Overview

URL 1x-xredbet478860.top/promotions/campeonato-brasileiro/
IP178.253.48.30
ASNMelbikomas UAB
Location Iran
Report completed2022-10-05 18:41:22 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
mnemonic secure dns  No alerts detected
Quad9 DNS
Scan Date Severity Indicator Comment
2022-10-05 2 1x-xredbet478860.top Sinkholed
2022-10-05 2 lite-1x923400.top Sinkholed
2022-10-05 2 lite-1x923400.top Sinkholed
2022-10-05 2 lite-1x923400.top Sinkholed
2022-10-05 2 lite-1x923400.top Sinkholed
2022-10-05 2 lite-1x923400.top Sinkholed
2022-10-05 2 lite-1x923400.top Sinkholed
2022-10-05 2 lite-1x923400.top Sinkholed
2022-10-05 2 lite-1x923400.top Sinkholed
2022-10-05 2 lite-1x923400.top Sinkholed
2022-10-05 2 lite-1x923400.top Sinkholed
2022-10-05 2 lite-1x923400.top Sinkholed
2022-10-05 2 lite-1x923400.top Sinkholed
2022-10-05 2 lite-1x923400.top Sinkholed
2022-10-05 2 lite-1x923400.top Sinkholed
2022-10-05 2 lite-1x923400.top Sinkholed
2022-10-05 2 lite-1x923400.top Sinkholed
2022-10-05 2 lite-1x923400.top Sinkholed
2022-10-05 2 lite-1x923400.top Sinkholed
2022-10-05 2 lite-1x923400.top Sinkholed
2022-10-05 2 lite-1x923400.top Sinkholed
2022-10-05 2 lite-1x923400.top Sinkholed
2022-10-05 2 lite-1x923400.top Sinkholed
2022-10-05 2 lite-1x923400.top Sinkholed
2022-10-05 2 lite-1x923400.top Sinkholed
2022-10-05 2 lite-1x923400.top Sinkholed
2022-10-05 2 lite-1x923400.top Sinkholed
2022-10-05 2 lite-1x923400.top Sinkholed
2022-10-05 2 lite-1x923400.top Sinkholed
2022-10-05 2 lite-1x923400.top Sinkholed
2022-10-05 2 lite-1x923400.top Sinkholed
2022-10-05 2 lite-1x923400.top Sinkholed
2022-10-05 2 lite-1x923400.top Sinkholed
2022-10-05 2 lite-1x923400.top Sinkholed
2022-10-05 2 lite-1x923400.top Sinkholed
2022-10-05 2 lite-1x923400.top Sinkholed
2022-10-05 2 lite-1x923400.top Sinkholed
2022-10-05 2 lite-1x923400.top Sinkholed
2022-10-05 2 lite-1x923400.top Sinkholed
2022-10-05 2 lite-1x923400.top Sinkholed
2022-10-05 2 lite-1x923400.top Sinkholed
2022-10-05 2 1x-xredbet478860.top Sinkholed
2022-10-05 2 lite-1x923400.top Sinkholed
2022-10-05 2 lite-1x923400.top Sinkholed
2022-10-05 2 lite-1x923400.top Sinkholed
2022-10-05 2 lite-1x923400.top Sinkholed
2022-10-05 2 lite-1x923400.top Sinkholed


Files

No files detected



Passive DNS (18)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-10-05 05:01:05 UTC 34.117.237.239
mnemonic passive DNS ocsp.digicert.com (2) 86 2012-05-21 07:02:23 UTC 2022-10-05 16:07:29 UTC 93.184.220.29
mnemonic passive DNS ocsp.pki.goog (6) 175 2017-06-14 07:23:31 UTC 2022-10-05 06:59:18 UTC 142.250.74.3
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-27 20:08:30 UTC 2022-10-05 14:02:21 UTC 54.230.111.7
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-10-05 09:14:56 UTC 34.212.166.60
mnemonic passive DNS v3.cdnsfree.com (24) 166517 2022-04-16 14:36:27 UTC 2022-10-04 16:42:55 UTC 8.254.252.212
mnemonic passive DNS www.google-analytics.com (1) 40 2012-10-03 01:04:21 UTC 2022-10-05 16:26:49 UTC 216.239.32.178
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-10-05 06:03:19 UTC 54.230.111.7
mnemonic passive DNS lite-1x923400.top (45) 0 2022-06-16 14:26:48 UTC 2022-10-05 05:22:23 UTC 178.253.49.7 Unknown ranking
mnemonic passive DNS fonts.gstatic.com (4) 0 2014-08-29 13:43:22 UTC 2022-10-05 11:30:49 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS stats.g.doubleclick.net (1) 96 2013-06-02 22:47:44 UTC 2022-10-05 11:20:17 UTC 108.177.14.157
mnemonic passive DNS radar.cedexis.com (1) 3035 2013-11-27 02:31:43 UTC 2022-10-05 04:52:04 UTC 35.241.57.45
mnemonic passive DNS 1x-xredbet478860.top (2) 0 2022-07-08 14:15:24 UTC 2022-10-05 05:22:23 UTC 178.253.48.30 Unknown ranking
mnemonic passive DNS ocsp.sectigo.com (5) 487 2018-12-17 11:31:55 UTC 2022-10-05 15:14:22 UTC 172.64.155.188
mnemonic passive DNS img-getpocket.cdn.mozilla.net (3) 1631 2017-09-01 03:40:57 UTC 2022-10-05 12:33:02 UTC 34.120.237.76
mnemonic passive DNS www.googletagmanager.com (1) 75 2012-12-25 14:52:06 UTC 2022-10-05 11:20:17 UTC 142.250.74.168
mnemonic passive DNS fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-10-05 17:39:00 UTC 142.250.74.10
mnemonic passive DNS r3.o.lencr.org (8) 344 2020-12-02 08:52:13 UTC 2022-10-05 07:13:38 UTC 23.36.77.32


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 178.253.48.30

Date UQ / IDS / BL URL IP
2022-10-06 13:52:12 +0000
0 - 0 - 115 1x-xredbet478860.top/ 178.253.48.30
2022-10-06 06:37:00 +0000
0 - 0 - 105 1x-xredbet478860.top/ 178.253.48.30
2022-10-05 18:41:22 +0000
0 - 0 - 47 1x-xredbet478860.top/promotions/campeonato-br (...) 178.253.48.30
2022-10-01 00:09:31 +0000
0 - 0 - 2 1x-xredbet478860.top/registration/ 178.253.48.30
2022-09-28 11:16:58 +0000
0 - 0 - 114 1x-xredbet478860.top/ 178.253.48.30

Last 5 reports on ASN: Melbikomas UAB

Date UQ / IDS / BL URL IP
2022-11-30 06:30:55 +0000
0 - 0 - 1 www.22bet.com/ 45.135.122.42
2022-11-25 22:16:14 +0000
0 - 0 - 2 77.72.19.138/ 77.72.19.138
2022-11-24 00:09:42 +0000
0 - 0 - 2 77.72.19.210/ 77.72.19.210
2022-11-23 06:30:50 +0000
0 - 0 - 2 www.22bet.com/ 45.135.122.42
2022-11-22 06:30:55 +0000
0 - 0 - 2 22bet.ng/ 45.135.122.128

Last 5 reports on domain: 1x-xredbet478860.top

Date UQ / IDS / BL URL IP
2022-10-29 22:16:07 +0000
0 - 0 - 103 1x-xredbet478860.top/ 178.253.47.23
2022-10-29 21:10:26 +0000
0 - 0 - 104 1x-xredbet478860.top/ 178.253.47.23
2022-10-29 07:28:17 +0000
0 - 0 - 105 1x-xredbet478860.top/ 178.253.47.23
2022-10-29 00:21:38 +0000
0 - 0 - 99 1x-xredbet478860.top/ 178.253.47.23
2022-10-26 23:13:31 +0000
0 - 0 - 106 1x-xredbet478860.top/ 178.253.47.23

Last 3 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-10-26 14:14:13 +0000
0 - 0 - 32 1x-xredbet478860.top/promotions/campeonato-br (...) 178.253.47.23
2022-10-24 18:15:58 +0000
0 - 0 - 36 luckyforbet.com/i/4646 95.211.26.202
2022-09-24 19:45:56 +0000
0 - 0 - 1 luckyforbet.com/h/YhjdFS5..tJosIJ2IJKdo3crFGd (...) 85.17.31.152


JavaScript

Executed Scripts (35)


Executed Evals (1)

#1 JavaScript::Eval (size: 5594, repeated: 1) - SHA256: cefef42bb27e7c7743e5c9e2c1ba33d190b5db9962cea582a5fce1aee9f8891b

                                        function _0x1a48(_0x2a276a, _0x2da7fc) {
    var _0x3c39dd = _0x551c();
    return _0x1a48 = function(_0x47aac0, _0x233022) {
        _0x47aac0 = _0x47aac0 - (-0x1d28 * 0x1 + 0xbb3 * -0x1 + 0x29ed);
        var _0x30a10f = _0x3c39dd[_0x47aac0];
        return _0x30a10f;
    }, _0x1a48(_0x2a276a, _0x2da7fc);
}(function(_0x151659, _0x10019e) {
    var _0x5c0f88 = {
            _0xec9b04: 0xe,
            _0x41d61c: 0x14,
            _0x3b167a: 0x15,
            _0x1fbcf9: 0x1e,
            _0x23c0e5: 0x23,
            _0xeee2c7: 0x10,
            _0x5ab85f: 0x23,
            _0x5b2764: 0x12,
            _0x2e9a28: 0x1a,
            _0x3295b: 0x22,
            _0x6990a3: 0x36,
            _0xab59db: 0x20,
            _0x1bf08a: 0xb,
            _0x1f721e: 0x17
        },
        _0x5f3de2 = {
            _0x33e17a: 0x10c
        },
        _0x1c6eba = _0x151659();

