdf44.modern.js IP 8.254.252.213 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 15:15:58 Last Seen2023-03-10 18:07:27 Times Seen1 Hash cd0820c16f7fbdc6874d8406c7aaeab6 5bcf8ba5aa5e8d1370c9faac5766ccc99b2b1b11 55550142c9cdf3fe7c5213ad408c196f0d9ff7398af0e285ab6df75203d127fd Loading...

	lite-1x768595.top/static-promotion/d5bc3dc.modern.js	136 kB	2023-03-10	2023-03-10
Pretty URL lite-1x768595.top/static-promotion/d5bc3dc.modern.js IP 178.253.14.138 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 15:50:26 Last Seen2023-03-10 15:50:26 Times Seen1 Hash ac8fb36dcaa58b7e2aa2d1fbd0f2c3d8 b297fd40107eacfd42d4d815ef4561c80a3decce ba8624af94f524f9f32022052e1a144024a3fbfa808886a95ddd6ffe45ab4f81 Loading...

	suphelper.com/widget/injector.js	167 kB	2023-03-07	2023-03-10
Pretty URL suphelper.com/widget/injector.js IP 104.16.42.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:42:36 Last Seen2023-03-10 18:07:27 Times Seen1 Hash c3464059d11699213a6f8844e6bb3a1c 60f839f14705f7b4d965895fac986b7c9a510acf 0f6c33a4ae5acbdcecaa00ed99bc4723bafcf99d6ccdca4995d699d3b7bf3aa7 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 06d87cfe80acd076460460e433a4793e	5.6 kB	2023-03-10	2023-03-10
Pretty Observations First Seen2023-03-10 15:50:26 Last Seen2023-03-10 15:50:26 Times Seen1 Hash 06d87cfe80acd076460460e433a4793e bd54c34eee474091aebe127d0ea56a9fe2252f10 437a2f474856d20dddb9ed04130af613ed60b32a962885e805655174ae06b82c Loading...

HTTP Transactions (97)

URL IP Response Size

1x-xredbet478860.top/promotions/campeonato-brasileiro/

178.253.47.23

301 Moved Permanently

162 B

URL HTTP/1.1
1x-xredbet478860.top/promotions/campeonato-brasileiro/
IP
178.253.47.23:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /promotions/campeonato-brasileiro/ HTTP/1.1
Host: 1x-xredbet478860.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 26 Oct 2022 14:13:59 GMT
Content-Type: text/html
Content-Length: 162
Connection: close
Location: https://1x-xredbet478860.top/promotions/campeonato-brasileiro/

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e36c852b5e145f2f09fe73111fb162e1
e439c6a462f86a3003d6464a8b9999b1c4d1e210
52a721168d0c41cb0854ff8c730fce3b79db2e804b383238e95ff1401922bd74

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "52A721168D0C41CB0854FF8C730FCE3B79DB2E804B383238E95FF1401922BD74"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9768
Expires: Wed, 26 Oct 2022 16:56:47 GMT
Date: Wed, 26 Oct 2022 14:13:59 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
45bfdf3b823cd24564c8ac296a8b5b19
b0c442eb4f87556b3beb18ca8039dd4399b73f16
32113c679dda1f710ba67e537fdd0d435ccc186a238e3b14e48deb7b0700c693

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1654
Cache-Control: max-age=157476
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 14:14:00 GMT
Etag: "6358fe56-1d7"
Expires: Fri, 28 Oct 2022 09:58:36 GMT
Last-Modified: Wed, 26 Oct 2022 09:31:02 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a39eea1096852891690eaee02a64383e
c273000f799fc3676e8e3ef3617611a31252cffc
d9d95319013d64bc2ef6d9870f4adba902ee970b6f9e96279c9ed86f556e0001

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D9D95319013D64BC2EF6D9870F4ADBA902EE970B6F9E96279C9ED86F556E0001"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8462
Expires: Wed, 26 Oct 2022 16:35:02 GMT
Date: Wed, 26 Oct 2022 14:14:00 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: /H++7ovLwbNRLbOz1OPowcLdq9mfaGkPqOiS5vAsP7XBQsFDSWwq7967rgwK2sOc0cLX2w4s4rs=
x-amz-request-id: WXMR78JS26JSNF2R
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 26 Oct 2022 14:09:23 GMT
age: 277
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
088afe60908893f8990f05e76655a094
ad89efd93ebfa97a883bb42174b138e690b8bcd9
0f1bcacb6eb60efecd1cf41cf4fd8d2f1dd4017f7ee1dd8c0093b19dd6ea3954

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0F1BCACB6EB60EFECD1CF41CF4FD8D2F1DD4017F7EE1DD8C0093B19DD6EA3954"
Last-Modified: Mon, 24 Oct 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1250
Expires: Wed, 26 Oct 2022 14:34:50 GMT
Date: Wed, 26 Oct 2022 14:14:00 GMT
Connection: keep-alive

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 14:14:00 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
02a39530b6de2638527eafd0db8f3f6c
1afd982961d7170e3beb714fdf18a01124a6d02a
6c828a986dbc5eb6769e659f20a39af433febba898213cd4e84f6fa4bd0d20b1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6C828A986DBC5EB6769E659F20A39AF433FEBBA898213CD4E84F6FA4BD0D20B1"
Last-Modified: Mon, 24 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17701
Expires: Wed, 26 Oct 2022 19:09:01 GMT
Date: Wed, 26 Oct 2022 14:14:00 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
dd283dfc036535bdeb8a8be1310ef930
d3b1c300dd75d7af630e0f3112e49d7492d66c17
578f9256faa188facb3f2d68b02b0c7fb2e30e02e2e74234d015429563cba7aa

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3901
Cache-Control: max-age=154668
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 14:14:00 GMT
Etag: "6358ea97-1d7"
Expires: Fri, 28 Oct 2022 09:11:48 GMT
Last-Modified: Wed, 26 Oct 2022 08:06:47 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

52.41.253.170

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.41.253.170:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: j9rseK9J5tl8Ndv7cI8n3w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: DIP9U+yfbRs68puPBHaQPPGt4dg=

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
19132f29a8811a10f90eca2d81e5deb8
3b9e0bbf9f40f46b57dad5567b008e58b5770565
708aeab241760b108d60c1462b1979e59cf473242222e9270705ba70642b04f6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 14:14:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

lite-1x768595.top/static-promotion/0348e38.modern.js

178.253.14.138

200 OK

3.8 kB

URL HTTP/2
lite-1x768595.top/static-promotion/0348e38.modern.js
IP
178.253.14.138:0
ASN
#0

File type
ASCII text, with very long lines (7078), with no line terminators
Size
3.8 kB (3794 bytes)
Hash
e725bcfc6fc1df485ca1672292a840a3
fd08b69e9a248e2969c28627307e356581c181bf
abd45106523a9acef08ef8241554b6073ed414bc4679d53819f1c98f3066b77c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /static-promotion/0348e38.modern.js HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0OimNZQKgZdSmaAwTRAg==; SESSION=88327a02f6bbe214cc22a5f5afa1cf28; lng=us
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 14:14:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 3794
last-modified: Wed, 26 Oct 2022 09:14:01 GMT
vary: Accept-Encoding
etag: "6358fa59-ed2"
content-encoding: gzip
expires: Wed, 26 Oct 2022 15:14:01 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Righteous&family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

142.250.74.10

200 OK

2.2 kB

URL HTTP/2
fonts.googleapis.com/css2?family=Righteous&family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
2.2 kB (2160 bytes)
Hash
9cfadf442809eab1d5ed5c666c427557
de369a25065246e390f5e256461e6f6cc39617a9
f13682edbd79f63c163ce9932a108980ee5bf8886cd0c843da4ba75386dadb75

HTTP Headers

GET /css2?family=Righteous&family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 26 Oct 2022 14:14:01 GMT
date: Wed, 26 Oct 2022 14:14:01 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

lite-1x768595.top/static-promotion/fc54720.modern.js

178.253.14.138

200 OK

80 kB

URL HTTP/2
lite-1x768595.top/static-promotion/fc54720.modern.js
IP
178.253.14.138:0
ASN
#0

File type
ASCII text, with very long lines (65485)
Size
80 kB (80417 bytes)
Hash
340c971b0940cdc4c709124f51595eef
f02e3b55fcc78679143ffb402d50391c0d989510
46e78e36df877d791868d1f3006f7df1398c493fa089bc05623ed7867efa71cc

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /static-promotion/fc54720.modern.js HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0OimNZQKgZdSmaAwTRAg==; SESSION=88327a02f6bbe214cc22a5f5afa1cf28; lng=us
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 14:14:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 80417
last-modified: Wed, 26 Oct 2022 09:14:00 GMT
vary: Accept-Encoding
etag: "6358fa58-13a21"
content-encoding: gzip
expires: Wed, 26 Oct 2022 15:14:01 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

lite-1x768595.top/static-promotion/f62f5f4.modern.js

178.253.14.138

200 OK

126 kB

URL HTTP/2
lite-1x768595.top/static-promotion/f62f5f4.modern.js
IP
178.253.14.138:0
ASN
#0

File type
ASCII text, with very long lines (65536), with no line terminators
Size
126 kB (125814 bytes)
Hash
8307db1e5827e5d1a7e8acb06657eb25
2ecfedefb2005ce45c075297ad8104d690752d84
de4f4de5af01631810254cc51abaf3cc994fee78ce0a9c9cbaf3fc8147b375b4

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /static-promotion/f62f5f4.modern.js HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0OimNZQKgZdSmaAwTRAg==; SESSION=88327a02f6bbe214cc22a5f5afa1cf28; lng=us
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 14:14:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 125814
last-modified: Wed, 26 Oct 2022 09:14:00 GMT
vary: Accept-Encoding
etag: "6358fa58-1eb76"
content-encoding: gzip
expires: Wed, 26 Oct 2022 15:14:01 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
6cc231d59c9f4ef63b12c40ca56f6b18
c3f5436403973aa38f09edb31c56c3e92e1b72ce
aa0f36643efb5022bd0b43d975649b35547d4a33188cbfda338fcaf929aa0fe8

