Report - 1x-xredbet478860.top/promotions/campeonato-brasileiro/

Report Overview

Submitted URL
1x-xredbet478860.top/promotions/campeonato-brasileiro/
IP
178.253.48.30
ASN
#56630 Melbikomas UAB
Submitted
2022-10-05 18:41:22
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
94

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	54.230.111.7
lite-1x923400.top	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	30 kB	1.5 MB	178.253.49.7
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	598 B	709 B	108.177.14.157
radar.cedexis.com	3035	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	362 B	397 B	35.241.57.45
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	54.230.111.7
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	22 kB	34.120.237.76
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	658 B	1.5 kB	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	34.212.166.60
v3.cdnsfree.com	166517	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	9.9 kB	1.7 MB	8.254.252.212
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	560 B	746 B	142.250.74.10
1x-xredbet478860.top	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	844 B	1.2 kB	178.253.48.30
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	4.2 kB	142.250.74.3
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	4.8 kB	172.64.155.188
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.9 kB	61 kB	216.58.207.195
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	375 B	44 kB	142.250.74.168
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	362 B	21 kB	216.239.32.178
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.6 kB	7.1 kB	23.36.77.32

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-10-05	medium	1x-xredbet478860.top	Sinkholed
2022-10-05	medium	lite-1x923400.top	Sinkholed
2022-10-05	medium	lite-1x923400.top	Sinkholed
2022-10-05	medium	lite-1x923400.top	Sinkholed
2022-10-05	medium	lite-1x923400.top	Sinkholed
2022-10-05	medium	lite-1x923400.top	Sinkholed
2022-10-05	medium	lite-1x923400.top	Sinkholed
2022-10-05	medium	lite-1x923400.top	Sinkholed
2022-10-05	medium	lite-1x923400.top	Sinkholed
2022-10-05	medium	lite-1x923400.top	Sinkholed
2022-10-05	medium	lite-1x923400.top	Sinkholed
2022-10-05	medium	lite-1x923400.top	Sinkholed
2022-10-05	medium	lite-1x923400.top	Sinkholed
2022-10-05	medium	lite-1x923400.top	Sinkholed
2022-10-05	medium	lite-1x923400.top	Sinkholed
2022-10-05	medium	lite-1x923400.top	Sinkholed
2022-10-05	medium	lite-1x923400.top	Sinkholed
2022-10-05	medium	lite-1x923400.top	Sinkholed
2022-10-05	medium	lite-1x923400.top	Sinkholed
2022-10-05	medium	lite-1x923400.top	Sinkholed
2022-10-05	medium	lite-1x923400.top	Sinkholed
2022-10-05	medium	lite-1x923400.top	Sinkholed
2022-10-05	medium	lite-1x923400.top	Sinkholed
2022-10-05	medium	lite-1x923400.top	Sinkholed
2022-10-05	medium	lite-1x923400.top	Sinkholed
2022-10-05	medium	lite-1x923400.top	Sinkholed
2022-10-05	medium	lite-1x923400.top	Sinkholed
2022-10-05	medium	lite-1x923400.top	Sinkholed
2022-10-05	medium	lite-1x923400.top	Sinkholed
2022-10-05	medium	lite-1x923400.top	Sinkholed
2022-10-05	medium	lite-1x923400.top	Sinkholed
2022-10-05	medium	lite-1x923400.top	Sinkholed
2022-10-05	medium	lite-1x923400.top	Sinkholed
2022-10-05	medium	lite-1x923400.top	Sinkholed
2022-10-05	medium	lite-1x923400.top	Sinkholed
2022-10-05	medium	lite-1x923400.top	Sinkholed
2022-10-05	medium	lite-1x923400.top	Sinkholed
2022-10-05	medium	lite-1x923400.top	Sinkholed
2022-10-05	medium	lite-1x923400.top	Sinkholed
2022-10-05	medium	lite-1x923400.top	Sinkholed
2022-10-05	medium	lite-1x923400.top	Sinkholed
2022-10-05	medium	1x-xredbet478860.top	Sinkholed
2022-10-05	medium	lite-1x923400.top	Sinkholed
2022-10-05	medium	lite-1x923400.top	Sinkholed
2022-10-05	medium	lite-1x923400.top	Sinkholed
2022-10-05	medium	lite-1x923400.top	Sinkholed
2022-10-05	medium	lite-1x923400.top	Sinkholed

JavaScript (36)

	URL	Size	First Seen	Last Seen
	lite-1x923400.top/static-promotion/fcd3df7.modern.js	136 kB	2023-03-08	2023-03-08
Pretty URL lite-1x923400.top/static-promotion/fcd3df7.modern.js IP 178.253.49.7 ASN #56630 Melbikomas UAB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:27:32 Last Seen2023-03-08 06:27:32 Times Seen1 Hash 8adeedb804436f16db7288c9d9bab082 4082010c12a5ad9f78e3045f014bb0c20fb33eb4 44b2461aa42481c1c4f9a771b153f8ac24f0ed66ad5270b504046b8e9f4eaa90 Loading...

	suphelper.com/widget/injector.js	167 kB	2023-03-07	2023-03-10
Pretty URL suphelper.com/widget/injector.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:42:36 Last Seen2023-03-10 18:07:27 Times Seen1 Hash c3464059d11699213a6f8844e6bb3a1c 60f839f14705f7b4d965895fac986b7c9a510acf 0f6c33a4ae5acbdcecaa00ed99bc4723bafcf99d6ccdca4995d699d3b7bf3aa7 Loading...

	suphelper.com/widget/?build=1663916827822&lang=en-GB&langInited=true&opener=full	441 B	2023-03-07	2024-01-20
Pretty URL suphelper.com/widget/?build=1663916827822&lang=en-GB&langInited=true&opener=full IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:52 Last Seen2024-01-20 20:21:10 Times Seen1475 Hash 562c0a945070f06a208058106238c55f c5b09a8a2efe65342f36dfe49c26b717eeed82de e98fce7d083f719412d5e10b42e777b4bd0c7bf4b83e2a151de5500bd044f2cb Loading...

	lite-1x923400.top/us/promotions/campeonato-brasileiro	666 B	2023-03-07	2023-03-17
Pretty URL lite-1x923400.top/us/promotions/campeonato-brasileiro IP 178.253.49.7 ASN #56630 Melbikomas UAB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:21 Last Seen2023-03-17 12:41:59 Times Seen1 Hash 01eb6748fdf37eaabb6d6ed499f22d2b 3418ad3d2559d4304a885fb7ad7215bff27f1741 dfcbe3b915f8ce194d33191aa09ad39261511e01512bcf3ac9bb84e98b83fb51 Loading...

	lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro	105 B	2023-03-07	2023-03-30
Pretty URL lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro IP 178.253.49.7 ASN #56630 Melbikomas UAB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:41:47 Last Seen2023-03-30 00:01:20 Times Seen3 Hash 72517e2646cbdee8bf334c9399465c9f 001b80a7f54d6e082ccdfad8a500481b950fe805 3fa7a35f54cd29d6c0b355222a5b0cd7233f22e951b3d14b5303e9e734887628 Loading...

	radar.cedexis.com/1593429750/radar.js	45 kB	2023-03-07	2023-11-16
Pretty URL radar.cedexis.com/1593429750/radar.js IP 35.241.57.45 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:20 Last Seen2023-11-16 11:36:04 Times Seen2664 Hash f0bad4e1f4843352017e0dcec735975a 7708b6d1c3966fda619af0bfb64d5c14b85e5da9 79541fbd5863b789f16e341208642f1b47bb3bc939121ed63426dd7969714390 Loading...

	suphelper.com/widget/api/i18n-source/en-GB.js?bn=1663916827822	11 kB	2023-03-07	2023-03-25
Pretty URL suphelper.com/widget/api/i18n-source/en-GB.js?bn=1663916827822 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:50:04 Last Seen2023-03-25 23:59:37 Times Seen9 Hash 6a9b24361d21ec5751af0bf2964d4fc6 bc058466f4b7e91d55996f239557466561efed62 5b493621ae5785f78b83a4ac33f8df4a055ed1621e2b9fa417f5942029975302 Loading...

	lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro	313 B	2023-03-07	2023-04-01
Pretty URL lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro IP 178.253.49.7 ASN #56630 Melbikomas UAB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:09 Last Seen2023-04-01 10:25:04 Times Seen15 Hash 494ab8c88e9a8cfd9aa511a663c925c6 4816e303ad4a09ef00d54305b7b9e2e51c9bff4e 9de249453f6780a3274d7fae16d04d230aa9a5b70b57c7d094bbd764ceb8cf4e Loading...

	v3.cdnsfree.com/_nuxt/desktop/default/e7f4ec6b.modern.js	2.1 MB	2023-03-08	2023-03-08
Pretty URL v3.cdnsfree.com/_nuxt/desktop/default/e7f4ec6b.modern.js IP 8.254.252.212 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:51:52 Last Seen2023-03-08 08:05:18 Times Seen1 Hash ef4ab48bcb0c98e511dc4f2817567b63 95967a9bca2a8870a3212c9e8028d889b5889172 297f6081e1c94c6052dcc2a1241093aa84e4dbdecf1d1adf5f4ae2db343faadb Loading...

	lite-1x923400.top/static-promotion/47e916f.modern.js	400 kB	2023-03-08	2023-03-08
Pretty URL lite-1x923400.top/static-promotion/47e916f.modern.js IP 178.253.49.7 ASN #56630 Melbikomas UAB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:27:32 Last Seen2023-03-08 06:27:32 Times Seen1 Hash e4c16febbf7f87fff7ef9ba9cd2018cf 0cfd300d4566693c853275b154f0734fabaf3096 5c63939bf77c6a8e2627b526199ccba1f3e427f0def2c1adc20d450165fc9cf1 Loading...

	lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro	136 B	2023-03-07	2024-02-06
Pretty URL lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro IP 178.253.49.7 ASN #56630 Melbikomas UAB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:09 Last Seen2024-02-06 18:07:50 Times Seen281 Hash 1d82394dbefeb520c846a4f8cd04f272 386231475cfc8d025bbf876b5968e2188e294d1f f550e68574bcfe2c9b2cbc83dedaa5eefecd539867e7eaafbbd4511b8d66ba03 Loading...

	lite-1x923400.top/static-promotion/f130a67.modern.js	6.5 kB	2023-03-08	2023-03-08
Pretty URL lite-1x923400.top/static-promotion/f130a67.modern.js IP 178.253.49.7 ASN #56630 Melbikomas UAB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:27:32 Last Seen2023-03-08 06:27:32 Times Seen1 Hash 2de059681cafea9cd8d84a2d9d293344 44cbd06475922a924b603a757431a2646824edcf a1a6de71cb35e8029cf8f058530031cbb70f696a4f470106e02ffce2819b2cfc Loading...

	lite-1x923400.top/static-promotion/0698e33.modern.js	357 kB	2023-03-08	2023-03-08
Pretty URL lite-1x923400.top/static-promotion/0698e33.modern.js IP 178.253.49.7 ASN #56630 Melbikomas UAB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:27:32 Last Seen2023-03-08 06:27:32 Times Seen1 Hash 2a3d353d078d8322b0bd64f0b80735a3 327905c484001015c0e96c9ff2cdd6d35e7777e6 b9944211158ace1dbc9f482e8b1dfb2bb39f947f8a46ac43ffef6ff596b45619 Loading...

	v3.cdnsfree.com/_nuxt/desktop/default/7ac0cf90.modern.js	14 kB	2023-03-08	2023-03-08
Pretty URL v3.cdnsfree.com/_nuxt/desktop/default/7ac0cf90.modern.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:51:52 Last Seen2023-03-08 08:05:19 Times Seen1 Hash 60d4424422347b2fb7b11985214570ca cdf87a3ebf48f98b32fe788e6f86fa057c8eba4f f016c75a76dc3e0397420acfb8b616dd51699067aba54af4f185df87add16e49 Loading...

	lite-1x923400.top/static-promotion/7d5ae0b.modern.js	16 kB	2023-03-08	2023-03-08
Pretty URL lite-1x923400.top/static-promotion/7d5ae0b.modern.js IP 178.253.49.7 ASN #56630 Melbikomas UAB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:27:32 Last Seen2023-03-08 06:27:32 Times Seen1 Hash 99c500e445d4d53fa78f6cf3f45ee1fe 7dd06eb8f0549b33853adf5d837033f841beb7e8 7f4a3d03dee37c949225b5342f686e39b1bbb64344b84f338d2ab32e59ed48ce Loading...

	suphelper.com/widget/public/chunk.1b8a1de2f841eacb373d.js	1.4 MB	2023-03-07	2023-03-11
Pretty URL suphelper.com/widget/public/chunk.1b8a1de2f841eacb373d.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:50:03 Last Seen2023-03-11 12:19:25 Times Seen1 Hash 24923d01b057deac1290aaac4005514f 872bdfab6be26047dfa0a88c350a043dd87f430b db459341198f0f535ba89240f12e8d5e77239d46a030e9c6b2d1370d869ecba3 Loading...