    function _0x410fdb(_0x185aad, _0x215b62) {
        return _0x1a48(_0x185aad - -_0x5f3de2._0x33e17a, _0x215b62);
    }
    while (!![]) {
        try {
            var _0x5e0bd4 = parseInt(_0x410fdb(_0x5c0f88._0xec9b04, 0x1f)) / (0x64e + 0x475 + -0xac2) + parseInt(_0x410fdb(_0x5c0f88._0x41d61c, 0x19)) / (0x1972 * -0x1 + -0xf8f * 0x2 + -0xd * -0x45a) * (parseInt(_0x410fdb(_0x5c0f88._0x3b167a, 0x19)) / (-0x2019 + -0x1e04 + 0x3e20)) + -parseInt(_0x410fdb(_0x5c0f88._0x1fbcf9, _0x5c0f88._0x23c0e5)) / (0xdba + 0x2663 * -0x1 + 0x18ad) * (-parseInt(_0x410fdb(_0x5c0f88._0xeee2c7, _0x5c0f88._0x5ab85f)) / (-0x1aaa + 0x70 * -0xd + -0x1 * -0x205f)) + parseInt(_0x410fdb(_0x5c0f88._0x5b2764, 0x7)) / (0x1c06 + -0x20 * 0xc0 + -0x4 * 0x100) * (parseInt(_0x410fdb(_0x5c0f88._0x2e9a28, _0x5c0f88._0x3295b)) / (-0x1f * 0x10c + 0x7 * 0x3a3 + -0x3e * -0x1d)) + -parseInt(_0x410fdb(0x16, 0x13)) / (0x1 * 0xaf9 + -0x1389 + 0x1 * 0x898) * (-parseInt(_0x410fdb(_0x5c0f88._0x3295b, _0x5c0f88._0x6990a3)) / (-0x19b9 + 0x1510 + -0x2 * -0x259)) + parseInt(_0x410fdb(_0x5c0f88._0xab59db, _0x5c0f88._0x5ab85f)) / (0x210c + 0x1381 + 0x1 * -0x3483) * (-parseInt(_0x410fdb(_0x5c0f88._0x1bf08a, _0x5c0f88._0x1f721e)) / (0x1 * 0x1141 + 0x112c + 0x3 * -0xb76)) + -parseInt(_0x410fdb(0x17, _0x5c0f88._0xeee2c7)) / (-0x14c3 + -0x24a9 + 0x18 * 0x265) * (parseInt(_0x410fdb(0x1b, 0x1f)) / (-0x688 * 0x5 + -0x1 * 0x13af + 0x1 * 0x3464));
            if (_0x5e0bd4 === _0x10019e) break;
            else _0x1c6eba['push'](_0x1c6eba['shift']());
        } catch (_0x1bf67b) {
            _0x1c6eba['push'](_0x1c6eba['shift']());
        }
    }
}(_0x551c, 0x44cee + -0x6db48 + 0x61195), (function() {
    var _0x5cba55 = {
            _0x134233: 0x357,
            _0x27038e: 0x35d,
            _0x2d5c18: 0x346,
            _0x409e8b: 0x358,
            _0xf4afbc: 0x34f,
            _0x50efaf: 0x36d,
            _0x142313: 0x37c,
            _0x315311: 0x348,
            _0x36c34f: 0x358,
            _0xe8c43d: 0x353,
            _0x3ead3c: 0x363,
            _0x141a10: 0x377,
            _0x39ae9d: 0x34d,
            _0x5043e3: 0x363,
            _0x4c390f: 0x35c,
            _0x577151: 0x347,
            _0x3e9531: 0x364
        },
        _0x152685 = {
            _0x38bee0: 0x463,
            _0x10d44e: 0x47f,
            _0x5a1f4f: 0x47c,
            _0x1c9cbf: 0x491,
            _0x408585: 0x46f,
            _0x5d5b4d: 0x467,
            _0x4793a5: 0x482,
            _0x4f88c6: 0x48c,
            _0x24aaf8: 0x47a,
            _0x125faf: 0x47a
        },
        _0x3dc66d = {
            _0x35ec06: 0x234
        },
        _0x14b0dd = {
            'giHXz': _0x103539(0x349, 0x35e) + '|5|' + _0x103539(0x347, _0x5cba55._0x134233) + _0x103539(0x368, _0x5cba55._0x27038e) + '6',
            'ydByO': function(_0x4afeec, _0x183e52) {
                return _0x4afeec + _0x183e52;
            },
            'wjPwn': _0x103539(0x346, _0x5cba55._0x2d5c18),
            'KMrhX': 'f7c801c1f2fdfd99bae45fb0d075b231f6c',
            'pFgEv': function(_0x5c58e0, _0x242066, _0x2a6149) {
                return _0x5c58e0(_0x242066, _0x2a6149);
            },
            'RTOUe': _0x103539(_0x5cba55._0x409e8b, 0x353),
            'jTXVV': _0x103539(0x361, 0x354),
            'FcMCP': function(_0x2222bc) {
                return _0x2222bc();
            }
        };

    function _0x103539(_0x38112d, _0x3d88af) {
        return _0x1a48(_0x38112d - _0x3dc66d._0x35ec06, _0x3d88af);
    }
    var _0x58ae82 = _0x14b0dd[_0x103539(_0x5cba55._0xf4afbc, 0x349) + 'Xz']['spl' + 'it']('|'),
        _0x9cd6e1 = 0xc30 + 0x27e + -0xeae;
    while (!![]) {
        switch (_0x58ae82[_0x9cd6e1++]) {
            case '0':
                var _0x569bb2 = _0x14b0dd[_0x103539(_0x5cba55._0x50efaf, _0x5cba55._0x142313) + 'yO'](_0x14b0dd[_0x103539(_0x5cba55._0x315311, _0x5cba55._0x36c34f) + 'wn'], _0x103539(_0x5cba55._0xe8c43d, 0x346)) + _0x14b0dd['KMr' + 'hX'];
                continue;
            case '1':
                var _0x870292 = _0x14b0dd[_0x103539(_0x5cba55._0x3ead3c, _0x5cba55._0x141a10) + 'Ev'](_0x209dc0, this, function() {
                    function _0x1a4322(_0x401ab6, _0xc1deae) {
                        return _0x103539(_0x401ab6 - 0x113, _0xc1deae);
                    }
                    return _0x870292[_0x1a4322(0x472, _0x152685._0x38bee0) + 'tri' + 'ng']()['sea' + 'rch'](_0x1a4322(_0x152685._0x10d44e, 0x48d) + _0x1a4322(_0x152685._0x5a1f4f, 0x47a) + _0x1a4322(0x481, _0x152685._0x1c9cbf) + ')+$')[_0x1a4322(0x472, _0x152685._0x408585) + _0x1a4322(0x45d, _0x152685._0x5d5b4d) + 'ng']()['con' + 'str' + _0x1a4322(0x47d, 0x483) + 'or'](_0x870292)[_0x1a4322(_0x152685._0x4793a5, _0x152685._0x4f88c6) + _0x1a4322(0x464, 0x46b)]('(((' + _0x1a4322(0x47c, _0x152685._0x24aaf8) + _0x1a4322(0x481, 0x471) + _0x1a4322(_0x152685._0x125faf, 0x470));
                });
                continue;
            case '2':
                var _0x209dc0 = (function() {
                    var _0x5850c1 = {
                            _0x3096a8: 0x192
                        },
                        _0x3dab68 = !![];
                    return function(_0xf73ef1, _0x558604) {
                        var _0x269b2b = {
                                _0x77bfc4: 0x2ca
                            },
                            _0x4ea0a6 = _0x3dab68 ? function() {
                                function _0x5b6f45(_0x2e5d4b, _0x58af62) {
                                    return _0x1a48(_0x2e5d4b - -_0x269b2b._0x77bfc4, _0x58af62);
                                }
                                if (_0x558604) {
                                    var _0x1f2662 = _0x558604[_0x5b6f45(-0x1a5, -_0x5850c1._0x3096a8) + 'ly'](_0xf73ef1, arguments);
                                    return _0x558604 = null, _0x1f2662;
                                }
                            } : function() {};
                        return _0x3dab68 = ![], _0x4ea0a6;
                    };
                }());
                continue;
            case '3':
                var _0xcffe60 = _0x14b0dd[_0x103539(0x36d, 0x372) + 'yO'](_0x103539(_0x5cba55._0x39ae9d, _0x5cba55._0x36c34f), _0x14b0dd[_0x103539(0x365, _0x5cba55._0x5043e3) + 'Ue']) + _0x103539(0x36b, 0x372);
                continue;
            case '4':
                var _0x4b6f1c = _0x14b0dd['ydB' + 'yO'](_0x103539(_0x5cba55._0x4c390f, _0x5cba55._0x577151) + _0x14b0dd[_0x103539(0x366, _0x5cba55._0x27038e) + 'VV'], _0x103539(0x34c, 0x35e));
                continue;
            case '5':
                _0x14b0dd[_0x103539(_0x5cba55._0x3e9531, 0x372) + 'CP'](_0x870292);
                continue;
            case '6':
                window['FP_' + _0x103539(_0x5cba55._0x27038e, 0x34a) + '_NE' + 'W'] = _0x4b6f1c + _0xcffe60 + _0x569bb2;
                continue;
        }
        break;
    }
}()));

function _0x551c() {
    var _0x3f9d51 = ['0', '452867qivydR', 'giH', '85DimhGU', 'rch', '70146ErprFT', '4', '47018LvZAdn', '30HtuNRD', '7960FGneXs', '40056UqXLSz', '4', 'app', '14spqwqU', '1833LCJxpW', '/', 'URL', '44116eJbVyC', 'toS', '10ZAjIEO', 'g', '1773seBBqo', 'pFg', 'FcM', 'RTO', 'jTX', ')+$', '|0|', '.+)', 'uct', 'e', '(((', 'ydB', '+)+', 'sea', 'd', '4|3', 'wjP', '2|1', 'tri', '4333846hwgOqU', '/'];
    _0x551c = function() {
        return _0x3f9d51;
    };
    return _0x551c();
}
                                    

Executed Writes (0)



HTTP Transactions (109)


Request Response
                                        
                                            GET /promotions/campeonato-brasileiro/ HTTP/1.1 
Host: 1x-xredbet478860.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         178.253.48.30
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx
Date: Wed, 05 Oct 2022 18:41:11 GMT
Content-Length: 162
Connection: close
Location: https://1x-xredbet478860.top/promotions/campeonato-brasileiro/


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   162
Md5:    4f8e702cc244ec5d4de32740c0ecbd97
Sha1:   3adb1f02d5b6054de0046e367c1d687b6cdf7aff
Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.7
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 3SxGZ5B0mNNCsQDAOhlNk1PMFEPeZdZ6ue-Zfcr2SwwrJK04TlEStQ==
Age: 10433