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 14:14:01 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 25 Oct 2022 14:31:56 GMT
Expires: Tue, 01 Nov 2022 14:31:55 GMT
Etag: "c3f5436403973aa38f09edb31c56c3e92e1b72ce"
Cache-Control: max-age=518873,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7603cbc26ea80b3d-OSL

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
6cc231d59c9f4ef63b12c40ca56f6b18
c3f5436403973aa38f09edb31c56c3e92e1b72ce
aa0f36643efb5022bd0b43d975649b35547d4a33188cbfda338fcaf929aa0fe8

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 14:14:01 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 25 Oct 2022 14:31:56 GMT
Expires: Tue, 01 Nov 2022 14:31:55 GMT
Etag: "c3f5436403973aa38f09edb31c56c3e92e1b72ce"
Cache-Control: max-age=518873,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7603cbc26c890b55-OSL

v3.cdnsfree.com/_nuxt/desktop/default/36a16b87.modern.js

8.254.252.213

200 OK

6.3 kB

URL HTTP/2
v3.cdnsfree.com/_nuxt/desktop/default/36a16b87.modern.js
IP
8.254.252.213:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (16434), with no line terminators
Size
6.3 kB (6343 bytes)
Hash
2d9834573b6e36d2caf076a143f99a59
9a447f6777d701da714ae6c91969bc40cc053c7c
f2167d7f5906499e0355f82a8c81725fbfc2155f92b5c2d6a9be7df720b864ac

HTTP Headers

GET /_nuxt/desktop/default/36a16b87.modern.js HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 26 Oct 2022 14:14:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 6343
cache-control: max-age=86400
content-encoding: gzip
etag: "6359216f-18c7"
expires: Thu, 27 Oct 2022 12:23:00 GMT
last-modified: Wed, 26 Oct 2022 12:00:47 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 6698
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.cdnsfree.com/_nuxt/desktop/default/css/6745247d.css

8.254.252.213

200 OK

238 B

URL HTTP/2
v3.cdnsfree.com/_nuxt/desktop/default/css/6745247d.css
IP
8.254.252.213:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (473), with no line terminators
Size
238 B (238 bytes)
Hash
1de93bae09b3735927b790a3f8d336f4
aed71583625c79e5acfa08b15bf3f559929c4ccf
46e5e661f176180493c262a07855a02fe83cd5020d8a5228bfad736a6bf8f6b1

HTTP Headers

GET /_nuxt/desktop/default/css/6745247d.css HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 26 Oct 2022 14:14:01 GMT
content-type: text/css
content-length: 238
cache-control: max-age=86400
content-encoding: gzip
etag: "6357a2b3-ee"
expires: Thu, 27 Oct 2022 09:18:08 GMT
last-modified: Tue, 25 Oct 2022 08:47:47 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 18046
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.cdnsfree.com/status.json

8.254.252.213

200 OK

21 B

URL HTTP/2
v3.cdnsfree.com/status.json
IP
8.254.252.213:0
ASN
#3356 LEVEL3

File type
JSON data\012- , ASCII text, with no line terminators
Size
21 B (21 bytes)
Hash
c4bb18933a5fd13d100077a00adf5161
957c1ddeabbf35fcdcaf731cf9611f4703864212
a7e828c3613677202207c42052a2135aefd9af7130f8ac20bb3307277a255db0

HTTP Headers

GET /status.json HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lite-1x768595.top
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 26 Oct 2022 14:14:01 GMT
content-type: application/json
content-length: 21
server: nginx
access-control-allow-origin: *
age: 5961469
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.cdnsfree.com/_nuxt/desktop/default/css/772676f9.css

8.254.252.213

200 OK

76 kB

URL HTTP/2
v3.cdnsfree.com/_nuxt/desktop/default/css/772676f9.css
IP
8.254.252.213:0
ASN
#3356 LEVEL3

File type
Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Size
76 kB (76136 bytes)
Hash
e1ac7dff11a62f638915fa3154347ece
6da1dc04c5e309425e43b73c776537db0480717a
3a8423c6b352128245e413d530882919765aa0364a44d8d9da72053ebee50b0f

HTTP Headers

GET /_nuxt/desktop/default/css/772676f9.css HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 26 Oct 2022 14:14:01 GMT
content-type: text/css
content-length: 76136
cache-control: max-age=86400
content-encoding: gzip
etag: "6359216f-12968"
expires: Thu, 27 Oct 2022 12:22:56 GMT
last-modified: Wed, 26 Oct 2022 12:00:47 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 6697
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.cdnsfree.com/_nuxt/desktop/default/55064564.modern.js

8.254.252.213

200 OK

631 kB

URL HTTP/2
v3.cdnsfree.com/_nuxt/desktop/default/55064564.modern.js
IP
8.254.252.213:0
ASN
#3356 LEVEL3

File type
Unicode text, UTF-8 text, with very long lines (62776)
Size
631 kB (631074 bytes)
Hash
3ea80c6b89aa9492fd689c0753bc18eb
3cce0b5a87684b44998153b52abaa16e8194905e
27daed7ef8c467ccd96c1f7dc1c7870d8eb3e4250c8b04f04c7925b958fb7bf7

HTTP Headers

GET /_nuxt/desktop/default/55064564.modern.js HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 26 Oct 2022 14:14:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 631074
cache-control: max-age=86400
content-encoding: gzip
etag: "6359216f-9a122"
expires: Thu, 27 Oct 2022 12:22:44 GMT
last-modified: Wed, 26 Oct 2022 12:00:47 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 6698
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.cdnsfree.com/_nuxt/desktop/default/96ad9790.modern.js

8.254.252.213

200 OK

1.8 kB

URL HTTP/2
v3.cdnsfree.com/_nuxt/desktop/default/96ad9790.modern.js
IP
8.254.252.213:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (4715), with no line terminators
Size
1.8 kB (1810 bytes)
Hash
fd9c33d4fd6caa02d90a80d04e3cf452
55ba8ce968e61259620ba620ec200b2bf578eba2
7b400235d50599f2896e52fc31ba4b1771d8b2582be0e261a9124469fb8e06a7

HTTP Headers

GET /_nuxt/desktop/default/96ad9790.modern.js HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 26 Oct 2022 14:14:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 1810
cache-control: max-age=86400
content-encoding: gzip
etag: "6359216f-712"
expires: Thu, 27 Oct 2022 12:24:51 GMT
last-modified: Wed, 26 Oct 2022 12:00:47 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 6693
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.cdnsfree.com/genfiles/cms/pg/285/images/e2e1a81329ec0acf4e446b6fc70e4cf1.svg

8.254.252.213

200 OK

705 B

URL HTTP/2
v3.cdnsfree.com/genfiles/cms/pg/285/images/e2e1a81329ec0acf4e446b6fc70e4cf1.svg
IP
8.254.252.213:0
ASN
#3356 LEVEL3

File type
SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (1224), with no line terminators
Size
705 B (705 bytes)
Hash
bb246c88651f63256e658dccd79ba91f
560cf8f76dad56a5c10a0f66cc4a200df301265d
30e59f903e6fab358b7bfb110a8bf83aefaf5376f2c60293a20f58c9f9fc45e8

HTTP Headers

GET /genfiles/cms/pg/285/images/e2e1a81329ec0acf4e446b6fc70e4cf1.svg HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 26 Oct 2022 14:14:01 GMT
content-type: image/svg+xml
content-length: 705
cache-control: public, max-age=120, s-maxage=600
content-encoding: gzip
etag: W/"7cca3986f7a5c4c164144ff11df71073"
expires: Wed, 26 Oct 2022 14:07:12 GMT
last-modified: Thu, 13 Jan 2022 14:28:56 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 537
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
6cc231d59c9f4ef63b12c40ca56f6b18
c3f5436403973aa38f09edb31c56c3e92e1b72ce
aa0f36643efb5022bd0b43d975649b35547d4a33188cbfda338fcaf929aa0fe8

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 14:14:01 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 25 Oct 2022 14:31:56 GMT
Expires: Tue, 01 Nov 2022 14:31:55 GMT
Etag: "c3f5436403973aa38f09edb31c56c3e92e1b72ce"
Cache-Control: max-age=518873,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7603cbc26f2b0b02-OSL

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
6cc231d59c9f4ef63b12c40ca56f6b18
c3f5436403973aa38f09edb31c56c3e92e1b72ce
aa0f36643efb5022bd0b43d975649b35547d4a33188cbfda338fcaf929aa0fe8

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 14:14:01 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 25 Oct 2022 14:31:56 GMT
Expires: Tue, 01 Nov 2022 14:31:55 GMT
Etag: "c3f5436403973aa38f09edb31c56c3e92e1b72ce"
Cache-Control: max-age=518873,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7603cbc26ff11c0a-OSL

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
6cc231d59c9f4ef63b12c40ca56f6b18
c3f5436403973aa38f09edb31c56c3e92e1b72ce
aa0f36643efb5022bd0b43d975649b35547d4a33188cbfda338fcaf929aa0fe8

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 14:14:01 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 25 Oct 2022 14:31:56 GMT
Expires: Tue, 01 Nov 2022 14:31:55 GMT
Etag: "c3f5436403973aa38f09edb31c56c3e92e1b72ce"
Cache-Control: max-age=518873,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7603cbc26e1fb505-OSL

v3.cdnsfree.com/_nuxt/desktop/default/css/39476c26.css

8.254.252.213

200 OK

137 kB

URL HTTP/2
v3.cdnsfree.com/_nuxt/desktop/default/css/39476c26.css
IP
8.254.252.213:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (65536), with no line terminators
Size
137 kB (136757 bytes)
Hash
3a5033bfe967fa12994035d6b1e00a5d
be25ace40ff3fc6ce7daf65a85bc17c1a86774b9
b00c1d9b6c5669560d98db6d45ca2adff89c9f43275d3c038255a01fff4d05d3