	lite-1x923400.top/static-promotion/baf2036.modern.js	236 kB	2023-03-08	2023-03-08
Pretty URL lite-1x923400.top/static-promotion/baf2036.modern.js IP 178.253.49.7 ASN #56630 Melbikomas UAB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:27:32 Last Seen2023-03-08 06:27:32 Times Seen1 Hash b69755336455890a6d9a0f2f9b38cf0e 1663a3e056d9c397800541dfb2b2d070bf5078f2 f4eb1db6400f5b62975b6094fc84b5bf69f5c9115d80ea4dc20221b16e83c027 Loading...

	v3.cdnsfree.com/_nuxt/desktop/default/6c12728e.modern.js	17 kB	2023-03-08	2023-03-08
Pretty URL v3.cdnsfree.com/_nuxt/desktop/default/6c12728e.modern.js IP 8.254.252.212 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:51:51 Last Seen2023-03-08 08:05:18 Times Seen1 Hash d96da364c4505d3235ad35b2b79bf04b c81d8edb6c7115aaa175065cc54a28e501eeeedd 9ed4eea2922e4a58ed0017ed312dd0a5c6913be2f35ec3ba6b787f28712510be Loading...

	v3.cdnsfree.com/_nuxt/desktop/default/bfbe8cbc.modern.js	2.5 kB	2023-03-08	2023-03-08
Pretty URL v3.cdnsfree.com/_nuxt/desktop/default/bfbe8cbc.modern.js IP 8.254.252.212 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:51:52 Last Seen2023-03-08 08:05:19 Times Seen1 Hash 2efebaf354851302a680dbe34051fa60 f05e2adf7407c9ebc6f23ba9ef06c89e267d4aa8 0964620f223ce41ac5eea8d7d50dd8ef5e8d5417b6664090278e7e1c10b65b15 Loading...

	suphelper.com/widget/?build=1663916827822&lang=en-GB&langInited=true&opener=full	203 B	2023-03-07	2024-01-20
Pretty URL suphelper.com/widget/?build=1663916827822&lang=en-GB&langInited=true&opener=full IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:52 Last Seen2024-01-20 20:21:11 Times Seen1389 Hash c762ec1a23a59894a334b9bb9fb7fa41 8751a4d124eb7a0ac54097933749b73b7a0409c0 6fd4ec66c226d3bd937a8620622453b33ab935ae30c6bbcf6cc9d62f69804ecf Loading...

	unknown	0 B	2023-03-07	2024-04-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-19 09:42:13 Times Seen36955877 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	v3.cdnsfree.com/_nuxt/desktop/default/2e3772a7.modern.js	315 kB	2023-03-08	2023-03-08
Pretty URL v3.cdnsfree.com/_nuxt/desktop/default/2e3772a7.modern.js IP 8.254.252.212 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:51:52 Last Seen2023-03-08 08:02:29 Times Seen1 Hash 4bd432a92b33cd51be2d35ff94ece754 9424cacc75299eb93c6cfd9ef73c6a55430ff319 0564d0adb9cfbc5ed1cd38b5f86ec05026e665fc6b8e6da43754948f73680e26 Loading...

	lite-1x923400.top/static-promotion/777def2.modern.js	16 kB	2023-03-08	2023-03-08
Pretty URL lite-1x923400.top/static-promotion/777def2.modern.js IP 178.253.49.7 ASN #56630 Melbikomas UAB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:27:32 Last Seen2023-03-08 06:27:32 Times Seen1 Hash b013482e8ca6a5fef4f252de30b65688 e5a6c79965fe24ccbfd343660e517e93377ba590 0d5cbd84597f4515f45b83ff4d88234ea91b5375020324caa036985dc8471d2d Loading...

	lite-1x923400.top/static-promotion/6371390.modern.js	292 B	2023-03-08	2023-03-08
Pretty URL lite-1x923400.top/static-promotion/6371390.modern.js IP 178.253.49.7 ASN #56630 Melbikomas UAB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:27:32 Last Seen2023-03-08 06:27:32 Times Seen1 Hash 93a69b05d873926f135326983e6fbb99 a4f96bd689381ed02cc47f682244e08889d3bbd5 71a8e75e1f8430da081d700b94074ef0ab41ad3b49ff13641e47d141d065c370 Loading...

	lite-1x923400.top/static-promotion/ab612d4.modern.js	46 kB	2023-03-08	2023-03-08
Pretty URL lite-1x923400.top/static-promotion/ab612d4.modern.js IP 178.253.49.7 ASN #56630 Melbikomas UAB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:27:32 Last Seen2023-03-08 06:27:32 Times Seen1 Hash 8b777d05da0eb08064c552e829c833c9 9947fd7df93da0be80d8a1dc30f0a45ab404b0a7 109446c8c6a7132dff7cee521a0eb476d47efeccc877968e472c1027ce544ef8 Loading...

	lite-1x923400.top/static-promotion/7ac077c.modern.js	198 kB	2023-03-08	2023-03-08
Pretty URL lite-1x923400.top/static-promotion/7ac077c.modern.js IP 178.253.49.7 ASN #56630 Melbikomas UAB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:27:32 Last Seen2023-03-08 06:27:32 Times Seen1 Hash b2bc8026c840657a0b112093b64c4525 968caf3583fd8dd21e83f238f850027cc96d3f15 a7502511bb85f080db6d85d62bbad668487b9252850e8455f84e4d2c68b8d725 Loading...

	www.googletagmanager.com/gtag/js?id=UA-178408567-1	112 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtag/js?id=UA-178408567-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:27:32 Last Seen2023-03-08 06:27:32 Times Seen1 Hash 8795ddd6812ac6d743b84e5a982e6dee ef12a06b97627d979ea78484d113206824f28ee5 4cbda973a2b9cff9e8de7ceb4e0fc8250aeba379bc86ad594eb9c9f43f52d273 Loading...

	suphelper.com/widget/public/bundle.acf2cda684186cb2547d.js	198 kB	2023-03-07	2023-03-10
Pretty URL suphelper.com/widget/public/bundle.acf2cda684186cb2547d.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:50:04 Last Seen2023-03-10 17:56:31 Times Seen1 Hash 94c65e0e7d192f28b3ed33bce3c5e02d ceb9863c701b76b11a5c03d523a15d58e753e5ab 9ff9fb2c53d6e5393aefcf8e18f1bfc3201d7ab0f1bc624e713b78fddcea6ab5 Loading...

	lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro	702 B	2023-03-07	2024-02-05
Pretty URL lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro IP 178.253.49.7 ASN #56630 Melbikomas UAB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:41:47 Last Seen2024-02-05 23:23:56 Times Seen126 Hash 0e9165fb92460d96f7a0649386dcdffb 549e55d2990816b5e4d699c35d1ad56a33a1a341 8f732e0ef5d47fa6d56dbe1311a218b659fddc0e57c7b1f7e8240cce6d88d984 Loading...

	v3.cdnsfree.com/_nuxt/desktop/default/3db3c589.modern.js	1.2 MB	2023-03-08	2023-03-08
Pretty URL v3.cdnsfree.com/_nuxt/desktop/default/3db3c589.modern.js IP 8.254.252.212 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:51:52 Last Seen2023-03-08 08:05:19 Times Seen1 Hash 3229f6ee1c30d6d2fdc9dca46984c921 4d9f774b054c209e15cd986c673b1a8e3e5bcce4 7246b97eee9037107289d5ee6b553a352ee1ff5c373b567ad19220bfe87d030d Loading...

	v3.cdnsfree.com/_nuxt/desktop/default/0d547539.modern.js	2.4 kB	2023-03-08	2023-03-08
Pretty URL v3.cdnsfree.com/_nuxt/desktop/default/0d547539.modern.js IP 8.254.252.212 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:51:52 Last Seen2023-03-08 08:05:19 Times Seen1 Hash 124d55f91ba9b3e4e2e8f90e7404e399 722233932f76a7b518a852575dd9190ba7951ede 45c5adf4e99dded9ac24f35668907eeb879bece373b2c8a953bb5d7ea729b936 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-19
Pretty URL www.google-analytics.com/analytics.js IP 216.239.32.178 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-19 07:47:47 Times Seen1515 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	www.google-analytics.com/gtm/js?id=GTM-5R4MT54&t=gtag_UA_178408567_1&cid=1394897679.1664995275	109 kB	2023-03-08	2023-03-08
Pretty URL www.google-analytics.com/gtm/js?id=GTM-5R4MT54&t=gtag_UA_178408567_1&cid=1394897679.1664995275 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:27:32 Last Seen2023-03-08 06:27:32 Times Seen1 Hash 8bc52d77c5005bf41db20b82170cb739 c918e1d6593c2dd1ee2eece7a57597be2773165f e37e787fc690c56cc357854cc4eab4319c0f5d1ff0e166605bd9dbe12fe3d1ba Loading...

	lite-1x923400.top/us/promotions/campeonato-brasileiro	414 B	2023-03-08	2023-03-08
Pretty URL lite-1x923400.top/us/promotions/campeonato-brasileiro IP 178.253.49.7 ASN #56630 Melbikomas UAB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:27:32 Last Seen2023-03-08 06:27:32 Times Seen1 Hash 6cf3a9b4dbfa1e0f207a9aa29d795625 a552bb3acff61724e5d0f9e3eaa4ef5344e749e1 745691ea93b48fe485e201f8d27834fd49a380c4919145d3a96fbe53fb76b488 Loading...

	v3.cdnsfree.com/_nuxt/desktop/default/b5a4afc9.modern.js	4.7 kB	2023-03-08	2023-03-08
Pretty URL v3.cdnsfree.com/_nuxt/desktop/default/b5a4afc9.modern.js IP 8.254.252.212 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:27:32 Last Seen2023-03-08 06:27:32 Times Seen1 Hash 2b9deb1332f0fc93e22d442a997a745c a3c75bc02ca6a2a8b6917a327cfd425289195324 605aea735004efd14ab1e9cfa5c83e4f12d4f9e133e620b3adda79e9f38d2f3b Loading...

		Size	First Seen	Last Seen
	#1 Eval - f34d35c076213eafcfe489e48175ad77	5.6 kB	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 06:27:32 Last Seen2023-03-08 06:27:32 Times Seen1 Hash f34d35c076213eafcfe489e48175ad77 b7f36092cd80487b728881479bd03a1f8a1e1143 cefef42bb27e7c7743e5c9e2c1ba33d190b5db9962cea582a5fce1aee9f8891b Loading...

HTTP Transactions (109)

URL IP Response Size

1x-xredbet478860.top/promotions/campeonato-brasileiro/

178.253.48.30

301 Moved Permanently

162 B

URL HTTP/1.1
1x-xredbet478860.top/promotions/campeonato-brasileiro/
IP
178.253.48.30:0
ASN
#56630 Melbikomas UAB

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /promotions/campeonato-brasileiro/ HTTP/1.1
Host: 1x-xredbet478860.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 05 Oct 2022 18:41:11 GMT
Content-Type: text/html
Content-Length: 162
Connection: close
Location: https://1x-xredbet478860.top/promotions/campeonato-brasileiro/

firefox.settings.services.mozilla.com/v1/

54.230.111.7

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
54.230.111.7:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 3SxGZ5B0mNNCsQDAOhlNk1PMFEPeZdZ6ue-Zfcr2SwwrJK04TlEStQ==
Age: 10433

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
eabb7d9ffae717f7305d63c057755470
3b7f0baccfdbb8d9ffefa4a2215d4d6094be454a
ab48f17e54075e1ecf034278e82bcacd2e3689773186cc84fba9b79aac907294

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AB48F17E54075E1ECF034278E82BCACD2E3689773186CC84FBA9B79AAC907294"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6258
Expires: Wed, 05 Oct 2022 20:25:29 GMT
Date: Wed, 05 Oct 2022 18:41:11 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

54.230.111.7

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
54.230.111.7:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 05 Oct 2022 04:02:33 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
x-cache: Hit from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xDggC9oy_WF_yeRm5HfmnQJQiT9BE4tuL8JsrDF0fUFvNAe_4sPcuw==
age: 52719
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
411279606589c5caf0b1c1c96f776959
9af83a6af490d6947d207aff30a726c0ac1d9957
f1118b2476b70ceedf78dec0bfa75085bc09c27020b8c8ca0c17a4b73606fcbc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F1118B2476B70CEEDF78DEC0BFA75085BC09C27020B8C8CA0C17A4B73606FCBC"
Last-Modified: Tue, 04 Oct 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13883
Expires: Wed, 05 Oct 2022 22:32:34 GMT
Date: Wed, 05 Oct 2022 18:41:11 GMT
Connection: keep-alive

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:11 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c8c58e6a847bbb7da1bd2edea42f4463
dbe77efbb8fd17cc500a2f9f3d00770d8fcd761b
78c75d88f8ad8fc15cee5016b00a0708875f9fc0509194efcf8c6348a9075b24