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "AB48F17E54075E1ECF034278E82BCACD2E3689773186CC84FBA9B79AAC907294"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6258
Expires: Wed, 05 Oct 2022 20:25:29 GMT
Date: Wed, 05 Oct 2022 18:41:11 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.7
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 05 Oct 2022 04:02:33 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
x-cache: Hit from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xDggC9oy_WF_yeRm5HfmnQJQiT9BE4tuL8JsrDF0fUFvNAe_4sPcuw==
age: 52719
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    67d5a988edcda47bc3b3b3f65d32b4b6
Sha1:   d4f0e0da8b3690cc7da925026d3414b68c7d954f
Sha256: 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F1118B2476B70CEEDF78DEC0BFA75085BC09C27020B8C8CA0C17A4B73606FCBC"
Last-Modified: Tue, 04 Oct 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13883
Expires: Wed, 05 Oct 2022 22:32:34 GMT
Date: Wed, 05 Oct 2022 18:41:11 GMT
Connection: keep-alive

                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 05 Oct 2022 18:41:11 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "78C75D88F8AD8FC15CEE5016B00A0708875F9FC0509194EFCF8C6348A9075B24"
Last-Modified: Wed, 05 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9244
Expires: Wed, 05 Oct 2022 21:15:15 GMT
Date: Wed, 05 Oct 2022 18:41:11 GMT
Connection: keep-alive

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.7
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Pragma, Content-Length, Backoff, Last-Modified, Cache-Control, Content-Type, Retry-After, ETag, Expires, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Wed, 05 Oct 2022 18:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Wed, 05 Oct 2022 18:46:46 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: l0SJfD1J0Kkqsle6QfG2mbbnMpX-cUzolGwq9e3FqgshLcvVmXlDlQ==
Age: 698


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5498
Cache-Control: 'max-age=158059'
Date: Wed, 05 Oct 2022 18:41:12 GMT
Last-Modified: Wed, 05 Oct 2022 17:09:34 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: TAHpW2K7JD0FUr350i9ehw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         34.212.166.60
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 8AJ2daq++9lgtPhXR9gDPT0BqcY=

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 05 Oct 2022 18:41:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /static-promotion/f130a67.modern.js HTTP/1.1 
Host: lite-1x923400.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         178.253.49.7
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx
date: Wed, 05 Oct 2022 18:41:12 GMT
content-length: 3516
last-modified: Wed, 05 Oct 2022 15:31:18 GMT
vary: Accept-Encoding
etag: "633da346-dbc"
content-encoding: gzip
expires: Wed, 05 Oct 2022 19:41:12 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (6546), with no line terminators
Size:   3516
Md5:    f01b700995f938e95e8c0ae996ccdd30
Sha1:   f72a4d7734a9e99ef61c115c73bcacb84529f801
Sha256: d66d18d1a5c77197f79f71966ab79b52ed45374099bfdde4e825d24301448270

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /static-promotion/baf2036.modern.js HTTP/1.1 
Host: lite-1x923400.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         178.253.49.7
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx
date: Wed, 05 Oct 2022 18:41:12 GMT
content-length: 80299
last-modified: Wed, 05 Oct 2022 13:16:11 GMT
vary: Accept-Encoding
etag: "633d839b-139ab"
content-encoding: gzip
expires: Wed, 05 Oct 2022 19:41:12 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65485)
Size:   80299
Md5:    6bd810688ec63a6a748a7ef59e434a3c
Sha1:   e448beff10c55e4527c2073e8ea9316bb8127d96
Sha256: 9892d417e7be4b14b04b49dbc746a60a107f513bd01363b9baa9b2a16bea4b01

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /static-promotion/0698e33.modern.js HTTP/1.1 
Host: lite-1x923400.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         178.253.49.7
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx
date: Wed, 05 Oct 2022 18:41:12 GMT
content-length: 97878
last-modified: Wed, 05 Oct 2022 13:16:11 GMT
vary: Accept-Encoding
etag: "633d839b-17e56"
content-encoding: gzip
expires: Wed, 05 Oct 2022 19:41:12 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65405)
Size:   97878
Md5:    27356d38a24d8d80b584823efa534384
Sha1:   6033345c95d424c7544ec0cc8795a16904ba48fc
Sha256: 11c336269e455ca0fa3b2d766e41eed4d6dda60e3f1de406ea2f84934940d8c6

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 05 Oct 2022 18:41:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /static-promotion/47e916f.modern.js HTTP/1.1 
Host: lite-1x923400.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         178.253.49.7
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx
date: Wed, 05 Oct 2022 18:41:12 GMT
content-length: 125465
last-modified: Wed, 05 Oct 2022 13:16:11 GMT
vary: Accept-Encoding
etag: "633d839b-1ea19"
content-encoding: gzip
expires: Wed, 05 Oct 2022 19:41:12 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   125465
Md5:    6d0899f238d7201bfec849a3695607e4
Sha1:   de2930b66a39356e876ec02e5c8b9ea1a94cc5f8
Sha256: 4b1232da7d0238415099f581b85bd2e683ff625d9be3d9436d59424f3bcbb6a9

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 05 Oct 2022 18:41:12 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 04 Oct 2022 14:31:55 GMT
Expires: Tue, 11 Oct 2022 14:31:54 GMT
Etag: "f24cae24c25275d5d86f850af56f21b38d681493"
Cache-Control: max-age=502841,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75584a46aef0b51d-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 05 Oct 2022 18:41:12 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 04 Oct 2022 14:31:55 GMT
Expires: Tue, 11 Oct 2022 14:31:54 GMT
Etag: "f24cae24c25275d5d86f850af56f21b38d681493"
Cache-Control: max-age=502841,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75584a46a9f5b50c-OSL

                                        
                                            GET /_nuxt/desktop/default/b5a4afc9.modern.js HTTP/1.1 
Host: v3.cdnsfree.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         8.254.252.212
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Wed, 05 Oct 2022 18:41:12 GMT
content-length: 1814
cache-control: max-age=86400
content-encoding: gzip
etag: "633d4fa5-716"
expires: Thu, 06 Oct 2022 12:53:36 GMT
last-modified: Wed, 05 Oct 2022 09:34:29 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 20909
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (4715), with no line terminators
Size:   1814
Md5:    deb6105ec9912c3d2b826204356e1215
Sha1:   fdc12f9a8e1f938f027a035b8f57aeb7d0bf3a67
Sha256: 82c2afbb700084ae07741775d5e81168577d3702fcdc7fc5f02043ecb707d450
                                        
                                            GET /_nuxt/desktop/default/css/8b4b6a70.css HTTP/1.1 
Host: v3.cdnsfree.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         8.254.252.212
HTTP/2 200 OK
content-type: text/css
                                        
date: Wed, 05 Oct 2022 18:41:12 GMT
content-length: 69276
cache-control: max-age=86400
content-encoding: gzip
etag: "633d4fa5-10e9c"
expires: Thu, 06 Oct 2022 12:50:12 GMT
last-modified: Wed, 05 Oct 2022 09:34:29 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 21064
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   69276
Md5:    62d56083353efb8b78dd7c52faf1d086
Sha1:   b52d306de48aea06ebc2456ca503ef50074dc37a
Sha256: cc2663217ba043c9ea0d1b5ab8cfffeac9b1bdb02c253899b50945dee8b01211
                                        
                                            GET /_nuxt/desktop/default/css/6745247d.css HTTP/1.1 
Host: v3.cdnsfree.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         8.254.252.212
HTTP/2 200 OK
content-type: text/css
                                        
date: Wed, 05 Oct 2022 18:41:12 GMT
content-length: 238
cache-control: max-age=86400
content-encoding: gzip
etag: "633c2515-ee"
expires: Thu, 06 Oct 2022 09:08:49 GMT
last-modified: Tue, 04 Oct 2022 12:20:37 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 34343
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (473), with no line terminators
Size:   238
Md5:    d55772cfeb454129313c930bbafddb5d
Sha1:   f06a942ca46d752277ab97948cc31024b3076282
Sha256: ff308f6c750332565d2ead59c1110b99f068d80ec5e661182a9318021e859e99
                                        
                                            GET /genfiles/cms/pg/285/images/e2e1a81329ec0acf4e446b6fc70e4cf1.svg HTTP/1.1 
Host: v3.cdnsfree.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         8.254.252.212
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 05 Oct 2022 18:41:12 GMT
content-length: 705
cache-control: public, max-age=120, s-maxage=600
content-encoding: gzip
etag: W/"7cca3986f7a5c4c164144ff11df71073"
expires: Wed, 05 Oct 2022 18:41:27 GMT
last-modified: Thu, 13 Jan 2022 14:28:56 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 105
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (1224), with no line terminators
Size:   705
Md5:    bb246c88651f63256e658dccd79ba91f
Sha1:   560cf8f76dad56a5c10a0f66cc4a200df301265d
Sha256: 30e59f903e6fab358b7bfb110a8bf83aefaf5376f2c60293a20f58c9f9fc45e8
                                        
                                            GET /_nuxt/desktop/default/e7f4ec6b.modern.js HTTP/1.1 
Host: v3.cdnsfree.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         8.254.252.212
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Wed, 05 Oct 2022 18:41:12 GMT
content-length: 472049
cache-control: max-age=86400
content-encoding: gzip
etag: "633d4fa5-733f1"
expires: Thu, 06 Oct 2022 12:50:09 GMT
last-modified: Wed, 05 Oct 2022 09:34:29 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 21064
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   472049
Md5:    77d23404c41a92784dffa8d8c2ce60bf
Sha1:   12a1182537ba29d5e27a2e05e2858ddab391ac28
Sha256: 1335de92670b7dcaf96d08855ee34f54b8a43632b9358769ec68668c53ac5fae
                                        
                                            GET /_nuxt/desktop/default/3db3c589.modern.js HTTP/1.1 
Host: v3.cdnsfree.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         8.254.252.212
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Wed, 05 Oct 2022 18:41:12 GMT
content-length: 324946
cache-control: max-age=86400
content-encoding: gzip
etag: "633d4fa5-4f552"
expires: Thu, 06 Oct 2022 12:50:09 GMT
last-modified: Wed, 05 Oct 2022 09:34:29 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 21064
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65399)
Size:   324946
Md5:    38ab13d49f81e4dd67f500f420ae4a42
Sha1:   064fa729df76fa3aac24f649f608903072fec560
Sha256: b1c9730f2fa9366eb99a8f7231120f57d22ee1eba60abcc3c7d02c2bcc933235
                                        