HTTP Headers

GET /_nuxt/desktop/default/css/39476c26.css HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 26 Oct 2022 14:14:01 GMT
content-type: text/css
content-length: 136757
cache-control: max-age=86400
content-encoding: gzip
etag: "6359216f-21635"
expires: Thu, 27 Oct 2022 12:22:44 GMT
last-modified: Wed, 26 Oct 2022 12:00:47 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 6699
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.cdnsfree.com/_nuxt/desktop/default/bba54632.modern.js

8.254.252.213

200 OK

490 kB

URL HTTP/2
v3.cdnsfree.com/_nuxt/desktop/default/bba54632.modern.js
IP
8.254.252.213:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (65536), with no line terminators
Size
490 kB (490316 bytes)
Hash
0ca2f054e9045e909ad342f62ba084ba
0ad6f1091960e5055ff95d03a31138a427d22e90
c83fb34ee3dfdc81119d5c799c10985ea111086c3f0d6d0016bfa82ee8f85795

HTTP Headers

GET /_nuxt/desktop/default/bba54632.modern.js HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 26 Oct 2022 14:14:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 490316
cache-control: max-age=86400
content-encoding: gzip
etag: "6359216f-77b4c"
expires: Thu, 27 Oct 2022 12:22:44 GMT
last-modified: Wed, 26 Oct 2022 12:00:47 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 6698
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.cdnsfree.com/_nuxt/desktop/default/1ff77830.modern.js

8.254.252.213

200 OK

92 kB

URL HTTP/2
v3.cdnsfree.com/_nuxt/desktop/default/1ff77830.modern.js
IP
8.254.252.213:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (65479)
Size
92 kB (91837 bytes)
Hash
5c8204e173d68f0a4d669202751a007a
9e2d8255f4d2d4d0ffc13e56932520f2b4becdc9
687112a79c680f756a822524f474d11fb4e704ad7432dc0f1900dfe93e41685e

HTTP Headers

GET /_nuxt/desktop/default/1ff77830.modern.js HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 26 Oct 2022 14:14:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 91837
cache-control: max-age=86400
content-encoding: gzip
etag: "6359216f-166bd"
expires: Thu, 27 Oct 2022 12:22:30 GMT
last-modified: Wed, 26 Oct 2022 12:00:47 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 6699
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e4f7139b125683bac76c2b5638a1a643
2f84ea7104d659754e5962f88f504a7189f6f914
c9c550489201a92e8bbe162bca49d4aa6b21fa22b254a6a29502186423b3b579

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 14:14:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e4f7139b125683bac76c2b5638a1a643
2f84ea7104d659754e5962f88f504a7189f6f914
c9c550489201a92e8bbe162bca49d4aa6b21fa22b254a6a29502186423b3b579

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 14:14:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lite-1x768595.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 19 Oct 2022 19:34:08 GMT
expires: Thu, 19 Oct 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 585593
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

lite-1x768595.top/us/promotions/campeonato-brasileiro

178.253.14.138

200 OK

117 kB

URL HTTP/2
lite-1x768595.top/us/promotions/campeonato-brasileiro
IP
178.253.14.138:0
ASN
#0

File type
data
Size
117 kB (116798 bytes)
Hash
da9edbeaeb2a2f262427ab5a7529a6ac
0e99227f529d86d16cb8c78e9a4898219a4f903e
86e0ded08c85d54b3825467d9b0618dfc65b08b35738f89f47013130ce388afb

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /us/promotions/campeonato-brasileiro HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: platform_type=desktop; auid=sv0OimNZQKgZdSmaAwTRAg==
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 14:14:01 GMT
content-type: text/html; charset=utf-8
accept-ranges: none
content-encoding: gzip
server-timing: total;dur=474;desc="Nuxt Server Time", dt_285;dur=481
set-cookie: SESSION=88327a02f6bbe214cc22a5f5afa1cf28; Path=/; HttpOnly; Secure; SameSite=Lax
lng=us; Path=/
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e4f7139b125683bac76c2b5638a1a643
2f84ea7104d659754e5962f88f504a7189f6f914
c9c550489201a92e8bbe162bca49d4aa6b21fa22b254a6a29502186423b3b579

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 14:14:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

lite-1x768595.top/genfiles/cms/pg/default/images/c6805d21f8fccbfc75df5c556571fc74.png

178.253.14.138

200 OK

352 B

URL HTTP/2
lite-1x768595.top/genfiles/cms/pg/default/images/c6805d21f8fccbfc75df5c556571fc74.png
IP
178.253.14.138:0
ASN
#0

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
352 B (352 bytes)
Hash
7dff72d4146e35a8262e6845d13a8df0
a291af970d3955b35c314e85712ceea3aca25d54
a467e6a3d8e443bbbade9f04324268de101625412c1135b4cec0864a55101a78

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /genfiles/cms/pg/default/images/c6805d21f8fccbfc75df5c556571fc74.png HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/us/promotions/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0OimNZQKgZdSmaAwTRAg==; SESSION=88327a02f6bbe214cc22a5f5afa1cf28; lng=us
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 14:14:01 GMT
content-type: image/png
content-length: 352
last-modified: Wed, 10 Aug 2022 11:26:08 GMT
x-rgw-object-type: Normal
etag: "7dff72d4146e35a8262e6845d13a8df0"
x-amz-storage-class: STANDARD
access-control-allow-origin: *
cache-control: public,max-age=120,s-maxage=600
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
262ee317a7d41424cef3f541f6e538d3
1c298c901f93a95e99bdc63259f415ab84a13783
c263ddf8d0a398b0b7e11f7efa9cb901bf877d939f388eb6089a236bbbdc2be4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C263DDF8D0A398B0B7E11F7EFA9CB901BF877D939F388EB6089A236BBBDC2BE4"
Last-Modified: Wed, 26 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16726
Expires: Wed, 26 Oct 2022 18:52:48 GMT
Date: Wed, 26 Oct 2022 14:14:02 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
262ee317a7d41424cef3f541f6e538d3
1c298c901f93a95e99bdc63259f415ab84a13783
c263ddf8d0a398b0b7e11f7efa9cb901bf877d939f388eb6089a236bbbdc2be4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C263DDF8D0A398B0B7E11F7EFA9CB901BF877D939F388EB6089A236BBBDC2BE4"
Last-Modified: Wed, 26 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16726
Expires: Wed, 26 Oct 2022 18:52:48 GMT
Date: Wed, 26 Oct 2022 14:14:02 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
262ee317a7d41424cef3f541f6e538d3
1c298c901f93a95e99bdc63259f415ab84a13783
c263ddf8d0a398b0b7e11f7efa9cb901bf877d939f388eb6089a236bbbdc2be4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C263DDF8D0A398B0B7E11F7EFA9CB901BF877D939F388EB6089A236BBBDC2BE4"
Last-Modified: Wed, 26 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16726
Expires: Wed, 26 Oct 2022 18:52:48 GMT
Date: Wed, 26 Oct 2022 14:14:02 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae122c0f-a41b-4abc-a703-a5de223ae39a.png

34.120.237.76

200 OK

8.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae122c0f-a41b-4abc-a703-a5de223ae39a.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.4 kB (8439 bytes)
Hash
db946866312c734e0c5f91ca76255b2f
e8b8236baab9106a426a415eb01494cc4cc91ad1
a695e7bc87da2c6d9f5669c09e662fe22982e69cb139466efa5093429fe19866

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae122c0f-a41b-4abc-a703-a5de223ae39a.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8439
x-amzn-requestid: e0eed725-0725-4f5a-9c91-fec13ad0ebe5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ajKYQGWhIAMFdhw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63578a9b-2a0115120e75f5271cea992f;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 07:04:59 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: pf98qKWMjPBID3auXFKPhj1kt67xEWF_e2CpRMQ7_HkPJGzJ3cK1qw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 07:18:26 GMT
age: 24936
etag: "e8b8236baab9106a426a415eb01494cc4cc91ad1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadc5382d-fbb1-4d8e-8ee0-d7dcda16508e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.5 kB (4524 bytes)
Hash
91ee720c15dc69de45080d0c951353af
5292b31a99d90bcb7071f327b93d52034bdf9dcb
7fbe9f0f6db08fd539f2e8d4ac22e3b4d5ca14f7cde69f8424cce8b361d026e6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadc5382d-fbb1-4d8e-8ee0-d7dcda16508e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4524
x-amzn-requestid: a493efe7-11c7-4032-b36b-7f838f8180bc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aljicH_6IAMFqpQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63587fa9-0f15eae7680ea7b15e5e47ec;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 00:30:33 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: NQJHFIbLMzw0aGwCkVGIEIHOMHprTpvLkLQRKgrGeVj35sk7sW4IUg==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 00:36:34 GMT
age: 49048
etag: "5292b31a99d90bcb7071f327b93d52034bdf9dcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fe27cf2-33a8-42cc-a8cd-f5e804e60e26.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.9 kB (7929 bytes)
Hash
c3ae78510434fd68063fc144bf614382
3bb87ca5274ce9f6d81da60ab940d23ccd12843b
f42d89328435cb37cba1111903a6bd5e900857d0942e1506ea2115b4e6301541

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fe27cf2-33a8-42cc-a8cd-f5e804e60e26.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7929
x-amzn-requestid: 6324abd6-8e27-4903-8bfc-a0fc6a8625be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: alK9LEeoIAMF5mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63585854-2900343b1ae208a903fe58fd;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 21:42:44 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5MR4UzoW6rVsSpEyPAWrcFb2LCRICaG-toy3JflaXRrzZwcgMs48VQ==
via: 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 25 Oct 2022 22:09:07 GMT
etag: "3bb87ca5274ce9f6d81da60ab940d23ccd12843b"
content-type: image/jpeg
age: 57895
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

lite-1x768595.top/_nuxt/desktop/default/css/6745247d.css

178.253.14.138

200 OK

238 B

URL HTTP/2
lite-1x768595.top/_nuxt/desktop/default/css/6745247d.css
IP
178.253.14.138:0
ASN
#0