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "78C75D88F8AD8FC15CEE5016B00A0708875F9FC0509194EFCF8C6348A9075B24"
Last-Modified: Wed, 05 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9244
Expires: Wed, 05 Oct 2022 21:15:15 GMT
Date: Wed, 05 Oct 2022 18:41:11 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

54.230.111.7

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
54.230.111.7:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Pragma, Content-Length, Backoff, Last-Modified, Cache-Control, Content-Type, Retry-After, ETag, Expires, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Wed, 05 Oct 2022 18:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Wed, 05 Oct 2022 18:46:46 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: l0SJfD1J0Kkqsle6QfG2mbbnMpX-cUzolGwq9e3FqgshLcvVmXlDlQ==
Age: 698

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
1561c6be7c89d1357a80d12de47b6e74
9a705277922ecca583c867af58b3efce099f83bd
e33dc034dbf4b3b627cd3c1af2d942e2ca5704ec9a4aad5c46ad39eb070e82ab

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5498
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 18:41:12 GMT
Last-Modified: Wed, 05 Oct 2022 17:09:34 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

34.212.166.60

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.212.166.60:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: TAHpW2K7JD0FUr350i9ehw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 8AJ2daq++9lgtPhXR9gDPT0BqcY=

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b0e8a79f3e381ab34a44278947ac7c7e
70d01e6fdc8565c661b6ae8c5a043ddf2da16530
885a8c234fca85e6f6bb3e8fcab6672b9a9742b5d3f74681b17a330fa295d549

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 18:41:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

lite-1x923400.top/static-promotion/f130a67.modern.js

178.253.49.7

200 OK

3.5 kB

URL HTTP/2
lite-1x923400.top/static-promotion/f130a67.modern.js
IP
178.253.49.7:0
ASN
#56630 Melbikomas UAB

File type
ASCII text, with very long lines (6546), with no line terminators
Size
3.5 kB (3516 bytes)
Hash
f01b700995f938e95e8c0ae996ccdd30
f72a4d7734a9e99ef61c115c73bcacb84529f801
d66d18d1a5c77197f79f71966ab79b52ed45374099bfdde4e825d24301448270

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /static-promotion/f130a67.modern.js HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:12 GMT
content-type: application/javascript; charset=utf-8
content-length: 3516
last-modified: Wed, 05 Oct 2022 15:31:18 GMT
vary: Accept-Encoding
etag: "633da346-dbc"
content-encoding: gzip
expires: Wed, 05 Oct 2022 19:41:12 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

lite-1x923400.top/static-promotion/baf2036.modern.js

178.253.49.7

200 OK

80 kB

URL HTTP/2
lite-1x923400.top/static-promotion/baf2036.modern.js
IP
178.253.49.7:0
ASN
#56630 Melbikomas UAB

File type
ASCII text, with very long lines (65485)
Size
80 kB (80299 bytes)
Hash
6bd810688ec63a6a748a7ef59e434a3c
e448beff10c55e4527c2073e8ea9316bb8127d96
9892d417e7be4b14b04b49dbc746a60a107f513bd01363b9baa9b2a16bea4b01

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /static-promotion/baf2036.modern.js HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:12 GMT
content-type: application/javascript; charset=utf-8
content-length: 80299
last-modified: Wed, 05 Oct 2022 13:16:11 GMT
vary: Accept-Encoding
etag: "633d839b-139ab"
content-encoding: gzip
expires: Wed, 05 Oct 2022 19:41:12 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

lite-1x923400.top/static-promotion/0698e33.modern.js

178.253.49.7

200 OK

98 kB

URL HTTP/2
lite-1x923400.top/static-promotion/0698e33.modern.js
IP
178.253.49.7:0
ASN
#56630 Melbikomas UAB

File type
Unicode text, UTF-8 text, with very long lines (65405)
Size
98 kB (97878 bytes)
Hash
27356d38a24d8d80b584823efa534384
6033345c95d424c7544ec0cc8795a16904ba48fc
11c336269e455ca0fa3b2d766e41eed4d6dda60e3f1de406ea2f84934940d8c6

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /static-promotion/0698e33.modern.js HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:12 GMT
content-type: application/javascript; charset=utf-8
content-length: 97878
last-modified: Wed, 05 Oct 2022 13:16:11 GMT
vary: Accept-Encoding
etag: "633d839b-17e56"
content-encoding: gzip
expires: Wed, 05 Oct 2022 19:41:12 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b0e8a79f3e381ab34a44278947ac7c7e
70d01e6fdc8565c661b6ae8c5a043ddf2da16530
885a8c234fca85e6f6bb3e8fcab6672b9a9742b5d3f74681b17a330fa295d549

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 18:41:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

lite-1x923400.top/static-promotion/47e916f.modern.js

178.253.49.7

200 OK

126 kB

URL HTTP/2
lite-1x923400.top/static-promotion/47e916f.modern.js
IP
178.253.49.7:0
ASN
#56630 Melbikomas UAB

File type
ASCII text, with very long lines (65536), with no line terminators
Size
126 kB (125465 bytes)
Hash
6d0899f238d7201bfec849a3695607e4
de2930b66a39356e876ec02e5c8b9ea1a94cc5f8
4b1232da7d0238415099f581b85bd2e683ff625d9be3d9436d59424f3bcbb6a9

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /static-promotion/47e916f.modern.js HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:12 GMT
content-type: application/javascript; charset=utf-8
content-length: 125465
last-modified: Wed, 05 Oct 2022 13:16:11 GMT
vary: Accept-Encoding
etag: "633d839b-1ea19"
content-encoding: gzip
expires: Wed, 05 Oct 2022 19:41:12 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
eedee1fb8053719563e4a7bc5d4c6dc9
f24cae24c25275d5d86f850af56f21b38d681493
f82bebf6e7ed8c0eda0085e039f0ea32af3e4e7d0efcb810472be19bd003446a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:41:12 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 04 Oct 2022 14:31:55 GMT
Expires: Tue, 11 Oct 2022 14:31:54 GMT
Etag: "f24cae24c25275d5d86f850af56f21b38d681493"
Cache-Control: max-age=502841,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75584a46aef0b51d-OSL

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
eedee1fb8053719563e4a7bc5d4c6dc9
f24cae24c25275d5d86f850af56f21b38d681493
f82bebf6e7ed8c0eda0085e039f0ea32af3e4e7d0efcb810472be19bd003446a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:41:12 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 04 Oct 2022 14:31:55 GMT
Expires: Tue, 11 Oct 2022 14:31:54 GMT
Etag: "f24cae24c25275d5d86f850af56f21b38d681493"
Cache-Control: max-age=502841,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75584a46a9f5b50c-OSL

v3.cdnsfree.com/_nuxt/desktop/default/b5a4afc9.modern.js

8.254.252.212

200 OK

1.8 kB

URL HTTP/2
v3.cdnsfree.com/_nuxt/desktop/default/b5a4afc9.modern.js
IP
8.254.252.212:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (4715), with no line terminators
Size
1.8 kB (1814 bytes)
Hash
deb6105ec9912c3d2b826204356e1215
fdc12f9a8e1f938f027a035b8f57aeb7d0bf3a67
82c2afbb700084ae07741775d5e81168577d3702fcdc7fc5f02043ecb707d450

HTTP Headers

GET /_nuxt/desktop/default/b5a4afc9.modern.js HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:41:12 GMT
content-type: application/javascript; charset=utf-8
content-length: 1814
cache-control: max-age=86400
content-encoding: gzip
etag: "633d4fa5-716"
expires: Thu, 06 Oct 2022 12:53:36 GMT
last-modified: Wed, 05 Oct 2022 09:34:29 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 20909
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.cdnsfree.com/_nuxt/desktop/default/css/8b4b6a70.css

8.254.252.212

200 OK

69 kB

URL HTTP/2
v3.cdnsfree.com/_nuxt/desktop/default/css/8b4b6a70.css
IP
8.254.252.212:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (65536), with no line terminators
Size
69 kB (69276 bytes)
Hash
62d56083353efb8b78dd7c52faf1d086
b52d306de48aea06ebc2456ca503ef50074dc37a
cc2663217ba043c9ea0d1b5ab8cfffeac9b1bdb02c253899b50945dee8b01211

HTTP Headers

GET /_nuxt/desktop/default/css/8b4b6a70.css HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:41:12 GMT
content-type: text/css
content-length: 69276
cache-control: max-age=86400
content-encoding: gzip
etag: "633d4fa5-10e9c"
expires: Thu, 06 Oct 2022 12:50:12 GMT
last-modified: Wed, 05 Oct 2022 09:34:29 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 21064
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.cdnsfree.com/_nuxt/desktop/default/css/6745247d.css

8.254.252.212

200 OK

238 B

URL HTTP/2
v3.cdnsfree.com/_nuxt/desktop/default/css/6745247d.css
IP
8.254.252.212:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (473), with no line terminators
Size
238 B (238 bytes)
Hash
d55772cfeb454129313c930bbafddb5d
f06a942ca46d752277ab97948cc31024b3076282
ff308f6c750332565d2ead59c1110b99f068d80ec5e661182a9318021e859e99

HTTP Headers

GET /_nuxt/desktop/default/css/6745247d.css HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:41:12 GMT
content-type: text/css
content-length: 238
cache-control: max-age=86400
content-encoding: gzip
etag: "633c2515-ee"
expires: Thu, 06 Oct 2022 09:08:49 GMT
last-modified: Tue, 04 Oct 2022 12:20:37 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 34343
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.cdnsfree.com/genfiles/cms/pg/285/images/e2e1a81329ec0acf4e446b6fc70e4cf1.svg

8.254.252.212

200 OK

705 B

URL HTTP/2
v3.cdnsfree.com/genfiles/cms/pg/285/images/e2e1a81329ec0acf4e446b6fc70e4cf1.svg
IP
8.254.252.212:0
ASN
#3356 LEVEL3

File type
SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (1224), with no line terminators
Size
705 B (705 bytes)
Hash
bb246c88651f63256e658dccd79ba91f
560cf8f76dad56a5c10a0f66cc4a200df301265d
30e59f903e6fab358b7bfb110a8bf83aefaf5376f2c60293a20f58c9f9fc45e8

HTTP Headers

GET /genfiles/cms/pg/285/images/e2e1a81329ec0acf4e446b6fc70e4cf1.svg HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:41:12 GMT
content-type: image/svg+xml
content-length: 705
cache-control: public, max-age=120, s-maxage=600
content-encoding: gzip
etag: W/"7cca3986f7a5c4c164144ff11df71073"
expires: Wed, 05 Oct 2022 18:41:27 GMT
last-modified: Thu, 13 Jan 2022 14:28:56 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 105
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.cdnsfree.com/_nuxt/desktop/default/e7f4ec6b.modern.js

8.254.252.212

200 OK

472 kB

URL HTTP/2
v3.cdnsfree.com/_nuxt/desktop/default/e7f4ec6b.modern.js
IP
8.254.252.212:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (65536), with no line terminators
Size
472 kB (472049 bytes)
Hash
77d23404c41a92784dffa8d8c2ce60bf
12a1182537ba29d5e27a2e05e2858ddab391ac28
1335de92670b7dcaf96d08855ee34f54b8a43632b9358769ec68668c53ac5fae

HTTP Headers

GET /_nuxt/desktop/default/e7f4ec6b.modern.js HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:41:12 GMT
content-type: application/javascript; charset=utf-8
content-length: 472049
cache-control: max-age=86400
content-encoding: gzip
etag: "633d4fa5-733f1"
expires: Thu, 06 Oct 2022 12:50:09 GMT
last-modified: Wed, 05 Oct 2022 09:34:29 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 21064
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.cdnsfree.com/_nuxt/desktop/default/3db3c589.modern.js

8.254.252.212

200 OK

325 kB

URL HTTP/2
v3.cdnsfree.com/_nuxt/desktop/default/3db3c589.modern.js
IP
8.254.252.212:0
ASN
#3356 LEVEL3

File type
Unicode text, UTF-8 text, with very long lines (65399)
Size
325 kB (324946 bytes)
Hash
38ab13d49f81e4dd67f500f420ae4a42
064fa729df76fa3aac24f649f608903072fec560
b1c9730f2fa9366eb99a8f7231120f57d22ee1eba60abcc3c7d02c2bcc933235

HTTP Headers

GET /_nuxt/desktop/default/3db3c589.modern.js HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:41:12 GMT
content-type: application/javascript; charset=utf-8
content-length: 324946
cache-control: max-age=86400
content-encoding: gzip
etag: "633d4fa5-4f552"
expires: Thu, 06 Oct 2022 12:50:09 GMT
last-modified: Wed, 05 Oct 2022 09:34:29 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 21064
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.cdnsfree.com/_nuxt/desktop/default/css/e1072a03.css