                                            GET /_nuxt/desktop/default/css/e1072a03.css HTTP/1.1 
Host: v3.cdnsfree.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         8.254.252.212
HTTP/2 200 OK
content-type: text/css
                                        
date: Wed, 05 Oct 2022 18:41:12 GMT
content-length: 27215
cache-control: max-age=86400
content-encoding: gzip
etag: "633d4fa5-6a4f"
expires: Thu, 06 Oct 2022 11:20:07 GMT
last-modified: Wed, 05 Oct 2022 09:34:29 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 26465
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   27215
Md5:    9abe7d6909c5d8d1cef56929f042d92b
Sha1:   ca40c0fa119084c509a9e54333b3fda34d907eed
Sha256: a8c0bc334c23b7830235da87abba0bf5db2a1f534644480befdb7d03f019b578
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 05 Oct 2022 18:41:12 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 04 Oct 2022 14:31:55 GMT
Expires: Tue, 11 Oct 2022 14:31:54 GMT
Etag: "f24cae24c25275d5d86f850af56f21b38d681493"
Cache-Control: max-age=502841,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75584a46af20b511-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 05 Oct 2022 18:41:12 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 04 Oct 2022 14:31:55 GMT
Expires: Tue, 11 Oct 2022 14:31:54 GMT
Etag: "f24cae24c25275d5d86f850af56f21b38d681493"
Cache-Control: max-age=502841,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75584a46a9f6b50c-OSL

                                        
                                            GET /_nuxt/desktop/default/6c12728e.modern.js HTTP/1.1 
Host: v3.cdnsfree.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         8.254.252.212
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Wed, 05 Oct 2022 18:41:12 GMT
content-length: 6584
cache-control: max-age=86400
content-encoding: gzip
etag: "633d4fa5-19b8"
expires: Thu, 06 Oct 2022 12:50:09 GMT
last-modified: Wed, 05 Oct 2022 09:34:29 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 21066
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (17080), with no line terminators
Size:   6584
Md5:    b76236b663b4bee91a0f73483bab839d
Sha1:   c72daafb592ceddc4871c21c38b3d97d8b6cccd2
Sha256: 468a46359b0c3823f092e6014fddd0dcb80e905d258046508e2442769326acbc
                                        
                                            GET /_nuxt/desktop/default/2e3772a7.modern.js HTTP/1.1 
Host: v3.cdnsfree.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         8.254.252.212
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Wed, 05 Oct 2022 18:41:12 GMT
content-length: 100252
cache-control: max-age=86400
content-encoding: gzip
etag: "633d4fa5-1879c"
expires: Thu, 06 Oct 2022 12:50:12 GMT
last-modified: Wed, 05 Oct 2022 09:34:29 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 21064
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65479)
Size:   100252
Md5:    438730025eecad6fd929c550417f3703
Sha1:   28c02a8f0b58237a93dd1fc2ebf2827e571f73fd
Sha256: 4b627ad5ee330769bbfb5de9092199e4123c67a0bfb2c9df7936152eb7345b26
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 05 Oct 2022 18:41:12 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 04 Oct 2022 14:31:55 GMT
Expires: Tue, 11 Oct 2022 14:31:54 GMT
Etag: "f24cae24c25275d5d86f850af56f21b38d681493"
Cache-Control: max-age=502841,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75584a46ac24b4ff-OSL

                                        
                                            GET /promo-frame/us/promotion/campeonato-brasileiro HTTP/1.1 
Host: lite-1x923400.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/us/promotions/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         178.253.49.7
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
server: nginx
date: Wed, 05 Oct 2022 18:41:12 GMT
content-encoding: gzip
etag: "130d-qmh9KADSIBd7TqcbHKKtjTY6A+0"
server-timing: dt_285;dur=3
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   2325
Md5:    814525d4d3dda8b5da6bd42ac5072cc4
Sha1:   97e3d7351a528657520061bf85382c9c52edd59d
Sha256: 7cc4256ae82bfbd2df5c2cfe1f9cd383ea045656fa468574fc069d1ed6315ea9

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /us/promotions/campeonato-brasileiro HTTP/1.1 
Host: lite-1x923400.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

                                         
                                         178.253.49.7
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
server: nginx
date: Wed, 05 Oct 2022 18:41:12 GMT
accept-ranges: none
content-encoding: gzip
server-timing: total;dur=469;desc="Nuxt Server Time", dt_285;dur=475
set-cookie: SESSION=9bb99aea59c1d81fc59dfbe962c450b6; Path=/; HttpOnly; Secure; SameSite=Lax lng=us; Path=/
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   80443
Md5:    c56621f97ddab1e2848610dbd5250950
Sha1:   e4e5b6bfae41d592f35fa706396f4f177491ff32
Sha256: 5d330ba15d5064c611ba8b82817eb1973a5a10761fa13140bc76d469d8aed27c

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lite-1x923400.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:34:08 GMT
expires: Thu, 28 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 601625
last-modified: Wed, 11 May 2022 19:24:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size:   15744
Md5:    15d9f621c3bd1599f0169dcf0bd5e63e
Sha1:   7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lite-1x923400.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 14:07:32 GMT
expires: Thu, 05 Oct 2023 14:07:32 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
age: 16421
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size:   15920
Md5:    3a44e06eb954b96aa043227f3534189d
Sha1:   23cef6993ddb2b2979e8e7647fc3763694e2ba7d
Sha256: b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
                                        
                                            GET /genfiles/cms/pg/default/images/c6805d21f8fccbfc75df5c556571fc74.png HTTP/1.1 
Host: lite-1x923400.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/us/promotions/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         178.253.49.7
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Wed, 05 Oct 2022 18:41:13 GMT
content-length: 352
last-modified: Wed, 10 Aug 2022 11:26:08 GMT
x-rgw-object-type: Normal
etag: "7dff72d4146e35a8262e6845d13a8df0"
x-amz-storage-class: STANDARD
access-control-allow-origin: *
cache-control: public,max-age=120,s-maxage=600
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size:   352
Md5:    7dff72d4146e35a8262e6845d13a8df0
Sha1:   a291af970d3955b35c314e85712ceea3aca25d54
Sha256: a467e6a3d8e443bbbade9f04324268de101625412c1135b4cec0864a55101a78

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 05 Oct 2022 18:41:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7392
Expires: Wed, 05 Oct 2022 20:44:25 GMT
Date: Wed, 05 Oct 2022 18:41:13 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7392
Expires: Wed, 05 Oct 2022 20:44:25 GMT
Date: Wed, 05 Oct 2022 18:41:13 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7392
Expires: Wed, 05 Oct 2022 20:44:25 GMT
Date: Wed, 05 Oct 2022 18:41:13 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7392
Expires: Wed, 05 Oct 2022 20:44:25 GMT
Date: Wed, 05 Oct 2022 18:41:13 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7392
Expires: Wed, 05 Oct 2022 20:44:25 GMT
Date: Wed, 05 Oct 2022 18:41:13 GMT
Connection: keep-alive

                                        
                                            GET /genfiles/web-app-v2/dictionary2/v3_promotions/us/dictionary_d55dd73233b27ed9fa14e8f9a4dcde8e.json HTTP/1.1 
Host: lite-1x923400.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         178.253.49.7
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Wed, 05 Oct 2022 18:41:13 GMT
vary: Accept-Encoding
last-modified: Wed, 05 Oct 2022 15:41:55 GMT
x-rgw-object-type: Normal
etag: W/"e8d1aabb1d2b3e41f1688a2b5270871e"
cache-control: max-age=31536000
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , Unicode text, UTF-8 text, with very long lines (64100), with no line terminators
Size:   195547
Md5:    edb881416b1fe513f0eae605b4916c6e
Sha1:   acae39beb502c40568d4b49ce2ad0ff88549ec07
Sha256: 1ebd0e9d9e56726e01576d4295ffd2de591270fbec36f65117d06d0b039f71fe

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23595c4d-609a-48f3-a52f-e88e478d7653.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5832
x-amzn-requestid: c4427edd-3d71-47d0-a2d3-b3bfed089535
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zf8s1FuUoAMFhBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ca7eb-46ddff150da4141d23fc0d8a;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 21:38:51 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: WWClzLGprno--c75q63i1TFi8oBEdAYW-J4lCk9V8IELQXe6q0A05A==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 21:42:34 GMT
age: 75519
etag: "4daf0c001e86af8477fb097e8ca932edb8e5f981"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5832
Md5:    3257b782efae9b64e6e18a547866ec50
Sha1:   4daf0c001e86af8477fb097e8ca932edb8e5f981
Sha256: 899f9692e86405aa288d88dd285a6fe26bedab1a2ca4693212476063890b01a5
                                        
                                            GET /genfiles/web-app-v2/dictionary2/v3_main/us/dictionary_29fc6ceb335ed1cef7c7e493f582de32.json HTTP/1.1 
Host: lite-1x923400.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         178.253.49.7
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Wed, 05 Oct 2022 18:41:13 GMT
vary: Accept-Encoding
last-modified: Wed, 05 Oct 2022 15:41:34 GMT
x-rgw-object-type: Normal
etag: W/"fe1965939b4f368ef2388145efc4e341"
cache-control: max-age=31536000
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , Unicode text, UTF-8 text, with very long lines (50052), with no line terminators
Size:   23460
Md5:    7d3fe72e8d9d7a38870ad065a10f1828
Sha1:   0254937acaf9ff64ccfdd9f115501b9b3df9a9e5
Sha256: 4d82ed6a677c34729894b72a5a88a90948498384c10cdc68419da27131ef6abf

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb178720-854c-4c9e-85c1-58cb5419ca69.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3585
x-amzn-requestid: ccb6f0c8-4d9b-48b8-aaf6-16781dc4c86b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZaHFlEcFoAMFS3g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a5223-5c9276c873efee993ba54667;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 03:08:19 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: T8m1q2L45TWDVRBa-R2W70yq9BauBK3G4IX54AGIxdRhG736T974kg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 04:05:29 GMT
age: 52544
etag: "612b6dbd4ba895c167964ff7e6d9263013b52b0a"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3585
Md5:    5d7d7df8d4c440f9db445c3d99e818d6
Sha1:   612b6dbd4ba895c167964ff7e6d9263013b52b0a
Sha256: bf527a814c78f9e010cce4ba593c9146d54a2137d1f147f7a6250fbad81956ac
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5704624d-eb81-4a5b-bcb7-08db5681c677.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8926
x-amzn-requestid: 27fc8976-af8d-40a3-b701-0642fa135ec4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zf8s1GSbIAMFTiw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ca7eb-4d4c7837576e0fdb5828fe3b;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 21:38:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YzVofPSJC-YVU1Q1V9AnjNeQTa1BQEh6ZiH2HjSeeX5RygysFP7oAA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 21:42:34 GMT
age: 75519
etag: "70e8d1589f3daf71378965dd197934e220fb6aa4"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8926
Md5:    1de7c17a0ba9295135e7f8b490b6a8d3
Sha1:   70e8d1589f3daf71378965dd197934e220fb6aa4
Sha256: ee559ce3166479e2b930be7d18525f5c2d164aed8ca005302ddaf3bfe37eec24
                                        