File type
ASCII text, with very long lines (473), with no line terminators
Size
238 B (238 bytes)
Hash
02409a2a002f542956716fc0e620fae5
5c6cf43b7e69460e51d26514e98a49abea431db3
840b88ae47f7e95cca6e9c212b288ba446af7775042597fc9d1452abac46a869

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /_nuxt/desktop/default/css/6745247d.css HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/us/promotions/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0OimNZQKgZdSmaAwTRAg==; SESSION=88327a02f6bbe214cc22a5f5afa1cf28; lng=us; tzo=0; window_width=1920
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 14:14:02 GMT
content-type: text/css
content-length: 238
last-modified: Wed, 26 Oct 2022 12:00:47 GMT
vary: Accept-Encoding
etag: "6359216f-ee"
content-encoding: gzip
expires: Wed, 26 Oct 2022 15:14:02 GMT
cache-control: max-age=3600
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

lite-1x768595.top/genfiles/web-app-v2/dictionary2/v3_main/us/dictionary_b0938e9bd1d4e53daeea57bde5b71151.json

178.253.14.138

200 OK

17 kB

URL HTTP/2
lite-1x768595.top/genfiles/web-app-v2/dictionary2/v3_main/us/dictionary_b0938e9bd1d4e53daeea57bde5b71151.json
IP
178.253.14.138:0
ASN
#0

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (50326), with no line terminators
Size
17 kB (16678 bytes)
Hash
2dc8b36e2adc57b3463f7e880f08ad30
e8c4e20aa214e64970556e74e35863cfc9b09370
b53e2a55c342449e672bf701ea21f4b5776eec8e3edbabe845d4b8db62cdad26

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /genfiles/web-app-v2/dictionary2/v3_main/us/dictionary_b0938e9bd1d4e53daeea57bde5b71151.json HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://lite-1x768595.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0OimNZQKgZdSmaAwTRAg==; SESSION=88327a02f6bbe214cc22a5f5afa1cf28; lng=us; tzo=0; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 14:14:02 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 26 Oct 2022 13:51:20 GMT
x-rgw-object-type: Normal
etag: W/"76020c20f248f806bc215e14ac3490c5"
cache-control: max-age=31536000
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

lite-1x768595.top/web-api/external-api/config/getLangs

178.253.14.138

200 OK

196 kB

URL HTTP/2
lite-1x768595.top/web-api/external-api/config/getLangs
IP
178.253.14.138:0
ASN
#0

File type
data
Size
196 kB (195697 bytes)
Hash
dc5ec2a937d3de2f221e73fa192eec2e
5546abddb72cee5a6145a8924e3d94d4a3c9b4ee
a66121d05b98b5f1eb3d334a3dcc707d7bf95d6e73e7f77e3ae24161aa64b519

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /web-api/external-api/config/getLangs HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://lite-1x768595.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0OimNZQKgZdSmaAwTRAg==; SESSION=88327a02f6bbe214cc22a5f5afa1cf28; lng=us
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 14:14:02 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=20, dt_285;dur=22
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

lite-1x768595.top/static-promotion/cd7db47.modern.js

178.253.14.138

200 OK

7.4 kB

URL HTTP/2
lite-1x768595.top/static-promotion/cd7db47.modern.js
IP
178.253.14.138:0
ASN
#0

File type
ASCII text, with very long lines (45732), with no line terminators
Size
7.4 kB (7389 bytes)
Hash
e527af33de817bc5d4cbcb6b5e95a02a
84549c365fbbe2c1a35b88ac4b4a88333dd39b2a
ff942bf70651b4ca2afa8af7300474f36ef5a97356219e8f93f193ae7efe00e9

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /static-promotion/cd7db47.modern.js HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0OimNZQKgZdSmaAwTRAg==; SESSION=88327a02f6bbe214cc22a5f5afa1cf28; lng=us; tzo=0; window_width=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 14:14:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 7389
last-modified: Wed, 26 Oct 2022 09:14:01 GMT
vary: Accept-Encoding
etag: "6358fa59-1cdd"
content-encoding: gzip
expires: Wed, 26 Oct 2022 15:14:03 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

lite-1x768595.top/web-api/external-api/getColorTheme

178.253.14.138

200 OK

71 B

URL HTTP/2
lite-1x768595.top/web-api/external-api/getColorTheme
IP
178.253.14.138:0
ASN
#0

File type
data
Size
71 B (71 bytes)
Hash
a03d5821333809b106551d076370f2ed
5dbdbdda4970a3025dea2f7df3be0cf66ded01a0
0ee7a07befab961dd250c82de5d17b412e33d793561f553a6fbd20e9114600e0

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /web-api/external-api/getColorTheme HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://lite-1x768595.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0OimNZQKgZdSmaAwTRAg==; SESSION=88327a02f6bbe214cc22a5f5afa1cf28; lng=us
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 14:14:02 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=35, dt_285;dur=36
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

lite-1x768595.top/static-promotion/5d54141.modern.js

178.253.14.138

200 OK

27 kB

URL HTTP/2
lite-1x768595.top/static-promotion/5d54141.modern.js
IP
178.253.14.138:0
ASN
#0

File type
ASCII text, with very long lines (65536), with no line terminators
Size
27 kB (27411 bytes)
Hash
6e2f5a368f48faf1d2314e64f9c651b9
6bac76e3e8a3c74bf7b9f057aafcbf4b481c129d
15d6c810533d6803220ec45e78207e797746bbcf0a1bfb43ee0a8a301aaf02a7

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /static-promotion/5d54141.modern.js HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0OimNZQKgZdSmaAwTRAg==; SESSION=88327a02f6bbe214cc22a5f5afa1cf28; lng=us; tzo=0; window_width=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 14:14:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 27411
last-modified: Wed, 26 Oct 2022 09:14:01 GMT
vary: Accept-Encoding
etag: "6358fa59-6b13"
content-encoding: gzip
expires: Wed, 26 Oct 2022 15:14:03 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

lite-1x768595.top/static-promotion/be5f6f4.modern.js

178.253.14.138

200 OK

3.3 kB

URL HTTP/2
lite-1x768595.top/static-promotion/be5f6f4.modern.js
IP
178.253.14.138:0
ASN
#0

File type
ASCII text, with very long lines (18517), with no line terminators
Size
3.3 kB (3334 bytes)
Hash
15369994aba37bd65183e31d2d161413
45d713d2f1b1e92c369e1c0458d76ff80313c557
66627f639a466b387f631d23ceb5f04633d68c76bf230db8102267f9b03f6bc6

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /static-promotion/be5f6f4.modern.js HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0OimNZQKgZdSmaAwTRAg==; SESSION=88327a02f6bbe214cc22a5f5afa1cf28; lng=us; tzo=0; window_width=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 14:14:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 3334
last-modified: Wed, 26 Oct 2022 09:14:01 GMT
vary: Accept-Encoding
etag: "6358fa59-d06"
content-encoding: gzip
expires: Wed, 26 Oct 2022 15:14:03 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

lite-1x768595.top/static-promotion/d5bc3dc.modern.js

178.253.14.138

200 OK

35 kB

URL HTTP/2
lite-1x768595.top/static-promotion/d5bc3dc.modern.js
IP
178.253.14.138:0
ASN
#0

File type
ASCII text, with very long lines (65536), with no line terminators
Size
35 kB (35366 bytes)
Hash
e07eecc9f5671dc30ef721db6ede04f9
ee110aae0cf099fa1a49ad00a3f5f7c315458173
1e82b080eef975a68ccf509a8e1129734ebddd6cdae4f15df1f3365d867719d2

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /static-promotion/d5bc3dc.modern.js HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0OimNZQKgZdSmaAwTRAg==; SESSION=88327a02f6bbe214cc22a5f5afa1cf28; lng=us; tzo=0; window_width=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 14:14:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 35366
last-modified: Wed, 26 Oct 2022 09:14:01 GMT
vary: Accept-Encoding
etag: "6358fa59-8a26"
content-encoding: gzip
expires: Wed, 26 Oct 2022 15:14:03 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

v3.cdnsfree.com/_nuxt/desktop/default/733bdf44.modern.js

8.254.252.213

200 OK

1.0 kB

URL HTTP/2
v3.cdnsfree.com/_nuxt/desktop/default/733bdf44.modern.js
IP
8.254.252.213:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (2404), with no line terminators
Size
1.0 kB (1031 bytes)
Hash
19dd58165f03287a532816b1983e80af
6cac85bf1630c90bbdef8b718569d6f9503b43e8
358900e05e4f491795d6a429909831f5a9d76747fe1941a0e2f65bc05ac72ade

HTTP Headers

GET /_nuxt/desktop/default/733bdf44.modern.js HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 26 Oct 2022 14:14:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 1031
cache-control: max-age=86400
content-encoding: gzip
etag: "6359216f-407"
expires: Thu, 27 Oct 2022 12:23:12 GMT
last-modified: Wed, 26 Oct 2022 12:00:47 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 6691
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e7f1de4025eee44eed5a0ada1e998d6c
fd8bfad40b964ffd3534ac3aff68aaf31d38ba37
fba4107e5627b68a00dc9c31a657be714c85dc7c648b8e8e1c7373cc305f8228

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 14:14:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=UA-178408567-1

142.250.74.168

200 OK

45 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-178408567-1
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1588)
Size
45 kB (44633 bytes)
Hash
37a69465d9c0e483f2acc339e1bbc851
34b924b0fe90c1a99dc180f89dc41401efcf3a96
672af7cb3f1382e3dfa71a1088dbb3f6b191b264e05fcc70e928cb5940c26879

HTTP Headers

GET /gtag/js?id=UA-178408567-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 26 Oct 2022 14:14:03 GMT
expires: Wed, 26 Oct 2022 14:14:03 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44633
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

lite-1x768595.top/version.json?timestamp=1666793639724

178.253.14.138

200 OK

11 B

URL HTTP/2
lite-1x768595.top/version.json?timestamp=1666793639724
IP
178.253.14.138:0
ASN
#0

File type
ASCII text
Size
11 B (11 bytes)
Hash
41354997e1078e4ef08d050d78ac1b77
6bb900acdbc7c4c8173e1b386efe77641b6a2b46
8255384c539f658786393d12f514edd9d30899c90452c1bf369fdb395c435448