8.254.252.212

200 OK

27 kB

URL HTTP/2
v3.cdnsfree.com/_nuxt/desktop/default/css/e1072a03.css
IP
8.254.252.212:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (65536), with no line terminators
Size
27 kB (27215 bytes)
Hash
9abe7d6909c5d8d1cef56929f042d92b
ca40c0fa119084c509a9e54333b3fda34d907eed
a8c0bc334c23b7830235da87abba0bf5db2a1f534644480befdb7d03f019b578

HTTP Headers

GET /_nuxt/desktop/default/css/e1072a03.css HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:41:12 GMT
content-type: text/css
content-length: 27215
cache-control: max-age=86400
content-encoding: gzip
etag: "633d4fa5-6a4f"
expires: Thu, 06 Oct 2022 11:20:07 GMT
last-modified: Wed, 05 Oct 2022 09:34:29 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 26465
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
eedee1fb8053719563e4a7bc5d4c6dc9
f24cae24c25275d5d86f850af56f21b38d681493
f82bebf6e7ed8c0eda0085e039f0ea32af3e4e7d0efcb810472be19bd003446a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:41:12 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 04 Oct 2022 14:31:55 GMT
Expires: Tue, 11 Oct 2022 14:31:54 GMT
Etag: "f24cae24c25275d5d86f850af56f21b38d681493"
Cache-Control: max-age=502841,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75584a46af20b511-OSL

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
eedee1fb8053719563e4a7bc5d4c6dc9
f24cae24c25275d5d86f850af56f21b38d681493
f82bebf6e7ed8c0eda0085e039f0ea32af3e4e7d0efcb810472be19bd003446a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:41:12 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 04 Oct 2022 14:31:55 GMT
Expires: Tue, 11 Oct 2022 14:31:54 GMT
Etag: "f24cae24c25275d5d86f850af56f21b38d681493"
Cache-Control: max-age=502841,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75584a46a9f6b50c-OSL

v3.cdnsfree.com/_nuxt/desktop/default/6c12728e.modern.js

8.254.252.212

200 OK

6.6 kB

URL HTTP/2
v3.cdnsfree.com/_nuxt/desktop/default/6c12728e.modern.js
IP
8.254.252.212:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (17080), with no line terminators
Size
6.6 kB (6584 bytes)
Hash
b76236b663b4bee91a0f73483bab839d
c72daafb592ceddc4871c21c38b3d97d8b6cccd2
468a46359b0c3823f092e6014fddd0dcb80e905d258046508e2442769326acbc

HTTP Headers

GET /_nuxt/desktop/default/6c12728e.modern.js HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:41:12 GMT
content-type: application/javascript; charset=utf-8
content-length: 6584
cache-control: max-age=86400
content-encoding: gzip
etag: "633d4fa5-19b8"
expires: Thu, 06 Oct 2022 12:50:09 GMT
last-modified: Wed, 05 Oct 2022 09:34:29 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 21066
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.cdnsfree.com/_nuxt/desktop/default/2e3772a7.modern.js

8.254.252.212

200 OK

100 kB

URL HTTP/2
v3.cdnsfree.com/_nuxt/desktop/default/2e3772a7.modern.js
IP
8.254.252.212:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (65479)
Size
100 kB (100252 bytes)
Hash
438730025eecad6fd929c550417f3703
28c02a8f0b58237a93dd1fc2ebf2827e571f73fd
4b627ad5ee330769bbfb5de9092199e4123c67a0bfb2c9df7936152eb7345b26

HTTP Headers

GET /_nuxt/desktop/default/2e3772a7.modern.js HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:41:12 GMT
content-type: application/javascript; charset=utf-8
content-length: 100252
cache-control: max-age=86400
content-encoding: gzip
etag: "633d4fa5-1879c"
expires: Thu, 06 Oct 2022 12:50:12 GMT
last-modified: Wed, 05 Oct 2022 09:34:29 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 21064
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
eedee1fb8053719563e4a7bc5d4c6dc9
f24cae24c25275d5d86f850af56f21b38d681493
f82bebf6e7ed8c0eda0085e039f0ea32af3e4e7d0efcb810472be19bd003446a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:41:12 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 04 Oct 2022 14:31:55 GMT
Expires: Tue, 11 Oct 2022 14:31:54 GMT
Etag: "f24cae24c25275d5d86f850af56f21b38d681493"
Cache-Control: max-age=502841,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75584a46ac24b4ff-OSL

lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro

178.253.49.7

200 OK

2.3 kB

URL HTTP/2
lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
IP
178.253.49.7:0
ASN
#56630 Melbikomas UAB

File type
data
Size
2.3 kB (2325 bytes)
Hash
814525d4d3dda8b5da6bd42ac5072cc4
97e3d7351a528657520061bf85382c9c52edd59d
7cc4256ae82bfbd2df5c2cfe1f9cd383ea045656fa468574fc069d1ed6315ea9

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /promo-frame/us/promotion/campeonato-brasileiro HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/us/promotions/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:12 GMT
content-type: text/html; charset=utf-8
content-encoding: gzip
etag: "130d-qmh9KADSIBd7TqcbHKKtjTY6A+0"
server-timing: dt_285;dur=3
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

lite-1x923400.top/us/promotions/campeonato-brasileiro

178.253.49.7

200 OK

80 kB

URL HTTP/2
lite-1x923400.top/us/promotions/campeonato-brasileiro
IP
178.253.49.7:0
ASN
#56630 Melbikomas UAB

File type
data
Size
80 kB (80443 bytes)
Hash
c56621f97ddab1e2848610dbd5250950
e4e5b6bfae41d592f35fa706396f4f177491ff32
5d330ba15d5064c611ba8b82817eb1973a5a10761fa13140bc76d469d8aed27c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /us/promotions/campeonato-brasileiro HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:12 GMT
content-type: text/html; charset=utf-8
accept-ranges: none
content-encoding: gzip
server-timing: total;dur=469;desc="Nuxt Server Time", dt_285;dur=475
set-cookie: SESSION=9bb99aea59c1d81fc59dfbe962c450b6; Path=/; HttpOnly; Secure; SameSite=Lax
lng=us; Path=/
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lite-1x923400.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:34:08 GMT
expires: Thu, 28 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 601625
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size
16 kB (15920 bytes)
Hash
3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lite-1x923400.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 14:07:32 GMT
expires: Thu, 05 Oct 2023 14:07:32 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
age: 16421
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

lite-1x923400.top/genfiles/cms/pg/default/images/c6805d21f8fccbfc75df5c556571fc74.png

178.253.49.7

200 OK

352 B

URL HTTP/2
lite-1x923400.top/genfiles/cms/pg/default/images/c6805d21f8fccbfc75df5c556571fc74.png
IP
178.253.49.7:0
ASN
#56630 Melbikomas UAB

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
352 B (352 bytes)
Hash
7dff72d4146e35a8262e6845d13a8df0
a291af970d3955b35c314e85712ceea3aca25d54
a467e6a3d8e443bbbade9f04324268de101625412c1135b4cec0864a55101a78

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /genfiles/cms/pg/default/images/c6805d21f8fccbfc75df5c556571fc74.png HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/us/promotions/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:13 GMT
content-type: image/png
content-length: 352
last-modified: Wed, 10 Aug 2022 11:26:08 GMT
x-rgw-object-type: Normal
etag: "7dff72d4146e35a8262e6845d13a8df0"
x-amz-storage-class: STANDARD
access-control-allow-origin: *
cache-control: public,max-age=120,s-maxage=600
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ff5f22aafa6751c60631736c305a4c7c
278b89e5c1a978e070be4b66bb780862894b8504
b501664d7591e6dfe95c8641e0020e04b76f16f5cb80a7fc0ee0b36af60a6382

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 18:41:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7392
Expires: Wed, 05 Oct 2022 20:44:25 GMT
Date: Wed, 05 Oct 2022 18:41:13 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7392
Expires: Wed, 05 Oct 2022 20:44:25 GMT
Date: Wed, 05 Oct 2022 18:41:13 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7392
Expires: Wed, 05 Oct 2022 20:44:25 GMT
Date: Wed, 05 Oct 2022 18:41:13 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7392
Expires: Wed, 05 Oct 2022 20:44:25 GMT
Date: Wed, 05 Oct 2022 18:41:13 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7392
Expires: Wed, 05 Oct 2022 20:44:25 GMT
Date: Wed, 05 Oct 2022 18:41:13 GMT
Connection: keep-alive

lite-1x923400.top/genfiles/web-app-v2/dictionary2/v3_promotions/us/dictionary_d55dd73233b27ed9fa14e8f9a4dcde8e.json

178.253.49.7

200 OK

196 kB

URL HTTP/2
lite-1x923400.top/genfiles/web-app-v2/dictionary2/v3_promotions/us/dictionary_d55dd73233b27ed9fa14e8f9a4dcde8e.json
IP
178.253.49.7:0
ASN
#56630 Melbikomas UAB

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (64100), with no line terminators
Size
196 kB (195547 bytes)
Hash
edb881416b1fe513f0eae605b4916c6e
acae39beb502c40568d4b49ce2ad0ff88549ec07
1ebd0e9d9e56726e01576d4295ffd2de591270fbec36f65117d06d0b039f71fe

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /genfiles/web-app-v2/dictionary2/v3_promotions/us/dictionary_d55dd73233b27ed9fa14e8f9a4dcde8e.json HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:13 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 05 Oct 2022 15:41:55 GMT
x-rgw-object-type: Normal
etag: W/"e8d1aabb1d2b3e41f1688a2b5270871e"
cache-control: max-age=31536000
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23595c4d-609a-48f3-a52f-e88e478d7653.jpeg

34.120.237.76

200 OK

5.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23595c4d-609a-48f3-a52f-e88e478d7653.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.8 kB (5832 bytes)
Hash
3257b782efae9b64e6e18a547866ec50
4daf0c001e86af8477fb097e8ca932edb8e5f981
899f9692e86405aa288d88dd285a6fe26bedab1a2ca4693212476063890b01a5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23595c4d-609a-48f3-a52f-e88e478d7653.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5832
x-amzn-requestid: c4427edd-3d71-47d0-a2d3-b3bfed089535
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zf8s1FuUoAMFhBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ca7eb-46ddff150da4141d23fc0d8a;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 21:38:51 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: WWClzLGprno--c75q63i1TFi8oBEdAYW-J4lCk9V8IELQXe6q0A05A==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 21:42:34 GMT
age: 75519
etag: "4daf0c001e86af8477fb097e8ca932edb8e5f981"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

lite-1x923400.top/genfiles/web-app-v2/dictionary2/v3_main/us/dictionary_29fc6ceb335ed1cef7c7e493f582de32.json

178.253.49.7

200 OK

24 kB

URL HTTP/2
lite-1x923400.top/genfiles/web-app-v2/dictionary2/v3_main/us/dictionary_29fc6ceb335ed1cef7c7e493f582de32.json
IP
178.253.49.7:0
ASN
#56630 Melbikomas UAB

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (50052), with no line terminators
Size
24 kB (23460 bytes)
Hash
7d3fe72e8d9d7a38870ad065a10f1828
0254937acaf9ff64ccfdd9f115501b9b3df9a9e5
4d82ed6a677c34729894b72a5a88a90948498384c10cdc68419da27131ef6abf

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /genfiles/web-app-v2/dictionary2/v3_main/us/dictionary_29fc6ceb335ed1cef7c7e493f582de32.json HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:13 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 05 Oct 2022 15:41:34 GMT
x-rgw-object-type: Normal
etag: W/"fe1965939b4f368ef2388145efc4e341"
cache-control: max-age=31536000
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb178720-854c-4c9e-85c1-58cb5419ca69.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.6 kB (3585 bytes)
Hash
5d7d7df8d4c440f9db445c3d99e818d6
612b6dbd4ba895c167964ff7e6d9263013b52b0a
bf527a814c78f9e010cce4ba593c9146d54a2137d1f147f7a6250fbad81956ac

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb178720-854c-4c9e-85c1-58cb5419ca69.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3585
x-amzn-requestid: ccb6f0c8-4d9b-48b8-aaf6-16781dc4c86b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZaHFlEcFoAMFS3g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a5223-5c9276c873efee993ba54667;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 03:08:19 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: T8m1q2L45TWDVRBa-R2W70yq9BauBK3G4IX54AGIxdRhG736T974kg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 04:05:29 GMT
age: 52544
etag: "612b6dbd4ba895c167964ff7e6d9263013b52b0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5704624d-eb81-4a5b-bcb7-08db5681c677.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8926 bytes)
Hash
1de7c17a0ba9295135e7f8b490b6a8d3
70e8d1589f3daf71378965dd197934e220fb6aa4
ee559ce3166479e2b930be7d18525f5c2d164aed8ca005302ddaf3bfe37eec24