                                            POST /web-api/external-api/config/all HTTP/1.1 
Host: lite-1x923400.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Origin: https://lite-1x923400.top
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers

                                         
                                         178.253.49.7
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 05 Oct 2022 18:41:13 GMT
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=73, dt_285;dur=75
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   21702
Md5:    25e14b99e7ea8c6ec5ba59656d3750eb
Sha1:   14eaba2e21c398553332f6fe13d3e4ecd555b72d
Sha256: fea5c210741f4ba5aa23b2b09483bfa2672f2351236e503f106eff098c142e61

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /_nuxt/desktop/default/css/6745247d.css HTTP/1.1 
Host: lite-1x923400.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/us/promotions/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1920
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         178.253.49.7
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Wed, 05 Oct 2022 18:41:13 GMT
content-length: 238
last-modified: Wed, 05 Oct 2022 09:34:29 GMT
vary: Accept-Encoding
etag: "633d4fa5-ee"
content-encoding: gzip
expires: Wed, 05 Oct 2022 19:41:13 GMT
cache-control: max-age=3600
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (473), with no line terminators
Size:   238
Md5:    393b02d88ccc6246579c264a8a2e4531
Sha1:   ce797a9a1caab721ab549d281bbfbfabdc80f67b
Sha256: 94852531d2e05122333436e42623aa4082f805ccd9d5d86d282f089f579f1e9d

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /static-promotion/6371390.modern.js HTTP/1.1 
Host: lite-1x923400.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         178.253.49.7
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx
date: Wed, 05 Oct 2022 18:41:13 GMT
content-length: 253
last-modified: Wed, 05 Oct 2022 15:31:18 GMT
vary: Accept-Encoding
etag: "633da346-fd"
content-encoding: gzip
expires: Wed, 05 Oct 2022 19:41:13 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   253
Md5:    aff7d92303c828ba9f4ff4623b4c0e8a
Sha1:   472950af61a372b493e690ea84f4489d874e6d07
Sha256: a01bbb2ce84d6362a907f87284e7d03fd9e589a2449c833b48e61284047b63b7

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /genfiles/cms/maintenance_mode/settings.json?timestamp=1664995273876 HTTP/1.1 
Host: lite-1x923400.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/us/promotions/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         178.253.49.7
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 05 Oct 2022 18:41:13 GMT
content-length: 145
last-modified: Thu, 21 Apr 2022 06:40:33 GMT
x-rgw-object-type: Normal
etag: "81d90db48c09d6f764c4929c90eadfc1"
cache-control: public,max-age=60,s-maxage=60
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   145
Md5:    81d90db48c09d6f764c4929c90eadfc1
Sha1:   6fe1a593e77cca8d9adff9fe5b5f40e19ccf7bd8
Sha256: fa0a9c9d33937e1539ce6b9e44abf7ecd69f5032c6ba8b85308c6a388f8dc28c

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /static-promotion/ab612d4.modern.js HTTP/1.1 
Host: lite-1x923400.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         178.253.49.7
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx
date: Wed, 05 Oct 2022 18:41:13 GMT
content-length: 7389
last-modified: Wed, 05 Oct 2022 15:31:18 GMT
vary: Accept-Encoding
etag: "633da346-1cdd"
content-encoding: gzip
expires: Wed, 05 Oct 2022 19:41:13 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (45732), with no line terminators
Size:   7389
Md5:    8412762c4c6d8ea7e8192824b7a7adab
Sha1:   31053c327216e81664c414f066c55bbdfb95d1a8
Sha256: 3a6999edd2162a2e7efb2bee47b0ea8eef5cb7d55fd126597dd312d5e7376841

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /static-promotion/777def2.modern.js HTTP/1.1 
Host: lite-1x923400.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         178.253.49.7
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx
date: Wed, 05 Oct 2022 18:41:13 GMT
content-length: 2997
last-modified: Wed, 05 Oct 2022 15:31:18 GMT
vary: Accept-Encoding
etag: "633da346-bb5"
content-encoding: gzip
expires: Wed, 05 Oct 2022 19:41:13 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (16195), with no line terminators
Size:   2997
Md5:    eb433daf4306ca3b7c617f858e745fbd
Sha1:   737da04364ffbad392405ca6b62547d781bdb554
Sha256: 534e70bf05f970e7133876da697a8a03cb770834f96816efd5f5e659cdfb24e5

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /static-promotion/fcd3df7.modern.js HTTP/1.1 
Host: lite-1x923400.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         178.253.49.7
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx
date: Wed, 05 Oct 2022 18:41:13 GMT
content-length: 35367
last-modified: Wed, 05 Oct 2022 15:31:18 GMT
vary: Accept-Encoding
etag: "633da346-8a27"
content-encoding: gzip
expires: Wed, 05 Oct 2022 19:41:13 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   35367
Md5:    4595f4bd206afc3f160363a1ab5d7194
Sha1:   ded41e4eac1d5b9801ad8b0e8fe45df081206fdb
Sha256: 2165ec828af9e78624f1225a7c957192d3f78666b46da1b096d99274456e342d

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /static-promotion/7ac077c.modern.js HTTP/1.1 
Host: lite-1x923400.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         178.253.49.7
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx
date: Wed, 05 Oct 2022 18:41:13 GMT
content-length: 27240
last-modified: Wed, 05 Oct 2022 15:31:18 GMT
vary: Accept-Encoding
etag: "633da346-6a68"
content-encoding: gzip
expires: Wed, 05 Oct 2022 19:41:13 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   27240
Md5:    92ac0bcd8bb2b5db0199d52c95085275
Sha1:   26f9329417f1299375c2c5c4c260e54435d52870
Sha256: 2bd187c2f65bcc39a50b2d817a68f0d9bc90fc62e9eaaa201f4ed3e38974314b

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /pwa HTTP/1.1 
Host: lite-1x923400.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lite-1x923400.top/us/promotions/campeonato-brasileiro
Connection: keep-alive
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         178.253.49.7
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Wed, 05 Oct 2022 18:41:13 GMT
content-length: 15
etag: W/"f-65jex68GXYCho925nLPjwJGaqFI"
server-timing: dt_285;dur=3
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   15
Md5:    0e4766fd1b2ba2e236fd9364587f99ab
Sha1:   eb98dec7af065d80a1a3ddb99cb3e3c0919aa852
Sha256: 4612305c0c6077857c88e831688c8bb34594e16c567ed45a3a330c14fa7c627b

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /_nuxt/desktop/default/img/common.698f8a6f.svg HTTP/1.1 
Host: v3.cdnsfree.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lite-1x923400.top
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         8.254.252.212
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 05 Oct 2022 18:41:14 GMT
content-length: 43843
cache-control: max-age=86400
content-encoding: gzip
etag: W/"633d4fa5-196ca"
expires: Thu, 06 Oct 2022 11:20:14 GMT
last-modified: Wed, 05 Oct 2022 09:34:29 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 26460
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (65536), with no line terminators
Size:   43843
Md5:    f9ad0f0d55e494c307fc868f2ecd8c4a
Sha1:   55dbe89ffecca33168d368e3f811abfcbf4c71c3
Sha256: 30cd8582e08e758a78ea08d6bf92d41206a2971a021c0cd56528aad610a5b108
                                        
                                            GET /_nuxt/desktop/default/0d547539.modern.js HTTP/1.1 
Host: v3.cdnsfree.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         8.254.252.212
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Wed, 05 Oct 2022 18:41:14 GMT
content-length: 1031
cache-control: max-age=86400
content-encoding: gzip
etag: "633d4fa5-407"
expires: Thu, 06 Oct 2022 12:50:47 GMT
last-modified: Wed, 05 Oct 2022 09:34:29 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 21027
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2404), with no line terminators
Size:   1031
Md5:    015b40d1992fa015bcf871e23eae7696
Sha1:   1387bfdeeb1c4f4db42ed377c5843445bc6468c8
Sha256: cc661cc28ec5c8ba37e804c3e2c2d93f3e5c579f774a12b45ea4028fd27fb4dd
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 05 Oct 2022 18:41:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /version.json?timestamp=1664995274063 HTTP/1.1 
Host: lite-1x923400.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x923400.top/us/promotions/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         178.253.49.7
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
                                        
server: nginx
date: Wed, 05 Oct 2022 18:41:14 GMT
content-length: 11
etag: W/"b-bzlEW+0fa5xBb5xuNxy3VPo604Q"
server-timing: dt_285;dur=1
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   11
Md5:    0267ce92e06d3918d2c56b8b49c2a183
Sha1:   6f39445bed1f6b9c416f9c6e371cb754fa3ad384
Sha256: 48e710f6a4214bdf10cd80f3f501a29e87c88eb202211d76161f6247eacba427

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3854
Cache-Control: 'max-age=158059'
Date: Wed, 05 Oct 2022 18:41:14 GMT
Last-Modified: Wed, 05 Oct 2022 17:37:00 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /gtag/js?id=UA-178408567-1 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 05 Oct 2022 18:41:14 GMT
expires: Wed, 05 Oct 2022 18:41:14 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43407
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2039)
Size:   43407
Md5:    be0fec8c4ca5c6a7947284e9dbfec32e
Sha1:   0db4343965f15cf84f0e8684dae747997bff3b94
Sha256: 13c0f02b078d6d719869f9d45126bfdac970fbd92acdef4c76f014eaf450e693
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 05 Oct 2022 18:41:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /web-api/api/converslon/load HTTP/1.1 
Host: lite-1x923400.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x923400.top/us/promotions/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         178.253.49.7
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 05 Oct 2022 18:41:14 GMT
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=32, dt_285;dur=35
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   2740
Md5:    14920140c18c89510d494a9d4517a200
Sha1:   afbb1d367e36eb02ead6682d11b91e8db30d078d
Sha256: 0856f6ae13d6a0668d07eceac67178f623238820efe0297f84f41025bbfe83c7