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /version.json?timestamp=1666793639724 HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x768595.top/us/promotions/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0OimNZQKgZdSmaAwTRAg==; SESSION=88327a02f6bbe214cc22a5f5afa1cf28; lng=us; tzo=0; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 14:14:03 GMT
content-type: application/json; charset=UTF-8
content-length: 11
etag: W/"b-a7kArNvHxMgXPhs4bv53ZBtqK0Y"
server-timing: dt_285;dur=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e7f1de4025eee44eed5a0ada1e998d6c
fd8bfad40b964ffd3534ac3aff68aaf31d38ba37
fba4107e5627b68a00dc9c31a657be714c85dc7c648b8e8e1c7373cc305f8228

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 14:14:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

radar.cedexis.com/1593429750/radar.js

45.54.49.5

200 OK

19 kB

URL HTTP/1.1
radar.cedexis.com/1593429750/radar.js
IP
45.54.49.5:0
ASN
#63911 NetActuate, Inc

File type
ASCII text, with very long lines (1782)
Size
19 kB (18746 bytes)
Hash
2acb3c3179b2646943d1a8f5166743cc
56aa31a4027fec3dd8cc78114c6b0f3604716c14
0ac8b27ab0fd5f6440f4fc51e98694a417ae1402a3ca4feb224643327c079595

HTTP Headers

GET /1593429750/radar.js HTTP/1.1
Host: radar.cedexis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 14:14:03 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 29 Jun 2020 11:30:33 GMT
Vary: Accept-Encoding
ETag: W/"5ef9d0d9-af5c"
Expires: Wed, 09 Nov 2022 14:14:03 GMT
Cache-Control: max-age=1209600, public
Content-Encoding: gzip

lite-1x768595.top/promo-frame/us/promotion/campeonato-brasileiro

178.253.14.138

304 Not Modified

0 B

URL HTTP/2
lite-1x768595.top/promo-frame/us/promotion/campeonato-brasileiro
IP
178.253.14.138:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /promo-frame/us/promotion/campeonato-brasileiro HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/us/promotions/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0OimNZQKgZdSmaAwTRAg==; SESSION=88327a02f6bbe214cc22a5f5afa1cf28; lng=us; tzo=0; window_width=1920
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
If-None-Match: "130d-RcKXCN0iIsmAHTA6TnZei9YbkcM"
TE: trailers

HTTP/2 304 Not Modified
server: nginx
date: Wed, 26 Oct 2022 14:14:03 GMT
etag: "130d-RcKXCN0iIsmAHTA6TnZei9YbkcM"
server-timing: dt_285;dur=4
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

lite-1x768595.top/_nuxt/svg-sprites/common-698f8a6f34d490918d634efec2d8f268.svg

178.253.14.138

200 OK

56 kB

URL HTTP/2
lite-1x768595.top/_nuxt/svg-sprites/common-698f8a6f34d490918d634efec2d8f268.svg
IP
178.253.14.138:0
ASN
#0

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (65536), with no line terminators
Size
56 kB (56543 bytes)
Hash
9d6417ea365ee1688a18aa9d2d7ebc34
24b169a26564c96584c646a7214a8f37aaba6b26
2196a1f15a924e4e86391b666eebdb59a48834f3279cb9db25517de292c1cd2b

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /_nuxt/svg-sprites/common-698f8a6f34d490918d634efec2d8f268.svg HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/us/promotions/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0OimNZQKgZdSmaAwTRAg==; SESSION=88327a02f6bbe214cc22a5f5afa1cf28; lng=us; tzo=0; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 14:14:03 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Wed, 26 Oct 2022 12:00:47 GMT
etag: W/"6359216f-196ca"
expires: Thu, 27 Oct 2022 13:56:19 GMT
cache-control: max-age=86400
access-control-allow-origin: *
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

216.58.207.195

200 OK

9.6 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 9628, version 1.0\012- data
Size
9.6 kB (9628 bytes)
Hash
d9ac47c7e500fb7083b8d595eaf6fe12
112a2fc5f4ff9b85ee3a706fa9b8c47f79b05933
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lite-1x768595.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9628
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 20 Oct 2022 06:19:49 GMT
expires: Fri, 20 Oct 2023 06:19:49 GMT
cache-control: public, max-age=31536000
age: 546854
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

lite-1x768595.top/domain-api/api/v1/domains/lite-1x768595.top

178.253.14.138

200 OK

84 B

URL HTTP/2
lite-1x768595.top/domain-api/api/v1/domains/lite-1x768595.top
IP
178.253.14.138:0
ASN
#0

File type
JSON data\012- , ASCII text, with no line terminators
Size
84 B (84 bytes)
Hash
9f7ce1856bb45ee9898aebdab9863fc1
6169715dfbfe5a98165ab596ee7a2e066505c598
a1e85717a80f7d928aa7da17ebc13cffdba8a67eecb9a63cb4038fcb581282e7

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /domain-api/api/v1/domains/lite-1x768595.top HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x768595.top/us/promotions/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0OimNZQKgZdSmaAwTRAg==; SESSION=88327a02f6bbe214cc22a5f5afa1cf28; lng=us; tzo=0; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 14:14:03 GMT
content-type: application/vnd.api+json
content-length: 84
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

v3.cdnsfree.com/_nuxt/desktop/default/89ac4e42.modern.js

8.254.252.213

200 OK

1.1 kB

URL HTTP/2
v3.cdnsfree.com/_nuxt/desktop/default/89ac4e42.modern.js
IP
8.254.252.213:0
ASN
#3356 LEVEL3

File type
Unicode text, UTF-8 text, with very long lines (2451), with no line terminators
Size
1.1 kB (1063 bytes)
Hash
a9300ceac7c1887b4daef18d2d1436ef
cc2b1be722a4db7af0f4ac24f18a8ea1966cc07e
35dab111eb60598f6a1dfb9f9c580c32521db4d05c6e0c83a17577c4a88ccdc4

HTTP Headers

GET /_nuxt/desktop/default/89ac4e42.modern.js HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 26 Oct 2022 14:14:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 1063
cache-control: max-age=86400
content-encoding: gzip
etag: "6359216f-427"
expires: Thu, 27 Oct 2022 12:22:55 GMT
last-modified: Wed, 26 Oct 2022 12:00:47 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 6679
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.cdnsfree.com/_nuxt/desktop/default/ad7f9297.modern.js

8.254.252.213

200 OK

26 kB

URL HTTP/2
v3.cdnsfree.com/_nuxt/desktop/default/ad7f9297.modern.js
IP
8.254.252.213:0
ASN
#3356 LEVEL3

File type
Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
26 kB (26106 bytes)
Hash
0d9205acc8dbb31b713a1830808ca6ad
2f38d35b6c6dd198903f37c96d882f6bed1f839b
92dc11dfd6a2fef45d2380db3134daf641d5facfe88a5a75029bb3955f179e60

HTTP Headers

GET /_nuxt/desktop/default/ad7f9297.modern.js HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 26 Oct 2022 14:14:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 26106
cache-control: max-age=86400
content-encoding: gzip
etag: "6359216f-65fa"
expires: Thu, 27 Oct 2022 12:23:05 GMT
last-modified: Wed, 26 Oct 2022 12:00:47 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 6671
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.cdnsfree.com/_nuxt/desktop/default/a900795a.modern.js

8.254.252.213

200 OK

5.4 kB

URL HTTP/2
v3.cdnsfree.com/_nuxt/desktop/default/a900795a.modern.js
IP
8.254.252.213:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (13502), with no line terminators
Size
5.4 kB (5381 bytes)
Hash
8d7474fde9c386eea0a78d1d54a85d85
7cf16946a8f0736db53c3cc99b71cd6bd596fbe7
a4be9f9667bac7d77f5858ad01442fcb2abde48f1b08187bb8599ab5b38b79ab

HTTP Headers

GET /_nuxt/desktop/default/a900795a.modern.js HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 26 Oct 2022 14:14:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 5381
cache-control: max-age=86400
content-encoding: gzip
etag: "6359216f-1505"
expires: Thu, 27 Oct 2022 12:22:54 GMT
last-modified: Wed, 26 Oct 2022 12:00:47 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 6671
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/mibr_white-logo.png

8.254.252.213

200 OK

9.9 kB

URL HTTP/2
v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/mibr_white-logo.png
IP
8.254.252.213:0
ASN
#3356 LEVEL3

File type
PNG image data, 834 x 434, 8-bit/color RGBA, non-interlaced\012- data
Size
9.9 kB (9904 bytes)
Hash
c14d0b72d2885c8ae4975e64ddb29a6f
3c31e0bb67f15daada51baf892c89ef0cd061146
657992cd544e48630d90afc0b957014f0ac4fad15789c7c18a937d5b71231967

HTTP Headers

GET /genfiles/cms/1-285/desktop/footer/logos/mibr_white-logo.png HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 26 Oct 2022 14:14:03 GMT
content-type: image/png
content-length: 9904
cache-control: public, max-age=120, s-maxage=600
etag: "c14d0b72d2885c8ae4975e64ddb29a6f"
expires: Wed, 26 Oct 2022 14:07:20 GMT
last-modified: Thu, 04 Aug 2022 17:36:40 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 540
accept-ranges: bytes
X-Firefox-Spdy: h2

lite-1x768595.top/web-api/api/internal/v1/sessions/user

178.253.14.138

200 OK

91 B

URL HTTP/2
lite-1x768595.top/web-api/api/internal/v1/sessions/user
IP
178.253.14.138:0
ASN
#0

File type
JSON data\012- , ASCII text, with no line terminators
Size
91 B (91 bytes)
Hash
7f08529bc4a73ef6216d27a6b9408914
d35e84765ec35db78746ff044785169e847837c9
72fec33883cd2c515ce5bf34588577cac6598e3e7e8d8a3ad7fc95c1dc42150f