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5704624d-eb81-4a5b-bcb7-08db5681c677.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8926
x-amzn-requestid: 27fc8976-af8d-40a3-b701-0642fa135ec4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zf8s1GSbIAMFTiw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ca7eb-4d4c7837576e0fdb5828fe3b;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 21:38:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YzVofPSJC-YVU1Q1V9AnjNeQTa1BQEh6ZiH2HjSeeX5RygysFP7oAA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 21:42:34 GMT
age: 75519
etag: "70e8d1589f3daf71378965dd197934e220fb6aa4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

lite-1x923400.top/web-api/external-api/config/all

178.253.49.7

200 OK

22 kB

URL HTTP/2
lite-1x923400.top/web-api/external-api/config/all
IP
178.253.49.7:0
ASN
#56630 Melbikomas UAB

File type
data
Size
22 kB (21702 bytes)
Hash
25e14b99e7ea8c6ec5ba59656d3750eb
14eaba2e21c398553332f6fe13d3e4ecd555b72d
fea5c210741f4ba5aa23b2b09483bfa2672f2351236e503f106eff098c142e61

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /web-api/external-api/config/all HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Origin: https://lite-1x923400.top
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:13 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=73, dt_285;dur=75
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

lite-1x923400.top/_nuxt/desktop/default/css/6745247d.css

178.253.49.7

200 OK

238 B

URL HTTP/2
lite-1x923400.top/_nuxt/desktop/default/css/6745247d.css
IP
178.253.49.7:0
ASN
#56630 Melbikomas UAB

File type
ASCII text, with very long lines (473), with no line terminators
Size
238 B (238 bytes)
Hash
393b02d88ccc6246579c264a8a2e4531
ce797a9a1caab721ab549d281bbfbfabdc80f67b
94852531d2e05122333436e42623aa4082f805ccd9d5d86d282f089f579f1e9d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /_nuxt/desktop/default/css/6745247d.css HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/us/promotions/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1920
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:13 GMT
content-type: text/css
content-length: 238
last-modified: Wed, 05 Oct 2022 09:34:29 GMT
vary: Accept-Encoding
etag: "633d4fa5-ee"
content-encoding: gzip
expires: Wed, 05 Oct 2022 19:41:13 GMT
cache-control: max-age=3600
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

lite-1x923400.top/static-promotion/6371390.modern.js

178.253.49.7

200 OK

253 B

URL HTTP/2
lite-1x923400.top/static-promotion/6371390.modern.js
IP
178.253.49.7:0
ASN
#56630 Melbikomas UAB

File type
ASCII text, with no line terminators
Size
253 B (253 bytes)
Hash
aff7d92303c828ba9f4ff4623b4c0e8a
472950af61a372b493e690ea84f4489d874e6d07
a01bbb2ce84d6362a907f87284e7d03fd9e589a2449c833b48e61284047b63b7

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /static-promotion/6371390.modern.js HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:13 GMT
content-type: application/javascript; charset=utf-8
content-length: 253
last-modified: Wed, 05 Oct 2022 15:31:18 GMT
vary: Accept-Encoding
etag: "633da346-fd"
content-encoding: gzip
expires: Wed, 05 Oct 2022 19:41:13 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

lite-1x923400.top/genfiles/cms/maintenance_mode/settings.json?timestamp=1664995273876

178.253.49.7

200 OK

145 B

URL HTTP/2
lite-1x923400.top/genfiles/cms/maintenance_mode/settings.json?timestamp=1664995273876
IP
178.253.49.7:0
ASN
#56630 Melbikomas UAB

File type
JSON data\012- , ASCII text, with no line terminators
Size
145 B (145 bytes)
Hash
81d90db48c09d6f764c4929c90eadfc1
6fe1a593e77cca8d9adff9fe5b5f40e19ccf7bd8
fa0a9c9d33937e1539ce6b9e44abf7ecd69f5032c6ba8b85308c6a388f8dc28c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /genfiles/cms/maintenance_mode/settings.json?timestamp=1664995273876 HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/us/promotions/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:13 GMT
content-type: application/json
content-length: 145
last-modified: Thu, 21 Apr 2022 06:40:33 GMT
x-rgw-object-type: Normal
etag: "81d90db48c09d6f764c4929c90eadfc1"
cache-control: public,max-age=60,s-maxage=60
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

lite-1x923400.top/static-promotion/ab612d4.modern.js

178.253.49.7

200 OK

7.4 kB

URL HTTP/2
lite-1x923400.top/static-promotion/ab612d4.modern.js
IP
178.253.49.7:0
ASN
#56630 Melbikomas UAB

File type
ASCII text, with very long lines (45732), with no line terminators
Size
7.4 kB (7389 bytes)
Hash
8412762c4c6d8ea7e8192824b7a7adab
31053c327216e81664c414f066c55bbdfb95d1a8
3a6999edd2162a2e7efb2bee47b0ea8eef5cb7d55fd126597dd312d5e7376841

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /static-promotion/ab612d4.modern.js HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:13 GMT
content-type: application/javascript; charset=utf-8
content-length: 7389
last-modified: Wed, 05 Oct 2022 15:31:18 GMT
vary: Accept-Encoding
etag: "633da346-1cdd"
content-encoding: gzip
expires: Wed, 05 Oct 2022 19:41:13 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

lite-1x923400.top/static-promotion/777def2.modern.js

178.253.49.7

200 OK

3.0 kB

URL HTTP/2
lite-1x923400.top/static-promotion/777def2.modern.js
IP
178.253.49.7:0
ASN
#56630 Melbikomas UAB

File type
ASCII text, with very long lines (16195), with no line terminators
Size
3.0 kB (2997 bytes)
Hash
eb433daf4306ca3b7c617f858e745fbd
737da04364ffbad392405ca6b62547d781bdb554
534e70bf05f970e7133876da697a8a03cb770834f96816efd5f5e659cdfb24e5

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /static-promotion/777def2.modern.js HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:13 GMT
content-type: application/javascript; charset=utf-8
content-length: 2997
last-modified: Wed, 05 Oct 2022 15:31:18 GMT
vary: Accept-Encoding
etag: "633da346-bb5"
content-encoding: gzip
expires: Wed, 05 Oct 2022 19:41:13 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

lite-1x923400.top/static-promotion/fcd3df7.modern.js

178.253.49.7

200 OK

35 kB

URL HTTP/2
lite-1x923400.top/static-promotion/fcd3df7.modern.js
IP
178.253.49.7:0
ASN
#56630 Melbikomas UAB

File type
ASCII text, with very long lines (65536), with no line terminators
Size
35 kB (35367 bytes)
Hash
4595f4bd206afc3f160363a1ab5d7194
ded41e4eac1d5b9801ad8b0e8fe45df081206fdb
2165ec828af9e78624f1225a7c957192d3f78666b46da1b096d99274456e342d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /static-promotion/fcd3df7.modern.js HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:13 GMT
content-type: application/javascript; charset=utf-8
content-length: 35367
last-modified: Wed, 05 Oct 2022 15:31:18 GMT
vary: Accept-Encoding
etag: "633da346-8a27"
content-encoding: gzip
expires: Wed, 05 Oct 2022 19:41:13 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

lite-1x923400.top/static-promotion/7ac077c.modern.js

178.253.49.7

200 OK

27 kB

URL HTTP/2
lite-1x923400.top/static-promotion/7ac077c.modern.js
IP
178.253.49.7:0
ASN
#56630 Melbikomas UAB

File type
ASCII text, with very long lines (65536), with no line terminators
Size
27 kB (27240 bytes)
Hash
92ac0bcd8bb2b5db0199d52c95085275
26f9329417f1299375c2c5c4c260e54435d52870
2bd187c2f65bcc39a50b2d817a68f0d9bc90fc62e9eaaa201f4ed3e38974314b

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /static-promotion/7ac077c.modern.js HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:13 GMT
content-type: application/javascript; charset=utf-8
content-length: 27240
last-modified: Wed, 05 Oct 2022 15:31:18 GMT
vary: Accept-Encoding
etag: "633da346-6a68"
content-encoding: gzip
expires: Wed, 05 Oct 2022 19:41:13 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

lite-1x923400.top/pwa

178.253.49.7

200 OK

15 B

URL HTTP/2
lite-1x923400.top/pwa
IP
178.253.49.7:0
ASN
#56630 Melbikomas UAB

File type
JSON data\012- , ASCII text, with no line terminators
Size
15 B (15 bytes)
Hash
0e4766fd1b2ba2e236fd9364587f99ab
eb98dec7af065d80a1a3ddb99cb3e3c0919aa852
4612305c0c6077857c88e831688c8bb34594e16c567ed45a3a330c14fa7c627b

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pwa HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lite-1x923400.top/us/promotions/campeonato-brasileiro
Connection: keep-alive
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:13 GMT
content-type: application/json; charset=utf-8
content-length: 15
etag: W/"f-65jex68GXYCho925nLPjwJGaqFI"
server-timing: dt_285;dur=3
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

v3.cdnsfree.com/_nuxt/desktop/default/img/common.698f8a6f.svg

8.254.252.212

200 OK

44 kB

URL HTTP/2
v3.cdnsfree.com/_nuxt/desktop/default/img/common.698f8a6f.svg
IP
8.254.252.212:0
ASN
#3356 LEVEL3

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (65536), with no line terminators
Size
44 kB (43843 bytes)
Hash
f9ad0f0d55e494c307fc868f2ecd8c4a
55dbe89ffecca33168d368e3f811abfcbf4c71c3
30cd8582e08e758a78ea08d6bf92d41206a2971a021c0cd56528aad610a5b108

HTTP Headers

GET /_nuxt/desktop/default/img/common.698f8a6f.svg HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lite-1x923400.top
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:41:14 GMT
content-type: image/svg+xml
content-length: 43843
cache-control: max-age=86400
content-encoding: gzip
etag: W/"633d4fa5-196ca"
expires: Thu, 06 Oct 2022 11:20:14 GMT
last-modified: Wed, 05 Oct 2022 09:34:29 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 26460
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.cdnsfree.com/_nuxt/desktop/default/0d547539.modern.js

8.254.252.212

200 OK

1.0 kB

URL HTTP/2
v3.cdnsfree.com/_nuxt/desktop/default/0d547539.modern.js
IP
8.254.252.212:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (2404), with no line terminators
Size
1.0 kB (1031 bytes)
Hash
015b40d1992fa015bcf871e23eae7696
1387bfdeeb1c4f4db42ed377c5843445bc6468c8
cc661cc28ec5c8ba37e804c3e2c2d93f3e5c579f774a12b45ea4028fd27fb4dd

HTTP Headers

GET /_nuxt/desktop/default/0d547539.modern.js HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:41:14 GMT
content-type: application/javascript; charset=utf-8
content-length: 1031
cache-control: max-age=86400
content-encoding: gzip
etag: "633d4fa5-407"
expires: Thu, 06 Oct 2022 12:50:47 GMT
last-modified: Wed, 05 Oct 2022 09:34:29 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 21027
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f763a685d14b05b6ced9792151da30b8
b25be5359245be857ffa1bddcb197cb771a36a45
505ad6dc6417d58207f0d68862c4423f4611660ccc6afe165fd3ec2ccb1c893d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 18:41:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

lite-1x923400.top/version.json?timestamp=1664995274063

178.253.49.7

200 OK

11 B

URL HTTP/2
lite-1x923400.top/version.json?timestamp=1664995274063
IP
178.253.49.7:0
ASN
#56630 Melbikomas UAB

File type
ASCII text
Size
11 B (11 bytes)
Hash
0267ce92e06d3918d2c56b8b49c2a183
6f39445bed1f6b9c416f9c6e371cb754fa3ad384
48e710f6a4214bdf10cd80f3f501a29e87c88eb202211d76161f6247eacba427

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /version.json?timestamp=1664995274063 HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x923400.top/us/promotions/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:14 GMT
content-type: application/json; charset=UTF-8
content-length: 11
etag: W/"b-bzlEW+0fa5xBb5xuNxy3VPo604Q"
server-timing: dt_285;dur=1
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
34eb89e66f0b3109343b733cc89f72ef
f5c7bee177722005913df74e11a8fb0ee15d7e13
d5fead44bf5421f27d5df689db149a81e736bf190cf844552d090a29a4226eac

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3854
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 18:41:14 GMT
Last-Modified: Wed, 05 Oct 2022 17:37:00 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

www.googletagmanager.com/gtag/js?id=UA-178408567-1

142.250.74.168

200 OK

43 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-178408567-1
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2039)
Size
43 kB (43407 bytes)
Hash
be0fec8c4ca5c6a7947284e9dbfec32e
0db4343965f15cf84f0e8684dae747997bff3b94
13c0f02b078d6d719869f9d45126bfdac970fbd92acdef4c76f014eaf450e693

HTTP Headers

GET /gtag/js?id=UA-178408567-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 05 Oct 2022 18:41:14 GMT
expires: Wed, 05 Oct 2022 18:41:14 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43407
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f763a685d14b05b6ced9792151da30b8
b25be5359245be857ffa1bddcb197cb771a36a45
505ad6dc6417d58207f0d68862c4423f4611660ccc6afe165fd3ec2ccb1c893d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 18:41:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

lite-1x923400.top/web-api/api/converslon/load

178.253.49.7

200 OK

2.7 kB

URL HTTP/2
lite-1x923400.top/web-api/api/converslon/load
IP
178.253.49.7:0
ASN
#56630 Melbikomas UAB

File type
data
Size
2.7 kB (2740 bytes)
Hash
14920140c18c89510d494a9d4517a200
afbb1d367e36eb02ead6682d11b91e8db30d078d
0856f6ae13d6a0668d07eceac67178f623238820efe0297f84f41025bbfe83c7

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /web-api/api/converslon/load HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x923400.top/us/promotions/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:14 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=32, dt_285;dur=35
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lite-1x923400.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:34:08 GMT
expires: Thu, 28 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 601626
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

216.58.207.195

200 OK

9.6 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 9628, version 1.0\012- data
Size
9.6 kB (9628 bytes)
Hash
d9ac47c7e500fb7083b8d595eaf6fe12
112a2fc5f4ff9b85ee3a706fa9b8c47f79b05933
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lite-1x923400.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9628
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 29 Sep 2022 06:19:49 GMT
expires: Fri, 29 Sep 2023 06:19:49 GMT
cache-control: public, max-age=31536000
age: 562885
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

v3.cdnsfree.com/_nuxt/desktop/default/bfbe8cbc.modern.js

8.254.252.212

200 OK

1.1 kB

URL HTTP/2
v3.cdnsfree.com/_nuxt/desktop/default/bfbe8cbc.modern.js
IP
8.254.252.212:0
ASN
#3356 LEVEL3

File type
Unicode text, UTF-8 text, with very long lines (2450), with no line terminators
Size
1.1 kB (1059 bytes)
Hash
04f5228fcc4ee30cc731b8607d3f9e9e
a8d3781611c0c442a263d76a4a03f6e8110283cd
6ddb56e30d7ee7fa9722c4e2425a665bc12b5dde0818fdee7f1cda58b020fb78

HTTP Headers

GET /_nuxt/desktop/default/bfbe8cbc.modern.js HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:41:14 GMT
content-type: application/javascript; charset=utf-8
content-length: 1059
cache-control: max-age=86400
content-encoding: gzip
etag: "633d4fa5-423"
expires: Thu, 06 Oct 2022 12:50:45 GMT
last-modified: Wed, 05 Oct 2022 09:34:29 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 21046
accept-ranges: bytes
X-Firefox-Spdy: h2

lite-1x923400.top/domain-api/api/v1/domains/lite-1x923400.top

178.253.49.7

200 OK

84 B

URL HTTP/2
lite-1x923400.top/domain-api/api/v1/domains/lite-1x923400.top
IP
178.253.49.7:0
ASN
#56630 Melbikomas UAB

File type
JSON data\012- , ASCII text, with no line terminators
Size
84 B (84 bytes)
Hash
cc5f3a84fbad7aabf0e444de1bd7b274
8010a1d23bc02768a35b53b77a5888c10ff56244
d3633d9c42556f0e8ee790ecee529a27ef3ca4c2cc2dddb83c0edee3509adf31

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /domain-api/api/v1/domains/lite-1x923400.top HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x923400.top/us/promotions/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:14 GMT
content-type: application/vnd.api+json
content-length: 84
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

lite-1x923400.top/web-api/external-api/promotions/campeonato-brasileiro

178.253.49.7

403 Forbidden

5.4 kB

URL HTTP/2
lite-1x923400.top/web-api/external-api/promotions/campeonato-brasileiro
IP
178.253.49.7:0
ASN
#56630 Melbikomas UAB

File type
JSON data\012- , ASCII text, with very long lines (13515), with no line terminators
Size
5.4 kB (5430 bytes)
Hash
9871765703a2b20c5bafada22ae5b54e
5cb235d9b2139d85c41a55041929d7972db0003e
8eda7ca3477a85c9cd5e9fe340eeae400ad62820e84c19c88a238f037871e7db

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /web-api/external-api/promotions/campeonato-brasileiro HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 403 Forbidden
server: nginx
date: Wed, 05 Oct 2022 18:41:14 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=48, dt_285;dur=49
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

v3.cdnsfree.com/_nuxt/desktop/default/11a7652e.modern.js

8.254.252.212

200 OK

26 kB

URL HTTP/2
v3.cdnsfree.com/_nuxt/desktop/default/11a7652e.modern.js
IP
8.254.252.212:0
ASN
#3356 LEVEL3

File type
Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
26 kB (26108 bytes)
Hash
7a970a51d962abae9cdf53f64db2a792
4d29a51ffd3b8c5afce8dc9bfb12435b645a714a
aa664b32c04ff1f58dfa0427a1b682b3cbe11efcc78c805611e33da868460993

HTTP Headers

GET /_nuxt/desktop/default/11a7652e.modern.js HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:41:14 GMT
content-type: application/javascript; charset=utf-8
content-length: 26108
cache-control: max-age=86400
content-encoding: gzip
etag: "633d4fa5-65fc"
expires: Thu, 06 Oct 2022 12:50:29 GMT
last-modified: Wed, 05 Oct 2022 09:34:29 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 21047
accept-ranges: bytes
X-Firefox-Spdy: h2

lite-1x923400.top/web-api/api/internal/v1/sessions/user

178.253.49.7

200 OK

91 B

URL HTTP/2
lite-1x923400.top/web-api/api/internal/v1/sessions/user
IP
178.253.49.7:0
ASN
#56630 Melbikomas UAB

File type
JSON data\012- , ASCII text, with no line terminators
Size
91 B (91 bytes)
Hash
7f08529bc4a73ef6216d27a6b9408914
d35e84765ec35db78746ff044785169e847837c9
72fec33883cd2c515ce5bf34588577cac6598e3e7e8d8a3ad7fc95c1dc42150f

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /web-api/api/internal/v1/sessions/user HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x923400.top/us/promotions/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:14 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=34, dt_285;dur=35
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/K23_2020_lightmode.png

8.254.252.212

200 OK

168 kB

URL HTTP/2
v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/K23_2020_lightmode.png
IP
8.254.252.212:0
ASN
#3356 LEVEL3

File type
PNG image data, 4455 x 2151, 8-bit/color RGBA, non-interlaced\012- data
Size
168 kB (168437 bytes)
Hash
514efcaa096bc870bbb55a0910327b9c
05f80f59b5eeb2e4cf409fc4b9d96ddec64b3e6f
a541dec3a5acfa154ce5716014bb463c6be72db6bf5ffb88dde95929e9670942

HTTP Headers

GET /genfiles/cms/1-285/desktop/footer/logos/K23_2020_lightmode.png HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:41:14 GMT
content-type: image/png
content-length: 168437
cache-control: public, max-age=120, s-maxage=600
etag: "514efcaa096bc870bbb55a0910327b9c"
expires: Wed, 05 Oct 2022 18:33:59 GMT
last-modified: Wed, 01 Jun 2022 12:17:09 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 567
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/team_spirit_black.png

8.254.252.212

200 OK

169 kB

URL HTTP/2
v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/team_spirit_black.png
IP
8.254.252.212:0
ASN
#3356 LEVEL3

File type
PNG image data, 4000 x 4000, 8-bit/color RGBA, non-interlaced\012- data
Size
169 kB (169025 bytes)
Hash
ba6cf2e79cb532a105c8f34b1efbcb26
f05ff0a3895400ac928ac1cce6153f657e6f6d8f
8e3e826321588ba9cca7ed55a8c23ee2e64e007775a40f9f8878340b2788864e

HTTP Headers

GET /genfiles/cms/1-285/desktop/footer/logos/team_spirit_black.png HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:41:14 GMT
content-type: image/png
content-length: 169025
cache-control: public, max-age=120, s-maxage=600
etag: "ba6cf2e79cb532a105c8f34b1efbcb26"
expires: Wed, 05 Oct 2022 18:36:16 GMT
last-modified: Wed, 01 Jun 2022 12:16:40 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 475
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/logo-serie-new.png

8.254.252.212

200 OK

19 kB

URL HTTP/2
v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/logo-serie-new.png
IP
8.254.252.212:0
ASN
#3356 LEVEL3

File type
PNG image data, 180 x 320, 8-bit/color RGBA, non-interlaced\012- data
Size
19 kB (18675 bytes)
Hash
eebc2093ed37610949fddb757fb411c2
f7964e29e324fe613114a2d8a574819735d4e8a4
2573852f7e996aaf5d4ae5280f600e384f8b5d75e8c4de9e06100af2d9f55e5c

HTTP Headers

GET /genfiles/cms/1-285/desktop/footer/logos/logo-serie-new.png HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:41:14 GMT
content-type: image/png
content-length: 18675
cache-control: public, max-age=120, s-maxage=600
etag: "eebc2093ed37610949fddb757fb411c2"
expires: Wed, 05 Oct 2022 18:34:20 GMT
last-modified: Fri, 06 Nov 2020 12:55:12 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 534
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/logo-fcb.png

8.254.252.212

200 OK

7.4 kB

URL HTTP/2
v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/logo-fcb.png
IP
8.254.252.212:0
ASN
#3356 LEVEL3

File type
PNG image data, 169 x 183, 8-bit colormap, non-interlaced\012- data
Size
7.4 kB (7420 bytes)
Hash
8ea23d2a7c2e152564a43453425b3301
f6e61dbb4b90ab17f23130d79af095a1267b01c3
e193b50c6e3a1657a7c7e1100b941a43c90eeda8f9d56763318ac624eeba2cbd

HTTP Headers

GET /genfiles/cms/1-285/desktop/footer/logos/logo-fcb.png HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:41:14 GMT
content-type: image/png
content-length: 7420
cache-control: public, max-age=120, s-maxage=600
etag: "8ea23d2a7c2e152564a43453425b3301"
expires: Wed, 05 Oct 2022 18:38:45 GMT
last-modified: Fri, 06 Nov 2020 12:55:12 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 269
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/can-2019-en.png

8.254.252.212

200 OK

8.1 kB

URL HTTP/2
v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/can-2019-en.png
IP
8.254.252.212:0
ASN
#3356 LEVEL3

File type
PNG image data, 243 x 144, 8-bit colormap, non-interlaced\012- data
Size
8.1 kB (8120 bytes)
Hash
d2998762f0b00c9d1bcd90c28f0a5731
95553e4eff474b6a05ad4a6e00826ba4ab9b2c4e
09050bbfb49f160886714942b619eb95dbd92f2f6862f38aa685538f420591b8

HTTP Headers

GET /genfiles/cms/1-285/desktop/footer/logos/can-2019-en.png HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:41:14 GMT
content-type: image/png
content-length: 8120
cache-control: public, max-age=120, s-maxage=600
etag: "d2998762f0b00c9d1bcd90c28f0a5731"
expires: Wed, 05 Oct 2022 18:37:37 GMT
last-modified: Fri, 06 Nov 2020 12:55:12 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 411
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/logo-losc.png

8.254.252.212

200 OK

119 kB

URL HTTP/2
v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/logo-losc.png
IP
8.254.252.212:0
ASN
#3356 LEVEL3

File type
PNG image data, 2052 x 1962, 8-bit/color RGBA, non-interlaced\012- data
Size
119 kB (119254 bytes)
Hash
0b72a6591ead9e9b95a118b411b9556a
6d43538a7c2167e9046d418e0707dba8f361fd1c
012b4965e861f6073a0496f55677715279f5799468c9aa4c3d92bdbbc5e0b67b

HTTP Headers

GET /genfiles/cms/1-285/desktop/footer/logos/logo-losc.png HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:41:14 GMT
content-type: image/png
content-length: 119254
cache-control: public, max-age=120, s-maxage=600
etag: "0b72a6591ead9e9b95a118b411b9556a"
expires: Wed, 05 Oct 2022 18:40:23 GMT
last-modified: Fri, 09 Sep 2022 14:12:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 172
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/mibr_white-logo.png

8.254.252.212

200 OK

9.9 kB

URL HTTP/2
v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/mibr_white-logo.png
IP
8.254.252.212:0
ASN
#3356 LEVEL3

File type
PNG image data, 834 x 434, 8-bit/color RGBA, non-interlaced\012- data
Size
9.9 kB (9904 bytes)
Hash
c14d0b72d2885c8ae4975e64ddb29a6f
3c31e0bb67f15daada51baf892c89ef0cd061146
657992cd544e48630d90afc0b957014f0ac4fad15789c7c18a937d5b71231967

HTTP Headers

GET /genfiles/cms/1-285/desktop/footer/logos/mibr_white-logo.png HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:41:14 GMT
content-type: image/png
content-length: 9904
cache-control: public, max-age=120, s-maxage=600
etag: "c14d0b72d2885c8ae4975e64ddb29a6f"
expires: Wed, 05 Oct 2022 18:33:54 GMT
last-modified: Thu, 04 Aug 2022 17:36:40 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 567
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/esl.png

8.254.252.212

200 OK

33 kB

URL HTTP/2
v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/esl.png
IP
8.254.252.212:0
ASN
#3356 LEVEL3

File type
PNG image data, 1184 x 362, 8-bit/color RGBA, non-interlaced\012- data
Size
33 kB (33328 bytes)
Hash
802ac7a85f716d1a10ad5084ce6b2c14
4e3b9ea62cf588f4f8b5be3553aa53068fbe8fa6
3329ddcdb9bce051bb89a2ec7ea84fae914e31752e66656a2321642d8457f7cc

HTTP Headers

GET /genfiles/cms/1-285/desktop/footer/logos/esl.png HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:41:14 GMT
content-type: image/png
content-length: 33328
cache-control: public, max-age=120, s-maxage=600
etag: "802ac7a85f716d1a10ad5084ce6b2c14"
expires: Wed, 05 Oct 2022 18:36:16 GMT
last-modified: Fri, 07 May 2021 11:29:08 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 476
accept-ranges: bytes
X-Firefox-Spdy: h2

lite-1x923400.top/static-promotion/7d5ae0b.modern.js

178.253.49.7

200 OK

3.3 kB

URL HTTP/2
lite-1x923400.top/static-promotion/7d5ae0b.modern.js
IP
178.253.49.7:0
ASN
#56630 Melbikomas UAB

File type
ASCII text, with very long lines (15532), with no line terminators
Size
3.3 kB (3312 bytes)
Hash
f22f5ebeaa7f6490a5d335e44cb8e7ed
f37665effb700c8864644de66cfff92425fc453c
a083cb46490d29ee273bc77db9390fa1ef8bda98ca3717693488b4723cd20832

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /static-promotion/7d5ae0b.modern.js HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1280; che_g=51609ca2-ff42-c704-1ad3-9e664a1bde08
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:14 GMT
content-type: application/javascript; charset=utf-8
content-length: 3312
last-modified: Wed, 05 Oct 2022 15:31:18 GMT
vary: Accept-Encoding
etag: "633da346-cf0"
content-encoding: gzip
expires: Wed, 05 Oct 2022 19:41:14 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/caf-champions-en.png

8.254.252.212

200 OK

15 kB

URL HTTP/2
v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/caf-champions-en.png
IP
8.254.252.212:0
ASN
#3356 LEVEL3

File type
PNG image data, 387 x 230, 8-bit colormap, non-interlaced\012- data
Size
15 kB (15100 bytes)
Hash
805de1a5bec7c7e47c459ed79e5a7778
409804a9ad7ebd262a6125eb04cbd678ac7a9824
3dd56bfcb4bd898db532541ee1bbbcbaffc8276b155f518b5d10be553296633d

HTTP Headers

GET /genfiles/cms/1-285/desktop/footer/logos/caf-champions-en.png HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:41:14 GMT
content-type: image/png
content-length: 15100
cache-control: public, max-age=120, s-maxage=600
etag: "805de1a5bec7c7e47c459ed79e5a7778"
expires: Wed, 05 Oct 2022 18:39:25 GMT
last-modified: Fri, 07 May 2021 11:29:04 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 301
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/caf-confederation-en.png

8.254.252.212

200 OK

15 kB

URL HTTP/2
v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/caf-confederation-en.png
IP
8.254.252.212:0
ASN
#3356 LEVEL3

File type
PNG image data, 387 x 230, 8-bit colormap, non-interlaced\012- data
Size
15 kB (14740 bytes)
Hash
70e5105d03a74cc00cd9a0386fde303e
ffcd4fbcd486825d0d31e41cada108335b012d81
baabca03d9695b9475d7d0b4d736fbb093d21f2c03228a7704097e2bfb8e583a

HTTP Headers

GET /genfiles/cms/1-285/desktop/footer/logos/caf-confederation-en.png HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:41:15 GMT
content-type: image/png
content-length: 14740
cache-control: public, max-age=120, s-maxage=600
etag: "70e5105d03a74cc00cd9a0386fde303e"
expires: Wed, 05 Oct 2022 18:39:25 GMT
last-modified: Fri, 07 May 2021 11:29:03 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 479
accept-ranges: bytes
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

216.239.32.178

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
216.239.32.178:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Wed, 05 Oct 2022 18:41:09 GMT
expires: Wed, 05 Oct 2022 20:41:09 GMT
cache-control: public, max-age=7200
age: 6
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

lite-1x923400.top/static-promotion/e4ad5ef.js

178.253.49.7

200 OK

3.5 kB

URL HTTP/2
lite-1x923400.top/static-promotion/e4ad5ef.js
IP
178.253.49.7:0
ASN
#56630 Melbikomas UAB

File type
ASCII text, with very long lines (6581), with no line terminators
Size
3.5 kB (3529 bytes)
Hash
8b5bdc3d041bf2512a0a1351b65e87e1
fe6a7794995f2d37456891843092019be228f362
906f65872b162775c968d4252b6c5f15f4a6b8a79fd204da8461fe01126850ce

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /static-promotion/e4ad5ef.js HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1280; che_g=51609ca2-ff42-c704-1ad3-9e664a1bde08
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:15 GMT
content-type: application/javascript; charset=utf-8
content-length: 3529
last-modified: Wed, 05 Oct 2022 15:31:18 GMT
vary: Accept-Encoding
etag: "633da346-dc9"
content-encoding: gzip
expires: Wed, 05 Oct 2022 19:41:15 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

lite-1x923400.top/static-promotion/a5a5724.js

178.253.49.7

200 OK

92 kB

URL HTTP/2
lite-1x923400.top/static-promotion/a5a5724.js
IP
178.253.49.7:0
ASN
#56630 Melbikomas UAB

File type
ASCII text, with very long lines (65485)
Size
92 kB (91762 bytes)
Hash
5b497fbcd1485e1d7e584e69836f4ad8
ed1175c495f90a2e5de70464cbd0b344ba38b7b8
3a15c9b91d7bbc1241db4f8a7cd27a20bc2653fb9aac24ab14f5df9b2cf101b6

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /static-promotion/a5a5724.js HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1280; che_g=51609ca2-ff42-c704-1ad3-9e664a1bde08
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:15 GMT
content-type: application/javascript; charset=utf-8
content-length: 91762
last-modified: Wed, 05 Oct 2022 15:31:18 GMT
vary: Accept-Encoding
etag: "633da346-16672"
content-encoding: gzip
expires: Wed, 05 Oct 2022 19:41:15 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

lite-1x923400.top/static-promotion/d6b609b.js

178.253.49.7

200 OK

101 kB

URL HTTP/2
lite-1x923400.top/static-promotion/d6b609b.js
IP
178.253.49.7:0
ASN
#56630 Melbikomas UAB

File type
Unicode text, UTF-8 text, with very long lines (65405)
Size
101 kB (100784 bytes)
Hash
7d2cc7f519695291ede56e692ba157ac
5bdaad41a21f9df3368ff0d94f70bdfcebd1590e
c44e9da4d5b14b825ba3402836ed8067a96b454fc88d5c3e412678e65f103b56

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /static-promotion/d6b609b.js HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1280; che_g=51609ca2-ff42-c704-1ad3-9e664a1bde08
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:15 GMT
content-type: application/javascript; charset=utf-8
content-length: 100784
last-modified: Wed, 05 Oct 2022 15:31:18 GMT
vary: Accept-Encoding
etag: "633da346-189b0"
content-encoding: gzip
expires: Wed, 05 Oct 2022 19:41:15 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

lite-1x923400.top/static-promotion/fad08fe.js

178.253.49.7

200 OK

131 kB

URL HTTP/2
lite-1x923400.top/static-promotion/fad08fe.js
IP
178.253.49.7:0
ASN
#56630 Melbikomas UAB

File type
ASCII text, with very long lines (65536), with no line terminators
Size
131 kB (130959 bytes)
Hash
8a23b9e5647c978c86403fdc2cabf7ce
d589e8bec50ada738a1716dbafdb35753ba53e7e
dd417a56e41cbba09f962f0c4eae698312253997ade697dc809e475b3c597afe

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /static-promotion/fad08fe.js HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1280; che_g=51609ca2-ff42-c704-1ad3-9e664a1bde08
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:15 GMT
content-type: application/javascript; charset=utf-8
content-length: 130959
last-modified: Wed, 05 Oct 2022 15:31:18 GMT
vary: Accept-Encoding
etag: "633da346-1ff8f"
content-encoding: gzip
expires: Wed, 05 Oct 2022 19:41:15 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

lite-1x923400.top/genfiles/cms/maintenance_mode/settings.json?timestamp=1664995275384

178.253.49.7

200 OK

145 B

URL HTTP/2
lite-1x923400.top/genfiles/cms/maintenance_mode/settings.json?timestamp=1664995275384
IP
178.253.49.7:0
ASN
#56630 Melbikomas UAB

File type
JSON data\012- , ASCII text, with no line terminators
Size
145 B (145 bytes)
Hash
81d90db48c09d6f764c4929c90eadfc1
6fe1a593e77cca8d9adff9fe5b5f40e19ccf7bd8
fa0a9c9d33937e1539ce6b9e44abf7ecd69f5032c6ba8b85308c6a388f8dc28c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /genfiles/cms/maintenance_mode/settings.json?timestamp=1664995275384 HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x923400.top/us/promotions/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1280; che_g=51609ca2-ff42-c704-1ad3-9e664a1bde08; _ga_7JGWL9SV66=GS1.1.1664995275.1.0.1664995275.0.0.0; _ga=GA1.2.1394897679.1664995275; _gid=GA1.2.814743234.1664995275
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:15 GMT
content-type: application/json
content-length: 145
last-modified: Thu, 21 Apr 2022 06:40:33 GMT
x-rgw-object-type: Normal
etag: "81d90db48c09d6f764c4929c90eadfc1"
cache-control: public,max-age=60,s-maxage=60
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

lite-1x923400.top/web-api/api/internal/v1/proof_of_age

178.253.49.7

204 No Content

0 B

URL HTTP/2
lite-1x923400.top/web-api/api/internal/v1/proof_of_age
IP
178.253.49.7:0
ASN
#56630 Melbikomas UAB

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /web-api/api/internal/v1/proof_of_age HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/vnd.api+json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x923400.top/us/promotions/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1280; che_g=51609ca2-ff42-c704-1ad3-9e664a1bde08; _ga_7JGWL9SV66=GS1.1.1664995275.1.0.1664995275.0.0.0; _ga=GA1.2.1394897679.1664995275; _gid=GA1.2.814743234.1664995275
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Wed, 05 Oct 2022 18:41:15 GMT
cache-control: no-cache, private
server-timing: p;dur=28, dt_285;dur=30
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
eac86f868b3967f1946c7f5fc712b25f
e2ae8eb09715a0af0791c085eb35bf66e0548e30
bceb14e7a478c0e34a0f1d8286eb954566c62051e996bc36189de922a76a6e06

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 18:41:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-178408567-1&cid=1394897679.1664995275&jid=945789994&gjid=1360873492&_gid=814743234.1664995275&_u=aCDAAUACQAAAACAAI~&z=1042305308

108.177.14.157

200 OK

1 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-178408567-1&cid=1394897679.1664995275&jid=945789994&gjid=1360873492&_gid=814743234.1664995275&_u=aCDAAUACQAAAACAAI~&z=1042305308
IP
108.177.14.157:0
ASN
#15169 GOOGLE

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-178408567-1&cid=1394897679.1664995275&jid=945789994&gjid=1360873492&_gid=814743234.1664995275&_u=aCDAAUACQAAAACAAI~&z=1042305308 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://lite-1x923400.top
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://lite-1x923400.top
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 05 Oct 2022 18:41:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

lite-1x923400.top/web-api/external-api/getColorTheme

178.253.49.7

200 OK

528 B

URL HTTP/2
lite-1x923400.top/web-api/external-api/getColorTheme
IP
178.253.49.7:0
ASN
#56630 Melbikomas UAB

File type
data
Size
528 B (528 bytes)
Hash
0d290473c3265391a2203f57c4f20fd0
ea93848d7978835886ad84566ca05f13218c5844
5fcc3be4233d5a634a10e77af2d771fe99dea17d9d677e1f87e073474ab9918e

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /web-api/external-api/getColorTheme HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1280; che_g=51609ca2-ff42-c704-1ad3-9e664a1bde08; _ga_7JGWL9SV66=GS1.1.1664995275.1.0.1664995275.0.0.0; _ga=GA1.2.1394897679.1664995275; _gid=GA1.2.814743234.1664995275; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:15 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=35, dt_285;dur=36
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

lite-1x923400.top/web-api/external-api/config/all

178.253.49.7

200 OK

12 kB

URL HTTP/2
lite-1x923400.top/web-api/external-api/config/all
IP
178.253.49.7:0
ASN
#56630 Melbikomas UAB

File type
Unicode text, UTF-8 text, with very long lines (49384), with no line terminators
Size
12 kB (11540 bytes)
Hash
a7f3bd577955035a2ab728b52c8c9a62
7d9173a9edc78244a11e2cbe69d182ef973dc0ab
ffb74968f993b605e7c14c9e1a7a8882a5ea29b0770a2e762a3832aade17f4a0

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /web-api/external-api/config/all HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Origin: https://lite-1x923400.top
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1280; che_g=51609ca2-ff42-c704-1ad3-9e664a1bde08; _ga_7JGWL9SV66=GS1.1.1664995275.1.0.1664995275.0.0.0; _ga=GA1.2.1394897679.1664995275; _gid=GA1.2.814743234.1664995275
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:15 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=164, dt_285;dur=167
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

lite-1x923400.top/web-api/external-api/config/getLangs

178.253.49.7

200 OK

88 kB

URL HTTP/2
lite-1x923400.top/web-api/external-api/config/getLangs
IP
178.253.49.7:0
ASN
#56630 Melbikomas UAB

File type
data
Size
88 kB (88347 bytes)
Hash
5270c6828a411bd204965aaf31f30ed0
6c07eab3ac3346b8706d36f1dba85f984651da6e
d8db167239bfe204ef5c1b5b3c4773ca72e5578a604e90a3ed6e1ee5d5fa4797

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /web-api/external-api/config/getLangs HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1280; che_g=51609ca2-ff42-c704-1ad3-9e664a1bde08; _ga_7JGWL9SV66=GS1.1.1664995275.1.0.1664995275.0.0.0; _ga=GA1.2.1394897679.1664995275; _gid=GA1.2.814743234.1664995275; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:15 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=23, dt_285;dur=26
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

lite-1x923400.top/genfiles/cms/1-285/desktop/errorsPage/ball.webp

178.253.49.7

200 OK

2.0 kB

URL HTTP/2
lite-1x923400.top/genfiles/cms/1-285/desktop/errorsPage/ball.webp
IP
178.253.49.7:0
ASN
#56630 Melbikomas UAB

File type
RIFF (little-endian) data, Web/P image\012- data
Size
2.0 kB (2010 bytes)
Hash
b2e135d916673e6f1be84800198490d4
60db6095350e4b9e618aab6666650eb13a941745
3b2e95cba675bc9bdeae9308d00f629d586a6ae7e55aa60a971027cbf9ed7682

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /genfiles/cms/1-285/desktop/errorsPage/ball.webp HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/403
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1280; che_g=51609ca2-ff42-c704-1ad3-9e664a1bde08; _ga_7JGWL9SV66=GS1.1.1664995275.1.0.1664995275.0.0.0; _ga=GA1.2.1394897679.1664995275; _gid=GA1.2.814743234.1664995275; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:16 GMT
content-type: application/octet-stream
content-length: 2010
last-modified: Tue, 26 Jan 2021 08:32:04 GMT
x-rgw-object-type: Normal
etag: "b2e135d916673e6f1be84800198490d4"
access-control-allow-origin: *
cache-control: public,max-age=120,s-maxage=600
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

lite-1x923400.top/web-api/external-api/promotions/campeonato-brasileiro

178.253.49.7

403 Forbidden

79 kB

URL HTTP/2
lite-1x923400.top/web-api/external-api/promotions/campeonato-brasileiro
IP
178.253.49.7:0
ASN
#56630 Melbikomas UAB

File type
data
Size
79 kB (78738 bytes)
Hash
9ba7ee0b7faf403a106e71036a6310d4
220f2f7fefcb9c2c230adf18341ba0a429484ba5
3213ef0a529233ceba187a4d9f3bcf6f898272648bb9fd0cf1bb3408df80ecf8

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /web-api/external-api/promotions/campeonato-brasileiro HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1280; che_g=51609ca2-ff42-c704-1ad3-9e664a1bde08; _ga_7JGWL9SV66=GS1.1.1664995275.1.0.1664995275.0.0.0; _ga=GA1.2.1394897679.1664995275; _gid=GA1.2.814743234.1664995275; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 403 Forbidden
server: nginx
date: Wed, 05 Oct 2022 18:41:16 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=28, dt_285;dur=29
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

lite-1x923400.top/genfiles/cms/1-285/desktop/errorsPage/sprite-football-men.png

178.253.49.7

200 OK

212 kB

URL HTTP/2
lite-1x923400.top/genfiles/cms/1-285/desktop/errorsPage/sprite-football-men.png
IP
178.253.49.7:0
ASN
#56630 Melbikomas UAB

File type
PNG image data, 7336 x 587, 8-bit colormap, non-interlaced\012- data
Size
212 kB (212062 bytes)
Hash
8270a8ed37510c1d081ca47895bed81f
a88857250443b9b93e41a1fbdc46017737db5a72
70d2d3a884d1588eb40e4066fa2c4362194b48c4b805ec75fb963bcdeabf24da

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /genfiles/cms/1-285/desktop/errorsPage/sprite-football-men.png HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/403
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1280; che_g=51609ca2-ff42-c704-1ad3-9e664a1bde08; _ga_7JGWL9SV66=GS1.1.1664995275.1.0.1664995275.0.0.0; _ga=GA1.2.1394897679.1664995275; _gid=GA1.2.814743234.1664995275; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:16 GMT
content-type: image/png
content-length: 212062
last-modified: Thu, 18 Mar 2021 14:54:24 GMT
x-rgw-object-type: Normal
etag: "8270a8ed37510c1d081ca47895bed81f"
access-control-allow-origin: *
cache-control: public,max-age=120,s-maxage=600
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

lite-1x923400.top/promotions/campeonato-brasileiro/

178.253.49.7

302 Found

0 B

URL HTTP/2
lite-1x923400.top/promotions/campeonato-brasileiro/
IP
178.253.49.7:0
ASN
#56630 Melbikomas UAB

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /promotions/campeonato-brasileiro/ HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
server: nginx
date: Wed, 05 Oct 2022 18:41:11 GMT
location: /us/promotions/campeonato-brasileiro
server-timing: total;dur=0;desc="Nuxt Server Time", dt_285;dur=1
x-frame-options: SAMEORIGIN
x-reason: empty_lang
strict-transport-security: max-age=63072000; includeSubDomains; preload
set-cookie: platform_type=desktop; Path=/; Expires=Sat, 08 Oct 2022 18:41:11 GMT
auid=sv0xB2M9z8cL56mNA8+hAg==; expires=Thu, 05-Oct-23 18:41:11 GMT; path=/
X-Firefox-Spdy: h2

lite-1x923400.top/web-api/external-api/config/getLangs

178.253.49.7

200 OK

0 B

URL HTTP/2
lite-1x923400.top/web-api/external-api/config/getLangs
IP
178.253.49.7:0
ASN
#56630 Melbikomas UAB

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /web-api/external-api/config/getLangs HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:13 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=17, dt_285;dur=18
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro

178.253.49.7

200 OK

0 B

URL HTTP/2
lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
IP
178.253.49.7:0
ASN
#56630 Melbikomas UAB

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /promo-frame/us/promotion/campeonato-brasileiro HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/us/promotions/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1920
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
If-None-Match: "130d-qmh9KADSIBd7TqcbHKKtjTY6A+0"
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:14 GMT
content-type: text/html; charset=utf-8
content-encoding: gzip
etag: "12d9-ZZ8kQn5he6+EHPQlikirlOG+znY"
server-timing: dt_285;dur=4
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

lite-1x923400.top/web-api/g/04ed4f7c801c1f2fdfd99bae45fb0d075b231f6c

178.253.49.7

200 OK

0 B

URL HTTP/2
lite-1x923400.top/web-api/g/04ed4f7c801c1f2fdfd99bae45fb0d075b231f6c
IP
178.253.49.7:0
ASN
#56630 Melbikomas UAB

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /web-api/g/04ed4f7c801c1f2fdfd99bae45fb0d075b231f6c HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lite-1x923400.top/us/promotions/campeonato-brasileiro
X-Requested-With: XMLHttpRequest
Content-Type: application/json
Origin: https://lite-1x923400.top
Content-Length: 31240
Connection: keep-alive
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1280; che_g=51609ca2-ff42-c704-1ad3-9e664a1bde08; _ga_7JGWL9SV66=GS1.1.1664995275.1.0.1664995275.0.0.0; _ga=GA1.2.1394897679.1664995275; _gid=GA1.2.814743234.1664995275; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:16 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=49, dt_285;dur=51
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

1x-xredbet478860.top/promotions/campeonato-brasileiro/

178.253.48.30

307 Temporary Redirect

0 B

URL HTTP/2
1x-xredbet478860.top/promotions/campeonato-brasileiro/
IP
178.253.48.30:0
ASN
#56630 Melbikomas UAB

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /promotions/campeonato-brasileiro/ HTTP/1.1
Host: 1x-xredbet478860.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 307 Temporary Redirect
server: nginx
date: Wed, 05 Oct 2022 18:41:11 GMT
content-type: text/html; charset=utf-8
location: https://lite-1x923400.top/promotions/campeonato-brasileiro/
x-frame-options: SAMEORIGIN
set-cookie: SESSION=583d9926ddebf2389a52b6106a3d8464; path=/; secure; HttpOnly; SameSite=Lax
lng=en; expires=Fri, 04-Nov-2022 18:41:11 GMT; Max-Age=2592000; path=/
ua=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
flaglng=en; expires=Fri, 04-Nov-2022 18:41:11 GMT; Max-Age=2592000; path=/
auid=sv0wHmM9z8eyfwKJBRh/Ag==; expires=Thu, 05-Oct-23 18:41:11 GMT; path=/
x-reason: 1080,1078,1074,1015,1021
cache-control: no-cache, private
server-timing: p;dur=72
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

lite-1x923400.top/web-api/external-api/getFirstDepositBonus

178.253.49.7

200 OK

0 B

URL HTTP/2
lite-1x923400.top/web-api/external-api/getFirstDepositBonus
IP
178.253.49.7:0
ASN
#56630 Melbikomas UAB

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /web-api/external-api/getFirstDepositBonus HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x923400.top/us/promotions/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:14 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=34, dt_285;dur=36
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Righteous&family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Righteous&family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Righteous&family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 05 Oct 2022 18:41:12 GMT
date: Wed, 05 Oct 2022 18:41:12 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

lite-1x923400.top/web-api/external-api/getFirstDepositBonus

178.253.49.7

200 OK

0 B

URL HTTP/2
lite-1x923400.top/web-api/external-api/getFirstDepositBonus
IP
178.253.49.7:0
ASN
#56630 Melbikomas UAB

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /web-api/external-api/getFirstDepositBonus HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x923400.top/us/promotions/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:14 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=32, dt_285;dur=33
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

lite-1x923400.top/translation-api/by-lang/us

178.253.49.7

200 OK

0 B

URL HTTP/2
lite-1x923400.top/translation-api/by-lang/us
IP
178.253.49.7:0
ASN
#56630 Melbikomas UAB

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /translation-api/by-lang/us HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1920; che_g=51609ca2-ff42-c704-1ad3-9e664a1bde08; _ga_7JGWL9SV66=GS1.1.1664995275.1.0.1664995275.0.0.0; _ga=GA1.2.1394897679.1664995275; _gid=GA1.2.814743234.1664995275; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:15 GMT
content-type: application/vnd.api+json
cache-control: no-cache, private
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-max-age: 1728000
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

lite-1x923400.top/translation-api/by-lang/us

178.253.49.7

200 OK

0 B

URL HTTP/2
lite-1x923400.top/translation-api/by-lang/us
IP
178.253.49.7:0
ASN
#56630 Melbikomas UAB

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /translation-api/by-lang/us HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:13 GMT
content-type: application/vnd.api+json
cache-control: no-cache, private
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-max-age: 1728000
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

radar.cedexis.com/1593429750/radar.js

35.241.57.45

200 OK

0 B

URL HTTP/2
radar.cedexis.com/1593429750/radar.js
IP
35.241.57.45:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /1593429750/radar.js HTTP/1.1
Host: radar.cedexis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:14 GMT
content-type: application/javascript
last-modified: Mon, 29 Jun 2020 11:30:29 GMT
vary: Accept-Encoding
etag: W/"5ef9d0d5-af5c"
expires: Wed, 19 Oct 2022 18:41:14 GMT
cache-control: max-age=1209600, public
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

lite-1x923400.top/web-api/external-api/getColorTheme

178.253.49.7

200 OK

0 B

URL HTTP/2
lite-1x923400.top/web-api/external-api/getColorTheme
IP
178.253.49.7:0
ASN
#56630 Melbikomas UAB

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /web-api/external-api/getColorTheme HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:13 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=27, dt_285;dur=28
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/og_red_bull.png

8.254.252.212

200 OK

0 B

URL HTTP/2
v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/og_red_bull.png
IP
8.254.252.212:0
ASN
#3356 LEVEL3

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /genfiles/cms/1-285/desktop/footer/logos/og_red_bull.png HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:41:15 GMT
content-type: image/png
content-length: 149244
cache-control: public, max-age=120, s-maxage=600
etag: "ab837a9cb89291146ad8b371c052fe8d"
expires: Wed, 05 Oct 2022 18:37:37 GMT
last-modified: Wed, 25 May 2022 11:38:09 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 371
accept-ranges: bytes
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (36)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations