Report - scided-mington.com/9fd71eea-2862-4f6e-a83e-6fb9032ba86c

Report Overview

Submitted URL
scided-mington.com/9fd71eea-2862-4f6e-a83e-6fb9032ba86c
IP
18.195.174.160
ASN
#16509 AMAZON-02
Submitted
2022-11-30 21:20:40
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	95.101.11.115
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	2.7 kB	93.184.220.29
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	34.214.236.46
world-champ-football-br.pu020ev.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	11 kB	179 kB	104.26.1.112
scided-mington.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	1.8 kB	18.195.174.160
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
pinuplinkto.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	472 B	512 B	104.21.37.34
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.2 kB	36 kB	34.120.237.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-30	medium	scided-mington.com/9fd71eea-2862-4f6e-a83e-6fb9032ba86c	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (3)

	URL	Size	First Seen	Last Seen
	world-champ-football-br.pu020ev.com/?lang=br&st=afPc53SX&s1=wm3deck0qcn7clrk21dji8a2&s2=&s3=&s4=&s5=&p_id={p_id}&pc=30&form_phone={form_phone}&form_email={form_email}&trId=ce3si71ct2h57gvsaedg&source=	13 kB	2023-03-11	2023-03-11
Pretty URL world-champ-football-br.pu020ev.com/?lang=br&st=afPc53SX&s1=wm3deck0qcn7clrk21dji8a2&s2=&s3=&s4=&s5=&p_id={p_id}&pc=30&form_phone={form_phone}&form_email={form_email}&trId=ce3si71ct2h57gvsaedg&source= IP 104.26.1.112 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:11:33 Last Seen2023-03-11 23:11:33 Times Seen1 Hash a94f63b9a8f1f40f1467ebf7e570c939 ec611ad5610a574b183c1bb8e4543ced16287739 a2479adaebe2cc716e8ced96bba9a800c9b4748ef0deff19139ae05e9e932456 Loading...

	world-champ-football-br.pu020ev.com/bundle.js	86 kB	2023-03-11	2023-03-11
Pretty URL world-champ-football-br.pu020ev.com/bundle.js IP 104.26.1.112 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:11:33 Last Seen2023-03-11 23:11:33 Times Seen1 Hash 917cff027e6c1e62c75eb06f20f581c1 adb02257f4772d3d6b81c69f623f06c883e4cf87 779dba24c43a038323f11f183570187e17c229e0c126e561a146823cb86d2d0e Loading...

	world-champ-football-br.pu020ev.com/?lang=br&st=afPc53SX&s1=wm3deck0qcn7clrk21dji8a2&s2=&s3=&s4=&s5=&p_id={p_id}&pc=30&form_phone={form_phone}&form_email={form_email}&trId=ce3si71ct2h57gvsaedg&source=	15 kB	2023-03-11	2023-03-11
Pretty URL world-champ-football-br.pu020ev.com/?lang=br&st=afPc53SX&s1=wm3deck0qcn7clrk21dji8a2&s2=&s3=&s4=&s5=&p_id={p_id}&pc=30&form_phone={form_phone}&form_email={form_email}&trId=ce3si71ct2h57gvsaedg&source= IP 104.26.1.112 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:11:33 Last Seen2023-03-11 23:11:33 Times Seen1 Hash 56b5b4c75d01db1f3ab36b47cf98a100 2e1824952026416545621d414856733c4b4554a1 4e373d7b862de409da6dbf120baf8f58eb40f539c30b5a01e306148255cad3dd Loading...

HTTP Transactions (42)

URL IP Response Size

scided-mington.com/9fd71eea-2862-4f6e-a83e-6fb9032ba86c

18.195.174.160

200

467 B

URL HTTP/1.1
scided-mington.com/9fd71eea-2862-4f6e-a83e-6fb9032ba86c
IP
18.195.174.160:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document, ASCII text, with very long lines (467), with no line terminators
Size
467 B (467 bytes)
Hash
6e5e30f29c4d5c21d0b74528ac2b7a38
fb0b7b82dac59fd3cb0599604963163384a4cda7
fe20c70853f38b35cb6c8eaa68c204231a7bb6be22de4f5c7fa66f63e3bc6c48

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /9fd71eea-2862-4f6e-a83e-6fb9032ba86c HTTP/1.1
Host: scided-mington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 
Server: nginx
Date: Wed, 30 Nov 2022 21:20:28 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 467
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Set-Cookie: 9fd71eea-2862-4f6e-a83e-6fb9032ba86c-v4=up_d3kCeW3eUq9v3-QmSyWsIlCUOM60qBQ1lHcGiv0s; Max-Age=86400; Expires=Thu, 01-Dec-2022 21:20:28 GMT; Domain=scided-mington.com; Path=/; HttpOnly
cc-v4=sDmubv0ffz6KSwcvPqPZpms%2FeWn3NOg1QTWimav1wYwEHYrbmlWH0rUgeNNviGZ1NGscrr04oYfj3BMb6pIGDq0%2BYZELQPmS8ajXHJkpP%2BFcxusSjWVwuYBa8ns1JUfhObITtDkHCl8fzDljE51NRg%3D%3D; Max-Age=31536000; Expires=Thu, 30-Nov-2023 21:20:28 GMT; Domain=scided-mington.com; Path=/; HttpOnly

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2d2e7649ce9e9ba6fc8b68aa89352e3c
0153d1d3d830a457043e16bb40d48a0b9ddef4b8
8eed57c91b42ef7b2d5eff1309e306e23e13c3de21219af24a693cbf3e8977fc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11788
Expires: Thu, 01 Dec 2022 00:36:56 GMT
Date: Wed, 30 Nov 2022 21:20:28 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
f3cf023c797da81728c0ac84c8759331
fa07c5e39e4b0741ea484101cccb2202acea9d9c
5206a0bac8bf78d6b84322519271a1ece2c1039a0090e583de6d6192d88873d0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1725
Cache-Control: max-age=135576
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 21:20:28 GMT
Etag: "638730f7-1d7"
Expires: Fri, 02 Dec 2022 11:00:04 GMT
Last-Modified: Wed, 30 Nov 2022 10:31:19 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6d9d34c96b9a826ae5676640c966469c
8052a16d41a637e420478b7de1ff5a2dc951fccd
f18ac558cb786126bb7efb159e03353d268d5f5796bcfd2691a349dfc68d863c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14815
Expires: Thu, 01 Dec 2022 01:27:23 GMT
Date: Wed, 30 Nov 2022 21:20:28 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 30 Nov 2022 21:19:44 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 44
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: GwEVMpD4fXdmhfvqHAhvYyerY9q1+YHv1wGECXbWggP6UcFSalBomHhfKQNXtvXTUJDQa+krXDc=
x-amz-request-id: RS6FK81DMRGWDDFW
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 30 Nov 2022 20:46:00 GMT
age: 2068
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 21:20:28 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

scided-mington.com/redirect?target=BASE64aHR0cHM6Ly9waW51cGxpbmt0by5jb20vYWZQYzUzU1gvP3N1YklkMT13bTNkZWNrMHFjbjdjbHJrMjFkamk4YTI&ts=1669843228172&hash=8hmnVuTxNFw7fZhC2GsWrWjCKYSD1e5Yx9s1aIT7UeU&rm=D

18.195.174.160

200

323 B

URL HTTP/1.1
scided-mington.com/redirect?target=BASE64aHR0cHM6Ly9waW51cGxpbmt0by5jb20vYWZQYzUzU1gvP3N1YklkMT13bTNkZWNrMHFjbjdjbHJrMjFkamk4YTI&ts=1669843228172&hash=8hmnVuTxNFw7fZhC2GsWrWjCKYSD1e5Yx9s1aIT7UeU&rm=D
IP
18.195.174.160:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document, ASCII text, with very long lines (323), with no line terminators
Size
323 B (323 bytes)
Hash
dddab0d196ca0d388cc2ac29ed854db1
e8b3beef36602e05c07d393556a5eb69eaa46520
6c3004e2f066d90c3c885b383fec6da97a9ee9924ee99a05de7890b74c32d0d9

HTTP Headers

GET /redirect?target=BASE64aHR0cHM6Ly9waW51cGxpbmt0by5jb20vYWZQYzUzU1gvP3N1YklkMT13bTNkZWNrMHFjbjdjbHJrMjFkamk4YTI&ts=1669843228172&hash=8hmnVuTxNFw7fZhC2GsWrWjCKYSD1e5Yx9s1aIT7UeU&rm=D HTTP/1.1
Host: scided-mington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: 9fd71eea-2862-4f6e-a83e-6fb9032ba86c-v4=up_d3kCeW3eUq9v3-QmSyWsIlCUOM60qBQ1lHcGiv0s; cc-v4=sDmubv0ffz6KSwcvPqPZpms%2FeWn3NOg1QTWimav1wYwEHYrbmlWH0rUgeNNviGZ1NGscrr04oYfj3BMb6pIGDq0%2BYZELQPmS8ajXHJkpP%2BFcxusSjWVwuYBa8ns1JUfhObITtDkHCl8fzDljE51NRg%3D%3D
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 
Server: nginx
Date: Wed, 30 Nov 2022 21:20:28 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 323
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
6a13848aafe667104d662b3607394154
aa8f3a43a12f75a0ef6c44aadc50592e4ee96ef5
3d9ca9531d0a8f4972a926074623bd36fdc7e5402534d2711a1db01f6d64f328

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=103966
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 21:20:28 GMT
Etag: "6386bc3a-117"
Expires: Fri, 02 Dec 2022 02:13:14 GMT
Last-Modified: Wed, 30 Nov 2022 02:13:14 GMT
Server: nginx
Content-Length: 279

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 30 Nov 2022 21:08:56 GMT
cache-control: public,max-age=3600
age: 692
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

pinuplinkto.com/afPc53SX/?subId1=wm3deck0qcn7clrk21dji8a2

104.21.37.34

302 Found

0 B

URL HTTP/2
pinuplinkto.com/afPc53SX/?subId1=wm3deck0qcn7clrk21dji8a2
IP
104.21.37.34:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /afPc53SX/?subId1=wm3deck0qcn7clrk21dji8a2 HTTP/1.1
Host: pinuplinkto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Wed, 30 Nov 2022 21:20:28 GMT
content-length: 0
location: https://world-champ-football-br.pu020ev.com/?lang=br&st=afPc53SX&s1=wm3deck0qcn7clrk21dji8a2&s2=&s3=&s4=&s5=&p_id={p_id}&pc=30&form_phone={form_phone}&form_email={form_email}&trId=ce3si71ct2h57gvsaedg&source=
set-cookie: click-2022-12-01=%2CafPc53SX; expires=Thu, 01 Dec 2022 21:00:00 GMT; path=/
cf-cache-status: DYNAMIC
x-robots-tag: noindex, nofollow
server: cloudflare
cf-ray: 7726a093bb0cb529-OSL
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
cfdd00e67ee6ca21712b867eb5288ab6
b61d5d6ec3b7ad71619e13e32c87f2d01871b88a
f740cac6dfedc1bf0f82efb10dac4f6ffb22f9bb5d4a9b68a4cd971dd2f65793

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1716
Cache-Control: max-age=130498
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 21:20:29 GMT
Etag: "63871d2b-1d7"
Expires: Fri, 02 Dec 2022 09:35:27 GMT
Last-Modified: Wed, 30 Nov 2022 09:06:51 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
77bb16d604a4ba2b48daf40e890a5427
df0964a62ed5ac211bdd3a6820475b2d3503af27
f97cefb69dc8fdce0ede44b9d055f8c7b8a75fb24f37cc254522deee2d95915d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=129154
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 21:20:29 GMT
Etag: "63871e9f-118"
Expires: Fri, 02 Dec 2022 09:13:03 GMT
Last-Modified: Wed, 30 Nov 2022 09:13:03 GMT
Server: nginx
Content-Length: 280

push.services.mozilla.com/

34.214.236.46

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.214.236.46:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 4Gg+c9HwY0DVS0NpAr983Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Udn438Ba1fR5qE95Z57+Bi+hHjE=

world-champ-football-br.pu020ev.com/img/header/lang/spanish.png

104.26.1.112

200 OK

108 B

URL HTTP/2
world-champ-football-br.pu020ev.com/img/header/lang/spanish.png
IP
104.26.1.112:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 135 x 90, 1-bit colormap, non-interlaced\012- data
Size
108 B (108 bytes)
Hash
938f865de40a51ad251bd1d34ddbbf5b
d7bbe4f376fb8d30d1391f19b49c0db603b1348c
7e1c1beb1f1dca31ea18e7455bf4bee7ce744d9eb6aef9a40ed47aa153efd7df

HTTP Headers

GET /img/header/lang/spanish.png HTTP/1.1
Host: world-champ-football-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://world-champ-football-br.pu020ev.com/?lang=br&st=afPc53SX&s1=wm3deck0qcn7clrk21dji8a2&s2=&s3=&s4=&s5=&p_id={p_id}&pc=30&form_phone={form_phone}&form_email={form_email}&trId=ce3si71ct2h57gvsaedg&source=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Nov 2022 21:20:29 GMT
content-type: image/png
content-length: 108
last-modified: Thu, 17 Nov 2022 14:26:44 GMT
etag: "637644a4-6c"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CN6dANf111IJnyTkNvXPtaZS71q6XZ1Rle0fsnxGv9zbrqHiQ9eQJx38xysneNB%2FFxMBoESauWdBegsDKCDB6uNPwu65rAJxqRWETMqZK%2B0dt7TlT6PCD1VsQs3rqOuiimnBfR2OKvvMkCwzcLtnLdrUOO6c"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7726a0971a5fb50b-OSL
X-Firefox-Spdy: h2

world-champ-football-br.pu020ev.com/img/header/lang/chilean.png

104.26.1.112

200 OK

424 B

URL HTTP/2
world-champ-football-br.pu020ev.com/img/header/lang/chilean.png
IP
104.26.1.112:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 135 x 90, 8-bit colormap, non-interlaced\012- data
Size
424 B (424 bytes)
Hash
71bf07a383c7876508533c6e142be0ae
1847879d9ba61924413e72647dea739232ef120a
b711748e2628dfdfa5c7bc1c87bd58e1ac2b0767f5f2fa840bf366a14c363e73

HTTP Headers

GET /img/header/lang/chilean.png HTTP/1.1
Host: world-champ-football-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://world-champ-football-br.pu020ev.com/?lang=br&st=afPc53SX&s1=wm3deck0qcn7clrk21dji8a2&s2=&s3=&s4=&s5=&p_id={p_id}&pc=30&form_phone={form_phone}&form_email={form_email}&trId=ce3si71ct2h57gvsaedg&source=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Nov 2022 21:20:29 GMT
content-type: image/png
content-length: 424
last-modified: Thu, 17 Nov 2022 14:26:44 GMT
etag: "637644a4-1a8"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6qF3BQZ0GVn%2BSMSdozL%2Bqhq5ufENmX3r5YXzzadspbpoFhpWvaDs%2BCql5h%2Fx61vFUYaE1Hk903jhToxrpkKGIMurI79qW2jYslM5YiYABrGGjugBw%2Bad7bU9ysOxarvPSsNUykjM0wfO8vc9HtTOLE0dhLKV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7726a0971a5cb50b-OSL
X-Firefox-Spdy: h2

world-champ-football-br.pu020ev.com/fonts/src/fonts/Pinup-Black/Pinup-Black.woff

104.26.1.112

200 OK

102 kB

URL HTTP/2
world-champ-football-br.pu020ev.com/fonts/src/fonts/Pinup-Black/Pinup-Black.woff
IP
104.26.1.112:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format, TrueType, length 102164, version 0.0\012- data
Size
102 kB (102164 bytes)
Hash
c984f97fbb9ce6c677865986126b2265
7975f19bcb0f58164e886929f0c3f1a97fd25808
24b3dfeb12de920eb1bf00a64722af89806fba095587a2db3f526974ffb8ae00

HTTP Headers

GET /fonts/src/fonts/Pinup-Black/Pinup-Black.woff HTTP/1.1
Host: world-champ-football-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://world-champ-football-br.pu020ev.com/main.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Nov 2022 21:20:29 GMT
content-type: font/woff
content-length: 102164
last-modified: Thu, 17 Nov 2022 14:26:44 GMT
etag: "637644a4-18f14"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KNv%2F5wjArsHUX0aMGSU1ZXT4TKIyn%2FxSb6d3vqhw93NYLn7px1WV2zhTwtBHTSK9c6pKzMgA9Y4HbJcmJWfD%2BoALZDvTecbruudiaEV0N9YkGd79Sgwze8xgZKmHvr82Sn93C7XxGJ5QXKRvMQpCg5SxR%2Bw%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7726a097ebacb50b-OSL
X-Firefox-Spdy: h2

world-champ-football-br.pu020ev.com/img/header/lang/hindi.png

104.26.1.112

200 OK

7.9 kB

URL HTTP/2
world-champ-football-br.pu020ev.com/img/header/lang/hindi.png
IP
104.26.1.112:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 135 x 90, 8-bit colormap, non-interlaced\012- data
Size
7.9 kB (7875 bytes)
Hash
edd4656b05761292f99ecc5ed4fd161d
cd579ac9bfdb0241c28788891491b1c9ae73c48b
135d279436eb7fbe6d551ba10bd2ebedb3f666d963c64d5210ee8509a5ebc012

HTTP Headers

GET /img/header/lang/hindi.png HTTP/1.1
Host: world-champ-football-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://world-champ-football-br.pu020ev.com/?lang=br&st=afPc53SX&s1=wm3deck0qcn7clrk21dji8a2&s2=&s3=&s4=&s5=&p_id={p_id}&pc=30&form_phone={form_phone}&form_email={form_email}&trId=ce3si71ct2h57gvsaedg&source=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Nov 2022 21:20:29 GMT
content-type: image/png
last-modified: Thu, 17 Nov 2022 14:26:44 GMT
vary: Accept-Encoding
etag: W/"637644a4-427"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P0pPHeOB3VXv2LDewHHO5P6QZLhPpUL1z0taaXXbmaeNFDfaqDVZNSYMH%2FZoG%2BvDjQTrtwQ2YJtM33PN44m0kEwhS7RRr21iSOL5%2F5DKeIXPADJQIXrQ5jWG4wAL9delyKYAuHvRc%2FwqYKxisCobpDfcyYjN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7726a0972a68b50b-OSL
X-Firefox-Spdy: h2

world-champ-football-br.pu020ev.com/img/favicon/favicon-16x16.png

104.26.1.112

200 OK

916 B

URL HTTP/2
world-champ-football-br.pu020ev.com/img/favicon/favicon-16x16.png
IP
104.26.1.112:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Size
916 B (916 bytes)
Hash
4002504e6a7b16eae1a825909650ec25
857543e6566871461da4c299a186471611925829
0a1fdd6dc7a85ac17b99a484b1fe4f0a926b9e1b1c80c4929f3b312e73e781d1

HTTP Headers

GET /img/favicon/favicon-16x16.png HTTP/1.1
Host: world-champ-football-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://world-champ-football-br.pu020ev.com/?lang=br&st=afPc53SX&s1=wm3deck0qcn7clrk21dji8a2&s2=&s3=&s4=&s5=&p_id={p_id}&pc=30&form_phone={form_phone}&form_email={form_email}&trId=ce3si71ct2h57gvsaedg&source=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Nov 2022 21:20:29 GMT
content-type: image/png
content-length: 916
last-modified: Thu, 17 Nov 2022 14:26:44 GMT
etag: "637644a4-394"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yCyJa%2BlAlZxms9Ye9mkqG7sMrp0lw5VRoaOkaWdM3hYjyefOj8mDuN0HKj%2F4rtuFdE3tWZyRKgG%2FD6K6X2am%2F%2FZ7wYtqkaYra62oiuXUP6YCYAaxvD0NOQKud5BnsaJeuMBLS8Dsks5A5%2B4h8f01kxd3xBaS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7726a098fdc1b50b-OSL
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11836
Expires: Thu, 01 Dec 2022 00:37:46 GMT
Date: Wed, 30 Nov 2022 21:20:30 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11836
Expires: Thu, 01 Dec 2022 00:37:46 GMT
Date: Wed, 30 Nov 2022 21:20:30 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11836
Expires: Thu, 01 Dec 2022 00:37:46 GMT
Date: Wed, 30 Nov 2022 21:20:30 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11836
Expires: Thu, 01 Dec 2022 00:37:46 GMT
Date: Wed, 30 Nov 2022 21:20:30 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11836
Expires: Thu, 01 Dec 2022 00:37:46 GMT
Date: Wed, 30 Nov 2022 21:20:30 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg

34.120.237.76

200 OK

9.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.7 kB (9674 bytes)
Hash
5508d05a290b663fd89ead9b58f2efd8
53650399f9a986ba54addd668b4557109d12003b
65704a961410fdd318c491fedf002c8e9b184cd34b76fe1b67026d42ce21be3f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9674
x-amzn-requestid: 7e7d0183-9667-462a-8d44-d125998c1ae3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgEoHVAoAMFvAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a1d-280ba97e3fe1bf7244cbde35;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ym_L3s5E6MLy6BxqNkVxok6L6hA4c-ilSsEqt42j2IbiXYPb4c6-VQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:52:51 GMT
age: 84459
etag: "53650399f9a986ba54addd668b4557109d12003b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250668cd-c9db-4014-b576-3aaad4eb9150.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.8 kB (5785 bytes)
Hash
59baec8db5ced0210ab766ea5636a5fd
f7cf3a0f89751a02fbcf8d21f505f24a74e8b30b
33ff55891f18c22970804f1b8b2ba6821ddfd7426b01486410bd43f2b4295a8d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250668cd-c9db-4014-b576-3aaad4eb9150.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5785
x-amzn-requestid: ee77265b-8e90-4035-8ef1-92a2d26aaefa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDaHdWoAMFqmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-0d10d74030e7aee74804b654;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QhUrNKIJUxXTYFTgfCwizAd9L4PdLMVLbqv1sHmmnrWya0xz1MTSiw==
via: 1.1 38eecd3ca21bf068d69a2f9cfe668d14.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:08:46 GMT
etag: "f7cf3a0f89751a02fbcf8d21f505f24a74e8b30b"
content-type: image/jpeg
age: 83504
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb1888-5971-4b4a-923b-dc9d4050182b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.3 kB (7298 bytes)
Hash
e00769bd1391b8f4f5b8ab128a825355
e4ddf955e8ac1986045ed55880c43c69e588a021
81ca4d20c28fed8fd3135515daadc1fdbfb4198535d7c46021b418b8b98e59a5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb1888-5971-4b4a-923b-dc9d4050182b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7298
x-amzn-requestid: 381e55bb-876b-46ad-84b6-1ddf9f876f56
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDcE3poAMFaAA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-7c12394600900afc7281e858;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8heT2eN5oLbO14R9qLq78Vma_TkteufTyKM5i3K2XoJYXfWNwLMEwQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:56:25 GMT
age: 84245
etag: "e4ddf955e8ac1986045ed55880c43c69e588a021"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

world-champ-football-br.pu020ev.com/img/background-shadow.png

104.26.1.112

200 OK

29 kB

URL HTTP/2
world-champ-football-br.pu020ev.com/img/background-shadow.png
IP
104.26.1.112:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1920 x 264, 8-bit colormap, non-interlaced\012- data
Size
29 kB (29430 bytes)
Hash
5ff5d7a623c21e3c80651f5d6fdb5b84
949b7eaffb3bcdb9a63712f60c814b947ab422cd
f1758441522c13c8349e77d0960eaa43832c7f084b90e684c1d4377441f5b051

HTTP Headers

GET /img/background-shadow.png HTTP/1.1
Host: world-champ-football-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://world-champ-football-br.pu020ev.com/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Nov 2022 21:20:29 GMT
content-type: image/png
last-modified: Thu, 17 Nov 2022 14:26:44 GMT
vary: Accept-Encoding
etag: W/"637644a4-4828"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sRY6Yz6yrjkGKpwteKGQ52BqsZT%2FrjyC1Bj%2B94RN%2B2%2FUCy6LP0y8AfYrKre2GVjNR4%2BerFM5QaHalYj15s%2FRku4StdPx6RM5u5tfkmd0pZNrV07Dk9OMi58hSY4Y1nutDODa7RzZVscilI2eTKYs%2BPUbgKdG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7726a097db9eb50b-OSL
X-Firefox-Spdy: h2

world-champ-football-br.pu020ev.com/img/header/lang/brazilian.png

104.26.1.112

200 OK

15 kB

URL HTTP/2
world-champ-football-br.pu020ev.com/img/header/lang/brazilian.png
IP
104.26.1.112:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 135 x 90, 8-bit/color RGBA, non-interlaced\012- data
Size
15 kB (14594 bytes)
Hash
f4b0251e9d9631fbb983184b7752c071
da11131153ee860055aa4c414ddc38d6f69dab96
52529e072c913de799fe7edc3fb203d8c0c8033b5a81a5ec7e1407c833d9e9ec

HTTP Headers

GET /img/header/lang/brazilian.png HTTP/1.1
Host: world-champ-football-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://world-champ-football-br.pu020ev.com/?lang=br&st=afPc53SX&s1=wm3deck0qcn7clrk21dji8a2&s2=&s3=&s4=&s5=&p_id={p_id}&pc=30&form_phone={form_phone}&form_email={form_email}&trId=ce3si71ct2h57gvsaedg&source=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Nov 2022 21:20:29 GMT
content-type: image/png
last-modified: Thu, 17 Nov 2022 14:26:44 GMT
vary: Accept-Encoding
etag: W/"637644a4-104b"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NWm8h8njTpwXL9epeifjKoSNZiOZg51VubDN5Xy2WEsHtziDsbjB8ykuhSZpN8L7OpdZWNZ8FfA1GeCLeZEf%2F3ce%2FMEudAt6iVyAJ1G3WW%2FLNWc1Lfvyp4L6WYlyomNtE2h2Mzi9H%2FYk1rylgpMw8UTO6lnb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7726a0970a47b50b-OSL
X-Firefox-Spdy: h2

world-champ-football-br.pu020ev.com/img/header/lang/english.png

104.26.1.112

200 OK

10 kB

URL HTTP/2
world-champ-football-br.pu020ev.com/img/header/lang/english.png
IP
104.26.1.112:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 135 x 90, 8-bit colormap, non-interlaced\012- data
Size
10 kB (10514 bytes)
Hash
156e35f56c820ae96142a2d64305f1a0
ab4be04a46ef21984c47efa517c623e41d7c611b
a19fd3b0ca2ae8ec5b27bcc04bd0343a2f2261a71b1e8198455b7754aec673e6

HTTP Headers

GET /img/header/lang/english.png HTTP/1.1
Host: world-champ-football-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://world-champ-football-br.pu020ev.com/?lang=br&st=afPc53SX&s1=wm3deck0qcn7clrk21dji8a2&s2=&s3=&s4=&s5=&p_id={p_id}&pc=30&form_phone={form_phone}&form_email={form_email}&trId=ce3si71ct2h57gvsaedg&source=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Nov 2022 21:20:29 GMT
content-type: image/png
last-modified: Thu, 17 Nov 2022 14:26:44 GMT
vary: Accept-Encoding
etag: W/"637644a4-427"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SqoVW%2BglwdOlhFkK6zq0UiLJimbjgOHnFtmwa8HOxOkcXVn1aWlAJFTVIBmbeROIuDVCcF0p3uBsWTzcby%2BsBspaxjOav2%2Fc73MYzF7ImO67egYHXM759OsUhP3ldl1xNj%2FcOSPtz96gggo3fEQCMvizNHo6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7726a0971a67b50b-OSL
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2730750-552d-4852-8ce1-503874565f75.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.1 kB (9051 bytes)
Hash
05196ec43964cf559caa0c0279148d62
6170d6776615503e3e29f86783febc3e3e78ca66
47f3a5cde661987e3496ce110a0170b10087dd9ba8d4fd691c4830587ba3fa3f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2730750-552d-4852-8ce1-503874565f75.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 9051
x-amzn-requestid: 1032dd9c-a15e-4e8a-9c81-07419e8caf67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhGvEMNIAMFaKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867bc4-1005c20a33320dbf6567ca31;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:38:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: IMaVlQblNnh9mFKwb2LG7hw7h_f1_nVYqO4aEUqY01a2HofnnQqcFQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:49:31 GMT
age: 84666
etag: "6170d6776615503e3e29f86783febc3e3e78ca66"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

world-champ-football-br.pu020ev.com/img/characters.png

104.26.1.112

200 OK

0 B

URL HTTP/2
world-champ-football-br.pu020ev.com/img/characters.png
IP
104.26.1.112:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/characters.png HTTP/1.1
Host: world-champ-football-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://world-champ-football-br.pu020ev.com/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Nov 2022 21:20:29 GMT
content-type: image/png
last-modified: Thu, 17 Nov 2022 14:26:44 GMT
vary: Accept-Encoding
etag: W/"637644a4-5772d"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x3GErCou5%2B%2Bz3GoR2GwEGQPef9cQMtbQJLqsqvkbti%2BRBgyRazzqUD3MsOY2H2E%2BIMR8i9J0qgtD%2Fq5L32ylTrxXEf6Cpmq7MjKGzXGgbZOB4OHj7FeenUAQjtMsjz0%2Bq%2Fsyj6r4GoK0xk1ZweRI6ahVQ6yL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7726a097db9ab50b-OSL
X-Firefox-Spdy: h2

world-champ-football-br.pu020ev.com/img/logo/logo-cup.png

104.26.1.112

200 OK

0 B

URL HTTP/2
world-champ-football-br.pu020ev.com/img/logo/logo-cup.png
IP
104.26.1.112:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/logo/logo-cup.png HTTP/1.1
Host: world-champ-football-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://world-champ-football-br.pu020ev.com/?lang=br&st=afPc53SX&s1=wm3deck0qcn7clrk21dji8a2&s2=&s3=&s4=&s5=&p_id={p_id}&pc=30&form_phone={form_phone}&form_email={form_email}&trId=ce3si71ct2h57gvsaedg&source=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Nov 2022 21:20:29 GMT
content-type: image/png
last-modified: Thu, 17 Nov 2022 14:26:44 GMT
vary: Accept-Encoding
etag: W/"637644a4-1e9a"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vpLUjTrfmt4YXn94oBwDZUR%2FvM6IfxjGf5XJZ8%2FYt9nPob2EwmCYc3u16RlLANkIPS6SdbT7%2BFOLROh1ZMEGNl90Qrrfk9SHL%2Bapyi1qLi1%2BNQS%2FPzVBHiHf50nVfAh%2BXDDseOPVjvpYCk3L5ErjcY8ah1JM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7726a0970a46b50b-OSL
X-Firefox-Spdy: h2

world-champ-football-br.pu020ev.com/img/country/brazil.png

104.26.1.112

200 OK

0 B

URL HTTP/2
world-champ-football-br.pu020ev.com/img/country/brazil.png
IP
104.26.1.112:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/country/brazil.png HTTP/1.1
Host: world-champ-football-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://world-champ-football-br.pu020ev.com/?lang=br&st=afPc53SX&s1=wm3deck0qcn7clrk21dji8a2&s2=&s3=&s4=&s5=&p_id={p_id}&pc=30&form_phone={form_phone}&form_email={form_email}&trId=ce3si71ct2h57gvsaedg&source=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Nov 2022 21:20:29 GMT
content-type: image/png
last-modified: Thu, 17 Nov 2022 14:26:44 GMT
vary: Accept-Encoding
etag: W/"637644a4-104b"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hxq5RY68bnffcglVdkSL44mbvHeX6XiM%2FmHh1odpd6uW1t%2Fb2%2BIPBoOKuPMnt2MsHpc0eMlQzdw6xUKRQmAwdaYoaAMPMzS1Q4F%2FfbFPc%2BXkLmLxkeCpdOfUvv2zha8F2d%2BB4fxCe15ertApDxSJthhc6WTt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7726a0981c04b50b-OSL
X-Firefox-Spdy: h2

world-champ-football-br.pu020ev.com/img/favicon/apple-touch-icon.png

104.26.1.112

200 OK

0 B

URL HTTP/2
world-champ-football-br.pu020ev.com/img/favicon/apple-touch-icon.png
IP
104.26.1.112:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/favicon/apple-touch-icon.png HTTP/1.1
Host: world-champ-football-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://world-champ-football-br.pu020ev.com/?lang=br&st=afPc53SX&s1=wm3deck0qcn7clrk21dji8a2&s2=&s3=&s4=&s5=&p_id={p_id}&pc=30&form_phone={form_phone}&form_email={form_email}&trId=ce3si71ct2h57gvsaedg&source=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Nov 2022 21:20:29 GMT
content-type: image/png
last-modified: Thu, 17 Nov 2022 14:26:44 GMT
vary: Accept-Encoding
etag: W/"637644a4-2088"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XAzTSs2paMQ4hL3Pan024sumRUcr5ZaoJpm80x%2F0pYZRXZMLVCf9XEqmqjkJua7Ex3ghEiQIJcbkuHkXqbi20jkQgnT8Ji%2FhPrmEhZ1lTHQ1I%2BmEeAnu1BjqIiE%2FseAirmCwkX8LpnnDZriwqSa92c1JEWGq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7726a098fdc0b50b-OSL
X-Firefox-Spdy: h2

world-champ-football-br.pu020ev.com/bundle.js

104.26.1.112

200 OK

0 B

URL HTTP/2
world-champ-football-br.pu020ev.com/bundle.js
IP
104.26.1.112:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bundle.js HTTP/1.1
Host: world-champ-football-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://world-champ-football-br.pu020ev.com/?lang=br&st=afPc53SX&s1=wm3deck0qcn7clrk21dji8a2&s2=&s3=&s4=&s5=&p_id={p_id}&pc=30&form_phone={form_phone}&form_email={form_email}&trId=ce3si71ct2h57gvsaedg&source=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Nov 2022 21:20:29 GMT
content-type: application/javascript
last-modified: Thu, 17 Nov 2022 14:26:44 GMT
vary: Accept-Encoding
etag: W/"637644a4-150b6"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DE9io6mgqZ%2Fm5uP9Gmo2DW79xdgrdl8D3AauWOFe7WgPf6fd0lKTuEHsIQ%2BwE13zXJR9m2KFnHHHB2ABSjcMPkOEsBrRbcM5Rxhc5MaCh0ilj%2BBisuot14yOseqM%2BjiqHJe9ZLG3Fs8Bq0rU5lfVFt9e2t77"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7726a0972a6ab50b-OSL
content-encoding: br
X-Firefox-Spdy: h2

world-champ-football-br.pu020ev.com/img/background.jpg

104.26.1.112

200 OK

0 B

URL HTTP/2
world-champ-football-br.pu020ev.com/img/background.jpg
IP
104.26.1.112:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/background.jpg HTTP/1.1
Host: world-champ-football-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://world-champ-football-br.pu020ev.com/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Nov 2022 21:20:29 GMT
content-type: image/jpeg
cf-bgj: h2pri
etag: W/"637644a4-2af35"
last-modified: Thu, 17 Nov 2022 14:26:44 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3HIAIqg4cRE564jHX62ATIdazm3um076t%2Fxaj8%2F3UEK7QyGwAZorxXe7BL4U2eyTGjUSvejWBi9h3WSZpjwShtvegiMtb9Lr5fRs006COa52g0aLgDUdw3Jmk9EIZ5FyubGEENi4CF60n1MofyulIvdBCIio"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7726a097db98b50b-OSL
X-Firefox-Spdy: h2

world-champ-football-br.pu020ev.com/?lang=br&st=afPc53SX&s1=wm3deck0qcn7clrk21dji8a2&s2=&s3=&s4=&s5=&p_id={p_id}&pc=30&form_phone={form_phone}&form_email={form_email}&trId=ce3si71ct2h57gvsaedg&source=

104.26.1.112

200 OK

0 B

URL HTTP/2
world-champ-football-br.pu020ev.com/?lang=br&st=afPc53SX&s1=wm3deck0qcn7clrk21dji8a2&s2=&s3=&s4=&s5=&p_id={p_id}&pc=30&form_phone={form_phone}&form_email={form_email}&trId=ce3si71ct2h57gvsaedg&source=
IP
104.26.1.112:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /?lang=br&st=afPc53SX&s1=wm3deck0qcn7clrk21dji8a2&s2=&s3=&s4=&s5=&p_id={p_id}&pc=30&form_phone={form_phone}&form_email={form_email}&trId=ce3si71ct2h57gvsaedg&source= HTTP/1.1
Host: world-champ-football-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 30 Nov 2022 21:20:29 GMT
content-type: text/html
last-modified: Thu, 17 Nov 2022 14:26:44 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dfKXIBwopGwyqIvTIoIS7iYbC%2FgwwwPqo519ScmkOyZYFVQzS4IoG5oJR0E6BOrfivbg0%2B2Q7HVkpygYnZslDFvefpufiC5E%2BYLSD3WeqVE7XgyJjs7hIgsiqlkEfPOf6LdvN6kEREFMi%2FCuaVKtiJnV31Rc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7726a096089bb50b-OSL
content-encoding: br
X-Firefox-Spdy: h2

world-champ-football-br.pu020ev.com/main.css

104.26.1.112

200 OK

0 B

URL HTTP/2
world-champ-football-br.pu020ev.com/main.css
IP
104.26.1.112:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /main.css HTTP/1.1
Host: world-champ-football-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://world-champ-football-br.pu020ev.com/?lang=br&st=afPc53SX&s1=wm3deck0qcn7clrk21dji8a2&s2=&s3=&s4=&s5=&p_id={p_id}&pc=30&form_phone={form_phone}&form_email={form_email}&trId=ce3si71ct2h57gvsaedg&source=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Nov 2022 21:20:29 GMT
content-type: text/css
last-modified: Thu, 17 Nov 2022 14:26:44 GMT
vary: Accept-Encoding
etag: W/"637644a4-9046"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hMoiBWwEZQofBITjdwx1iSGVuAmTB%2B3LPvCF9Qcxf2QvRMQQ%2B4ucU6dAiAGTFK%2FFNPOeFj%2B1ZzEstymNrxfVq4IsN6pRhaO0bwk6YRzsb%2BNu9K8yWdoFUk9YQFJWgSE%2FkwZntb75ax92RhCF1yQ43h6fm9Od"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7726a0970a37b50b-OSL
content-encoding: br
X-Firefox-Spdy: h2

world-champ-football-br.pu020ev.com/img/header/lang/azerbaijani.png

104.26.1.112

200 OK

0 B

URL HTTP/2
world-champ-football-br.pu020ev.com/img/header/lang/azerbaijani.png
IP
104.26.1.112:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/header/lang/azerbaijani.png HTTP/1.1
Host: world-champ-football-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://world-champ-football-br.pu020ev.com/?lang=br&st=afPc53SX&s1=wm3deck0qcn7clrk21dji8a2&s2=&s3=&s4=&s5=&p_id={p_id}&pc=30&form_phone={form_phone}&form_email={form_email}&trId=ce3si71ct2h57gvsaedg&source=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Nov 2022 21:20:29 GMT
content-type: image/png
last-modified: Thu, 17 Nov 2022 14:26:44 GMT
vary: Accept-Encoding
etag: W/"637644a4-680"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uqjjmJhaa9qkZp4B%2F2h4y4xehJitCw7MiAzwniSj6FO8TOyOYvb%2BNZHcA0KUt7t3aQcHm5UkBzPgxvs7lXIrmVhzNLfZQGV9xWu3j9V8lnSv3GzomPidz1pm9jyw5O%2BfL%2BeKTYqXIr0xTwtSR2A2pyfA9Y1n"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7726a0971a57b50b-OSL
X-Firefox-Spdy: h2

world-champ-football-br.pu020ev.com/img/header/lang/uzbek.png

104.26.1.112

200 OK

0 B

URL HTTP/2
world-champ-football-br.pu020ev.com/img/header/lang/uzbek.png
IP
104.26.1.112:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/header/lang/uzbek.png HTTP/1.1
Host: world-champ-football-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://world-champ-football-br.pu020ev.com/?lang=br&st=afPc53SX&s1=wm3deck0qcn7clrk21dji8a2&s2=&s3=&s4=&s5=&p_id={p_id}&pc=30&form_phone={form_phone}&form_email={form_email}&trId=ce3si71ct2h57gvsaedg&source=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Nov 2022 21:20:29 GMT
content-type: image/png
last-modified: Thu, 17 Nov 2022 14:26:44 GMT
vary: Accept-Encoding
etag: W/"637644a4-5fa"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2zXheBgqd2xeh2wLNsPTMw5ZjJC3LhGveYDmfGJfhuJ%2BSWjkgX6g9TjDN8e9Z%2FXvnXvqLo2i9SgXl%2BXDMAgjRqSNuLoCz7igJYcF7Zvt1hQkOlE01qQ224iTc51cCevQj4BhzaUD2TA0EdpbX7DqzZrIfuDD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7726a0971a60b50b-OSL
X-Firefox-Spdy: h2

world-champ-football-br.pu020ev.com/img/header/lang/turkish.png

104.26.1.112

200 OK

0 B

URL HTTP/2
world-champ-football-br.pu020ev.com/img/header/lang/turkish.png
IP
104.26.1.112:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/header/lang/turkish.png HTTP/1.1
Host: world-champ-football-br.pu020ev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://world-champ-football-br.pu020ev.com/?lang=br&st=afPc53SX&s1=wm3deck0qcn7clrk21dji8a2&s2=&s3=&s4=&s5=&p_id={p_id}&pc=30&form_phone={form_phone}&form_email={form_email}&trId=ce3si71ct2h57gvsaedg&source=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Nov 2022 21:20:29 GMT
content-type: image/png
last-modified: Thu, 17 Nov 2022 14:26:44 GMT
vary: Accept-Encoding
etag: W/"637644a4-4a9"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rEmwlV%2Bsa%2Ba6lx649yziJYtZSJmclq6HLzKtvrxHGL7j%2FD1iH3pmRLyJMo1oeBAAuifQd1bAtwtbjbuMMiyuVpFzcSEaQEa35uSfHhN2nez19s0IneFTZo%2B4dpNBhJm0UfddWwI1ogQ7uqf33xO662gckQdL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7726a0971a59b50b-OSL
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (3)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (42)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type