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /web-api/api/internal/v1/sessions/user HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x768595.top/us/promotions/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0OimNZQKgZdSmaAwTRAg==; SESSION=88327a02f6bbe214cc22a5f5afa1cf28; lng=us; tzo=0; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 14:14:03 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=43, dt_285;dur=44
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/team_spirit_black.png

8.254.252.213

200 OK

169 kB

URL HTTP/2
v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/team_spirit_black.png
IP
8.254.252.213:0
ASN
#3356 LEVEL3

File type
PNG image data, 4000 x 4000, 8-bit/color RGBA, non-interlaced\012- data
Size
169 kB (169025 bytes)
Hash
ba6cf2e79cb532a105c8f34b1efbcb26
f05ff0a3895400ac928ac1cce6153f657e6f6d8f
8e3e826321588ba9cca7ed55a8c23ee2e64e007775a40f9f8878340b2788864e

HTTP Headers

GET /genfiles/cms/1-285/desktop/footer/logos/team_spirit_black.png HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 26 Oct 2022 14:14:03 GMT
content-type: image/png
content-length: 169025
cache-control: public, max-age=120, s-maxage=600
etag: "ba6cf2e79cb532a105c8f34b1efbcb26"
expires: Wed, 26 Oct 2022 14:09:43 GMT
last-modified: Wed, 01 Jun 2022 12:16:40 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 382
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/og_red_bull.png

8.254.252.213

200 OK

149 kB

URL HTTP/2
v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/og_red_bull.png
IP
8.254.252.213:0
ASN
#3356 LEVEL3

File type
PNG image data, 2187 x 3222, 8-bit/color RGBA, non-interlaced\012- data
Size
149 kB (149244 bytes)
Hash
ab837a9cb89291146ad8b371c052fe8d
bf89d8ec4fa8ac43004ceb74bd49199aa3436ca2
14a017c6bf332ef819755c66546f9847b291c056239bc0289d92063fcd17648b

HTTP Headers

GET /genfiles/cms/1-285/desktop/footer/logos/og_red_bull.png HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 26 Oct 2022 14:14:03 GMT
content-type: image/png
content-length: 149244
cache-control: public, max-age=120, s-maxage=600
etag: "ab837a9cb89291146ad8b371c052fe8d"
expires: Wed, 26 Oct 2022 14:15:33 GMT
last-modified: Wed, 25 May 2022 11:38:09 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 101
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/caf-champions-en.png

8.254.252.213

200 OK

15 kB

URL HTTP/2
v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/caf-champions-en.png
IP
8.254.252.213:0
ASN
#3356 LEVEL3

File type
PNG image data, 387 x 230, 8-bit colormap, non-interlaced\012- data
Size
15 kB (15100 bytes)
Hash
805de1a5bec7c7e47c459ed79e5a7778
409804a9ad7ebd262a6125eb04cbd678ac7a9824
3dd56bfcb4bd898db532541ee1bbbcbaffc8276b155f518b5d10be553296633d

HTTP Headers

GET /genfiles/cms/1-285/desktop/footer/logos/caf-champions-en.png HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 26 Oct 2022 14:14:03 GMT
content-type: image/png
content-length: 15100
cache-control: public, max-age=120, s-maxage=600
etag: "805de1a5bec7c7e47c459ed79e5a7778"
expires: Wed, 26 Oct 2022 14:09:48 GMT
last-modified: Fri, 07 May 2021 11:29:04 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 380
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/logo-fcb.png

8.254.252.213

200 OK

7.4 kB

URL HTTP/2
v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/logo-fcb.png
IP
8.254.252.213:0
ASN
#3356 LEVEL3

File type
PNG image data, 169 x 183, 8-bit colormap, non-interlaced\012- data
Size
7.4 kB (7420 bytes)
Hash
8ea23d2a7c2e152564a43453425b3301
f6e61dbb4b90ab17f23130d79af095a1267b01c3
e193b50c6e3a1657a7c7e1100b941a43c90eeda8f9d56763318ac624eeba2cbd

HTTP Headers

GET /genfiles/cms/1-285/desktop/footer/logos/logo-fcb.png HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 26 Oct 2022 14:14:03 GMT
content-type: image/png
content-length: 7420
cache-control: public, max-age=120, s-maxage=600
etag: "8ea23d2a7c2e152564a43453425b3301"
expires: Wed, 26 Oct 2022 14:10:54 GMT
last-modified: Fri, 06 Nov 2020 12:55:12 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 309
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/logo-losc.png

8.254.252.213

200 OK

119 kB

URL HTTP/2
v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/logo-losc.png
IP
8.254.252.213:0
ASN
#3356 LEVEL3

File type
PNG image data, 2052 x 1962, 8-bit/color RGBA, non-interlaced\012- data
Size
119 kB (119254 bytes)
Hash
0b72a6591ead9e9b95a118b411b9556a
6d43538a7c2167e9046d418e0707dba8f361fd1c
012b4965e861f6073a0496f55677715279f5799468c9aa4c3d92bdbbc5e0b67b

HTTP Headers

GET /genfiles/cms/1-285/desktop/footer/logos/logo-losc.png HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 26 Oct 2022 14:14:03 GMT
content-type: image/png
content-length: 119254
cache-control: public, max-age=120, s-maxage=600
etag: "0b72a6591ead9e9b95a118b411b9556a"
expires: Wed, 26 Oct 2022 14:10:47 GMT
last-modified: Fri, 09 Sep 2022 14:12:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 316
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/K23_2020_lightmode.png

8.254.252.213

200 OK

168 kB

URL HTTP/2
v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/K23_2020_lightmode.png
IP
8.254.252.213:0
ASN
#3356 LEVEL3

File type
PNG image data, 4455 x 2151, 8-bit/color RGBA, non-interlaced\012- data
Size
168 kB (168437 bytes)
Hash
514efcaa096bc870bbb55a0910327b9c
05f80f59b5eeb2e4cf409fc4b9d96ddec64b3e6f
a541dec3a5acfa154ce5716014bb463c6be72db6bf5ffb88dde95929e9670942

HTTP Headers

GET /genfiles/cms/1-285/desktop/footer/logos/K23_2020_lightmode.png HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 26 Oct 2022 14:14:03 GMT
content-type: image/png
content-length: 168437
cache-control: public, max-age=120, s-maxage=600
etag: "514efcaa096bc870bbb55a0910327b9c"
expires: Wed, 26 Oct 2022 14:15:33 GMT
last-modified: Wed, 01 Jun 2022 12:17:09 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 101
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/esl.png

8.254.252.213

200 OK

33 kB

URL HTTP/2
v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/esl.png
IP
8.254.252.213:0
ASN
#3356 LEVEL3

File type
PNG image data, 1184 x 362, 8-bit/color RGBA, non-interlaced\012- data
Size
33 kB (33328 bytes)
Hash
802ac7a85f716d1a10ad5084ce6b2c14
4e3b9ea62cf588f4f8b5be3553aa53068fbe8fa6
3329ddcdb9bce051bb89a2ec7ea84fae914e31752e66656a2321642d8457f7cc

HTTP Headers

GET /genfiles/cms/1-285/desktop/footer/logos/esl.png HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 26 Oct 2022 14:14:03 GMT
content-type: image/png
content-length: 33328
cache-control: public, max-age=3, s-maxage=600
etag: "802ac7a85f716d1a10ad5084ce6b2c14"
expires: Wed, 26 Oct 2022 14:13:47 GMT
last-modified: Fri, 07 May 2021 11:29:08 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 215
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/logo-serie-new.png

8.254.252.213

200 OK

19 kB

URL HTTP/2
v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/logo-serie-new.png
IP
8.254.252.213:0
ASN
#3356 LEVEL3

File type
PNG image data, 180 x 320, 8-bit/color RGBA, non-interlaced\012- data
Size
19 kB (18675 bytes)
Hash
eebc2093ed37610949fddb757fb411c2
f7964e29e324fe613114a2d8a574819735d4e8a4
2573852f7e996aaf5d4ae5280f600e384f8b5d75e8c4de9e06100af2d9f55e5c

HTTP Headers

GET /genfiles/cms/1-285/desktop/footer/logos/logo-serie-new.png HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 26 Oct 2022 14:14:03 GMT
content-type: image/png
content-length: 18675
cache-control: public, max-age=120, s-maxage=600
etag: "eebc2093ed37610949fddb757fb411c2"
expires: Wed, 26 Oct 2022 14:15:33 GMT
last-modified: Fri, 06 Nov 2020 12:55:12 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 101
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/can-2019-en.png

8.254.252.213

200 OK

8.1 kB

URL HTTP/2
v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/can-2019-en.png
IP
8.254.252.213:0
ASN
#3356 LEVEL3

File type
PNG image data, 243 x 144, 8-bit colormap, non-interlaced\012- data
Size
8.1 kB (8120 bytes)
Hash
d2998762f0b00c9d1bcd90c28f0a5731
95553e4eff474b6a05ad4a6e00826ba4ab9b2c4e
09050bbfb49f160886714942b619eb95dbd92f2f6862f38aa685538f420591b8

HTTP Headers

GET /genfiles/cms/1-285/desktop/footer/logos/can-2019-en.png HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 26 Oct 2022 14:14:04 GMT
content-type: image/png
content-length: 8120
cache-control: public, max-age=120, s-maxage=600
etag: "d2998762f0b00c9d1bcd90c28f0a5731"
expires: Wed, 26 Oct 2022 14:10:29 GMT
last-modified: Fri, 06 Nov 2020 12:55:12 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 369
accept-ranges: bytes
X-Firefox-Spdy: h2

lite-1x768595.top/genfiles/cms/maintenance_mode/settings.json?timestamp=1666793640631

178.253.14.138

200 OK

145 B

URL HTTP/2
lite-1x768595.top/genfiles/cms/maintenance_mode/settings.json?timestamp=1666793640631
IP
178.253.14.138:0
ASN
#0

File type
JSON data\012- , ASCII text, with no line terminators
Size
145 B (145 bytes)
Hash
81d90db48c09d6f764c4929c90eadfc1
6fe1a593e77cca8d9adff9fe5b5f40e19ccf7bd8
fa0a9c9d33937e1539ce6b9e44abf7ecd69f5032c6ba8b85308c6a388f8dc28c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /genfiles/cms/maintenance_mode/settings.json?timestamp=1666793640631 HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x768595.top/us/promotions/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0OimNZQKgZdSmaAwTRAg==; SESSION=88327a02f6bbe214cc22a5f5afa1cf28; lng=us; tzo=0; window_width=1280; che_g=6a274cde-da00-1bc2-47db-b7b1ba3303fe
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 14:14:04 GMT
content-type: application/json
content-length: 145
last-modified: Thu, 21 Apr 2022 06:40:33 GMT
x-rgw-object-type: Normal
etag: "81d90db48c09d6f764c4929c90eadfc1"
cache-control: public,max-age=60,s-maxage=60
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/caf-confederation-en.png

8.254.252.213

200 OK

15 kB

URL HTTP/2
v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/caf-confederation-en.png
IP
8.254.252.213:0
ASN
#3356 LEVEL3

File type
PNG image data, 387 x 230, 8-bit colormap, non-interlaced\012- data
Size
15 kB (14740 bytes)
Hash
70e5105d03a74cc00cd9a0386fde303e
ffcd4fbcd486825d0d31e41cada108335b012d81
baabca03d9695b9475d7d0b4d736fbb093d21f2c03228a7704097e2bfb8e583a

HTTP Headers

GET /genfiles/cms/1-285/desktop/footer/logos/caf-confederation-en.png HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 26 Oct 2022 14:14:04 GMT
content-type: image/png
content-length: 14740
cache-control: public, max-age=120, s-maxage=600
etag: "70e5105d03a74cc00cd9a0386fde303e"
expires: Wed, 26 Oct 2022 14:16:04 GMT
last-modified: Fri, 07 May 2021 11:29:03 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 5
accept-ranges: bytes
X-Firefox-Spdy: h2

lite-1x768595.top/web-api/api/internal/v1/proof_of_age

178.253.14.138

204 No Content

0 B

URL HTTP/2
lite-1x768595.top/web-api/api/internal/v1/proof_of_age
IP
178.253.14.138:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /web-api/api/internal/v1/proof_of_age HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/vnd.api+json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x768595.top/us/promotions/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0OimNZQKgZdSmaAwTRAg==; SESSION=88327a02f6bbe214cc22a5f5afa1cf28; lng=us; tzo=0; window_width=1280; che_g=6a274cde-da00-1bc2-47db-b7b1ba3303fe
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Wed, 26 Oct 2022 14:14:04 GMT
cache-control: no-cache, private
server-timing: p;dur=38, dt_285;dur=41
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Wed, 26 Oct 2022 12:41:09 GMT
expires: Wed, 26 Oct 2022 14:41:09 GMT
cache-control: public, max-age=7200
age: 5575
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d68830f33c12f2aa839ecd5c96146bb2
c4eca00dde1d737943bc2980b58a7288c06f808c
0b8dd5b33360dae55b75de1bb81fc9404103824c8d987372d1c44f425052f0d7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 14:14:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-178408567-1&cid=1907256039.1666793641&jid=577557147&gjid=1576833882&_gid=285396782.1666793641&_u=aCDAAUACQAAAACAAI~&z=1863204464

173.194.222.155

200 OK

1 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-178408567-1&cid=1907256039.1666793641&jid=577557147&gjid=1576833882&_gid=285396782.1666793641&_u=aCDAAUACQAAAACAAI~&z=1863204464
IP
173.194.222.155:0
ASN
#15169 GOOGLE

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-178408567-1&cid=1907256039.1666793641&jid=577557147&gjid=1576833882&_gid=285396782.1666793641&_u=aCDAAUACQAAAACAAI~&z=1863204464 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://lite-1x768595.top
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://lite-1x768595.top
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 26 Oct 2022 14:14:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d68830f33c12f2aa839ecd5c96146bb2
c4eca00dde1d737943bc2980b58a7288c06f808c
0b8dd5b33360dae55b75de1bb81fc9404103824c8d987372d1c44f425052f0d7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 14:14:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

lite-1x768595.top/web-api/external-api/config/getLangs

178.253.14.138

200 OK

1.5 kB

URL HTTP/2
lite-1x768595.top/web-api/external-api/config/getLangs
IP
178.253.14.138:0
ASN
#0

File type
JSON data\012- , ASCII text, with very long lines (5016), with no line terminators
Size
1.5 kB (1543 bytes)
Hash
13933b82591362b214dc4470a90da551
c25a239251f075ca8ec43f4f61dc46c1bc27a710
bff2e058794e71f0014e18b9bd00b8cb6d42d62f465bb9fbcd2bbebe4a497239

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /web-api/external-api/config/getLangs HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://lite-1x768595.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0OimNZQKgZdSmaAwTRAg==; SESSION=88327a02f6bbe214cc22a5f5afa1cf28; lng=us; tzo=0; window_width=1280; che_g=6a274cde-da00-1bc2-47db-b7b1ba3303fe; _ga_7JGWL9SV66=GS1.1.1666793640.1.0.1666793640.0.0.0; _ga=GA1.2.1907256039.1666793641; _gid=GA1.2.285396782.1666793641; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 14:14:04 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=27, dt_285;dur=30
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

lite-1x768595.top/translation-api/by-lang/us

178.253.14.138

200 OK

9.0 kB

URL HTTP/2
lite-1x768595.top/translation-api/by-lang/us
IP
178.253.14.138:0
ASN
#0

File type
JSON data\012- data
Size
9.0 kB (9046 bytes)
Hash
4020e8ce1ac0589ae948ed1b9166ffd0
64e9612cad3d6afbe4d48d11c64031a2802ab29b
d54fa8692eaf3a5ce8e4a605d4777e4544e6ebcd4d05942a26b2090c60ca4a9b

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /translation-api/by-lang/us HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://lite-1x768595.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0OimNZQKgZdSmaAwTRAg==; SESSION=88327a02f6bbe214cc22a5f5afa1cf28; lng=us; tzo=0; window_width=1920; che_g=6a274cde-da00-1bc2-47db-b7b1ba3303fe; _ga_7JGWL9SV66=GS1.1.1666793640.1.0.1666793640.0.0.0; _ga=GA1.2.1907256039.1666793641; _gid=GA1.2.285396782.1666793641; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 14:14:04 GMT
content-type: application/vnd.api+json
cache-control: no-cache, private
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-max-age: 1728000
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

lite-1x768595.top/web-api/external-api/config/all

178.253.14.138

200 OK

99 kB

URL HTTP/2
lite-1x768595.top/web-api/external-api/config/all
IP
178.253.14.138:0
ASN
#0

File type
data
Size
99 kB (98791 bytes)
Hash
7acc7d3c6ba3bf0c79ed2fb8108e6eec
8d46e6109fd4dce48de6c3e7c77642b9075867d0
b2fffce3b2686d8eb5d8d7372e0261004161095c33305da7bffa8e2cb333d75f

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /web-api/external-api/config/all HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Origin: https://lite-1x768595.top
Connection: keep-alive
Referer: https://lite-1x768595.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0OimNZQKgZdSmaAwTRAg==; SESSION=88327a02f6bbe214cc22a5f5afa1cf28; lng=us; tzo=0; window_width=1280; che_g=6a274cde-da00-1bc2-47db-b7b1ba3303fe; _ga_7JGWL9SV66=GS1.1.1666793640.1.0.1666793640.0.0.0; _ga=GA1.1.1907256039.1666793641
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 14:14:04 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=71, dt_285;dur=73
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

lite-1x768595.top/genfiles/cms/1-285/desktop/errorsPage/ball.webp

178.253.14.138

200 OK

2.0 kB

URL HTTP/2
lite-1x768595.top/genfiles/cms/1-285/desktop/errorsPage/ball.webp
IP
178.253.14.138:0
ASN
#0

File type
RIFF (little-endian) data, Web/P image\012- data
Size
2.0 kB (2010 bytes)
Hash
b2e135d916673e6f1be84800198490d4
60db6095350e4b9e618aab6666650eb13a941745
3b2e95cba675bc9bdeae9308d00f629d586a6ae7e55aa60a971027cbf9ed7682

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /genfiles/cms/1-285/desktop/errorsPage/ball.webp HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/403
Cookie: platform_type=desktop; auid=sv0OimNZQKgZdSmaAwTRAg==; SESSION=88327a02f6bbe214cc22a5f5afa1cf28; lng=us; tzo=0; window_width=1280; che_g=6a274cde-da00-1bc2-47db-b7b1ba3303fe; _ga_7JGWL9SV66=GS1.1.1666793640.1.0.1666793640.0.0.0; _ga=GA1.2.1907256039.1666793641; _gid=GA1.2.285396782.1666793641; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 14:14:05 GMT
content-type: application/octet-stream
content-length: 2010
last-modified: Tue, 26 Jan 2021 08:32:04 GMT
x-rgw-object-type: Normal
etag: "b2e135d916673e6f1be84800198490d4"
access-control-allow-origin: *
cache-control: public,max-age=120,s-maxage=600
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

lite-1x768595.top/genfiles/cms/1-285/desktop//errorsPage/gates.png

178.253.14.138

200 OK

79 kB

URL HTTP/2
lite-1x768595.top/genfiles/cms/1-285/desktop//errorsPage/gates.png
IP
178.253.14.138:0
ASN
#0

File type
PNG image data, 739 x 687, 8-bit/color RGBA, non-interlaced\012- data
Size
79 kB (78710 bytes)
Hash
0ecd34213f0d5c445cb14d6f8d2dd7ed
aadbec956b67f7247b08c7fbfdb3e9625bd6bc00
98c1b640475c09dbed13ae6ea5772634ce5d889d3f0ec97701f21bcd7e772541

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /genfiles/cms/1-285/desktop//errorsPage/gates.png HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0OimNZQKgZdSmaAwTRAg==; SESSION=88327a02f6bbe214cc22a5f5afa1cf28; lng=us; tzo=0; window_width=1280; che_g=6a274cde-da00-1bc2-47db-b7b1ba3303fe; _ga_7JGWL9SV66=GS1.1.1666793640.1.0.1666793640.0.0.0; _ga=GA1.2.1907256039.1666793641; _gid=GA1.2.285396782.1666793641; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 14:14:05 GMT
content-type: image/png
content-length: 78710
last-modified: Sat, 07 Nov 2020 11:58:55 GMT
x-rgw-object-type: Normal
etag: "0ecd34213f0d5c445cb14d6f8d2dd7ed"
access-control-allow-origin: *
cache-control: public,max-age=120,s-maxage=600
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

lite-1x768595.top/web-api/external-api/promotions/campeonato-brasileiro

178.253.14.138

403 Forbidden

212 kB

URL HTTP/2
lite-1x768595.top/web-api/external-api/promotions/campeonato-brasileiro
IP
178.253.14.138:0
ASN
#0

File type
data
Size
212 kB (212090 bytes)
Hash
3b0f5e32a7c4b023bb286acb60462fca
cd8ff39b24caf819fa47cffc19c28612d19f2c10
1c30324922b2770ccabe28645fc123bc4b14c62ba8b548600beeb4f6768cc1da

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /web-api/external-api/promotions/campeonato-brasileiro HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://lite-1x768595.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0OimNZQKgZdSmaAwTRAg==; SESSION=88327a02f6bbe214cc22a5f5afa1cf28; lng=us; tzo=0; window_width=1280; che_g=6a274cde-da00-1bc2-47db-b7b1ba3303fe; _ga_7JGWL9SV66=GS1.1.1666793640.1.0.1666793640.0.0.0; _ga=GA1.2.1907256039.1666793641; _gid=GA1.2.285396782.1666793641; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 403 Forbidden
server: nginx
date: Wed, 26 Oct 2022 14:14:05 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=32, dt_285;dur=34
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
cc8e218cff9a028f8a2f6a0c05240d79
90b1a4f388972eb81eb71ebec32aeb90b3ea2b62
c1fec0b1a76ce4273403632ce86ac680a11f21f413e31414b73bc9ee68b78c0b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4049
Cache-Control: max-age=161274
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 14:14:05 GMT
Etag: "635903d6-117"
Expires: Fri, 28 Oct 2022 11:01:59 GMT
Last-Modified: Wed, 26 Oct 2022 09:54:30 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 279

suphelper.com/widget/injector.js

104.16.42.72

200 OK

45 kB

URL HTTP/2
suphelper.com/widget/injector.js
IP
104.16.42.72:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (38365)
Size
45 kB (45373 bytes)
Hash
89f80378c00dfa30dc802b643963d8c6
81c759413d124bb2bf338ae3cb8badabd4447dd3
2c51bfcb7423796585628f9f4101d573819f6721a9df2c2686538be4b03c96ad

HTTP Headers

GET /widget/injector.js HTTP/1.1
Host: suphelper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 26 Oct 2022 14:14:05 GMT
content-type: application/javascript; charset=UTF-8
x-dns-prefetch-control: off
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'strict-dynamic' 'nonce-4fa3454e-107f-48cf-ae24-cdd68f6bc4a1' https://www.googletagmanager.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' https: data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self' ws://localhost:8085 https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://mc.yandex.ru https://api.github.com http://192.168.208.23:11999 https://suphelper.com wss://suphelper.com *.suphelper.com https://suphelper.ru wss://suphelper.ru *.suphelper.ru https://cons.insystem.su wss://cons.insystem.su *.cons.insystem.su wss://chat.insystem.su https://chat.insystem.su *.chat.insystem.su; frame-src 'self' https://www.google.com https://www.google.com/recaptcha/; report-uri /widget/api/report-csp/
cache-control: public, max-age=300
last-modified: Fri, 23 Sep 2022 07:08:12 GMT
etag: W/"28d83-183692cdf60"
vary: Accept-Encoding
cf-cache-status: HIT
age: 98
server: cloudflare
cf-ray: 7603cbdbecf50a40-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

lite-1x768595.top/web-api/external-api/getFirstDepositBonus

178.253.14.138

200 OK

0 B

URL HTTP/2
lite-1x768595.top/web-api/external-api/getFirstDepositBonus
IP
178.253.14.138:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /web-api/external-api/getFirstDepositBonus HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x768595.top/us/promotions/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0OimNZQKgZdSmaAwTRAg==; SESSION=88327a02f6bbe214cc22a5f5afa1cf28; lng=us; tzo=0; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 14:14:03 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=30, dt_285;dur=31
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

lite-1x768595.top/web-api/external-api/getColorTheme

178.253.14.138

200 OK

0 B

URL HTTP/2
lite-1x768595.top/web-api/external-api/getColorTheme
IP
178.253.14.138:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /web-api/external-api/getColorTheme HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://lite-1x768595.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0OimNZQKgZdSmaAwTRAg==; SESSION=88327a02f6bbe214cc22a5f5afa1cf28; lng=us; tzo=0; window_width=1280; che_g=6a274cde-da00-1bc2-47db-b7b1ba3303fe; _ga_7JGWL9SV66=GS1.1.1666793640.1.0.1666793640.0.0.0; _ga=GA1.2.1907256039.1666793641; _gid=GA1.2.285396782.1666793641; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 14:14:04 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=29, dt_285;dur=30
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

lite-1x768595.top/web-api/api/converslon/load

178.253.14.138

200 OK

0 B

URL HTTP/2
lite-1x768595.top/web-api/api/converslon/load
IP
178.253.14.138:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /web-api/api/converslon/load HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x768595.top/us/promotions/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0OimNZQKgZdSmaAwTRAg==; SESSION=88327a02f6bbe214cc22a5f5afa1cf28; lng=us; tzo=0; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 14:14:03 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=30, dt_285;dur=31
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

lite-1x768595.top/web-api/external-api/getFirstDepositBonus

178.253.14.138

200 OK

0 B

URL HTTP/2
lite-1x768595.top/web-api/external-api/getFirstDepositBonus
IP
178.253.14.138:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /web-api/external-api/getFirstDepositBonus HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x768595.top/us/promotions/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0OimNZQKgZdSmaAwTRAg==; SESSION=88327a02f6bbe214cc22a5f5afa1cf28; lng=us; tzo=0; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 14:14:03 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=35, dt_285;dur=36
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

lite-1x768595.top/web-api/g/df833b5dbb4593d16e6e7cc0a3379dba527922fe

178.253.14.138

200 OK

0 B

URL HTTP/2
lite-1x768595.top/web-api/g/df833b5dbb4593d16e6e7cc0a3379dba527922fe
IP
178.253.14.138:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /web-api/g/df833b5dbb4593d16e6e7cc0a3379dba527922fe HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lite-1x768595.top/us/promotions/campeonato-brasileiro
X-Requested-With: XMLHttpRequest
Content-Type: application/json
Origin: https://lite-1x768595.top
Content-Length: 31240
Connection: keep-alive
Cookie: platform_type=desktop; auid=sv0OimNZQKgZdSmaAwTRAg==; SESSION=88327a02f6bbe214cc22a5f5afa1cf28; lng=us; tzo=0; window_width=1280; che_g=6a274cde-da00-1bc2-47db-b7b1ba3303fe; _ga_7JGWL9SV66=GS1.1.1666793640.1.0.1666793640.0.0.0; _ga=GA1.2.1907256039.1666793641; _gid=GA1.2.285396782.1666793641; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 14:14:05 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=34, dt_285;dur=37
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

1x-xredbet478860.top/promotions/campeonato-brasileiro/

178.253.47.23

307 Temporary Redirect

0 B

URL HTTP/2
1x-xredbet478860.top/promotions/campeonato-brasileiro/
IP
178.253.47.23:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /promotions/campeonato-brasileiro/ HTTP/1.1
Host: 1x-xredbet478860.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 307 Temporary Redirect
server: nginx
date: Wed, 26 Oct 2022 14:14:00 GMT
content-type: text/html; charset=utf-8
location: https://lite-1x768595.top/promotions/campeonato-brasileiro/
x-frame-options: SAMEORIGIN
set-cookie: SESSION=6eb6f67e9032cc0e0b40cc4f65570689; path=/; secure; HttpOnly; SameSite=Lax
ua=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
auid=sv0vF2NZQKilSCn3AwTQAg==; expires=Thu, 26-Oct-23 14:14:00 GMT; path=/
x-reason: 1080,1078,1074,1015,1021
cache-control: no-cache, private
server-timing: p;dur=65
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

lite-1x768595.top/promotions/campeonato-brasileiro/

178.253.14.138

302 Found

0 B

URL HTTP/2
lite-1x768595.top/promotions/campeonato-brasileiro/
IP
178.253.14.138:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /promotions/campeonato-brasileiro/ HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
server: nginx
date: Wed, 26 Oct 2022 14:14:00 GMT
location: /us/promotions/campeonato-brasileiro
reason-v3: empty_lang
server-timing: total;dur=0;desc="Nuxt Server Time", dt_285;dur=2
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
set-cookie: platform_type=desktop; Path=/; Expires=Sat, 29 Oct 2022 14:14:00 GMT
auid=sv0OimNZQKgZdSmaAwTRAg==; expires=Thu, 26-Oct-23 14:14:00 GMT; path=/
X-Firefox-Spdy: h2

34.120.237.76

200 OK

0 B

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc635673e-499c-4d9c-8bc5-a713fb19e221.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc635673e-499c-4d9c-8bc5-a713fb19e221.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13796
x-amzn-requestid: 90b1e032-78c6-499d-b564-f25c15e20304
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: alJ2OG0SoAMFx-w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6358568e-599d0f526fc6a01f77b67dcf;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 21:35:10 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: sVS9nFgRyVconkkFTOrCO2zA0cICFNQFB2E1q7SQcVQm5_Dm6khvrA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Tue, 25 Oct 2022 21:48:40 GMT
age: 59122
etag: "c3856686b98e1883133aa1824c496d34512769a0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (36)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP