Report - futbollibre.net

Report Overview

Submitted URL
futbollibre.net
IP
172.64.162.27
ASN
#13335 CLOUDFLARENET
Submitted
2022-10-05 16:53:21
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
10

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	379 B	36 kB	142.250.74.42
simplewebanalysis.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	379 B	408 B	52.29.95.124
firefox-settings-attachments.cdn.mozilla.net	11509	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	400 B	796 kB	54.230.111.80
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	662 B	1.4 kB	142.250.74.3
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.1 kB	34 kB	34.120.237.76
getpocket.cdn.mozilla.net	1369	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	423 B	45 kB	34.120.5.221
lpgs.chatbro.com	80710	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	431 B	1.2 kB	172.64.193.9
widgets.amung.us	12623	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	419 B	2.7 kB	104.22.75.171
futbollibre.net	260500	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	887 B	1.5 kB	172.64.162.27
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.8 kB	19 kB	54.230.111.7
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	652 B	1.5 kB	23.36.77.32
youradexchange.com	273384	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	885 B	268 B	35.190.41.116
creepingbrings.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	348 B	954 B	172.64.198.30
shavar.services.mozilla.com	3602	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	441 B	27 kB	35.163.90.214
buttons-config.sharethis.com	6006	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	382 B	1.1 kB	54.230.111.11
muchmiller.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	382 B	21 kB	192.243.59.13
l.sharethis.com	4794	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	953 B	400 B	52.28.252.98
ws.chatbro.com	76903	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	577 B	749 B	172.64.193.9
platform-api.sharethis.com	5118	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	365 B	596 B	54.230.111.68
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	6.3 kB	63 kB	54.230.111.35
platform-cdn.sharethis.com	11841	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	4.9 kB	54.230.111.128
addresseepaper.com	18169	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	348 B	37 kB	172.64.193.5
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.6 kB	9.8 kB	23.36.77.32
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	676 B	1.9 kB	54.230.245.110
acscdn.com	93608	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	348 B	41 kB	104.21.82.12
unseenreport.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	846 B	192.243.59.13
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	656 B	1.9 kB	104.18.32.68
www.chatbro.com	78163	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	23 kB	172.64.193.9
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	35.164.146.235
count-server.sharethis.com	11699	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	438 B	1.2 kB	54.230.111.84
prawnsimply.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	813 B	15 kB	173.233.137.44
whos.amung.us	12687	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	394 B	337 B	104.22.75.171
detectportal.firefox.com	1601	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	582 B	428 B	34.107.221.82

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-10-05	medium	muchmiller.com	Sinkholed
2022-10-05	medium	prawnsimply.com	Sinkholed
2022-10-05	medium	prawnsimply.com	Sinkholed
2022-10-05	medium	unseenreport.com	Sinkholed
2022-10-05	medium	unseenreport.com	Sinkholed

JavaScript (25)

	URL	Size	First Seen	Last Seen
	futbollibre.net/inicio/	627 B	2023-03-07	2023-03-10
Pretty URL futbollibre.net/inicio/ IP 172.64.162.27 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:51:28 Last Seen2023-03-10 14:02:58 Times Seen1 Hash 6991c02dad297cc84297cac69888bc29 7034b7a03cc3ddb236a3574142dccd21410efb1a c12df21e539efb938032eb540816c801e61712f51172bdf9fa2a10d504b57211 Loading...

	futbollibre.net/inicio/	179 B	2023-03-07	2023-03-10
Pretty URL futbollibre.net/inicio/ IP 172.64.162.27 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:51:28 Last Seen2023-03-10 14:02:58 Times Seen1 Hash d0f0a8548e97d0432b42af12de7570f9 7ca6c8438adaa97b52ce3c50b7f69e60e3dbcee7 152d0e3ba15c22376bce26b0b03f56959cc8aa1cf99bb8b128c30fcd950f9083 Loading...

	http:blank	580 B	2023-03-08	2023-03-08
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:20:14 Last Seen2023-03-08 06:20:14 Times Seen1 Hash 593b03c6a10c0ca1a5c866be3caeaee1 3d5e53939fc8f863de5e3402ced975d16723ead3 de1851ad226ddc3c04f62f862da7f5768868d03a5bfce699256c38586b0da5db Loading...

	futbollibre.net/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyRiVDMyVCQXRib2wlMjBMaWJyZSUyMFRWJTIwLSUyMFZlciUyMHRvZG9zJTIwbG9zJTIwcGFydGlkb3MlMjBkZSUyMGYlQzMlQkF0Ym9sJTIwZW4lMjBWSVZPJTIyJTJDJTIyeCUyMiUzQTAuOTcxMDE5NTI0MjA2NjEwMSUyQyUyMnclMjIlM0ExMjgwJTJDJTIyaCUyMiUzQTEwMjQlMkMlMjJqJTIyJTNBOTM5JTJDJTIyZSUyMiUzQTEyODAlMkMlMjJsJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZmdXRib2xsaWJyZS5uZXQlMkZpbmljaW8lMkYlMjIlMkMlMjJyJTIyJTNBJTIyJTIyJTJDJTIyayUyMiUzQTI0JTJDJTIybiUyMiUzQSUyMlVURi04JTIyJTJDJTIybyUyMiUzQTAlMkMlMjJxJTIyJTNBJTVCJTVEJTdE	4.6 kB	2023-03-08	2023-03-08
Pretty URL futbollibre.net/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyRiVDMyVCQXRib2wlMjBMaWJyZSUyMFRWJTIwLSUyMFZlciUyMHRvZG9zJTIwbG9zJTIwcGFydGlkb3MlMjBkZSUyMGYlQzMlQkF0Ym9sJTIwZW4lMjBWSVZPJTIyJTJDJTIyeCUyMiUzQTAuOTcxMDE5NTI0MjA2NjEwMSUyQyUyMnclMjIlM0ExMjgwJTJDJTIyaCUyMiUzQTEwMjQlMkMlMjJqJTIyJTNBOTM5JTJDJTIyZSUyMiUzQTEyODAlMkMlMjJsJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZmdXRib2xsaWJyZS5uZXQlMkZpbmljaW8lMkYlMjIlMkMlMjJyJTIyJTNBJTIyJTIyJTJDJTIyayUyMiUzQTI0JTJDJTIybiUyMiUzQSUyMlVURi04JTIyJTJDJTIybyUyMiUzQTAlMkMlMjJxJTIyJTNBJTVCJTVEJTdE IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:20:14 Last Seen2023-03-08 13:46:57 Times Seen1 Hash 9b39bb5276bc23bdfe3ea5c8858d651e 2cfbeb001d61b165217d97596a36439f6453e03c ea42502a8d690d82150d577e053ec6b282ee3db28682c319c7fd2633b80efa54 Loading...

	buttons-config.sharethis.com/js/5ab9c9531fff98001395a59a.js	492 B	2023-03-07	2023-04-26
Pretty URL buttons-config.sharethis.com/js/5ab9c9531fff98001395a59a.js IP 54.230.111.11 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:51:28 Last Seen2023-04-26 21:57:16 Times Seen8 Hash f724fa1a4d1150940280592957442aac 254b6495924f5e46bc68da8e995d354a1135e3b2 185eb9e30f94e66607b671f6ab6a09e4ef62b0a35d4303bd59ac0b25dc356646 Loading...

	acscdn.com/script/suv4.js	100 kB	2023-03-07	2023-03-17
Pretty URL acscdn.com/script/suv4.js IP 104.21.82.12 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:21:48 Last Seen2023-03-17 12:47:54 Times Seen1 Hash 90a406e7c114cb9cbdbd171d8282e224 f694a1f6ea641e52a5f6bf963ea2865daa45ba2c d4d5b8dc6a7ca986941b6d029b8465ac9b4ea3b8923d57df81c99a3c03eb899d Loading...

	ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js	94 kB	2023-03-07	2024-05-03
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js IP 142.250.74.42 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:13 Last Seen2024-05-03 19:06:45 Times Seen10605 Hash ddb84c1587287b2df08966081ef063bf 9eb9ac595e9b5544e2dc79fff7cd2d0b4b5ef71f 88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd Loading...

	prawnsimply.com/97/38/a3/9738a343b207c9bd51f72da77988779d.js	37 kB	2023-03-08	2023-03-08
Pretty URL prawnsimply.com/97/38/a3/9738a343b207c9bd51f72da77988779d.js IP 173.233.137.44 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:20:14 Last Seen2023-03-08 06:20:14 Times Seen1 Hash ab4f53269ac9482bb858bf37d55b2909 2ca71132bca9f686acb4dce33d2b9687a67190b4 587c75e7930919b8255e72e53caf26ae82553072db1814fb87118e1e9ab93716 Loading...

	futbollibre.net/inicio/	1.4 kB	2023-03-07	2023-03-10
Pretty URL futbollibre.net/inicio/ IP 172.64.162.27 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:18:55 Last Seen2023-03-10 08:51:33 Times Seen1 Hash 954353b10a8cdde0f8f75c2741644e3d 9acc2256be2a8092407eb0a599cbaedb77f7f96b 8a6d48fb0cabc53290f2bc70268e5ba6bad82bb5f5dccd9f64b34e275d1c6083 Loading...

	platform-api.sharethis.com/js/sharethis.js#property=5ab9c9531fff98001395a59a&product=inline-share-buttons	197 kB	2023-03-07	2023-10-17
Pretty URL platform-api.sharethis.com/js/sharethis.js#property=5ab9c9531fff98001395a59a&product=inline-share-buttons IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:31:56 Last Seen2023-10-17 08:15:44 Times Seen88 Hash 578cbb4ff616ce92efe36eeb51047647 d6d1fc33c4cd74a077f6a0039427477a206fd053 700ad5e597681fb45dfc74f05206ad9c2229a6c710c45b413842ddfe03ce4d50 Loading...

	futbollibre.net/cdn-cgi/apps/body/d6eXLXGZ5JuTKuTiiiyUWDa9OXQ.js	26 kB	2023-03-08	2023-03-10
Pretty URL futbollibre.net/cdn-cgi/apps/body/d6eXLXGZ5JuTKuTiiiyUWDa9OXQ.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:20:14 Last Seen2023-03-10 14:02:58 Times Seen1 Hash 7546e5f442d02597cf405504918b1f71 13cd28b651c1fc38aadcf57004fbc3c8ac1c4095 a7accc105311b9dd60625378dd140e9925e705cf5938fa18c71761d3bea58c0b Loading...