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lite-1x923400.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:34:08 GMT
expires: Thu, 28 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 601626
last-modified: Wed, 11 May 2022 19:24:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size:   15860
Md5:    e9f5aaf547f165386cd313b995dddd8e
Sha1:   acdef5603c2387b0e5bffd744b679a24a8bc1968
Sha256: f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lite-1x923400.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9628
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 29 Sep 2022 06:19:49 GMT
expires: Fri, 29 Sep 2023 06:19:49 GMT
cache-control: public, max-age=31536000
age: 562885
last-modified: Wed, 11 May 2022 19:24:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 9628, version 1.0\012- data
Size:   9628
Md5:    d9ac47c7e500fb7083b8d595eaf6fe12
Sha1:   112a2fc5f4ff9b85ee3a706fa9b8c47f79b05933
Sha256: 495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
                                        
                                            GET /_nuxt/desktop/default/bfbe8cbc.modern.js HTTP/1.1 
Host: v3.cdnsfree.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         8.254.252.212
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Wed, 05 Oct 2022 18:41:14 GMT
content-length: 1059
cache-control: max-age=86400
content-encoding: gzip
etag: "633d4fa5-423"
expires: Thu, 06 Oct 2022 12:50:45 GMT
last-modified: Wed, 05 Oct 2022 09:34:29 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 21046
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (2450), with no line terminators
Size:   1059
Md5:    04f5228fcc4ee30cc731b8607d3f9e9e
Sha1:   a8d3781611c0c442a263d76a4a03f6e8110283cd
Sha256: 6ddb56e30d7ee7fa9722c4e2425a665bc12b5dde0818fdee7f1cda58b020fb78
                                        
                                            GET /domain-api/api/v1/domains/lite-1x923400.top HTTP/1.1 
Host: lite-1x923400.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x923400.top/us/promotions/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         178.253.49.7
HTTP/2 200 OK
content-type: application/vnd.api+json
                                        
server: nginx
date: Wed, 05 Oct 2022 18:41:14 GMT
content-length: 84
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   84
Md5:    cc5f3a84fbad7aabf0e444de1bd7b274
Sha1:   8010a1d23bc02768a35b53b77a5888c10ff56244
Sha256: d3633d9c42556f0e8ee790ecee529a27ef3ca4c2cc2dddb83c0edee3509adf31

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /web-api/external-api/promotions/campeonato-brasileiro HTTP/1.1 
Host: lite-1x923400.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         178.253.49.7
HTTP/2 403 Forbidden
content-type: application/json
                                        
server: nginx
date: Wed, 05 Oct 2022 18:41:14 GMT
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=48, dt_285;dur=49
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (13515), with no line terminators
Size:   5430
Md5:    9871765703a2b20c5bafada22ae5b54e
Sha1:   5cb235d9b2139d85c41a55041929d7972db0003e
Sha256: 8eda7ca3477a85c9cd5e9fe340eeae400ad62820e84c19c88a238f037871e7db

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /_nuxt/desktop/default/11a7652e.modern.js HTTP/1.1 
Host: v3.cdnsfree.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         8.254.252.212
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Wed, 05 Oct 2022 18:41:14 GMT
content-length: 26108
cache-control: max-age=86400
content-encoding: gzip
etag: "633d4fa5-65fc"
expires: Thu, 06 Oct 2022 12:50:29 GMT
last-modified: Wed, 05 Oct 2022 09:34:29 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 21047
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size:   26108
Md5:    7a970a51d962abae9cdf53f64db2a792
Sha1:   4d29a51ffd3b8c5afce8dc9bfb12435b645a714a
Sha256: aa664b32c04ff1f58dfa0427a1b682b3cbe11efcc78c805611e33da868460993
                                        
                                            GET /web-api/api/internal/v1/sessions/user HTTP/1.1 
Host: lite-1x923400.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x923400.top/us/promotions/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         178.253.49.7
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 05 Oct 2022 18:41:14 GMT
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=34, dt_285;dur=35
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   91
Md5:    7f08529bc4a73ef6216d27a6b9408914
Sha1:   d35e84765ec35db78746ff044785169e847837c9
Sha256: 72fec33883cd2c515ce5bf34588577cac6598e3e7e8d8a3ad7fc95c1dc42150f

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /genfiles/cms/1-285/desktop/footer/logos/K23_2020_lightmode.png HTTP/1.1 
Host: v3.cdnsfree.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         8.254.252.212
HTTP/2 200 OK
content-type: image/png
                                        
date: Wed, 05 Oct 2022 18:41:14 GMT
content-length: 168437
cache-control: public, max-age=120, s-maxage=600
etag: "514efcaa096bc870bbb55a0910327b9c"
expires: Wed, 05 Oct 2022 18:33:59 GMT
last-modified: Wed, 01 Jun 2022 12:17:09 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 567
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 4455 x 2151, 8-bit/color RGBA, non-interlaced\012- data
Size:   168437
Md5:    514efcaa096bc870bbb55a0910327b9c
Sha1:   05f80f59b5eeb2e4cf409fc4b9d96ddec64b3e6f
Sha256: a541dec3a5acfa154ce5716014bb463c6be72db6bf5ffb88dde95929e9670942
                                        
                                            GET /genfiles/cms/1-285/desktop/footer/logos/team_spirit_black.png HTTP/1.1 
Host: v3.cdnsfree.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         8.254.252.212
HTTP/2 200 OK
content-type: image/png
                                        
date: Wed, 05 Oct 2022 18:41:14 GMT
content-length: 169025
cache-control: public, max-age=120, s-maxage=600
etag: "ba6cf2e79cb532a105c8f34b1efbcb26"
expires: Wed, 05 Oct 2022 18:36:16 GMT
last-modified: Wed, 01 Jun 2022 12:16:40 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 475
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 4000 x 4000, 8-bit/color RGBA, non-interlaced\012- data
Size:   169025
Md5:    ba6cf2e79cb532a105c8f34b1efbcb26
Sha1:   f05ff0a3895400ac928ac1cce6153f657e6f6d8f
Sha256: 8e3e826321588ba9cca7ed55a8c23ee2e64e007775a40f9f8878340b2788864e
                                        
                                            GET /genfiles/cms/1-285/desktop/footer/logos/logo-serie-new.png HTTP/1.1 
Host: v3.cdnsfree.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         8.254.252.212
HTTP/2 200 OK
content-type: image/png
                                        
date: Wed, 05 Oct 2022 18:41:14 GMT
content-length: 18675
cache-control: public, max-age=120, s-maxage=600
etag: "eebc2093ed37610949fddb757fb411c2"
expires: Wed, 05 Oct 2022 18:34:20 GMT
last-modified: Fri, 06 Nov 2020 12:55:12 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 534
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 180 x 320, 8-bit/color RGBA, non-interlaced\012- data
Size:   18675
Md5:    eebc2093ed37610949fddb757fb411c2
Sha1:   f7964e29e324fe613114a2d8a574819735d4e8a4
Sha256: 2573852f7e996aaf5d4ae5280f600e384f8b5d75e8c4de9e06100af2d9f55e5c
                                        
                                            GET /genfiles/cms/1-285/desktop/footer/logos/logo-fcb.png HTTP/1.1 
Host: v3.cdnsfree.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         8.254.252.212
HTTP/2 200 OK
content-type: image/png
                                        
date: Wed, 05 Oct 2022 18:41:14 GMT
content-length: 7420
cache-control: public, max-age=120, s-maxage=600
etag: "8ea23d2a7c2e152564a43453425b3301"
expires: Wed, 05 Oct 2022 18:38:45 GMT
last-modified: Fri, 06 Nov 2020 12:55:12 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 269
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 169 x 183, 8-bit colormap, non-interlaced\012- data
Size:   7420
Md5:    8ea23d2a7c2e152564a43453425b3301
Sha1:   f6e61dbb4b90ab17f23130d79af095a1267b01c3
Sha256: e193b50c6e3a1657a7c7e1100b941a43c90eeda8f9d56763318ac624eeba2cbd
                                        
                                            GET /genfiles/cms/1-285/desktop/footer/logos/can-2019-en.png HTTP/1.1 
Host: v3.cdnsfree.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         8.254.252.212
HTTP/2 200 OK
content-type: image/png
                                        
date: Wed, 05 Oct 2022 18:41:14 GMT
content-length: 8120
cache-control: public, max-age=120, s-maxage=600
etag: "d2998762f0b00c9d1bcd90c28f0a5731"
expires: Wed, 05 Oct 2022 18:37:37 GMT
last-modified: Fri, 06 Nov 2020 12:55:12 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 411
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 243 x 144, 8-bit colormap, non-interlaced\012- data
Size:   8120
Md5:    d2998762f0b00c9d1bcd90c28f0a5731
Sha1:   95553e4eff474b6a05ad4a6e00826ba4ab9b2c4e
Sha256: 09050bbfb49f160886714942b619eb95dbd92f2f6862f38aa685538f420591b8
                                        
                                            GET /genfiles/cms/1-285/desktop/footer/logos/logo-losc.png HTTP/1.1 
Host: v3.cdnsfree.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         8.254.252.212
HTTP/2 200 OK
content-type: image/png
                                        
date: Wed, 05 Oct 2022 18:41:14 GMT
content-length: 119254
cache-control: public, max-age=120, s-maxage=600
etag: "0b72a6591ead9e9b95a118b411b9556a"
expires: Wed, 05 Oct 2022 18:40:23 GMT
last-modified: Fri, 09 Sep 2022 14:12:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 172
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 2052 x 1962, 8-bit/color RGBA, non-interlaced\012- data
Size:   119254
Md5:    0b72a6591ead9e9b95a118b411b9556a
Sha1:   6d43538a7c2167e9046d418e0707dba8f361fd1c
Sha256: 012b4965e861f6073a0496f55677715279f5799468c9aa4c3d92bdbbc5e0b67b
                                        
                                            GET /genfiles/cms/1-285/desktop/footer/logos/mibr_white-logo.png HTTP/1.1 
Host: v3.cdnsfree.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         8.254.252.212
HTTP/2 200 OK
content-type: image/png
                                        
date: Wed, 05 Oct 2022 18:41:14 GMT
content-length: 9904
cache-control: public, max-age=120, s-maxage=600
etag: "c14d0b72d2885c8ae4975e64ddb29a6f"
expires: Wed, 05 Oct 2022 18:33:54 GMT
last-modified: Thu, 04 Aug 2022 17:36:40 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 567
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 834 x 434, 8-bit/color RGBA, non-interlaced\012- data
Size:   9904
Md5:    c14d0b72d2885c8ae4975e64ddb29a6f
Sha1:   3c31e0bb67f15daada51baf892c89ef0cd061146
Sha256: 657992cd544e48630d90afc0b957014f0ac4fad15789c7c18a937d5b71231967
                                        
                                            GET /genfiles/cms/1-285/desktop/footer/logos/esl.png HTTP/1.1 
Host: v3.cdnsfree.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         8.254.252.212
HTTP/2 200 OK
content-type: image/png
                                        
date: Wed, 05 Oct 2022 18:41:14 GMT
content-length: 33328
cache-control: public, max-age=120, s-maxage=600
etag: "802ac7a85f716d1a10ad5084ce6b2c14"
expires: Wed, 05 Oct 2022 18:36:16 GMT
last-modified: Fri, 07 May 2021 11:29:08 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 476
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1184 x 362, 8-bit/color RGBA, non-interlaced\012- data
Size:   33328
Md5:    802ac7a85f716d1a10ad5084ce6b2c14
Sha1:   4e3b9ea62cf588f4f8b5be3553aa53068fbe8fa6
Sha256: 3329ddcdb9bce051bb89a2ec7ea84fae914e31752e66656a2321642d8457f7cc
                                        
                                            GET /static-promotion/7d5ae0b.modern.js HTTP/1.1 
Host: lite-1x923400.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1280; che_g=51609ca2-ff42-c704-1ad3-9e664a1bde08
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         178.253.49.7
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx
date: Wed, 05 Oct 2022 18:41:14 GMT
content-length: 3312
last-modified: Wed, 05 Oct 2022 15:31:18 GMT
vary: Accept-Encoding
etag: "633da346-cf0"
content-encoding: gzip
expires: Wed, 05 Oct 2022 19:41:14 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (15532), with no line terminators
Size:   3312
Md5:    f22f5ebeaa7f6490a5d335e44cb8e7ed
Sha1:   f37665effb700c8864644de66cfff92425fc453c
Sha256: a083cb46490d29ee273bc77db9390fa1ef8bda98ca3717693488b4723cd20832

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /genfiles/cms/1-285/desktop/footer/logos/caf-champions-en.png HTTP/1.1 
Host: v3.cdnsfree.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         8.254.252.212
HTTP/2 200 OK
content-type: image/png
                                        
date: Wed, 05 Oct 2022 18:41:14 GMT
content-length: 15100
cache-control: public, max-age=120, s-maxage=600
etag: "805de1a5bec7c7e47c459ed79e5a7778"
expires: Wed, 05 Oct 2022 18:39:25 GMT
last-modified: Fri, 07 May 2021 11:29:04 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 301
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 387 x 230, 8-bit colormap, non-interlaced\012- data
Size:   15100
Md5:    805de1a5bec7c7e47c459ed79e5a7778
Sha1:   409804a9ad7ebd262a6125eb04cbd678ac7a9824
Sha256: 3dd56bfcb4bd898db532541ee1bbbcbaffc8276b155f518b5d10be553296633d
                                        
                                            GET /genfiles/cms/1-285/desktop/footer/logos/caf-confederation-en.png HTTP/1.1 
Host: v3.cdnsfree.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         8.254.252.212
HTTP/2 200 OK
content-type: image/png
                                        
date: Wed, 05 Oct 2022 18:41:15 GMT
content-length: 14740
cache-control: public, max-age=120, s-maxage=600
etag: "70e5105d03a74cc00cd9a0386fde303e"
expires: Wed, 05 Oct 2022 18:39:25 GMT
last-modified: Fri, 07 May 2021 11:29:03 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 479
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 387 x 230, 8-bit colormap, non-interlaced\012- data
Size:   14740
Md5:    70e5105d03a74cc00cd9a0386fde303e
Sha1:   ffcd4fbcd486825d0d31e41cada108335b012d81
Sha256: baabca03d9695b9475d7d0b4d736fbb093d21f2c03228a7704097e2bfb8e583a
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.239.32.178
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Wed, 05 Oct 2022 18:41:09 GMT
expires: Wed, 05 Oct 2022 20:41:09 GMT
cache-control: public, max-age=7200
age: 6
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20039
Md5:    47e6f374ca946fddd5b59871b325736c
Sha1:   baa9282efc8785e84d247c3bff518eaa45f101c4
Sha256: 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
                                        
                                            GET /static-promotion/e4ad5ef.js HTTP/1.1 
Host: lite-1x923400.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1280; che_g=51609ca2-ff42-c704-1ad3-9e664a1bde08
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         178.253.49.7
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx
date: Wed, 05 Oct 2022 18:41:15 GMT
content-length: 3529
last-modified: Wed, 05 Oct 2022 15:31:18 GMT
vary: Accept-Encoding
etag: "633da346-dc9"
content-encoding: gzip
expires: Wed, 05 Oct 2022 19:41:15 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (6581), with no line terminators
Size:   3529
Md5:    8b5bdc3d041bf2512a0a1351b65e87e1
Sha1:   fe6a7794995f2d37456891843092019be228f362
Sha256: 906f65872b162775c968d4252b6c5f15f4a6b8a79fd204da8461fe01126850ce

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /static-promotion/a5a5724.js HTTP/1.1 
Host: lite-1x923400.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1280; che_g=51609ca2-ff42-c704-1ad3-9e664a1bde08
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         178.253.49.7
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx
date: Wed, 05 Oct 2022 18:41:15 GMT
content-length: 91762
last-modified: Wed, 05 Oct 2022 15:31:18 GMT
vary: Accept-Encoding
etag: "633da346-16672"
content-encoding: gzip
expires: Wed, 05 Oct 2022 19:41:15 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65485)
Size:   91762
Md5:    5b497fbcd1485e1d7e584e69836f4ad8
Sha1:   ed1175c495f90a2e5de70464cbd0b344ba38b7b8
Sha256: 3a15c9b91d7bbc1241db4f8a7cd27a20bc2653fb9aac24ab14f5df9b2cf101b6

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /static-promotion/d6b609b.js HTTP/1.1 
Host: lite-1x923400.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1280; che_g=51609ca2-ff42-c704-1ad3-9e664a1bde08
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         178.253.49.7
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx
date: Wed, 05 Oct 2022 18:41:15 GMT
content-length: 100784
last-modified: Wed, 05 Oct 2022 15:31:18 GMT
vary: Accept-Encoding
etag: "633da346-189b0"
content-encoding: gzip
expires: Wed, 05 Oct 2022 19:41:15 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65405)
Size:   100784
Md5:    7d2cc7f519695291ede56e692ba157ac
Sha1:   5bdaad41a21f9df3368ff0d94f70bdfcebd1590e
Sha256: c44e9da4d5b14b825ba3402836ed8067a96b454fc88d5c3e412678e65f103b56

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /static-promotion/fad08fe.js HTTP/1.1 
Host: lite-1x923400.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1280; che_g=51609ca2-ff42-c704-1ad3-9e664a1bde08
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         178.253.49.7
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx
date: Wed, 05 Oct 2022 18:41:15 GMT
content-length: 130959
last-modified: Wed, 05 Oct 2022 15:31:18 GMT
vary: Accept-Encoding
etag: "633da346-1ff8f"
content-encoding: gzip
expires: Wed, 05 Oct 2022 19:41:15 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   130959
Md5:    8a23b9e5647c978c86403fdc2cabf7ce
Sha1:   d589e8bec50ada738a1716dbafdb35753ba53e7e
Sha256: dd417a56e41cbba09f962f0c4eae698312253997ade697dc809e475b3c597afe

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /genfiles/cms/maintenance_mode/settings.json?timestamp=1664995275384 HTTP/1.1 
Host: lite-1x923400.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x923400.top/us/promotions/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1280; che_g=51609ca2-ff42-c704-1ad3-9e664a1bde08; _ga_7JGWL9SV66=GS1.1.1664995275.1.0.1664995275.0.0.0; _ga=GA1.2.1394897679.1664995275; _gid=GA1.2.814743234.1664995275
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         178.253.49.7
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 05 Oct 2022 18:41:15 GMT
content-length: 145
last-modified: Thu, 21 Apr 2022 06:40:33 GMT
x-rgw-object-type: Normal
etag: "81d90db48c09d6f764c4929c90eadfc1"
cache-control: public,max-age=60,s-maxage=60
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   145
Md5:    81d90db48c09d6f764c4929c90eadfc1
Sha1:   6fe1a593e77cca8d9adff9fe5b5f40e19ccf7bd8
Sha256: fa0a9c9d33937e1539ce6b9e44abf7ecd69f5032c6ba8b85308c6a388f8dc28c

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /web-api/api/internal/v1/proof_of_age HTTP/1.1 
Host: lite-1x923400.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/vnd.api+json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x923400.top/us/promotions/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1280; che_g=51609ca2-ff42-c704-1ad3-9e664a1bde08; _ga_7JGWL9SV66=GS1.1.1664995275.1.0.1664995275.0.0.0; _ga=GA1.2.1394897679.1664995275; _gid=GA1.2.814743234.1664995275
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         178.253.49.7
HTTP/2 204 No Content
                                        
server: nginx
date: Wed, 05 Oct 2022 18:41:15 GMT
cache-control: no-cache, private
server-timing: p;dur=28, dt_285;dur=30
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 05 Oct 2022 18:41:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-178408567-1&cid=1394897679.1664995275&jid=945789994&gjid=1360873492&_gid=814743234.1664995275&_u=aCDAAUACQAAAACAAI~&z=1042305308 HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://lite-1x923400.top
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         108.177.14.157
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin: https://lite-1x923400.top
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 05 Oct 2022 18:41:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    c4ca4238a0b923820dcc509a6f75849b
Sha1:   356a192b7913b04c54574d18c28d46e6395428ab
Sha256: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
                                        
                                            GET /web-api/external-api/getColorTheme HTTP/1.1 
Host: lite-1x923400.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1280; che_g=51609ca2-ff42-c704-1ad3-9e664a1bde08; _ga_7JGWL9SV66=GS1.1.1664995275.1.0.1664995275.0.0.0; _ga=GA1.2.1394897679.1664995275; _gid=GA1.2.814743234.1664995275; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         178.253.49.7
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 05 Oct 2022 18:41:15 GMT
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=35, dt_285;dur=36
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   528
Md5:    0d290473c3265391a2203f57c4f20fd0
Sha1:   ea93848d7978835886ad84566ca05f13218c5844
Sha256: 5fcc3be4233d5a634a10e77af2d771fe99dea17d9d677e1f87e073474ab9918e

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /web-api/external-api/config/all HTTP/1.1 
Host: lite-1x923400.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Origin: https://lite-1x923400.top
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1280; che_g=51609ca2-ff42-c704-1ad3-9e664a1bde08; _ga_7JGWL9SV66=GS1.1.1664995275.1.0.1664995275.0.0.0; _ga=GA1.2.1394897679.1664995275; _gid=GA1.2.814743234.1664995275
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers

                                         
                                         178.253.49.7
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 05 Oct 2022 18:41:15 GMT
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=164, dt_285;dur=167
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (49384), with no line terminators
Size:   11540
Md5:    a7f3bd577955035a2ab728b52c8c9a62
Sha1:   7d9173a9edc78244a11e2cbe69d182ef973dc0ab
Sha256: ffb74968f993b605e7c14c9e1a7a8882a5ea29b0770a2e762a3832aade17f4a0

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /web-api/external-api/config/getLangs HTTP/1.1 
Host: lite-1x923400.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1280; che_g=51609ca2-ff42-c704-1ad3-9e664a1bde08; _ga_7JGWL9SV66=GS1.1.1664995275.1.0.1664995275.0.0.0; _ga=GA1.2.1394897679.1664995275; _gid=GA1.2.814743234.1664995275; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         178.253.49.7
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 05 Oct 2022 18:41:15 GMT
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=23, dt_285;dur=26
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   88347
Md5:    5270c6828a411bd204965aaf31f30ed0
Sha1:   6c07eab3ac3346b8706d36f1dba85f984651da6e
Sha256: d8db167239bfe204ef5c1b5b3c4773ca72e5578a604e90a3ed6e1ee5d5fa4797

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /genfiles/cms/1-285/desktop/errorsPage/ball.webp HTTP/1.1 
Host: lite-1x923400.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/403
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1280; che_g=51609ca2-ff42-c704-1ad3-9e664a1bde08; _ga_7JGWL9SV66=GS1.1.1664995275.1.0.1664995275.0.0.0; _ga=GA1.2.1394897679.1664995275; _gid=GA1.2.814743234.1664995275; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         178.253.49.7
HTTP/2 200 OK
content-type: application/octet-stream
                                        
server: nginx
date: Wed, 05 Oct 2022 18:41:16 GMT
content-length: 2010
last-modified: Tue, 26 Jan 2021 08:32:04 GMT
x-rgw-object-type: Normal
etag: "b2e135d916673e6f1be84800198490d4"
access-control-allow-origin: *
cache-control: public,max-age=120,s-maxage=600
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   2010
Md5:    b2e135d916673e6f1be84800198490d4
Sha1:   60db6095350e4b9e618aab6666650eb13a941745
Sha256: 3b2e95cba675bc9bdeae9308d00f629d586a6ae7e55aa60a971027cbf9ed7682

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /web-api/external-api/promotions/campeonato-brasileiro HTTP/1.1 
Host: lite-1x923400.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1280; che_g=51609ca2-ff42-c704-1ad3-9e664a1bde08; _ga_7JGWL9SV66=GS1.1.1664995275.1.0.1664995275.0.0.0; _ga=GA1.2.1394897679.1664995275; _gid=GA1.2.814743234.1664995275; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         178.253.49.7
HTTP/2 403 Forbidden
content-type: application/json
                                        
server: nginx
date: Wed, 05 Oct 2022 18:41:16 GMT
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=28, dt_285;dur=29
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   78738
Md5:    9ba7ee0b7faf403a106e71036a6310d4
Sha1:   220f2f7fefcb9c2c230adf18341ba0a429484ba5
Sha256: 3213ef0a529233ceba187a4d9f3bcf6f898272648bb9fd0cf1bb3408df80ecf8

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /genfiles/cms/1-285/desktop/errorsPage/sprite-football-men.png HTTP/1.1 
Host: lite-1x923400.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/403
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1280; che_g=51609ca2-ff42-c704-1ad3-9e664a1bde08; _ga_7JGWL9SV66=GS1.1.1664995275.1.0.1664995275.0.0.0; _ga=GA1.2.1394897679.1664995275; _gid=GA1.2.814743234.1664995275; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         178.253.49.7
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Wed, 05 Oct 2022 18:41:16 GMT
content-length: 212062
last-modified: Thu, 18 Mar 2021 14:54:24 GMT
x-rgw-object-type: Normal
etag: "8270a8ed37510c1d081ca47895bed81f"
access-control-allow-origin: *
cache-control: public,max-age=120,s-maxage=600
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 7336 x 587, 8-bit colormap, non-interlaced\012- data
Size:   212062
Md5:    8270a8ed37510c1d081ca47895bed81f
Sha1:   a88857250443b9b93e41a1fbdc46017737db5a72
Sha256: 70d2d3a884d1588eb40e4066fa2c4362194b48c4b805ec75fb963bcdeabf24da

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /promotions/campeonato-brasileiro/ HTTP/1.1 
Host: lite-1x923400.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         178.253.49.7
HTTP/2 302 Found
                                        
server: nginx
date: Wed, 05 Oct 2022 18:41:11 GMT
location: /us/promotions/campeonato-brasileiro
server-timing: total;dur=0;desc="Nuxt Server Time", dt_285;dur=1
x-frame-options: SAMEORIGIN
x-reason: empty_lang
strict-transport-security: max-age=63072000; includeSubDomains; preload
set-cookie: platform_type=desktop; Path=/; Expires=Sat, 08 Oct 2022 18:41:11 GMT auid=sv0xB2M9z8cL56mNA8+hAg==; expires=Thu, 05-Oct-23 18:41:11 GMT; path=/
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /web-api/external-api/config/getLangs HTTP/1.1 
Host: lite-1x923400.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         178.253.49.7
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 05 Oct 2022 18:41:13 GMT
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=17, dt_285;dur=18
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /promo-frame/us/promotion/campeonato-brasileiro HTTP/1.1 
Host: lite-1x923400.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/us/promotions/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1920
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
If-None-Match: "130d-qmh9KADSIBd7TqcbHKKtjTY6A+0"
TE: trailers

                                         
                                         178.253.49.7
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
server: nginx
date: Wed, 05 Oct 2022 18:41:14 GMT
content-encoding: gzip
etag: "12d9-ZZ8kQn5he6+EHPQlikirlOG+znY"
server-timing: dt_285;dur=4
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /web-api/g/04ed4f7c801c1f2fdfd99bae45fb0d075b231f6c HTTP/1.1 
Host: lite-1x923400.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lite-1x923400.top/us/promotions/campeonato-brasileiro
X-Requested-With: XMLHttpRequest
Content-Type: application/json
Origin: https://lite-1x923400.top
Content-Length: 31240
Connection: keep-alive
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1280; che_g=51609ca2-ff42-c704-1ad3-9e664a1bde08; _ga_7JGWL9SV66=GS1.1.1664995275.1.0.1664995275.0.0.0; _ga=GA1.2.1394897679.1664995275; _gid=GA1.2.814743234.1664995275; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         178.253.49.7
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 05 Oct 2022 18:41:16 GMT
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=49, dt_285;dur=51
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /promotions/campeonato-brasileiro/ HTTP/1.1 
Host: 1x-xredbet478860.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         178.253.48.30
HTTP/2 307 Temporary Redirect
content-type: text/html; charset=utf-8
                                        
server: nginx
date: Wed, 05 Oct 2022 18:41:11 GMT
location: https://lite-1x923400.top/promotions/campeonato-brasileiro/
x-frame-options: SAMEORIGIN
set-cookie: SESSION=583d9926ddebf2389a52b6106a3d8464; path=/; secure; HttpOnly; SameSite=Lax lng=en; expires=Fri, 04-Nov-2022 18:41:11 GMT; Max-Age=2592000; path=/ ua=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ flaglng=en; expires=Fri, 04-Nov-2022 18:41:11 GMT; Max-Age=2592000; path=/ auid=sv0wHmM9z8eyfwKJBRh/Ag==; expires=Thu, 05-Oct-23 18:41:11 GMT; path=/
x-reason: 1080,1078,1074,1015,1021
cache-control: no-cache, private
server-timing: p;dur=72
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /web-api/external-api/getFirstDepositBonus HTTP/1.1 
Host: lite-1x923400.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x923400.top/us/promotions/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         178.253.49.7
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 05 Oct 2022 18:41:14 GMT
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=34, dt_285;dur=36
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /css2?family=Righteous&family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 05 Oct 2022 18:41:12 GMT
date: Wed, 05 Oct 2022 18:41:12 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /web-api/external-api/getFirstDepositBonus HTTP/1.1 
Host: lite-1x923400.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x923400.top/us/promotions/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         178.253.49.7
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 05 Oct 2022 18:41:14 GMT
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=32, dt_285;dur=33
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /translation-api/by-lang/us HTTP/1.1 
Host: lite-1x923400.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1920; che_g=51609ca2-ff42-c704-1ad3-9e664a1bde08; _ga_7JGWL9SV66=GS1.1.1664995275.1.0.1664995275.0.0.0; _ga=GA1.2.1394897679.1664995275; _gid=GA1.2.814743234.1664995275; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         178.253.49.7
HTTP/2 200 OK
content-type: application/vnd.api+json
                                        
server: nginx
date: Wed, 05 Oct 2022 18:41:15 GMT
cache-control: no-cache, private
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-max-age: 1728000
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /translation-api/by-lang/us HTTP/1.1 
Host: lite-1x923400.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         178.253.49.7
HTTP/2 200 OK
content-type: application/vnd.api+json
                                        
server: nginx
date: Wed, 05 Oct 2022 18:41:13 GMT
cache-control: no-cache, private
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-max-age: 1728000
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /1593429750/radar.js HTTP/1.1 
Host: radar.cedexis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         35.241.57.45
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Wed, 05 Oct 2022 18:41:14 GMT
last-modified: Mon, 29 Jun 2020 11:30:29 GMT
vary: Accept-Encoding
etag: W/"5ef9d0d5-af5c"
expires: Wed, 19 Oct 2022 18:41:14 GMT
cache-control: max-age=1209600, public
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /web-api/external-api/getColorTheme HTTP/1.1 
Host: lite-1x923400.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         178.253.49.7
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 05 Oct 2022 18:41:13 GMT
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=27, dt_285;dur=28
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /genfiles/cms/1-285/desktop/footer/logos/og_red_bull.png HTTP/1.1 
Host: v3.cdnsfree.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         8.254.252.212
HTTP/2 200 OK
content-type: image/png
                                        
date: Wed, 05 Oct 2022 18:41:15 GMT
content-length: 149244
cache-control: public, max-age=120, s-maxage=600
etag: "ab837a9cb89291146ad8b371c052fe8d"
expires: Wed, 05 Oct 2022 18:37:37 GMT
last-modified: Wed, 25 May 2022 11:38:09 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 371
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---