	futbollibre.net/inicio/	1.4 kB	2023-03-08	2023-03-08
Pretty URL futbollibre.net/inicio/ IP 172.64.162.27 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:20:14 Last Seen2023-03-08 06:20:14 Times Seen1 Hash 2e5b6c8087f1a83a3b5b23b244af79ea d089781e8a785679e1ca80e8f7b061728e6cd32e efc59e161cf54ccf389a7d533776e9cca8af6024ab4cf11797650aee217da04b Loading...

	futbollibre.net/agenda/smallscripts120.js?v	5.0 kB	2023-03-08	2023-03-08
Pretty URL futbollibre.net/agenda/smallscripts120.js?v IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:20:14 Last Seen2023-03-08 06:20:14 Times Seen1 Hash 340485934937f22056a1d31f17234a56 fbfed60b74aaa4a73ac6069951937781a903fe30 40e677267b3e400c26269ea67f3e54efbe39f2c593dd8a3e66d32f9472cf12be Loading...

	futbollibre.net/agenda/?update=166498878	1.4 kB	2023-03-08	2023-03-08
Pretty URL futbollibre.net/agenda/?update=166498878 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:20:14 Last Seen2023-03-08 06:20:14 Times Seen1 Hash 2ee6f02fa01138e1deed3bcd2e3017dd dcb3144fe91755dabb9f1a3defca9e9bba6e84fa c52329e096dd7309e501e6bafea70f03159c69309764258118046ce1ab9f3b9b Loading...

	count-server.sharethis.com/v2.0/get_counts?cb=window.__sharethis__.cb&url=https%3A%2F%2Ffutbollibre.net%2Finicio%2F	727 B	2023-03-08	2023-03-08
Pretty URL count-server.sharethis.com/v2.0/get_counts?cb=window.__sharethis__.cb&url=https%3A%2F%2Ffutbollibre.net%2Finicio%2F IP 54.230.111.84 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:20:14 Last Seen2023-03-08 06:20:14 Times Seen1 Hash 3d0896e2c5d1c8573f643f1b725b650c e401d54aeb2046bfcf6a01180678e6e81f3dd2d9 37f97ecaa1f1d66905e532d21abd3f29016a9c36a6a77d25c9fc9d5fb0a929a7 Loading...

	muchmiller.com/46/ca/b0/46cab0482d679d4b3993fdf8e8be6238.js	59 kB	2023-03-08	2023-03-08
Pretty URL muchmiller.com/46/ca/b0/46cab0482d679d4b3993fdf8e8be6238.js IP 192.243.59.13 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:20:14 Last Seen2023-03-08 06:20:14 Times Seen1 Hash 8a07db90bbc9dca4973111de600e55a0 4aed10d28bad4d08bd10f1748aac1744ac865d72 31abce4e5a2791bb0a38804c0cd7e81fcd6fd43d5a75c988df7f10587a0ec667 Loading...

	futbollibre.net/cdn-cgi/apps/head/gmlQlRPbgv9auQSiZyac7cshF4Y.js	4.6 kB	2023-03-08	2023-03-10
Pretty URL futbollibre.net/cdn-cgi/apps/head/gmlQlRPbgv9auQSiZyac7cshF4Y.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:20:14 Last Seen2023-03-10 14:02:58 Times Seen1 Hash 8dd49794801bf2d94de5d28b44678030 e4d4a2e801c8c73ad0b8d30123b36607ce3041a6 4f2c630114c0f9d305033fc322d317343dc6d8fe717b38609e1899b473bddc07 Loading...

	futbollibre.net/js/dark-mode-switch.min.js	492 B	2023-03-07	2024-04-28
Pretty URL futbollibre.net/js/dark-mode-switch.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:25 Last Seen2024-04-28 23:43:43 Times Seen51 Hash c618ce0bf69ac187eb8ac6af62ef625a 9e5cdf83879daa7b37bcea7778ae470371b1bf1d 86f693269116a8bee686f12fac138d50d8058c68ee464903d00e15a9dde78067 Loading...

	futbollibre.net/js/terra.js?update	1.1 kB	2023-03-07	2023-03-10
Pretty URL futbollibre.net/js/terra.js?update IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:51:28 Last Seen2023-03-10 14:02:58 Times Seen1 Hash 2c8a5f6281969e1f65b55156f4a23650 65187e4e6e8b6bcbba4b62220de7858b27aace22 3bae811c522eb2a7e0e2842cb5e1d46d329b270eae4ba2a52e5d25c6ffbc5ef5 Loading...

	futbollibre.net/inicio/	959 B	2023-03-08	2023-03-08
Pretty URL futbollibre.net/inicio/ IP 172.64.162.27 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:20:14 Last Seen2023-03-08 06:20:14 Times Seen1 Hash d1b75ced5f112c8c3b8e6d748dad045d b51f193d1660fc05d7248e57787b80681b9fa67a 1fb92237478fab86fb9b3fdb37e68a07211448f54520796738f3465c8e416fde Loading...

	acscdn.com/script/ut.js?cb=1664988786515	71 kB	2023-03-07	2023-03-17
Pretty URL acscdn.com/script/ut.js?cb=1664988786515 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:45 Last Seen2023-03-17 12:47:54 Times Seen1 Hash c7304eebcb5069f68bd3fa9e74218a36 b7d3c152fabc148e7ccb23b62e771610315d13f1 6f6ce602bed449940565c8bfea9921659efafc0c5409a8242eda17e6e6554c31 Loading...

	futbollibre.net/agenda/?update=166498878	519 B	2023-03-08	2024-04-06
Pretty URL futbollibre.net/agenda/?update=166498878 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:20:14 Last Seen2024-04-06 21:27:28 Times Seen22 Hash 38d5ba7f3312ff4952363ba10c2f2a96 b58ad7eb94b93dc531ccfcfb5bb32d8819371d73 c15ac3e1d624e6d50d9edd6da780aa3c16ae11973a3673ef8ee3777fbf3df3e9 Loading...

	http:blank	600 B	2023-03-08	2023-03-08
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:20:14 Last Seen2023-03-08 06:20:14 Times Seen1 Hash 85d95801e7d5f2fe33c1709e2f02ddb1 1df3a93275a73dd51441bb6b6f41e9a17856a249 35d57282b125a2b8d33b17beaf5a1d743dde04e5df8f82e4f69385389f41c466 Loading...

		Size	First Seen	Last Seen
	#1 Eval - c0405e304b9d34401fec0486b146baca	169 kB	2023-03-07	2023-03-10
Pretty Observations First Seen2023-03-07 14:51:28 Last Seen2023-03-10 14:02:58 Times Seen1 Hash c0405e304b9d34401fec0486b146baca 004e39b46846be82d1b130ebdba512bdcd6845cf 1df5b3134a20979745227cd04baadc515a93e1845f2464b46a989b1cdad565af Loading...

	#2 Eval - 15e514201ed921853a8b29395c8a6999	71 B	2023-03-07	2024-04-18
Pretty Observations First Seen2023-03-07 12:25:36 Last Seen2024-04-18 08:17:47 Times Seen98 Hash 15e514201ed921853a8b29395c8a6999 1427a0b4300e4ed3392f3ce6826bc8240ff2b300 606860a664bd76f642a7ff46cef85acc88dea22a3362f3b7f21afb795d71232c Loading...

HTTP Transactions (82)

URL IP Response Size

detectportal.firefox.com/success.txt?ipv4

34.107.221.82

200 OK

8 B

URL HTTP/1.1
detectportal.firefox.com/success.txt?ipv4
IP
34.107.221.82:0
ASN
#15169 GOOGLE

File type
ASCII text
Size
8 B (8 bytes)
Hash
ae780585f49b94ce1444eb7d28906123
7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5

HTTP Headers

GET /success.txt?ipv4 HTTP/1.1
Host: detectportal.firefox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Tue, 04 Oct 2022 18:08:40 GMT
Age: 81864
Content-Type: text/plain
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
eabb7d9ffae717f7305d63c057755470
3b7f0baccfdbb8d9ffefa4a2215d4d6094be454a
ab48f17e54075e1ecf034278e82bcacd2e3689773186cc84fba9b79aac907294

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AB48F17E54075E1ECF034278E82BCACD2E3689773186CC84FBA9B79AAC907294"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12744
Expires: Wed, 05 Oct 2022 20:25:29 GMT
Date: Wed, 05 Oct 2022 16:53:05 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
08f810efc156198a6b11d2fc29f3085a
c938f92fc3173e5cb3725602f187f4b26cdba86d
d9230dfb0380145b6c68f4563395ea446a06dacd7effa999464d1075e462aaf3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D9230DFB0380145B6C68F4563395EA446A06DACD7EFFA999464D1075E462AAF3"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12911
Expires: Wed, 05 Oct 2022 20:28:16 GMT
Date: Wed, 05 Oct 2022 16:53:05 GMT
Connection: keep-alive

getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=NO&count=30

34.120.5.221

200 OK

44 kB

URL HTTP/2
getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=NO&count=30
IP
34.120.5.221:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size
44 kB (44232 bytes)
Hash
1c2c9011ed2929e993a8d8525110e2dc
1371cfe4c4784633171a5154592479e9ec36f592
eabb54d8fad99383c09b6447af9d5f1601cce43fd1d21c14bd9066d70dcb8bcc

HTTP Headers

GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=NO&count=30 HTTP/1.1
Host: getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
vary: Accept-Encoding
content-location: global-recs.php
tcn: choice
x-frame-options: SAMEORIGIN
status: 200 OK
x-source: Pocket
pragma: cache
p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE"
x-cache: Miss from cloudfront
x-amz-cf-pop: SEA73-P2
x-amz-cf-id: S4pAfVLGB9o3hIBrHyUmf9WSDtoUQaB58ooHNGNPBN_5FW0WkPLoHg==
content-encoding: gzip
via: 1.1 a8e5d5aeee6eacca5c379e5059b1f68c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 16:52:12 GMT
content-type: application/json
content-length: 44232
age: 53
cache-control: s-maxage=900,public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-06-30-19-51-38.chain

54.230.111.7

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-06-30-19-51-38.chain
IP
54.230.111.7:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
48ca0beea419a9039591cf1aee5179e0
9e92629f505fcc07aab51221e8fe62197a23e307
630a5f110337b4a4876aa85c21107d9e8f2550bcc60f023a4777d895b17399fd

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-06-30-19-51-38.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Wed, 11 May 2022 19:51:39 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 05 Oct 2022 04:16:08 GMT
etag: "48ca0beea419a9039591cf1aee5179e0"
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: C59M1gwsVSNlPlxP6du_XL7QqXwQ8z50BUi7la7sfym_jUZ3WDJfMg==
age: 48522
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/

54.230.111.35

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
54.230.111.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: nOz7bH6KrrZcbdR1UtarSzamyzs6XNEKXlFJp3zCY_TMaX1xtUsZVg==
Age: 3947

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 16:53:05 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

www.chatbro.com/images/no_connection.png

172.64.193.9

200 OK

1.6 kB

URL HTTP/2
www.chatbro.com/images/no_connection.png
IP
172.64.193.9:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 128 x 128, 8-bit colormap, non-interlaced\012- data
Size
1.6 kB (1614 bytes)
Hash
d5a40ac60610fe0573b63c4889b5dd63
e56b468930e949671397129e00b3e0815a1ac2c5
d026f555341e85649cd2edd6848b55b6cedfcca0c62bba5099e69b62ea713e40

HTTP Headers

GET /images/no_connection.png HTTP/1.1
Host: www.chatbro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://futbollibre.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 05 Oct 2022 16:53:06 GMT
content-type: image/png
content-length: 1614
last-modified: Tue, 30 Aug 2022 18:54:10 GMT
etag: "630e5cd2-64e"
expires: Wed, 05 Oct 2022 16:55:40 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 446
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zv0nlzpNeqmy32SRI3BgnX2BNjhZ1KdJa1fTj88cKR6E1fpDQ3RXa9%2BXELxiBBWdEhYSf8fqfs2wBWEQEB1QvKa724Itl7hHmUy4PRWFvzdtUpw8lsWmg%2FKh4eTLgwmEqiQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7557abedcb0e886e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.chatbro.com/images/chat_google_logo.png

172.64.193.9

200 OK

656 B

URL HTTP/2
www.chatbro.com/images/chat_google_logo.png
IP
172.64.193.9:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
656 B (656 bytes)
Hash
84e2bf2e06db3b9ef5f53e933cfaae30
6378efa7ccadfe5be02959f57ffa7c27b1da168a
7c1fc1f22827f0dabf3486fdc286f1c909e7acc4b5999365b9328c36c18d17d7

HTTP Headers

GET /images/chat_google_logo.png HTTP/1.1
Host: www.chatbro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://futbollibre.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 05 Oct 2022 16:53:06 GMT
content-type: image/png
content-length: 656
last-modified: Tue, 30 Aug 2022 18:54:10 GMT
etag: "630e5cd2-290"
expires: Wed, 05 Oct 2022 17:02:06 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 60
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nogY%2BYPcFxohM8yrqP1d57LYqhD0AmDmxQaGRF1vm2QS87grQnCg2bZQ%2BBvEOQAuYerSmP7E4ZRraqnymWM3JNW1ZM%2BjRHSoTHq4iMrV%2Bhh2UqJiRAmrAyJVDSKKOAjgpaU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7557abedcb18886e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.chatbro.com/fonts/chatbro.woff?10

172.64.193.9

200 OK

14 kB

URL HTTP/2
www.chatbro.com/fonts/chatbro.woff?10
IP
172.64.193.9:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format, CFF, length 14396, version 1.0\012- data
Size
14 kB (14396 bytes)
Hash
58980c138190f1f32bb04c5a9d6c4653
c2635b4ab6bd7464aa5e97f18c706911a6b24dfd
f74fcaf9c728521c218b7bf05a0bf7173b522e7769165c8f97fdf74734cf0907

HTTP Headers

GET /fonts/chatbro.woff?10 HTTP/1.1
Host: www.chatbro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://futbollibre.net
Connection: keep-alive
Referer: https://futbollibre.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 05 Oct 2022 16:53:06 GMT
content-type: application/font-woff
content-length: 14396
last-modified: Tue, 30 Aug 2022 18:54:10 GMT
etag: "630e5cd2-383c"
expires: Wed, 05 Oct 2022 16:59:50 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
age: 196
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=48gVVarkRR65s4tpJQAoJG2LT3xbCh%2BZuk8tp6nwxxAEhX1jUjoFxSZ5S6t2uO36rf6D7beSAw0JS4Sk9GN6%2F97XNbpuQnsenpbRR8x44xbumZ%2FPA1GD9K0uYz%2Bh%2BodDhvI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7557abedcc807427-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.chatbro.com/images/chat_facebook_logo.png

172.64.193.9

200 OK

329 B

URL HTTP/2
www.chatbro.com/images/chat_facebook_logo.png
IP
172.64.193.9:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
329 B (329 bytes)
Hash
62136bbb9342052c20579d384292b02f
321044fc8b20951d67e82f00aae6edd319faca5e
d813de68c702196d2eeaa7e2e5d55167638741533191d3e5038e329ac3f54940

HTTP Headers

GET /images/chat_facebook_logo.png HTTP/1.1
Host: www.chatbro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://futbollibre.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 05 Oct 2022 16:53:06 GMT
content-type: image/png
content-length: 329
last-modified: Tue, 30 Aug 2022 18:54:10 GMT
etag: "630e5cd2-149"
expires: Wed, 05 Oct 2022 17:02:05 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 61
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YIeufiBVRXQn3suqXIy72SsJVYllFkSS1hsVhtIXnFYn646rarLVtIn0WrHTA2OwBwgTb6ObFDagIOnLQ3WbGPQkKi891N9RR%2FyqIfLbveUE4b5JPROk5POjyK4%2B%2B7E6%2BF0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7557abeddb47886e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.chatbro.com/images/chat_vk_logo.png

172.64.193.9

200 OK

735 B

URL HTTP/2
www.chatbro.com/images/chat_vk_logo.png
IP
172.64.193.9:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
735 B (735 bytes)
Hash
124622ded412c2fde635c9338ce9fddc
71890a5762084a476f876b73edc694be433d0497
163a89e59b219649c013ead3230f372f0e7dca9c8ea0dc0463f991b671b14404

HTTP Headers

GET /images/chat_vk_logo.png HTTP/1.1
Host: www.chatbro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://futbollibre.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 05 Oct 2022 16:53:06 GMT
content-type: image/png
content-length: 735
last-modified: Tue, 30 Aug 2022 18:54:10 GMT
etag: "630e5cd2-2df"
expires: Wed, 05 Oct 2022 16:53:44 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 562
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XxsuVh%2BUtvVzgaAvIv38s8KDAK57UHe728dClJRUiR%2BJjIQOO322LdhJPgQAydb0LBI4gRLMbN9L69zSomvjfmeC6zeMELaOjXepx%2FBjOFXEadztqyFruyQlfgar8xg39WU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7557abeddb48886e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.chatbro.com/images/chat_telegram_logo.png

172.64.193.9

200 OK

777 B

URL HTTP/2
www.chatbro.com/images/chat_telegram_logo.png
IP
172.64.193.9:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
777 B (777 bytes)
Hash
38e9345467aa316aae5c14d634382ce9
ab3b2e385ad90ae3a9b672f6822f0bf20d885de8
a2f63f18bbbe390a7a2d93c0f42bd05c549d856969ccba17ee2f1fc734a77f51

HTTP Headers

GET /images/chat_telegram_logo.png HTTP/1.1
Host: www.chatbro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://futbollibre.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 05 Oct 2022 16:53:06 GMT
content-type: image/png
content-length: 777
last-modified: Tue, 30 Aug 2022 18:54:10 GMT
etag: "630e5cd2-309"
expires: Wed, 05 Oct 2022 16:59:04 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 241
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b5lyVQUNRbvomOYAQmDLx9GqiTxO7fZxWEZLC28eFoIVqNjuNuuuKspwLzeFvUdaggDiwvb682LdOwZxhzWXeI5l5qf8vaU%2BxaLbR4vtUVtI9YLfm1mKa4%2BFgSaT7gnbltg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7557abeddb42886e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

detectportal.firefox.com/success.txt?ipv4

34.107.221.82

200 OK

8 B

URL HTTP/1.1
detectportal.firefox.com/success.txt?ipv4
IP
34.107.221.82:0
ASN
#15169 GOOGLE

File type
ASCII text
Size
8 B (8 bytes)
Hash
ae780585f49b94ce1444eb7d28906123
7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5

HTTP Headers

GET /success.txt?ipv4 HTTP/1.1
Host: detectportal.firefox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Tue, 04 Oct 2022 18:08:40 GMT
Age: 81867
Content-Type: text/plain
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
97dff1445ba056121ac3e31f9d484ab7
f0187cfd5a7430d0a8d72f2cd05730e26a7241c5
4ec340cf47e72a29f66cd384b23c618e6d258356660b289bd614f95164edefb3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 16:53:07 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2022 05:22:28 GMT
Expires: Wed, 12 Oct 2022 05:22:27 GMT
Etag: "f0187cfd5a7430d0a8d72f2cd05730e26a7241c5"
Cache-Control: max-age=562760,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7557abedcf600afe-OSL

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

54.230.111.118

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
54.230.111.118:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Pragma, Content-Length, Backoff, Last-Modified, Cache-Control, Content-Type, Retry-After, ETag, Expires, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Wed, 05 Oct 2022 16:29:33 GMT
Expires: Wed, 05 Oct 2022 16:46:31 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: sQvvaRW9Ed6u_6bJZ8Anz_-ZTvhTlSAeuQSix1caaR0o1f57uxrSnw==
Age: 1414

lpgs.chatbro.com/g

172.64.193.9

200 OK

505 B

URL HTTP/2
lpgs.chatbro.com/g
IP
172.64.193.9:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
505 B (505 bytes)
Hash
984243208868f89759c5842152f6d937
09bb94e41755aa8b8f508c647a489bbacb68814a
64f30d4abab493b2ba3d93e2433d697eb6889562631fd10099841d00f7d9080e

HTTP Headers

POST /g HTTP/1.1
Host: lpgs.chatbro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 18
Origin: https://futbollibre.net
Connection: keep-alive
Referer: https://futbollibre.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 05 Oct 2022 16:53:06 GMT
content-type: text/plain;charset=utf-8
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://futbollibre.net
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J9lzUEfCHS9CK2%2B4NkwUTv00a0TQD8ywWG2%2FrM1ZwS7IT8klWvHbNyRk4JBbpggvtfBwHhM8rISzXyUn%2BhsfS3DU2j%2Bha%2BGeaVtSeZ5c%2BenocYnAp7Fn0sN5IqHKsnTmBCiG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7557abeddb4c886e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b0e8a79f3e381ab34a44278947ac7c7e
70d01e6fdc8565c661b6ae8c5a043ddf2da16530
885a8c234fca85e6f6bb3e8fcab6672b9a9742b5d3f74681b17a330fa295d549

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 16:53:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
1561c6be7c89d1357a80d12de47b6e74
9a705277922ecca583c867af58b3efce099f83bd
e33dc034dbf4b3b627cd3c1af2d942e2ca5704ec9a4aad5c46ad39eb070e82ab

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4758
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 16:53:07 GMT
Last-Modified: Wed, 05 Oct 2022 15:33:49 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c35dd04b85c6fcd3d5cbf472471f9be5
9d6a323dcea61ba4c3e5fbd25f2c41c58b2461e0
38158e58862e13b517d3667e452105634a7938f2d429ae38258b27569dedc394

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "38158E58862E13B517D3667E452105634A7938F2D429AE38258B27569DEDC394"
Last-Modified: Wed, 05 Oct 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16623
Expires: Wed, 05 Oct 2022 21:30:10 GMT
Date: Wed, 05 Oct 2022 16:53:07 GMT
Connection: keep-alive

ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js

142.250.74.42

200 OK

35 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
IP
142.250.74.42:0
ASN
#15169 GOOGLE

File type
data
Size
35 kB (35017 bytes)
Hash
0f39d87b4bbce2d140fe3531db48ee6d
62607be6b06cff201e8c0864662a253160d68235
7a268050a453bb68b8c74f23b103d2193de0f99617a621f7160a12e683b5ca1f

HTTP Headers

GET /ajax/libs/jquery/1.7.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://futbollibre.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33333
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 13:11:40 GMT
expires: Tue, 03 Oct 2023 13:11:40 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 186087
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b0e8a79f3e381ab34a44278947ac7c7e
70d01e6fdc8565c661b6ae8c5a043ddf2da16530
885a8c234fca85e6f6bb3e8fcab6672b9a9742b5d3f74681b17a330fa295d549

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 16:53:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

buttons-config.sharethis.com/js/5ab9c9531fff98001395a59a.js

54.230.111.11

200 OK

492 B

URL HTTP/2
buttons-config.sharethis.com/js/5ab9c9531fff98001395a59a.js
IP
54.230.111.11:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (492), with no line terminators
Size
492 B (492 bytes)
Hash
f724fa1a4d1150940280592957442aac
254b6495924f5e46bc68da8e995d354a1135e3b2
185eb9e30f94e66607b671f6ab6a09e4ef62b0a35d4303bd59ac0b25dc356646

HTTP Headers

GET /js/5ab9c9531fff98001395a59a.js HTTP/1.1
Host: buttons-config.sharethis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://futbollibre.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/javascript
content-length: 492
last-modified: Tue, 27 Mar 2018 04:32:21 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 05 Oct 2022 16:52:33 GMT
cache-control: max-age=60,public
etag: "f724fa1a4d1150940280592957442aac"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: LPv91KoedJsEEGkHRvUNQaA77tl6qh_dZnAns_qAmTRfLAiL5Ou44g==
age: 48
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2

35.163.90.214

200 OK

27 kB

URL HTTP/1.1
shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2
IP
35.163.90.214:0
ASN
#16509 AMAZON-02

File type
data
Size
27 kB (26805 bytes)
Hash
c6bdf2027035c5963bbe660482943678
767dd312781d96fe05bfaa6d831eadb79767f26b
e99e342473acc5dd736dde3347d6bb28888b5f0c7939e96d8e2e7b5599af36a6

HTTP Headers

POST /downloads?client=Firefox&appver=96.0a&pver=2.2 HTTP/1.1
Host: shavar.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 773
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/octet-stream
Date: Wed, 05 Oct 2022 16:53:07 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 8
Connection: Close

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
97dff1445ba056121ac3e31f9d484ab7
f0187cfd5a7430d0a8d72f2cd05730e26a7241c5
4ec340cf47e72a29f66cd384b23c618e6d258356660b289bd614f95164edefb3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 16:53:07 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2022 05:22:28 GMT
Expires: Wed, 12 Oct 2022 05:22:27 GMT
Etag: "f0187cfd5a7430d0a8d72f2cd05730e26a7241c5"
Cache-Control: max-age=562759,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7557abf07a8b0afe-OSL

push.services.mozilla.com/

35.164.146.235

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.164.146.235:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Z4cbssxR9UDGnL3DsiD+gQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: udrKcHIV9fu1FX3ETRgSbHSdjC0=

muchmiller.com/46/ca/b0/46cab0482d679d4b3993fdf8e8be6238.js

192.243.59.13

200 OK

20 kB

URL HTTP/1.1
muchmiller.com/46/ca/b0/46cab0482d679d4b3993fdf8e8be6238.js
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with very long lines (59406), with no line terminators
Size
20 kB (20349 bytes)
Hash
ba6b8975da8baa8f81c365790bd2b35b
e93cfc82086faca8457102c907c2f30743ee73d4
05cb83ecd53788d60f63e9bb81aa002e0af62744938a1b5b7ced3552db26856f

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /46/ca/b0/46cab0482d679d4b3993fdf8e8be6238.js HTTP/1.1
Host: muchmiller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://futbollibre.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 05 Oct 2022 16:53:07 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: dfb55743f03180051da6e1d5a49817ef
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

platform-cdn.sharethis.com/img/facebook.svg

54.230.111.128

200 OK

301 B

URL HTTP/2
platform-cdn.sharethis.com/img/facebook.svg
IP
54.230.111.128:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- , ASCII text
Size
301 B (301 bytes)
Hash
c6e9be45643e197ce1db1d7e24a99adc
d7338e398bb0f7a9082d24f121140d2cf9e88859
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307

HTTP Headers

GET /img/facebook.svg HTTP/1.1
Host: platform-cdn.sharethis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://futbollibre.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 301
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Sun, 02 Oct 2022 05:08:41 GMT
cache-control: public, max-age=2592000
etag: "c6e9be45643e197ce1db1d7e24a99adc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fadvr6Jm30CTACNoiqlemYCaNE_rfmLtxYZaOjfUu1flMYNz8u5sCA==
age: 301467
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

platform-cdn.sharethis.com/img/whatsapp.svg

54.230.111.128

200 OK

832 B

URL HTTP/2
platform-cdn.sharethis.com/img/whatsapp.svg
IP
54.230.111.128:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (676)
Size
832 B (832 bytes)
Hash
afe7fc60ed757db39a88d2950fce69c9
e120b53e856848419275723e24a539359cf41b4a
847eb36b4dc4b05f94052dcd98077319e74d882334a106bb9ca451ba211c9c2c

HTTP Headers

GET /img/whatsapp.svg HTTP/1.1
Host: platform-cdn.sharethis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://futbollibre.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 832
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Tue, 13 Sep 2022 22:10:43 GMT
cache-control: public, max-age=2592000
etag: "afe7fc60ed757db39a88d2950fce69c9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 1XtlmTRQ_FLNK07-4rvMh4k3R7WjQBw9oGELr7Nt6dUOcCVtYYTOdQ==
age: 1881745
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

54.230.245.110

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.110:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
1bda18ec970a586084b6539a9d6caf12
bfb8c1d5780107ba4aae9848306861cf2bbfa958
efa9b20c1b544eabd7eec7322fd8427e32b7e3a9f4e4d386ff4c111661404450

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 05 Oct 2022 16:53:07 GMT
Last-Modified: Wed, 05 Oct 2022 15:43:43 GMT
Server: ECS (nyb/1D27)
X-Cache: Miss from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: wk40Sy0C3PaPUq8e8yn0tMsokqRU6jjGR-Mv7TDA4dctsXTTMubF-A==
Age: 4164

platform-cdn.sharethis.com/img/sharethis.svg

54.230.111.128

200 OK

514 B

URL HTTP/2
platform-cdn.sharethis.com/img/sharethis.svg
IP
54.230.111.128:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (358)
Size
514 B (514 bytes)
Hash
deecdaa377907db5cc1722fc831670a1
4e39e0fd5742cc1460e24620df4a360abb71290e
9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99

HTTP Headers

GET /img/sharethis.svg HTTP/1.1
Host: platform-cdn.sharethis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://futbollibre.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 514
date: Fri, 09 Sep 2022 00:38:14 GMT
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
etag: "deecdaa377907db5cc1722fc831670a1"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=2592000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: hGgYPM79eZ8RduYNiVpGdVYGAyoWQfqD3_MqfBMR91qCuPBEBG7LbA==
age: 2304894
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

count-server.sharethis.com/v2.0/get_counts?cb=window.__sharethis__.cb&url=https%3A%2F%2Ffutbollibre.net%2Finicio%2F

54.230.111.84

200 OK

727 B

URL HTTP/2
count-server.sharethis.com/v2.0/get_counts?cb=window.__sharethis__.cb&url=https%3A%2F%2Ffutbollibre.net%2Finicio%2F
IP
54.230.111.84:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (727), with no line terminators
Size
727 B (727 bytes)
Hash
3d0896e2c5d1c8573f643f1b725b650c
e401d54aeb2046bfcf6a01180678e6e81f3dd2d9
37f97ecaa1f1d66905e532d21abd3f29016a9c36a6a77d25c9fc9d5fb0a929a7

HTTP Headers

GET /v2.0/get_counts?cb=window.__sharethis__.cb&url=https%3A%2F%2Ffutbollibre.net%2Finicio%2F HTTP/1.1
Host: count-server.sharethis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://futbollibre.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/javascript
content-length: 727
date: Wed, 05 Oct 2022 07:14:01 GMT
cache-control: public, max-age=86400
etag: 3d0896e2c5d1c8573f643f1b725b650c
apigw-requestid: ZhQ9AjqLoAMEShw=
x-cache: Hit from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: SJqAHvEywUuzzxzdLUD2Q5VMtIn4U47Lvr__dhfv-zp6WZ3ERga0Zg==
age: 34746
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

platform-cdn.sharethis.com/img/twitter.svg

54.230.111.128

200 OK

731 B

URL HTTP/2
platform-cdn.sharethis.com/img/twitter.svg
IP
54.230.111.128:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (575)
Size
731 B (731 bytes)
Hash
0af2fb38987598376c99e21af17ade45
bfbdfd0b1a2dcef714e347928bd11b8410dc7ca2
7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f

HTTP Headers

GET /img/twitter.svg HTTP/1.1
Host: platform-cdn.sharethis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://futbollibre.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 731
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Sat, 17 Sep 2022 01:05:31 GMT
cache-control: public, max-age=2592000
etag: "0af2fb38987598376c99e21af17ade45"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7NPXfgPK0V62_Rtg2lz8bkdq7jBNNOtGjtXID9jhP8mIE7sWh28RdA==
age: 1612057
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

l.sharethis.com/pview?event=pview&hostname=futbollibre.net&location=%2Finicio%2F&product=inline-share-buttons&url=https%3A%2F%2Ffutbollibre.net%2Finicio%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=F%C3%BAtbol%20Libre%20TV%20-%20Ver%20todos%20los%20partidos%20de%20f%C3%BAtbol%20en%20VIVO&cms=unknown&publisher=5ab9c9531fff98001395a59a&sop=true&version=st_sop.js&lang=en&description=Todo%20el%20f%C3%BAtbol%20Argentino%20e%20Internacional%20solo%20por%20F%C3%BAtbol%20Libre.%20Superliga%2C%20Copa%20Libertadores%20y%20Sudamericana%20y%20cientos%20de%20canales%20deportivos.

52.28.252.98

204 No Content

0 B

URL HTTP/1.1
l.sharethis.com/pview?event=pview&hostname=futbollibre.net&location=%2Finicio%2F&product=inline-share-buttons&url=https%3A%2F%2Ffutbollibre.net%2Finicio%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=F%C3%BAtbol%20Libre%20TV%20-%20Ver%20todos%20los%20partidos%20de%20f%C3%BAtbol%20en%20VIVO&cms=unknown&publisher=5ab9c9531fff98001395a59a&sop=true&version=st_sop.js&lang=en&description=Todo%20el%20f%C3%BAtbol%20Argentino%20e%20Internacional%20solo%20por%20F%C3%BAtbol%20Libre.%20Superliga%2C%20Copa%20Libertadores%20y%20Sudamericana%20y%20cientos%20de%20canales%20deportivos.
IP
52.28.252.98:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pview?event=pview&hostname=futbollibre.net&location=%2Finicio%2F&product=inline-share-buttons&url=https%3A%2F%2Ffutbollibre.net%2Finicio%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=F%C3%BAtbol%20Libre%20TV%20-%20Ver%20todos%20los%20partidos%20de%20f%C3%BAtbol%20en%20VIVO&cms=unknown&publisher=5ab9c9531fff98001395a59a&sop=true&version=st_sop.js&lang=en&description=Todo%20el%20f%C3%BAtbol%20Argentino%20e%20Internacional%20solo%20por%20F%C3%BAtbol%20Libre.%20Superliga%2C%20Copa%20Libertadores%20y%20Sudamericana%20y%20cientos%20de%20canales%20deportivos. HTTP/1.1
Host: l.sharethis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://futbollibre.net
Connection: keep-alive
Referer: https://futbollibre.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 204 No Content
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: https://futbollibre.net
Access-Control-Expose-Headers: stid
Access-Control-Max-Age: 1728000
Cache-Control: no-cache, no-store, must-revalidate
Date: Wed, 05 Oct 2022 16:53:07 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive

e1.o.lencr.org/

23.36.77.32

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
61e5079a0e6812f78348c7a622279320
5295836d509d9eaee1c31bd129d08b65d0860a89
ff528b3e3551facb4aaf40f7c4befd70da4e707d5aed4bc9b49ca7905791f14d

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "FF528B3E3551FACB4AAF40F7C4BEFD70DA4E707D5AED4BC9B49CA7905791F14D"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13040
Expires: Wed, 05 Oct 2022 20:30:27 GMT
Date: Wed, 05 Oct 2022 16:53:07 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221664984949798%22

54.230.111.118

200 OK

4.7 kB

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221664984949798%22
IP
54.230.111.118:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (22383), with no line terminators
Size
4.7 kB (4732 bytes)
Hash
78078b55f269cf87e2427894ec3a97ac
574c34b74f22b2988848e51e90c066915f62cb63
79f9088cbc518f340892fe87c53b5e44e46ed37a3159a7d84a50fd559f93e7ac

HTTP Headers

GET /v1/buckets/monitor/collections/changes/changeset?_expected=%221664984949798%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Wed, 05 Oct 2022 15:49:09 GMT
X-Content-Type-Options: nosniff
Content-Encoding: br
Date: Wed, 05 Oct 2022 16:51:57 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Wed, 05 Oct 2022 16:51:57 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: RgtuSVNLenFHJ6V7ky9AAtldk5S9B8ETKM3tmIHbj9U96aReqgiKzA==
Age: 70

firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1664843841165&_since=%221653914271178%22

54.230.111.118

200 OK

13 kB

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1664843841165&_since=%221653914271178%22
IP
54.230.111.118:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size
13 kB (12694 bytes)
Hash
5cf185631def1f6c6cdc07f71b5bb09b
e77a3cb34d90c0b0e3a14ecec13022ccc338bdd8
47c0dd6c5fc10426222d636044456fa1a459f5a2a1e368e934c0202ab0593a4d

HTTP Headers

GET /v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1664843841165&_since=%221653914271178%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Tue, 04 Oct 2022 00:37:21 GMT
X-Content-Type-Options: nosniff
Content-Encoding: br
Date: Wed, 05 Oct 2022 16:52:13 GMT
Cache-Control: max-age=3600
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: fWQPZ354z4Z8nuoN0BX-HPEOebBcb_0CVgv5JJeaHaD2rZ_2Ez0iFQ==
Age: 394

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

54.230.111.7

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
54.230.111.7:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 05 Oct 2022 04:02:33 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: tIS5bmvdN5tT8CehtBRZwOwkNbBDMPjI3R78-K954cYUIj3M2h-GoA==
age: 46235
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

54.230.245.110

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.110:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
b2f846c37619c646c6164f4293aa696a
7f57a0e1eb799abad4d8f7dba2e023100de527e3
3823148e60eda2c18f8b59150fc70e9eb8a6afbd59f0b590a020c4a4ab53a6fc

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 05 Oct 2022 16:53:07 GMT
Last-Modified: Wed, 05 Oct 2022 15:07:36 GMT
Server: ECS (nyb/1D11)
X-Cache: Miss from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: GK4Z5Qq_hXNuyHoqrlJ1NaxXQwiWoyc-CczKwxmDfhHlgZXAk-cvNw==
Age: 6331

simplewebanalysis.com/stats

52.29.95.124

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
52.29.95.124:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
852216ba0fbc4c525557194d6c1cc1fa
af1824f9fe9876f06696d15ce749ef9ada857e51
b4386e2f638afbc909f4f3ececc10ca50d200a55abe957822ba3017001155f21

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://futbollibre.net
Connection: keep-alive
Referer: https://futbollibre.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 05 Oct 2022 16:53:07 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://futbollibre.net
access-control-allow-credentials: true
set-cookie: uid_id2=ffc13dc1-dcab-49cb-be4a-e21689cd8d08:3:1; expires=Sat, 02 Oct 2032 16:53:07 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/

54.230.111.118

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
54.230.111.118:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: WDHqCC6sRCUngRcNA9dTJM9SwjBOliB8p19_MpD2tw6M2oDXY-mWEQ==
Age: 3949

ws.chatbro.com/ws?chatId=1457113&clientId=0.18086268263718663

172.64.193.9

101 Switching Protocols

0 B

URL HTTP/1.1
ws.chatbro.com/ws?chatId=1457113&clientId=0.18086268263718663
IP
172.64.193.9:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ws?chatId=1457113&clientId=0.18086268263718663 HTTP/1.1
Host: ws.chatbro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://futbollibre.net
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: NpfEy7rpCEROYYv7Z7idsg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Date: Wed, 05 Oct 2022 16:53:07 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: pY1W0PVOMJC/wToMtirZXRwF/7g=
Sec-WebSocket-Extensions: permessage-deflate; client_no_context_takeover
Sec-WebSocket-Version: 13
WebSocket-Server: uWebSockets
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DYNK9sOeqtAMf1Nl13ZRfz3zfNdTzHtmxOIiJISZKR7YrwwQd6WpfvYeHNeVw6An0KRnqu98aAF%2BGgFRrm0iDLDBpdHIwVpVVnPde83HlNnYOLY9IWQiePZSy5pdFqvxDw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7557abf09f348926-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

firefox-settings-attachments.cdn.mozilla.net/staging/addons-bloomfilters/67600448-6fc2-4f40-bd4a-8687d731734f.bin

54.230.111.80

200 OK

796 kB

URL HTTP/1.1
firefox-settings-attachments.cdn.mozilla.net/staging/addons-bloomfilters/67600448-6fc2-4f40-bd4a-8687d731734f.bin
IP
54.230.111.80:0
ASN
#16509 AMAZON-02

File type
data
Size
796 kB (795699 bytes)
Hash
9b95765b0e26af76116a95a966d61354
3f7c1b40fc999b83f3696f455402e49ab484b027
34f969c8e082310785ec4262e2d5b58c919d4de856ffc64b3467507f83ac9571

HTTP Headers

GET /staging/addons-bloomfilters/67600448-6fc2-4f40-bd4a-8687d731734f.bin HTTP/1.1
Host: firefox-settings-attachments.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/octet-stream
Content-Length: 795699
Connection: keep-alive
Last-Modified: Mon, 27 Jun 2022 12:39:11 GMT
x-amz-version-id: 9np1boOrxtHVWzMczpbX1a.N_ewQWHDF
Accept-Ranges: bytes
Server: AmazonS3
Date: Wed, 05 Oct 2022 01:05:45 GMT
ETag: "9b95765b0e26af76116a95a966d61354"
X-Cache: Hit from cloudfront
Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: IlcM1RH5D0mA_nEbNxIZhqH0Vy0Xz_b27ZzIDMcOgo8S9w98PJXgnQ==
Age: 56956

e1.o.lencr.org/

23.36.77.32

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
61e5079a0e6812f78348c7a622279320
5295836d509d9eaee1c31bd129d08b65d0860a89
ff528b3e3551facb4aaf40f7c4befd70da4e707d5aed4bc9b49ca7905791f14d

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "FF528B3E3551FACB4AAF40F7C4BEFD70DA4E707D5AED4BC9B49CA7905791F14D"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13040
Expires: Wed, 05 Oct 2022 20:30:27 GMT
Date: Wed, 05 Oct 2022 16:53:07 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1664953648466&_since=%221654636467710%22

54.230.111.118

200 OK

4.7 kB

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1664953648466&_since=%221654636467710%22
IP
54.230.111.118:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (31858), with no line terminators
Size
4.7 kB (4670 bytes)
Hash
6f94e66c61550a825aa7abf4faa0dda1
3ca0d7797b5d2ae39c2ffc0216a50437bf394e5d
f1a218705fd50bb9cfca12526bdfb2cd72411512c24adb0719b0c5e52cf49e28

HTTP Headers

GET /v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1664953648466&_since=%221654636467710%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Wed, 05 Oct 2022 07:07:28 GMT
X-Content-Type-Options: nosniff
Content-Encoding: br
Date: Wed, 05 Oct 2022 16:38:16 GMT
Cache-Control: max-age=3600
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: gkmM43Zy0HVxVswYqJeVMtbR9KmkO-RefY9Zq9TZlrYSEUSKKI6tvQ==
Age: 2396

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

54.230.111.7

304 Not Modified

0 B

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
54.230.111.7:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Fri, 30 Sep 2022 18:50:55 GMT
If-None-Match: "67d5a988edcda47bc3b3b3f65d32b4b6"
TE: trailers

HTTP/2 304 Not Modified
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
content-disposition: attachment
server: AmazonS3
date: Wed, 05 Oct 2022 04:02:33 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3okkyrN6vECDjjo7ZXu206zBOaow5t1jKDVMmXINZK1irecVMmG1oA==
age: 46235
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1664908583433&_since=%221654732864402%22

54.230.111.118

200 OK

12 kB

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1664908583433&_since=%221654732864402%22
IP
54.230.111.118:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (58917), with no line terminators
Size
12 kB (12277 bytes)
Hash
d52e85d5b06c5db6e47dd307653c1dba
319be136232bd13afa3831757e2641178b48b77b
580f9d9f843cd3d569ccce2a1fcbd6e89ed53b8c7749cb0fa368b5dd13746c4a

HTTP Headers

GET /v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1664908583433&_since=%221654732864402%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Tue, 04 Oct 2022 18:36:23 GMT
X-Content-Type-Options: nosniff
Content-Encoding: br
Date: Wed, 05 Oct 2022 16:38:17 GMT
Cache-Control: max-age=3600
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: TIA8aJYtnTbGilXpB49mSKIqsOysgWhvsmO6VdQ_4pX6LdAaMbTGLQ==
Age: 3158

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

54.230.111.7

304 Not Modified

0 B

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
54.230.111.7:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Fri, 30 Sep 2022 18:50:55 GMT
If-None-Match: "67d5a988edcda47bc3b3b3f65d32b4b6"
TE: trailers

HTTP/2 304 Not Modified
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
content-disposition: attachment
server: AmazonS3
date: Wed, 05 Oct 2022 04:02:33 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Cm0NRUc6GM4Oo9mxQEf_I80gA36Snufr3BZ7I1pQvpctiiME_iM_DA==
age: 46236
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0f7e30750f0d3782e0b4ac91b8805e7e
b4844a2cf79fde289419e93bf849e9dbfbdf3a04
68558dc1fecb241726ff5aba02ebce492cafd03b098c1be8ca28b826112aba06

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "68558DC1FECB241726FF5ABA02EBCE492CAFD03B098C1BE8CA28B826112ABA06"
Last-Modified: Tue, 04 Oct 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20867
Expires: Wed, 05 Oct 2022 22:40:55 GMT
Date: Wed, 05 Oct 2022 16:53:08 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258

54.230.111.118

200 OK

682 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258
IP
54.230.111.118:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (682), with no line terminators
Size
682 B (682 bytes)
Hash
2cf4438c61861d28e0f309366d09a530
f371c6c6cdafc75af9ab2df59a7f293c94e988da
6fd07a9b7155edc63c67a9bc41e7ea569807601c21a6d9635f488162873c4933

HTTP Headers

GET /v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 682
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Tue, 04 Oct 2022 16:36:55 GMT
X-Content-Type-Options: nosniff
Cache-Control: no-cache, no-store, max-age=3600
Date: Wed, 05 Oct 2022 16:46:13 GMT
ETag: "1664901415997"
X-Cache: Hit from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Q6KDxP5zAEvpaEcVaGn4XPuAtLxckIY3U8TH4zZ-I9173AxIXaDexw==
Age: 415

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

54.230.111.7

304 Not Modified

0 B

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
54.230.111.7:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Fri, 30 Sep 2022 18:50:55 GMT
If-None-Match: "67d5a988edcda47bc3b3b3f65d32b4b6"
TE: trailers

HTTP/2 304 Not Modified
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
content-disposition: attachment
server: AmazonS3
date: Wed, 05 Oct 2022 04:02:33 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: FS9SkUh7ua0Z8Aom4cZQhG0-3_rVu35AeqgKiXc96B0Cvj4QtQ2lVg==
age: 46236
X-Firefox-Spdy: h2

prawnsimply.com/97/38/a3/9738a343b207c9bd51f72da77988779d.js

173.233.137.44

200 OK

13 kB

URL HTTP/1.1
prawnsimply.com/97/38/a3/9738a343b207c9bd51f72da77988779d.js
IP
173.233.137.44:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with very long lines (37156), with no line terminators
Size
13 kB (13417 bytes)
Hash
ea2a86617f4806020b35068272f79cc1
97f2bc7849a6a2115f16d53cd9e3c051c8145b38
54559bf739c927d5702a78fed933b8b3338ea288e45c07c0f956e87f6da4f37f

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /97/38/a3/9738a343b207c9bd51f72da77988779d.js HTTP/1.1
Host: prawnsimply.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://futbollibre.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 05 Oct 2022 16:53:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ddc0f019264da8a7b95d4964d7715362
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

prawnsimply.com/pixel/purst?dl=0&th=0&sc=0&rs=2131&rd=2131&fd=1017&bv=22.8.v.1&tmpl=70

173.233.137.44

200 OK

0 B

URL HTTP/1.1
prawnsimply.com/pixel/purst?dl=0&th=0&sc=0&rs=2131&rd=2131&fd=1017&bv=22.8.v.1&tmpl=70
IP
173.233.137.44:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=2131&rd=2131&fd=1017&bv=22.8.v.1&tmpl=70 HTTP/1.1
Host: prawnsimply.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://futbollibre.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 05 Oct 2022 16:53:08 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1656585893704&_since=%221649762862679%22

54.230.111.118

200 OK

959 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1656585893704&_since=%221649762862679%22
IP
54.230.111.118:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (1709), with no line terminators
Size
959 B (959 bytes)
Hash
d68cb9cd07d27d0593a1e9708cb6aa63
7c549c87461cc734b0edd45de85614ae567e7b7c
30dcd3093be9cc38ba12010d7e925f20c989a0e2962c52d9aec6e9acfa2736a6

HTTP Headers

GET /v1/buckets/main/collections/query-stripping/changeset?_expected=1656585893704&_since=%221649762862679%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Thu, 30 Jun 2022 10:44:53 GMT
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Wed, 05 Oct 2022 16:34:34 GMT
Cache-Control: max-age=3600
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: s39i5GWFPcYzOzMGcYgw-yuIEeU_CHTr9GCkvyyiwfiDbqHuO8eT-g==
Age: 1149

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

54.230.111.7

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
54.230.111.7:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 05 Oct 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0-VQWnRN39YwMk6a7MoT2i1Z3rHz0KcjtjIsujc-dA-KSaGDSt8VkA==
age: 41081
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1657747510534&_since=%221654266643527%22

54.230.111.118

200 OK

1.0 kB

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1657747510534&_since=%221654266643527%22
IP
54.230.111.118:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (2194), with no line terminators
Size
1.0 kB (1009 bytes)
Hash
724bbf0bfaba9a725274e8a594cf420b
d7e187e558c0ad886a8eade39a79f7aae0eadb20
41ce2c16cf3dcc886429392702ea944492e457e7d82b8b33d77c7a32c918549d

HTTP Headers

GET /v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1657747510534&_since=%221654266643527%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Wed, 13 Jul 2022 21:25:10 GMT
X-Content-Type-Options: nosniff
Content-Encoding: br
Date: Wed, 05 Oct 2022 16:42:01 GMT
Cache-Control: max-age=3600
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: FHQopMTrjzobbPmo3QReO-rTc7y_xZvQZB_Merz6ggXL8fGttcRNRg==
Age: 697

firefox.settings.services.mozilla.com/v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1662044085942&_since=%221622732735407%22

54.230.111.118

200 OK

5.5 kB

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1662044085942&_since=%221622732735407%22
IP
54.230.111.118:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (20424), with no line terminators
Size
5.5 kB (5467 bytes)
Hash
30902c39c0a08d0b02cdc585712e0eab
c156d8644c37bfaf2fab6e991936d6d075a083fd
4c9dc930ca4e3c5c61d6303ffe506fa3d7ddf7dc5a1c4c8c49db619200b5b13f

HTTP Headers

GET /v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1662044085942&_since=%221622732735407%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Thu, 01 Sep 2022 14:54:45 GMT
X-Content-Type-Options: nosniff
Content-Encoding: br
Date: Wed, 05 Oct 2022 16:37:46 GMT
Cache-Control: max-age=3600
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: yC_4Vd8PSgTzC1BX88p6bc5DbvKiuryDSHlJsSCR4mJO-i0tjXBsuQ==
Age: 1004

widgets.amung.us/draw/?w=colored&n=6786&c=000000ffffff&p=left

104.22.75.171

200 OK

2.4 kB

URL HTTP/2
widgets.amung.us/draw/?w=colored&n=6786&c=000000ffffff&p=left
IP
104.22.75.171:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 81 x 29, 8-bit colormap, non-interlaced\012- data
Size
2.4 kB (2360 bytes)
Hash
b38914330489ee58d7e38484386ff688
3ed272b258b8a8b4dda7e4f9d8b47c083f621d34
4891eace1c73a4f3ee94fce514d2bff83361fd0d87ee03276c0d45afd9fb2922

HTTP Headers

GET /draw/?w=colored&n=6786&c=000000ffffff&p=left HTTP/1.1
Host: widgets.amung.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://futbollibre.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 05 Oct 2022 16:53:08 GMT
content-type: image/png
content-disposition: filename=wau-widget.png
expires: Thu, 06 Oct 2022 16:53:08 GMT
cache-control: max-age=2678400
access-control-allow-origin: *
cf-cache-status: MISS
last-modified: Wed, 05 Oct 2022 16:53:08 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 7557abf56c3f95e4-ARN
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/websites-with-shared-credential-backends/changeset?_expected=1659924446436&_since=%221650898092205%22

54.230.111.118

200 OK

3.3 kB

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/websites-with-shared-credential-backends/changeset?_expected=1659924446436&_since=%221650898092205%22
IP
54.230.111.118:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (8682), with no line terminators
Size
3.3 kB (3280 bytes)
Hash
43ca54322d55fb59979cb10bc0b30a3e
e2c56532fbe8201e4e9e25ac1a1926e2de00fdb5
75f3f51896ab455cc6462a4010bfb3653bf01c4239dbbd92bb9a814267accad6

HTTP Headers

GET /v1/buckets/main/collections/websites-with-shared-credential-backends/changeset?_expected=1659924446436&_since=%221650898092205%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=2592000
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 28 Sep 2022 05:47:53 GMT
Last-Modified: Mon, 08 Aug 2022 02:07:26 GMT
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: XI26D7iLsxKagwgPjut1gYoHSnTJbWx6JOtti1-oLv5oe8xVl4SoGg==
Age: 644715

firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config/changeset?_expected=1661199949574&_since=%221648132005528%22

54.230.111.118

200 OK

3.4 kB

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config/changeset?_expected=1661199949574&_since=%221648132005528%22
IP
54.230.111.118:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (14029), with no line terminators
Size
3.4 kB (3400 bytes)
Hash
31a09ffd3e462249ec4dcf30df0a695f
5ceb9cff258e7f7eddd82fe96bc531c0105ce4ec
bdaee24926767e3d7a2b49fedbd4a0a21a05955da148ec41e8de573446abd166

HTTP Headers

GET /v1/buckets/main/collections/search-config/changeset?_expected=1661199949574&_since=%221648132005528%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Mon, 22 Aug 2022 20:25:49 GMT
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Cache-Control: max-age=259200
Date: Tue, 04 Oct 2022 05:43:00 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 1R1cmHcI1EKSALcrkIcjOC7Q1u3KoSGA4AvSA_gh-RH797IzuWwVUQ==
Age: 126608

firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1659547595259&_since=%221653578606314%22

54.230.111.118

200 OK

1.5 kB

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1659547595259&_since=%221653578606314%22
IP
54.230.111.118:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (3678), with no line terminators
Size
1.5 kB (1543 bytes)
Hash
b04cf0ed51c313e015c9a38d708ab85c
6349138561e746bf58aadeeec521a0887fe368c9
cb3369616c55267e326d97a82ad86e4d5574967e4a843e8d21a6b0eb6e3e3346

HTTP Headers

GET /v1/buckets/main/collections/cfr/changeset?_expected=1659547595259&_since=%221653578606314%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Wed, 03 Aug 2022 17:26:35 GMT
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Wed, 05 Oct 2022 16:35:09 GMT
Cache-Control: max-age=3600
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: rIz11igXszorjrBIIscw8Chc3CudhN-6C_JnY9S4wo2ZBTivM9SZdA==
Age: 1153

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4590
Expires: Wed, 05 Oct 2022 18:09:38 GMT
Date: Wed, 05 Oct 2022 16:53:08 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4589
Expires: Wed, 05 Oct 2022 18:09:38 GMT
Date: Wed, 05 Oct 2022 16:53:09 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4589
Expires: Wed, 05 Oct 2022 18:09:38 GMT
Date: Wed, 05 Oct 2022 16:53:09 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4589
Expires: Wed, 05 Oct 2022 18:09:38 GMT
Date: Wed, 05 Oct 2022 16:53:09 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4589
Expires: Wed, 05 Oct 2022 18:09:38 GMT
Date: Wed, 05 Oct 2022 16:53:09 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb178720-854c-4c9e-85c1-58cb5419ca69.jpeg

34.120.237.76

200 OK

3.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb178720-854c-4c9e-85c1-58cb5419ca69.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
data
Size
3.8 kB (3813 bytes)
Hash
03c3bfceb98a5390785168d9b87a233e
2a124f919dd1e3e738977181332883b00035bb18
13626b9be8d2bc3ef1d4632fe9d035932f08ead82e23966eb563c34c02243b58

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb178720-854c-4c9e-85c1-58cb5419ca69.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3585
x-amzn-requestid: 43c510d4-d87c-4665-a132-d798b836d415
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZaJbLHEOoAMFfxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a55e0-614faff31425ff183b7ca4dd;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 03:24:16 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: d1LCc44Gj_0Je8adu7Iv3I9MwkaDPgWqlNHI96UAtZub22l210J65A==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 04:53:07 GMT
age: 43202
etag: "612b6dbd4ba895c167964ff7e6d9263013b52b0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

addresseepaper.com/sfp.js

172.64.193.5

200 OK

36 kB

URL HTTP/2
addresseepaper.com/sfp.js
IP
172.64.193.5:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
36 kB (35935 bytes)
Hash
92cf18e329f49f0b801a7f3cf11a2020
9d5b9337638ac2e5c8e13bccd34256d87352fcb6
7755d8363a94e5f9f557c98736be5f002ab6c3cf474d8592e6887d7b0529fb1e

HTTP Headers

GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://futbollibre.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 05 Oct 2022 16:53:07 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: e4f569bd41b205c69d6c2baba369cb0e
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Wed, 05 Oct 2022 16:53:07 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uwj7jMr7KSZsPUlpmYnFdavQeM88akYQq20n6fgggYuc%2BFP7PKQ6KbFMMBZ0K%2FrOpHZqhS4xZ6WEZ3Qwd3UFAA%2FO6nsZMHtkVyh7HIKd5VAFXqni5xjfZ%2F9czPj8DqKo18WmR9I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7557abf33bf5885f-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

acscdn.com/script/suv4.js

104.21.82.12

200 OK

40 kB

URL HTTP/2
acscdn.com/script/suv4.js
IP
104.21.82.12:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (37814), with NEL line terminators
Size
40 kB (40242 bytes)
Hash
1312e87139e2ec25f756a7be00a50344
b97022993f29d27a478f128927942c4089415a86
696ddc41ef117112bacd744e7443564f6ccf03c36c88a1bf945495127a25a1ac

HTTP Headers

GET /script/suv4.js HTTP/1.1
Host: acscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://futbollibre.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 05 Oct 2022 16:53:06 GMT
content-type: application/javascript
x-guploader-uploadid: ADPycdsFXeq7KMBNlHgBstu6GgE5MyZAGeT37Bybej2TnoqAR6F2265XO6uBsBG1FCBUtodfq5YEJaozVqAtMtBCyugW0w
x-goog-generation: 1662626465441111
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 100523
x-goog-hash: crc32c=PsCFGQ==, md5=kKQG58EUy5y9vRcdgoLiJA==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
expires: Wed, 05 Oct 2022 16:34:37 GMT
cache-control: public, max-age=14400
last-modified: Thu, 08 Sep 2022 08:41:05 GMT
etag: W/"90a406e7c114cb9cbdbd171d8282e224"
age: 2240
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=snN9AhTIGslSnsGOf2e4iWA4YeQHDM%2FxCib71vdZn1kR2V6L9lxwyzz7MN4%2BNINWjvLYGDttjZu13vsexuDIQ9pgKJiJeBvfiH%2B%2Bw3XThKFwS0GKL1rvicd8wnN8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7557abe9ff25b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5704624d-eb81-4a5b-bcb7-08db5681c677.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8926 bytes)
Hash
1de7c17a0ba9295135e7f8b490b6a8d3
70e8d1589f3daf71378965dd197934e220fb6aa4
ee559ce3166479e2b930be7d18525f5c2d164aed8ca005302ddaf3bfe37eec24

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5704624d-eb81-4a5b-bcb7-08db5681c677.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8926
x-amzn-requestid: 27fc8976-af8d-40a3-b701-0642fa135ec4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zf8s1GSbIAMFTiw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ca7eb-4d4c7837576e0fdb5828fe3b;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 21:38:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YzVofPSJC-YVU1Q1V9AnjNeQTa1BQEh6ZiH2HjSeeX5RygysFP7oAA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 21:43:25 GMT
age: 68984
etag: "70e8d1589f3daf71378965dd197934e220fb6aa4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10158 bytes)
Hash
4fc2ddd86450d64d3fb659ab4e78be58
bbe71936b78a8c34d03ab87948dc840b35c6948f
84a760397a5912bd05f61bc8a953c13a88a677e2d17fbbf74bdf7d7ff4d3942f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10158
x-amzn-requestid: def1fc7e-8008-466f-9271-20fa1ab0fa5a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZaqZCH7doAMFcPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a8aa0-7fd2fb1249366f2277d719d6;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 07:09:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: aeOU8fGkf5uHuYZ79k17EzxiFnwm0_z7SeZJElgwECzRyhR2N_SYJA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 04:06:09 GMT
age: 46020
etag: "bbe71936b78a8c34d03ab87948dc840b35c6948f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8857940-5ca2-44ba-8a66-f396a605d5b4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.0 kB (7021 bytes)
Hash
229c99cfb655a8c9f1a22de69fdff73c
6b5db8fbfb56f083d54b13e7660d0e4bc866aa00
f4099e9153c3dc481add95b0f24dbb8f6d65cc74ad5631d9cb6c6f2a0351843d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8857940-5ca2-44ba-8a66-f396a605d5b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7021
x-amzn-requestid: 2e30bdac-360e-4d0a-8bb7-c3144e074abe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zf8ucHb1oAMFjYw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ca7f5-18ba6bc50cb32b1e14c882bd;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 21:39:01 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: UPEhTwAYEIRy-Cnb0ITefEotLyg3rFe_NaGy92xwWe_7hrdo6UQLwQ==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 21:56:53 GMT
age: 68176
etag: "6b5db8fbfb56f083d54b13e7660d0e4bc866aa00"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a7395fbf71381e7b99a8f2dc723aeca6
1c17cde68b62dde4c2871178e45274c60f666d16
b3df570e2fbb53547e0b3722e77b0f31e6abbf27b9c27834411e6bd70884e067

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B3DF570E2FBB53547E0B3722E77B0F31E6ABBF27B9C27834411E6BD70884E067"
Last-Modified: Mon, 03 Oct 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7243
Expires: Wed, 05 Oct 2022 18:53:52 GMT
Date: Wed, 05 Oct 2022 16:53:09 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a7395fbf71381e7b99a8f2dc723aeca6
1c17cde68b62dde4c2871178e45274c60f666d16
b3df570e2fbb53547e0b3722e77b0f31e6abbf27b9c27834411e6bd70884e067

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B3DF570E2FBB53547E0B3722E77B0F31E6ABBF27B9C27834411E6BD70884E067"
Last-Modified: Mon, 03 Oct 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7243
Expires: Wed, 05 Oct 2022 18:53:52 GMT
Date: Wed, 05 Oct 2022 16:53:09 GMT
Connection: keep-alive

unseenreport.com/pxf.gif?uuid=ffc13dc1-dcab-49cb-be4a-e21689cd8d08&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=46cab0482d679d4b3993fdf8e8be6238&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=16

192.243.59.13

200 OK

1 B

URL HTTP/1.1
unseenreport.com/pxf.gif?uuid=ffc13dc1-dcab-49cb-be4a-e21689cd8d08&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=46cab0482d679d4b3993fdf8e8be6238&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=16
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=ffc13dc1-dcab-49cb-be4a-e21689cd8d08&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=46cab0482d679d4b3993fdf8e8be6238&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=16 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://futbollibre.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 05 Oct 2022 16:53:09 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: db199eaaa72598d841e11ad6fa94acf7
Strict-Transport-Security: max-age=0; includeSubdomains

unseenreport.com/pxf.gif?uuid=ffc13dc1-dcab-49cb-be4a-e21689cd8d08&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=9738a343b207c9bd51f72da77988779d&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=16

192.243.59.13

200 OK

1 B

URL HTTP/1.1
unseenreport.com/pxf.gif?uuid=ffc13dc1-dcab-49cb-be4a-e21689cd8d08&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=9738a343b207c9bd51f72da77988779d&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=16
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=ffc13dc1-dcab-49cb-be4a-e21689cd8d08&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=9738a343b207c9bd51f72da77988779d&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=16 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://futbollibre.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 05 Oct 2022 16:53:09 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f9d9c73863fde5c2a125157020c427eb
Strict-Transport-Security: max-age=0; includeSubdomains

futbollibre.net/inicio/

172.64.162.27

200 OK

0 B

URL HTTP/2
futbollibre.net/inicio/
IP
172.64.162.27:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /inicio/ HTTP/1.1
Host: futbollibre.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 200 OK
date: Wed, 05 Oct 2022 16:53:05 GMT
content-type: text/html
cf-ray: 7557abe729ca76f9-LHR
age: 457
cache-control: max-age=691200
last-modified: Sat, 01 Oct 2022 13:14:35 GMT
vary: Accept-Encoding
via: 1.1 varnish (Varnish/6.5)
cf-cache-status: HIT
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-varnish: 616302114
x-xss-protection: 1; mode=block
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WCb%2BEry5ISuAsuLmOr5PGxdvbKwDnP7slEmGAZzJwg%2B1Qucb6nH425SLeeUO85WN%2FbAt7km2xDp8%2BmqhqJ0qgf7P96Xr3%2B%2BjG3fwNOaRgHgpAeppjgAFOnBbn%2B0Juo4Sr1E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

platform-api.sharethis.com/js/sharethis.js

54.230.111.68

200 OK

0 B

URL HTTP/2
platform-api.sharethis.com/js/sharethis.js
IP
54.230.111.68:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/sharethis.js HTTP/1.1
Host: platform-api.sharethis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://futbollibre.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-encoding: gzip
edge-control: cache-maxage=60m,downstream-ttl=60m
x-frame-options: SAMEORIGIN
date: Wed, 05 Oct 2022 16:46:32 GMT
cache-control: max-age=600, public
etag: W/"3011a-1tH8M8TNdKB39qADlCdHeiBv0FM"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: RMgmGdC4xhyPTpe5HSYLl_8TEcw1ZZgF_8_XTzbCF-uTB_HC0OykHw==
age: 394
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

youradexchange.com/script/suurl4.php?r=5798766&cbur=0.3589431527600889&cbiframe=0&cbWidth=1280&cbHeight=939&cbtitle=F%C3%BAtbol%20Libre%20TV%20-%20Ver%20todos%20los%20partidos%20de%20f%C3%BAtbol%20en%20VIVO&cbpage=https%3A%2F%2Ffutbollibre.net%2Finicio%2F&cbref=&cbdescription=Todo%20el%20f%C3%BAtbol%20Argentino%20e%20Internacional%20solo%20por%20F%C3%BAtbol%20Libre.%20Ver%20F%C3%BAtbol%20Argentino%20en%20VIVO%2C%20Copa%20Libertadores%2C%20Sudamericana%20y%20cientos%20de%20canales%20deportivos&cbkeywords=&cbcdn=acscdn.com&aggr=0

35.190.41.116

200 OK

0 B

URL HTTP/2
youradexchange.com/script/suurl4.php?r=5798766&cbur=0.3589431527600889&cbiframe=0&cbWidth=1280&cbHeight=939&cbtitle=F%C3%BAtbol%20Libre%20TV%20-%20Ver%20todos%20los%20partidos%20de%20f%C3%BAtbol%20en%20VIVO&cbpage=https%3A%2F%2Ffutbollibre.net%2Finicio%2F&cbref=&cbdescription=Todo%20el%20f%C3%BAtbol%20Argentino%20e%20Internacional%20solo%20por%20F%C3%BAtbol%20Libre.%20Ver%20F%C3%BAtbol%20Argentino%20en%20VIVO%2C%20Copa%20Libertadores%2C%20Sudamericana%20y%20cientos%20de%20canales%20deportivos&cbkeywords=&cbcdn=acscdn.com&aggr=0
IP
35.190.41.116:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /script/suurl4.php?r=5798766&cbur=0.3589431527600889&cbiframe=0&cbWidth=1280&cbHeight=939&cbtitle=F%C3%BAtbol%20Libre%20TV%20-%20Ver%20todos%20los%20partidos%20de%20f%C3%BAtbol%20en%20VIVO&cbpage=https%3A%2F%2Ffutbollibre.net%2Finicio%2F&cbref=&cbdescription=Todo%20el%20f%C3%BAtbol%20Argentino%20e%20Internacional%20solo%20por%20F%C3%BAtbol%20Libre.%20Ver%20F%C3%BAtbol%20Argentino%20en%20VIVO%2C%20Copa%20Libertadores%2C%20Sudamericana%20y%20cientos%20de%20canales%20deportivos&cbkeywords=&cbcdn=acscdn.com&aggr=0 HTTP/1.1
Host: youradexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://futbollibre.net
Connection: keep-alive
Referer: https://futbollibre.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: openresty
date: Wed, 05 Oct 2022 16:53:07 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

futbollibre.net/

172.64.162.27

301 Moved Permanently

0 B

URL HTTP/2
futbollibre.net/
IP
172.64.162.27:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET / HTTP/1.1
Host: futbollibre.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 301 Moved Permanently
date: Wed, 05 Oct 2022 16:53:05 GMT
location: https://futbollibre.net/inicio/
cf-ray: 7557abe63f9a76f9-LHR
cache-control: max-age=3600
expires: Wed, 05 Oct 2022 17:53:05 GMT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XCXNd5nSC8sqRHYhY4YvIfxZfHrNw5yQEslkcrvtOY0QIVNg4T9DIPMW3WR5aoypPS3D70zoB%2BcHwIKQUGKPBqYYtvAd2O0G8fnvs0G4J9WqSAzEf3PKAUki5VV%2F7C5DCc8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

whos.amung.us/cwidget/futbollibre/000000ffffff.png

104.22.75.171

307 Temporary Redirect

0 B

URL HTTP/2
whos.amung.us/cwidget/futbollibre/000000ffffff.png
IP
104.22.75.171:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /cwidget/futbollibre/000000ffffff.png HTTP/1.1
Host: whos.amung.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://futbollibre.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 307 Temporary Redirect
date: Wed, 05 Oct 2022 16:53:07 GMT
content-type: text/html; charset=UTF-8
location: https://widgets.amung.us/draw/?w=colored&n=6786&c=000000ffffff&p=left
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7557abf15de595e4-ARN
X-Firefox-Spdy: h2

creepingbrings.com/sfp.js

172.64.198.30

200 OK

0 B

URL HTTP/2
creepingbrings.com/sfp.js
IP
172.64.198.30:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sfp.js HTTP/1.1
Host: creepingbrings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://futbollibre.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 05 Oct 2022 16:53:08 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: d431d9dd26c385a2d522f4420bcad96a
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Wed, 05 Oct 2022 16:53:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2bhTVYrtFVBrmevA0dZWWwYodazcx6Fa1X0ubqjW7Tgxtp8jftGJ0yvsb7vyF4SR4sbjNdKBRRI8NnbGJI7qOnBQnp6T2JNbPk2N%2FLnXkicfAjiD0gpp78xA9wFHcbdMeCnCnfI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7557abf73d5a7467-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (25)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations