1x-xredbet478860.top/promotions/campeonato-brasileiro/
178.253.48.30301 Moved Permanently 162 B URL HTTP/1.1 1x-xredbet478860.top/promotions/campeonato-brasileiro/
IP 178.253.48.30:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert quad9 Sinkholed
GET /promotions/campeonato-brasileiro/ HTTP/1.1
Host: 1x-xredbet478860.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 05 Oct 2022 18:41:11 GMT
Content-Type: text/html
Content-Length: 162
Connection: close
Location: https://1x-xredbet478860.top/promotions/campeonato-brasileiro/
firefox.settings.services.mozilla.com/v1/
54.230.111.7200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 54.230.111.7:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 3SxGZ5B0mNNCsQDAOhlNk1PMFEPeZdZ6ue-Zfcr2SwwrJK04TlEStQ==
Age: 10433
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash eabb7d9ffae717f7305d63c057755470
3b7f0baccfdbb8d9ffefa4a2215d4d6094be454a
ab48f17e54075e1ecf034278e82bcacd2e3689773186cc84fba9b79aac907294
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AB48F17E54075E1ECF034278E82BCACD2E3689773186CC84FBA9B79AAC907294"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6258
Expires: Wed, 05 Oct 2022 20:25:29 GMT
Date: Wed, 05 Oct 2022 18:41:11 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
54.230.111.7200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 54.230.111.7:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 05 Oct 2022 04:02:33 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
x-cache: Hit from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xDggC9oy_WF_yeRm5HfmnQJQiT9BE4tuL8JsrDF0fUFvNAe_4sPcuw==
age: 52719
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 411279606589c5caf0b1c1c96f776959
9af83a6af490d6947d207aff30a726c0ac1d9957
f1118b2476b70ceedf78dec0bfa75085bc09c27020b8c8ca0c17a4b73606fcbc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F1118B2476B70CEEDF78DEC0BFA75085BC09C27020B8C8CA0C17A4B73606FCBC"
Last-Modified: Tue, 04 Oct 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13883
Expires: Wed, 05 Oct 2022 22:32:34 GMT
Date: Wed, 05 Oct 2022 18:41:11 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:11 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c8c58e6a847bbb7da1bd2edea42f4463
dbe77efbb8fd17cc500a2f9f3d00770d8fcd761b
78c75d88f8ad8fc15cee5016b00a0708875f9fc0509194efcf8c6348a9075b24
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "78C75D88F8AD8FC15CEE5016B00A0708875F9FC0509194EFCF8C6348A9075B24"
Last-Modified: Wed, 05 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9244
Expires: Wed, 05 Oct 2022 21:15:15 GMT
Date: Wed, 05 Oct 2022 18:41:11 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
54.230.111.7200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 54.230.111.7:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Pragma, Content-Length, Backoff, Last-Modified, Cache-Control, Content-Type, Retry-After, ETag, Expires, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Wed, 05 Oct 2022 18:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Wed, 05 Oct 2022 18:46:46 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: l0SJfD1J0Kkqsle6QfG2mbbnMpX-cUzolGwq9e3FqgshLcvVmXlDlQ==
Age: 698
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1561c6be7c89d1357a80d12de47b6e74
9a705277922ecca583c867af58b3efce099f83bd
e33dc034dbf4b3b627cd3c1af2d942e2ca5704ec9a4aad5c46ad39eb070e82ab
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5498
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 18:41:12 GMT
Last-Modified: Wed, 05 Oct 2022 17:09:34 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.212.166.60101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.212.166.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: TAHpW2K7JD0FUr350i9ehw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 8AJ2daq++9lgtPhXR9gDPT0BqcY=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b0e8a79f3e381ab34a44278947ac7c7e
70d01e6fdc8565c661b6ae8c5a043ddf2da16530
885a8c234fca85e6f6bb3e8fcab6672b9a9742b5d3f74681b17a330fa295d549
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 18:41:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lite-1x923400.top/static-promotion/f130a67.modern.js
178.253.49.7200 OK 3.5 kB URL HTTP/2 lite-1x923400.top/static-promotion/f130a67.modern.js
IP 178.253.49.7:0
File type ASCII text, with very long lines (6546), with no line terminators
Hash f01b700995f938e95e8c0ae996ccdd30
f72a4d7734a9e99ef61c115c73bcacb84529f801
d66d18d1a5c77197f79f71966ab79b52ed45374099bfdde4e825d24301448270
Analyzer Verdict Alert quad9 Sinkholed
GET /static-promotion/f130a67.modern.js HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:12 GMT
content-type: application/javascript; charset=utf-8
content-length: 3516
last-modified: Wed, 05 Oct 2022 15:31:18 GMT
vary: Accept-Encoding
etag: "633da346-dbc"
content-encoding: gzip
expires: Wed, 05 Oct 2022 19:41:12 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x923400.top/static-promotion/baf2036.modern.js
178.253.49.7200 OK 80 kB URL HTTP/2 lite-1x923400.top/static-promotion/baf2036.modern.js
IP 178.253.49.7:0
File type ASCII text, with very long lines (65485)
Hash 6bd810688ec63a6a748a7ef59e434a3c
e448beff10c55e4527c2073e8ea9316bb8127d96
9892d417e7be4b14b04b49dbc746a60a107f513bd01363b9baa9b2a16bea4b01
Analyzer Verdict Alert quad9 Sinkholed
GET /static-promotion/baf2036.modern.js HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:12 GMT
content-type: application/javascript; charset=utf-8
content-length: 80299
last-modified: Wed, 05 Oct 2022 13:16:11 GMT
vary: Accept-Encoding
etag: "633d839b-139ab"
content-encoding: gzip
expires: Wed, 05 Oct 2022 19:41:12 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x923400.top/static-promotion/0698e33.modern.js
178.253.49.7200 OK 98 kB URL HTTP/2 lite-1x923400.top/static-promotion/0698e33.modern.js
IP 178.253.49.7:0
File type Unicode text, UTF-8 text, with very long lines (65405)
Hash 27356d38a24d8d80b584823efa534384
6033345c95d424c7544ec0cc8795a16904ba48fc
11c336269e455ca0fa3b2d766e41eed4d6dda60e3f1de406ea2f84934940d8c6
Analyzer Verdict Alert quad9 Sinkholed
GET /static-promotion/0698e33.modern.js HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:12 GMT
content-type: application/javascript; charset=utf-8
content-length: 97878
last-modified: Wed, 05 Oct 2022 13:16:11 GMT
vary: Accept-Encoding
etag: "633d839b-17e56"
content-encoding: gzip
expires: Wed, 05 Oct 2022 19:41:12 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b0e8a79f3e381ab34a44278947ac7c7e
70d01e6fdc8565c661b6ae8c5a043ddf2da16530
885a8c234fca85e6f6bb3e8fcab6672b9a9742b5d3f74681b17a330fa295d549
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 18:41:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lite-1x923400.top/static-promotion/47e916f.modern.js
178.253.49.7200 OK 126 kB URL HTTP/2 lite-1x923400.top/static-promotion/47e916f.modern.js
IP 178.253.49.7:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 126 kB (125465 bytes)
Hash 6d0899f238d7201bfec849a3695607e4
de2930b66a39356e876ec02e5c8b9ea1a94cc5f8
4b1232da7d0238415099f581b85bd2e683ff625d9be3d9436d59424f3bcbb6a9
Analyzer Verdict Alert quad9 Sinkholed
GET /static-promotion/47e916f.modern.js HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:12 GMT
content-type: application/javascript; charset=utf-8
content-length: 125465
last-modified: Wed, 05 Oct 2022 13:16:11 GMT
vary: Accept-Encoding
etag: "633d839b-1ea19"
content-encoding: gzip
expires: Wed, 05 Oct 2022 19:41:12 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash eedee1fb8053719563e4a7bc5d4c6dc9
f24cae24c25275d5d86f850af56f21b38d681493
f82bebf6e7ed8c0eda0085e039f0ea32af3e4e7d0efcb810472be19bd003446a
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:41:12 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 04 Oct 2022 14:31:55 GMT
Expires: Tue, 11 Oct 2022 14:31:54 GMT
Etag: "f24cae24c25275d5d86f850af56f21b38d681493"
Cache-Control: max-age=502841,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75584a46aef0b51d-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash eedee1fb8053719563e4a7bc5d4c6dc9
f24cae24c25275d5d86f850af56f21b38d681493
f82bebf6e7ed8c0eda0085e039f0ea32af3e4e7d0efcb810472be19bd003446a
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:41:12 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 04 Oct 2022 14:31:55 GMT
Expires: Tue, 11 Oct 2022 14:31:54 GMT
Etag: "f24cae24c25275d5d86f850af56f21b38d681493"
Cache-Control: max-age=502841,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75584a46a9f5b50c-OSL
v3.cdnsfree.com/_nuxt/desktop/default/b5a4afc9.modern.js
8.254.252.212200 OK 1.8 kB URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/b5a4afc9.modern.js
IP 8.254.252.212:0
File type ASCII text, with very long lines (4715), with no line terminators
Hash deb6105ec9912c3d2b826204356e1215
fdc12f9a8e1f938f027a035b8f57aeb7d0bf3a67
82c2afbb700084ae07741775d5e81168577d3702fcdc7fc5f02043ecb707d450
GET /_nuxt/desktop/default/b5a4afc9.modern.js HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:41:12 GMT
content-type: application/javascript; charset=utf-8
content-length: 1814
cache-control: max-age=86400
content-encoding: gzip
etag: "633d4fa5-716"
expires: Thu, 06 Oct 2022 12:53:36 GMT
last-modified: Wed, 05 Oct 2022 09:34:29 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 20909
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/_nuxt/desktop/default/css/8b4b6a70.css
8.254.252.212200 OK 69 kB URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/css/8b4b6a70.css
IP 8.254.252.212:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 62d56083353efb8b78dd7c52faf1d086
b52d306de48aea06ebc2456ca503ef50074dc37a
cc2663217ba043c9ea0d1b5ab8cfffeac9b1bdb02c253899b50945dee8b01211
GET /_nuxt/desktop/default/css/8b4b6a70.css HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:41:12 GMT
content-type: text/css
content-length: 69276
cache-control: max-age=86400
content-encoding: gzip
etag: "633d4fa5-10e9c"
expires: Thu, 06 Oct 2022 12:50:12 GMT
last-modified: Wed, 05 Oct 2022 09:34:29 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 21064
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/_nuxt/desktop/default/css/6745247d.css
8.254.252.212200 OK 238 B URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/css/6745247d.css
IP 8.254.252.212:0
File type ASCII text, with very long lines (473), with no line terminators
Hash d55772cfeb454129313c930bbafddb5d
f06a942ca46d752277ab97948cc31024b3076282
ff308f6c750332565d2ead59c1110b99f068d80ec5e661182a9318021e859e99
GET /_nuxt/desktop/default/css/6745247d.css HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:41:12 GMT
content-type: text/css
content-length: 238
cache-control: max-age=86400
content-encoding: gzip
etag: "633c2515-ee"
expires: Thu, 06 Oct 2022 09:08:49 GMT
last-modified: Tue, 04 Oct 2022 12:20:37 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 34343
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/genfiles/cms/pg/285/images/e2e1a81329ec0acf4e446b6fc70e4cf1.svg
8.254.252.212200 OK 705 B URL HTTP/2 v3.cdnsfree.com/genfiles/cms/pg/285/images/e2e1a81329ec0acf4e446b6fc70e4cf1.svg
IP 8.254.252.212:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (1224), with no line terminators
Hash bb246c88651f63256e658dccd79ba91f
560cf8f76dad56a5c10a0f66cc4a200df301265d
30e59f903e6fab358b7bfb110a8bf83aefaf5376f2c60293a20f58c9f9fc45e8
GET /genfiles/cms/pg/285/images/e2e1a81329ec0acf4e446b6fc70e4cf1.svg HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:41:12 GMT
content-type: image/svg+xml
content-length: 705
cache-control: public, max-age=120, s-maxage=600
content-encoding: gzip
etag: W/"7cca3986f7a5c4c164144ff11df71073"
expires: Wed, 05 Oct 2022 18:41:27 GMT
last-modified: Thu, 13 Jan 2022 14:28:56 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 105
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/_nuxt/desktop/default/e7f4ec6b.modern.js
8.254.252.212200 OK 472 kB URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/e7f4ec6b.modern.js
IP 8.254.252.212:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 472 kB (472049 bytes)
Hash 77d23404c41a92784dffa8d8c2ce60bf
12a1182537ba29d5e27a2e05e2858ddab391ac28
1335de92670b7dcaf96d08855ee34f54b8a43632b9358769ec68668c53ac5fae
GET /_nuxt/desktop/default/e7f4ec6b.modern.js HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:41:12 GMT
content-type: application/javascript; charset=utf-8
content-length: 472049
cache-control: max-age=86400
content-encoding: gzip
etag: "633d4fa5-733f1"
expires: Thu, 06 Oct 2022 12:50:09 GMT
last-modified: Wed, 05 Oct 2022 09:34:29 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 21064
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/_nuxt/desktop/default/3db3c589.modern.js
8.254.252.212200 OK 325 kB URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/3db3c589.modern.js
IP 8.254.252.212:0
File type Unicode text, UTF-8 text, with very long lines (65399)
Size 325 kB (324946 bytes)
Hash 38ab13d49f81e4dd67f500f420ae4a42
064fa729df76fa3aac24f649f608903072fec560
b1c9730f2fa9366eb99a8f7231120f57d22ee1eba60abcc3c7d02c2bcc933235
GET /_nuxt/desktop/default/3db3c589.modern.js HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:41:12 GMT
content-type: application/javascript; charset=utf-8
content-length: 324946
cache-control: max-age=86400
content-encoding: gzip
etag: "633d4fa5-4f552"
expires: Thu, 06 Oct 2022 12:50:09 GMT
last-modified: Wed, 05 Oct 2022 09:34:29 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 21064
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/_nuxt/desktop/default/css/e1072a03.css
8.254.252.212200 OK 27 kB URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/css/e1072a03.css
IP 8.254.252.212:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 9abe7d6909c5d8d1cef56929f042d92b
ca40c0fa119084c509a9e54333b3fda34d907eed
a8c0bc334c23b7830235da87abba0bf5db2a1f534644480befdb7d03f019b578
GET /_nuxt/desktop/default/css/e1072a03.css HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:41:12 GMT
content-type: text/css
content-length: 27215
cache-control: max-age=86400
content-encoding: gzip
etag: "633d4fa5-6a4f"
expires: Thu, 06 Oct 2022 11:20:07 GMT
last-modified: Wed, 05 Oct 2022 09:34:29 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 26465
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash eedee1fb8053719563e4a7bc5d4c6dc9
f24cae24c25275d5d86f850af56f21b38d681493
f82bebf6e7ed8c0eda0085e039f0ea32af3e4e7d0efcb810472be19bd003446a
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:41:12 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 04 Oct 2022 14:31:55 GMT
Expires: Tue, 11 Oct 2022 14:31:54 GMT
Etag: "f24cae24c25275d5d86f850af56f21b38d681493"
Cache-Control: max-age=502841,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75584a46af20b511-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash eedee1fb8053719563e4a7bc5d4c6dc9
f24cae24c25275d5d86f850af56f21b38d681493
f82bebf6e7ed8c0eda0085e039f0ea32af3e4e7d0efcb810472be19bd003446a
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:41:12 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 04 Oct 2022 14:31:55 GMT
Expires: Tue, 11 Oct 2022 14:31:54 GMT
Etag: "f24cae24c25275d5d86f850af56f21b38d681493"
Cache-Control: max-age=502841,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75584a46a9f6b50c-OSL
v3.cdnsfree.com/_nuxt/desktop/default/6c12728e.modern.js
8.254.252.212200 OK 6.6 kB URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/6c12728e.modern.js
IP 8.254.252.212:0
File type ASCII text, with very long lines (17080), with no line terminators
Hash b76236b663b4bee91a0f73483bab839d
c72daafb592ceddc4871c21c38b3d97d8b6cccd2
468a46359b0c3823f092e6014fddd0dcb80e905d258046508e2442769326acbc
GET /_nuxt/desktop/default/6c12728e.modern.js HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:41:12 GMT
content-type: application/javascript; charset=utf-8
content-length: 6584
cache-control: max-age=86400
content-encoding: gzip
etag: "633d4fa5-19b8"
expires: Thu, 06 Oct 2022 12:50:09 GMT
last-modified: Wed, 05 Oct 2022 09:34:29 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 21066
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/_nuxt/desktop/default/2e3772a7.modern.js
8.254.252.212200 OK 100 kB URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/2e3772a7.modern.js
IP 8.254.252.212:0
File type ASCII text, with very long lines (65479)
Size 100 kB (100252 bytes)
Hash 438730025eecad6fd929c550417f3703
28c02a8f0b58237a93dd1fc2ebf2827e571f73fd
4b627ad5ee330769bbfb5de9092199e4123c67a0bfb2c9df7936152eb7345b26
GET /_nuxt/desktop/default/2e3772a7.modern.js HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:41:12 GMT
content-type: application/javascript; charset=utf-8
content-length: 100252
cache-control: max-age=86400
content-encoding: gzip
etag: "633d4fa5-1879c"
expires: Thu, 06 Oct 2022 12:50:12 GMT
last-modified: Wed, 05 Oct 2022 09:34:29 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 21064
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash eedee1fb8053719563e4a7bc5d4c6dc9
f24cae24c25275d5d86f850af56f21b38d681493
f82bebf6e7ed8c0eda0085e039f0ea32af3e4e7d0efcb810472be19bd003446a
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:41:12 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 04 Oct 2022 14:31:55 GMT
Expires: Tue, 11 Oct 2022 14:31:54 GMT
Etag: "f24cae24c25275d5d86f850af56f21b38d681493"
Cache-Control: max-age=502841,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75584a46ac24b4ff-OSL
lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
178.253.49.7200 OK 2.3 kB URL HTTP/2 lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
IP 178.253.49.7:0
Hash 814525d4d3dda8b5da6bd42ac5072cc4
97e3d7351a528657520061bf85382c9c52edd59d
7cc4256ae82bfbd2df5c2cfe1f9cd383ea045656fa468574fc069d1ed6315ea9
Analyzer Verdict Alert quad9 Sinkholed
GET /promo-frame/us/promotion/campeonato-brasileiro HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/us/promotions/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:12 GMT
content-type: text/html; charset=utf-8
content-encoding: gzip
etag: "130d-qmh9KADSIBd7TqcbHKKtjTY6A+0"
server-timing: dt_285;dur=3
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x923400.top/us/promotions/campeonato-brasileiro
178.253.49.7200 OK 80 kB URL HTTP/2 lite-1x923400.top/us/promotions/campeonato-brasileiro
IP 178.253.49.7:0
Hash c56621f97ddab1e2848610dbd5250950
e4e5b6bfae41d592f35fa706396f4f177491ff32
5d330ba15d5064c611ba8b82817eb1973a5a10761fa13140bc76d469d8aed27c
Analyzer Verdict Alert quad9 Sinkholed
GET /us/promotions/campeonato-brasileiro HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:12 GMT
content-type: text/html; charset=utf-8
accept-ranges: none
content-encoding: gzip
server-timing: total;dur=469;desc="Nuxt Server Time", dt_285;dur=475
set-cookie: SESSION=9bb99aea59c1d81fc59dfbe962c450b6; Path=/; HttpOnly; Secure; SameSite=Lax
lng=us; Path=/
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lite-1x923400.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:34:08 GMT
expires: Thu, 28 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 601625
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lite-1x923400.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 14:07:32 GMT
expires: Thu, 05 Oct 2023 14:07:32 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
age: 16421
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lite-1x923400.top/genfiles/cms/pg/default/images/c6805d21f8fccbfc75df5c556571fc74.png
178.253.49.7200 OK 352 B URL HTTP/2 lite-1x923400.top/genfiles/cms/pg/default/images/c6805d21f8fccbfc75df5c556571fc74.png
IP 178.253.49.7:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 7dff72d4146e35a8262e6845d13a8df0
a291af970d3955b35c314e85712ceea3aca25d54
a467e6a3d8e443bbbade9f04324268de101625412c1135b4cec0864a55101a78
Analyzer Verdict Alert quad9 Sinkholed
GET /genfiles/cms/pg/default/images/c6805d21f8fccbfc75df5c556571fc74.png HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/us/promotions/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:13 GMT
content-type: image/png
content-length: 352
last-modified: Wed, 10 Aug 2022 11:26:08 GMT
x-rgw-object-type: Normal
etag: "7dff72d4146e35a8262e6845d13a8df0"
x-amz-storage-class: STANDARD
access-control-allow-origin: *
cache-control: public,max-age=120,s-maxage=600
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ff5f22aafa6751c60631736c305a4c7c
278b89e5c1a978e070be4b66bb780862894b8504
b501664d7591e6dfe95c8641e0020e04b76f16f5cb80a7fc0ee0b36af60a6382
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 18:41:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7392
Expires: Wed, 05 Oct 2022 20:44:25 GMT
Date: Wed, 05 Oct 2022 18:41:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7392
Expires: Wed, 05 Oct 2022 20:44:25 GMT
Date: Wed, 05 Oct 2022 18:41:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7392
Expires: Wed, 05 Oct 2022 20:44:25 GMT
Date: Wed, 05 Oct 2022 18:41:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7392
Expires: Wed, 05 Oct 2022 20:44:25 GMT
Date: Wed, 05 Oct 2022 18:41:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7392
Expires: Wed, 05 Oct 2022 20:44:25 GMT
Date: Wed, 05 Oct 2022 18:41:13 GMT
Connection: keep-alive
lite-1x923400.top/genfiles/web-app-v2/dictionary2/v3_promotions/us/dictionary_d55dd73233b27ed9fa14e8f9a4dcde8e.json
178.253.49.7200 OK 196 kB URL HTTP/2 lite-1x923400.top/genfiles/web-app-v2/dictionary2/v3_promotions/us/dictionary_d55dd73233b27ed9fa14e8f9a4dcde8e.json
IP 178.253.49.7:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (64100), with no line terminators
Size 196 kB (195547 bytes)
Hash edb881416b1fe513f0eae605b4916c6e
acae39beb502c40568d4b49ce2ad0ff88549ec07
1ebd0e9d9e56726e01576d4295ffd2de591270fbec36f65117d06d0b039f71fe
Analyzer Verdict Alert quad9 Sinkholed
GET /genfiles/web-app-v2/dictionary2/v3_promotions/us/dictionary_d55dd73233b27ed9fa14e8f9a4dcde8e.json HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:13 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 05 Oct 2022 15:41:55 GMT
x-rgw-object-type: Normal
etag: W/"e8d1aabb1d2b3e41f1688a2b5270871e"
cache-control: max-age=31536000
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23595c4d-609a-48f3-a52f-e88e478d7653.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23595c4d-609a-48f3-a52f-e88e478d7653.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3257b782efae9b64e6e18a547866ec50
4daf0c001e86af8477fb097e8ca932edb8e5f981
899f9692e86405aa288d88dd285a6fe26bedab1a2ca4693212476063890b01a5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23595c4d-609a-48f3-a52f-e88e478d7653.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5832
x-amzn-requestid: c4427edd-3d71-47d0-a2d3-b3bfed089535
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zf8s1FuUoAMFhBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ca7eb-46ddff150da4141d23fc0d8a;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 21:38:51 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: WWClzLGprno--c75q63i1TFi8oBEdAYW-J4lCk9V8IELQXe6q0A05A==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 21:42:34 GMT
age: 75519
etag: "4daf0c001e86af8477fb097e8ca932edb8e5f981"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
lite-1x923400.top/genfiles/web-app-v2/dictionary2/v3_main/us/dictionary_29fc6ceb335ed1cef7c7e493f582de32.json
178.253.49.7200 OK 24 kB URL HTTP/2 lite-1x923400.top/genfiles/web-app-v2/dictionary2/v3_main/us/dictionary_29fc6ceb335ed1cef7c7e493f582de32.json
IP 178.253.49.7:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (50052), with no line terminators
Hash 7d3fe72e8d9d7a38870ad065a10f1828
0254937acaf9ff64ccfdd9f115501b9b3df9a9e5
4d82ed6a677c34729894b72a5a88a90948498384c10cdc68419da27131ef6abf
Analyzer Verdict Alert quad9 Sinkholed
GET /genfiles/web-app-v2/dictionary2/v3_main/us/dictionary_29fc6ceb335ed1cef7c7e493f582de32.json HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:13 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 05 Oct 2022 15:41:34 GMT
x-rgw-object-type: Normal
etag: W/"fe1965939b4f368ef2388145efc4e341"
cache-control: max-age=31536000
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb178720-854c-4c9e-85c1-58cb5419ca69.jpeg
34.120.237.76200 OK 3.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb178720-854c-4c9e-85c1-58cb5419ca69.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5d7d7df8d4c440f9db445c3d99e818d6
612b6dbd4ba895c167964ff7e6d9263013b52b0a
bf527a814c78f9e010cce4ba593c9146d54a2137d1f147f7a6250fbad81956ac
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb178720-854c-4c9e-85c1-58cb5419ca69.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3585
x-amzn-requestid: ccb6f0c8-4d9b-48b8-aaf6-16781dc4c86b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZaHFlEcFoAMFS3g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a5223-5c9276c873efee993ba54667;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 03:08:19 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: T8m1q2L45TWDVRBa-R2W70yq9BauBK3G4IX54AGIxdRhG736T974kg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 04:05:29 GMT
age: 52544
etag: "612b6dbd4ba895c167964ff7e6d9263013b52b0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5704624d-eb81-4a5b-bcb7-08db5681c677.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5704624d-eb81-4a5b-bcb7-08db5681c677.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1de7c17a0ba9295135e7f8b490b6a8d3
70e8d1589f3daf71378965dd197934e220fb6aa4
ee559ce3166479e2b930be7d18525f5c2d164aed8ca005302ddaf3bfe37eec24
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5704624d-eb81-4a5b-bcb7-08db5681c677.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8926
x-amzn-requestid: 27fc8976-af8d-40a3-b701-0642fa135ec4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zf8s1GSbIAMFTiw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ca7eb-4d4c7837576e0fdb5828fe3b;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 21:38:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YzVofPSJC-YVU1Q1V9AnjNeQTa1BQEh6ZiH2HjSeeX5RygysFP7oAA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 21:42:34 GMT
age: 75519
etag: "70e8d1589f3daf71378965dd197934e220fb6aa4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
lite-1x923400.top/web-api/external-api/config/all
178.253.49.7200 OK 22 kB URL HTTP/2 lite-1x923400.top/web-api/external-api/config/all
IP 178.253.49.7:0
Hash 25e14b99e7ea8c6ec5ba59656d3750eb
14eaba2e21c398553332f6fe13d3e4ecd555b72d
fea5c210741f4ba5aa23b2b09483bfa2672f2351236e503f106eff098c142e61
Analyzer Verdict Alert quad9 Sinkholed
POST /web-api/external-api/config/all HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Origin: https://lite-1x923400.top
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:13 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=73, dt_285;dur=75
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x923400.top/_nuxt/desktop/default/css/6745247d.css
178.253.49.7200 OK 238 B URL HTTP/2 lite-1x923400.top/_nuxt/desktop/default/css/6745247d.css
IP 178.253.49.7:0
File type ASCII text, with very long lines (473), with no line terminators
Hash 393b02d88ccc6246579c264a8a2e4531
ce797a9a1caab721ab549d281bbfbfabdc80f67b
94852531d2e05122333436e42623aa4082f805ccd9d5d86d282f089f579f1e9d
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/desktop/default/css/6745247d.css HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/us/promotions/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1920
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:13 GMT
content-type: text/css
content-length: 238
last-modified: Wed, 05 Oct 2022 09:34:29 GMT
vary: Accept-Encoding
etag: "633d4fa5-ee"
content-encoding: gzip
expires: Wed, 05 Oct 2022 19:41:13 GMT
cache-control: max-age=3600
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x923400.top/static-promotion/6371390.modern.js
178.253.49.7200 OK 253 B URL HTTP/2 lite-1x923400.top/static-promotion/6371390.modern.js
IP 178.253.49.7:0
File type ASCII text, with no line terminators
Hash aff7d92303c828ba9f4ff4623b4c0e8a
472950af61a372b493e690ea84f4489d874e6d07
a01bbb2ce84d6362a907f87284e7d03fd9e589a2449c833b48e61284047b63b7
Analyzer Verdict Alert quad9 Sinkholed
GET /static-promotion/6371390.modern.js HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:13 GMT
content-type: application/javascript; charset=utf-8
content-length: 253
last-modified: Wed, 05 Oct 2022 15:31:18 GMT
vary: Accept-Encoding
etag: "633da346-fd"
content-encoding: gzip
expires: Wed, 05 Oct 2022 19:41:13 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x923400.top/genfiles/cms/maintenance_mode/settings.json?timestamp=1664995273876
178.253.49.7200 OK 145 B URL HTTP/2 lite-1x923400.top/genfiles/cms/maintenance_mode/settings.json?timestamp=1664995273876
IP 178.253.49.7:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 81d90db48c09d6f764c4929c90eadfc1
6fe1a593e77cca8d9adff9fe5b5f40e19ccf7bd8
fa0a9c9d33937e1539ce6b9e44abf7ecd69f5032c6ba8b85308c6a388f8dc28c
Analyzer Verdict Alert quad9 Sinkholed
GET /genfiles/cms/maintenance_mode/settings.json?timestamp=1664995273876 HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/us/promotions/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:13 GMT
content-type: application/json
content-length: 145
last-modified: Thu, 21 Apr 2022 06:40:33 GMT
x-rgw-object-type: Normal
etag: "81d90db48c09d6f764c4929c90eadfc1"
cache-control: public,max-age=60,s-maxage=60
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x923400.top/static-promotion/ab612d4.modern.js
178.253.49.7200 OK 7.4 kB URL HTTP/2 lite-1x923400.top/static-promotion/ab612d4.modern.js
IP 178.253.49.7:0
File type ASCII text, with very long lines (45732), with no line terminators
Hash 8412762c4c6d8ea7e8192824b7a7adab
31053c327216e81664c414f066c55bbdfb95d1a8
3a6999edd2162a2e7efb2bee47b0ea8eef5cb7d55fd126597dd312d5e7376841
Analyzer Verdict Alert quad9 Sinkholed
GET /static-promotion/ab612d4.modern.js HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:13 GMT
content-type: application/javascript; charset=utf-8
content-length: 7389
last-modified: Wed, 05 Oct 2022 15:31:18 GMT
vary: Accept-Encoding
etag: "633da346-1cdd"
content-encoding: gzip
expires: Wed, 05 Oct 2022 19:41:13 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x923400.top/static-promotion/777def2.modern.js
178.253.49.7200 OK 3.0 kB URL HTTP/2 lite-1x923400.top/static-promotion/777def2.modern.js
IP 178.253.49.7:0
File type ASCII text, with very long lines (16195), with no line terminators
Hash eb433daf4306ca3b7c617f858e745fbd
737da04364ffbad392405ca6b62547d781bdb554
534e70bf05f970e7133876da697a8a03cb770834f96816efd5f5e659cdfb24e5
Analyzer Verdict Alert quad9 Sinkholed
GET /static-promotion/777def2.modern.js HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:13 GMT
content-type: application/javascript; charset=utf-8
content-length: 2997
last-modified: Wed, 05 Oct 2022 15:31:18 GMT
vary: Accept-Encoding
etag: "633da346-bb5"
content-encoding: gzip
expires: Wed, 05 Oct 2022 19:41:13 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x923400.top/static-promotion/fcd3df7.modern.js
178.253.49.7200 OK 35 kB URL HTTP/2 lite-1x923400.top/static-promotion/fcd3df7.modern.js
IP 178.253.49.7:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 4595f4bd206afc3f160363a1ab5d7194
ded41e4eac1d5b9801ad8b0e8fe45df081206fdb
2165ec828af9e78624f1225a7c957192d3f78666b46da1b096d99274456e342d
Analyzer Verdict Alert quad9 Sinkholed
GET /static-promotion/fcd3df7.modern.js HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:13 GMT
content-type: application/javascript; charset=utf-8
content-length: 35367
last-modified: Wed, 05 Oct 2022 15:31:18 GMT
vary: Accept-Encoding
etag: "633da346-8a27"
content-encoding: gzip
expires: Wed, 05 Oct 2022 19:41:13 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x923400.top/static-promotion/7ac077c.modern.js
178.253.49.7200 OK 27 kB URL HTTP/2 lite-1x923400.top/static-promotion/7ac077c.modern.js
IP 178.253.49.7:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 92ac0bcd8bb2b5db0199d52c95085275
26f9329417f1299375c2c5c4c260e54435d52870
2bd187c2f65bcc39a50b2d817a68f0d9bc90fc62e9eaaa201f4ed3e38974314b
Analyzer Verdict Alert quad9 Sinkholed
GET /static-promotion/7ac077c.modern.js HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:13 GMT
content-type: application/javascript; charset=utf-8
content-length: 27240
last-modified: Wed, 05 Oct 2022 15:31:18 GMT
vary: Accept-Encoding
etag: "633da346-6a68"
content-encoding: gzip
expires: Wed, 05 Oct 2022 19:41:13 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x923400.top/pwa
178.253.49.7200 OK 15 B IP 178.253.49.7:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 0e4766fd1b2ba2e236fd9364587f99ab
eb98dec7af065d80a1a3ddb99cb3e3c0919aa852
4612305c0c6077857c88e831688c8bb34594e16c567ed45a3a330c14fa7c627b
Analyzer Verdict Alert quad9 Sinkholed
GET /pwa HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lite-1x923400.top/us/promotions/campeonato-brasileiro
Connection: keep-alive
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:13 GMT
content-type: application/json; charset=utf-8
content-length: 15
etag: W/"f-65jex68GXYCho925nLPjwJGaqFI"
server-timing: dt_285;dur=3
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
v3.cdnsfree.com/_nuxt/desktop/default/img/common.698f8a6f.svg
8.254.252.212200 OK 44 kB URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/img/common.698f8a6f.svg
IP 8.254.252.212:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (65536), with no line terminators
Hash f9ad0f0d55e494c307fc868f2ecd8c4a
55dbe89ffecca33168d368e3f811abfcbf4c71c3
30cd8582e08e758a78ea08d6bf92d41206a2971a021c0cd56528aad610a5b108
GET /_nuxt/desktop/default/img/common.698f8a6f.svg HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lite-1x923400.top
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:41:14 GMT
content-type: image/svg+xml
content-length: 43843
cache-control: max-age=86400
content-encoding: gzip
etag: W/"633d4fa5-196ca"
expires: Thu, 06 Oct 2022 11:20:14 GMT
last-modified: Wed, 05 Oct 2022 09:34:29 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 26460
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/_nuxt/desktop/default/0d547539.modern.js
8.254.252.212200 OK 1.0 kB URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/0d547539.modern.js
IP 8.254.252.212:0
File type ASCII text, with very long lines (2404), with no line terminators
Hash 015b40d1992fa015bcf871e23eae7696
1387bfdeeb1c4f4db42ed377c5843445bc6468c8
cc661cc28ec5c8ba37e804c3e2c2d93f3e5c579f774a12b45ea4028fd27fb4dd
GET /_nuxt/desktop/default/0d547539.modern.js HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:41:14 GMT
content-type: application/javascript; charset=utf-8
content-length: 1031
cache-control: max-age=86400
content-encoding: gzip
etag: "633d4fa5-407"
expires: Thu, 06 Oct 2022 12:50:47 GMT
last-modified: Wed, 05 Oct 2022 09:34:29 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 21027
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f763a685d14b05b6ced9792151da30b8
b25be5359245be857ffa1bddcb197cb771a36a45
505ad6dc6417d58207f0d68862c4423f4611660ccc6afe165fd3ec2ccb1c893d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 18:41:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lite-1x923400.top/version.json?timestamp=1664995274063
178.253.49.7200 OK 11 B URL HTTP/2 lite-1x923400.top/version.json?timestamp=1664995274063
IP 178.253.49.7:0
Hash 0267ce92e06d3918d2c56b8b49c2a183
6f39445bed1f6b9c416f9c6e371cb754fa3ad384
48e710f6a4214bdf10cd80f3f501a29e87c88eb202211d76161f6247eacba427
Analyzer Verdict Alert quad9 Sinkholed
GET /version.json?timestamp=1664995274063 HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x923400.top/us/promotions/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:14 GMT
content-type: application/json; charset=UTF-8
content-length: 11
etag: W/"b-bzlEW+0fa5xBb5xuNxy3VPo604Q"
server-timing: dt_285;dur=1
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 34eb89e66f0b3109343b733cc89f72ef
f5c7bee177722005913df74e11a8fb0ee15d7e13
d5fead44bf5421f27d5df689db149a81e736bf190cf844552d090a29a4226eac
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3854
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 18:41:14 GMT
Last-Modified: Wed, 05 Oct 2022 17:37:00 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
www.googletagmanager.com/gtag/js?id=UA-178408567-1
142.250.74.168200 OK 43 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-178408567-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (2039)
Hash be0fec8c4ca5c6a7947284e9dbfec32e
0db4343965f15cf84f0e8684dae747997bff3b94
13c0f02b078d6d719869f9d45126bfdac970fbd92acdef4c76f014eaf450e693
GET /gtag/js?id=UA-178408567-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 05 Oct 2022 18:41:14 GMT
expires: Wed, 05 Oct 2022 18:41:14 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43407
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f763a685d14b05b6ced9792151da30b8
b25be5359245be857ffa1bddcb197cb771a36a45
505ad6dc6417d58207f0d68862c4423f4611660ccc6afe165fd3ec2ccb1c893d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 18:41:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lite-1x923400.top/web-api/api/converslon/load
178.253.49.7200 OK 2.7 kB URL HTTP/2 lite-1x923400.top/web-api/api/converslon/load
IP 178.253.49.7:0
Hash 14920140c18c89510d494a9d4517a200
afbb1d367e36eb02ead6682d11b91e8db30d078d
0856f6ae13d6a0668d07eceac67178f623238820efe0297f84f41025bbfe83c7
Analyzer Verdict Alert quad9 Sinkholed
GET /web-api/api/converslon/load HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x923400.top/us/promotions/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:14 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=32, dt_285;dur=35
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lite-1x923400.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:34:08 GMT
expires: Thu, 28 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 601626
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
216.58.207.195200 OK 9.6 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 9628, version 1.0\012- data
Hash d9ac47c7e500fb7083b8d595eaf6fe12
112a2fc5f4ff9b85ee3a706fa9b8c47f79b05933
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lite-1x923400.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9628
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 29 Sep 2022 06:19:49 GMT
expires: Fri, 29 Sep 2023 06:19:49 GMT
cache-control: public, max-age=31536000
age: 562885
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
v3.cdnsfree.com/_nuxt/desktop/default/bfbe8cbc.modern.js
8.254.252.212200 OK 1.1 kB URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/bfbe8cbc.modern.js
IP 8.254.252.212:0
File type Unicode text, UTF-8 text, with very long lines (2450), with no line terminators
Hash 04f5228fcc4ee30cc731b8607d3f9e9e
a8d3781611c0c442a263d76a4a03f6e8110283cd
6ddb56e30d7ee7fa9722c4e2425a665bc12b5dde0818fdee7f1cda58b020fb78
GET /_nuxt/desktop/default/bfbe8cbc.modern.js HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:41:14 GMT
content-type: application/javascript; charset=utf-8
content-length: 1059
cache-control: max-age=86400
content-encoding: gzip
etag: "633d4fa5-423"
expires: Thu, 06 Oct 2022 12:50:45 GMT
last-modified: Wed, 05 Oct 2022 09:34:29 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 21046
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x923400.top/domain-api/api/v1/domains/lite-1x923400.top
178.253.49.7200 OK 84 B URL HTTP/2 lite-1x923400.top/domain-api/api/v1/domains/lite-1x923400.top
IP 178.253.49.7:0
File type JSON data\012- , ASCII text, with no line terminators
Hash cc5f3a84fbad7aabf0e444de1bd7b274
8010a1d23bc02768a35b53b77a5888c10ff56244
d3633d9c42556f0e8ee790ecee529a27ef3ca4c2cc2dddb83c0edee3509adf31
Analyzer Verdict Alert quad9 Sinkholed
GET /domain-api/api/v1/domains/lite-1x923400.top HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x923400.top/us/promotions/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:14 GMT
content-type: application/vnd.api+json
content-length: 84
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x923400.top/web-api/external-api/promotions/campeonato-brasileiro
178.253.49.7403 Forbidden 5.4 kB URL HTTP/2 lite-1x923400.top/web-api/external-api/promotions/campeonato-brasileiro
IP 178.253.49.7:0
File type JSON data\012- , ASCII text, with very long lines (13515), with no line terminators
Hash 9871765703a2b20c5bafada22ae5b54e
5cb235d9b2139d85c41a55041929d7972db0003e
8eda7ca3477a85c9cd5e9fe340eeae400ad62820e84c19c88a238f037871e7db
Analyzer Verdict Alert quad9 Sinkholed
GET /web-api/external-api/promotions/campeonato-brasileiro HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
server: nginx
date: Wed, 05 Oct 2022 18:41:14 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=48, dt_285;dur=49
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
v3.cdnsfree.com/_nuxt/desktop/default/11a7652e.modern.js
8.254.252.212200 OK 26 kB URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/11a7652e.modern.js
IP 8.254.252.212:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 7a970a51d962abae9cdf53f64db2a792
4d29a51ffd3b8c5afce8dc9bfb12435b645a714a
aa664b32c04ff1f58dfa0427a1b682b3cbe11efcc78c805611e33da868460993
GET /_nuxt/desktop/default/11a7652e.modern.js HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:41:14 GMT
content-type: application/javascript; charset=utf-8
content-length: 26108
cache-control: max-age=86400
content-encoding: gzip
etag: "633d4fa5-65fc"
expires: Thu, 06 Oct 2022 12:50:29 GMT
last-modified: Wed, 05 Oct 2022 09:34:29 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 21047
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x923400.top/web-api/api/internal/v1/sessions/user
178.253.49.7200 OK 91 B URL HTTP/2 lite-1x923400.top/web-api/api/internal/v1/sessions/user
IP 178.253.49.7:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7f08529bc4a73ef6216d27a6b9408914
d35e84765ec35db78746ff044785169e847837c9
72fec33883cd2c515ce5bf34588577cac6598e3e7e8d8a3ad7fc95c1dc42150f
Analyzer Verdict Alert quad9 Sinkholed
GET /web-api/api/internal/v1/sessions/user HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x923400.top/us/promotions/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:14 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=34, dt_285;dur=35
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/K23_2020_lightmode.png
8.254.252.212200 OK 168 kB URL HTTP/2 v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/K23_2020_lightmode.png
IP 8.254.252.212:0
File type PNG image data, 4455 x 2151, 8-bit/color RGBA, non-interlaced\012- data
Size 168 kB (168437 bytes)
Hash 514efcaa096bc870bbb55a0910327b9c
05f80f59b5eeb2e4cf409fc4b9d96ddec64b3e6f
a541dec3a5acfa154ce5716014bb463c6be72db6bf5ffb88dde95929e9670942
GET /genfiles/cms/1-285/desktop/footer/logos/K23_2020_lightmode.png HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:41:14 GMT
content-type: image/png
content-length: 168437
cache-control: public, max-age=120, s-maxage=600
etag: "514efcaa096bc870bbb55a0910327b9c"
expires: Wed, 05 Oct 2022 18:33:59 GMT
last-modified: Wed, 01 Jun 2022 12:17:09 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 567
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/team_spirit_black.png
8.254.252.212200 OK 169 kB URL HTTP/2 v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/team_spirit_black.png
IP 8.254.252.212:0
File type PNG image data, 4000 x 4000, 8-bit/color RGBA, non-interlaced\012- data
Size 169 kB (169025 bytes)
Hash ba6cf2e79cb532a105c8f34b1efbcb26
f05ff0a3895400ac928ac1cce6153f657e6f6d8f
8e3e826321588ba9cca7ed55a8c23ee2e64e007775a40f9f8878340b2788864e
GET /genfiles/cms/1-285/desktop/footer/logos/team_spirit_black.png HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:41:14 GMT
content-type: image/png
content-length: 169025
cache-control: public, max-age=120, s-maxage=600
etag: "ba6cf2e79cb532a105c8f34b1efbcb26"
expires: Wed, 05 Oct 2022 18:36:16 GMT
last-modified: Wed, 01 Jun 2022 12:16:40 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 475
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/logo-serie-new.png
8.254.252.212200 OK 19 kB URL HTTP/2 v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/logo-serie-new.png
IP 8.254.252.212:0
File type PNG image data, 180 x 320, 8-bit/color RGBA, non-interlaced\012- data
Hash eebc2093ed37610949fddb757fb411c2
f7964e29e324fe613114a2d8a574819735d4e8a4
2573852f7e996aaf5d4ae5280f600e384f8b5d75e8c4de9e06100af2d9f55e5c
GET /genfiles/cms/1-285/desktop/footer/logos/logo-serie-new.png HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:41:14 GMT
content-type: image/png
content-length: 18675
cache-control: public, max-age=120, s-maxage=600
etag: "eebc2093ed37610949fddb757fb411c2"
expires: Wed, 05 Oct 2022 18:34:20 GMT
last-modified: Fri, 06 Nov 2020 12:55:12 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 534
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/logo-fcb.png
8.254.252.212200 OK 7.4 kB URL HTTP/2 v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/logo-fcb.png
IP 8.254.252.212:0
File type PNG image data, 169 x 183, 8-bit colormap, non-interlaced\012- data
Hash 8ea23d2a7c2e152564a43453425b3301
f6e61dbb4b90ab17f23130d79af095a1267b01c3
e193b50c6e3a1657a7c7e1100b941a43c90eeda8f9d56763318ac624eeba2cbd
GET /genfiles/cms/1-285/desktop/footer/logos/logo-fcb.png HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:41:14 GMT
content-type: image/png
content-length: 7420
cache-control: public, max-age=120, s-maxage=600
etag: "8ea23d2a7c2e152564a43453425b3301"
expires: Wed, 05 Oct 2022 18:38:45 GMT
last-modified: Fri, 06 Nov 2020 12:55:12 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 269
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/can-2019-en.png
8.254.252.212200 OK 8.1 kB URL HTTP/2 v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/can-2019-en.png
IP 8.254.252.212:0
File type PNG image data, 243 x 144, 8-bit colormap, non-interlaced\012- data
Hash d2998762f0b00c9d1bcd90c28f0a5731
95553e4eff474b6a05ad4a6e00826ba4ab9b2c4e
09050bbfb49f160886714942b619eb95dbd92f2f6862f38aa685538f420591b8
GET /genfiles/cms/1-285/desktop/footer/logos/can-2019-en.png HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:41:14 GMT
content-type: image/png
content-length: 8120
cache-control: public, max-age=120, s-maxage=600
etag: "d2998762f0b00c9d1bcd90c28f0a5731"
expires: Wed, 05 Oct 2022 18:37:37 GMT
last-modified: Fri, 06 Nov 2020 12:55:12 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 411
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/logo-losc.png
8.254.252.212200 OK 119 kB URL HTTP/2 v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/logo-losc.png
IP 8.254.252.212:0
File type PNG image data, 2052 x 1962, 8-bit/color RGBA, non-interlaced\012- data
Size 119 kB (119254 bytes)
Hash 0b72a6591ead9e9b95a118b411b9556a
6d43538a7c2167e9046d418e0707dba8f361fd1c
012b4965e861f6073a0496f55677715279f5799468c9aa4c3d92bdbbc5e0b67b
GET /genfiles/cms/1-285/desktop/footer/logos/logo-losc.png HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:41:14 GMT
content-type: image/png
content-length: 119254
cache-control: public, max-age=120, s-maxage=600
etag: "0b72a6591ead9e9b95a118b411b9556a"
expires: Wed, 05 Oct 2022 18:40:23 GMT
last-modified: Fri, 09 Sep 2022 14:12:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 172
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/mibr_white-logo.png
8.254.252.212200 OK 9.9 kB URL HTTP/2 v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/mibr_white-logo.png
IP 8.254.252.212:0
File type PNG image data, 834 x 434, 8-bit/color RGBA, non-interlaced\012- data
Hash c14d0b72d2885c8ae4975e64ddb29a6f
3c31e0bb67f15daada51baf892c89ef0cd061146
657992cd544e48630d90afc0b957014f0ac4fad15789c7c18a937d5b71231967
GET /genfiles/cms/1-285/desktop/footer/logos/mibr_white-logo.png HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:41:14 GMT
content-type: image/png
content-length: 9904
cache-control: public, max-age=120, s-maxage=600
etag: "c14d0b72d2885c8ae4975e64ddb29a6f"
expires: Wed, 05 Oct 2022 18:33:54 GMT
last-modified: Thu, 04 Aug 2022 17:36:40 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 567
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/esl.png
8.254.252.212200 OK 33 kB URL HTTP/2 v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/esl.png
IP 8.254.252.212:0
File type PNG image data, 1184 x 362, 8-bit/color RGBA, non-interlaced\012- data
Hash 802ac7a85f716d1a10ad5084ce6b2c14
4e3b9ea62cf588f4f8b5be3553aa53068fbe8fa6
3329ddcdb9bce051bb89a2ec7ea84fae914e31752e66656a2321642d8457f7cc
GET /genfiles/cms/1-285/desktop/footer/logos/esl.png HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:41:14 GMT
content-type: image/png
content-length: 33328
cache-control: public, max-age=120, s-maxage=600
etag: "802ac7a85f716d1a10ad5084ce6b2c14"
expires: Wed, 05 Oct 2022 18:36:16 GMT
last-modified: Fri, 07 May 2021 11:29:08 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 476
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x923400.top/static-promotion/7d5ae0b.modern.js
178.253.49.7200 OK 3.3 kB URL HTTP/2 lite-1x923400.top/static-promotion/7d5ae0b.modern.js
IP 178.253.49.7:0
File type ASCII text, with very long lines (15532), with no line terminators
Hash f22f5ebeaa7f6490a5d335e44cb8e7ed
f37665effb700c8864644de66cfff92425fc453c
a083cb46490d29ee273bc77db9390fa1ef8bda98ca3717693488b4723cd20832
Analyzer Verdict Alert quad9 Sinkholed
GET /static-promotion/7d5ae0b.modern.js HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1280; che_g=51609ca2-ff42-c704-1ad3-9e664a1bde08
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:14 GMT
content-type: application/javascript; charset=utf-8
content-length: 3312
last-modified: Wed, 05 Oct 2022 15:31:18 GMT
vary: Accept-Encoding
etag: "633da346-cf0"
content-encoding: gzip
expires: Wed, 05 Oct 2022 19:41:14 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/caf-champions-en.png
8.254.252.212200 OK 15 kB URL HTTP/2 v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/caf-champions-en.png
IP 8.254.252.212:0
File type PNG image data, 387 x 230, 8-bit colormap, non-interlaced\012- data
Hash 805de1a5bec7c7e47c459ed79e5a7778
409804a9ad7ebd262a6125eb04cbd678ac7a9824
3dd56bfcb4bd898db532541ee1bbbcbaffc8276b155f518b5d10be553296633d
GET /genfiles/cms/1-285/desktop/footer/logos/caf-champions-en.png HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:41:14 GMT
content-type: image/png
content-length: 15100
cache-control: public, max-age=120, s-maxage=600
etag: "805de1a5bec7c7e47c459ed79e5a7778"
expires: Wed, 05 Oct 2022 18:39:25 GMT
last-modified: Fri, 07 May 2021 11:29:04 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 301
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/caf-confederation-en.png
8.254.252.212200 OK 15 kB URL HTTP/2 v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/caf-confederation-en.png
IP 8.254.252.212:0
File type PNG image data, 387 x 230, 8-bit colormap, non-interlaced\012- data
Hash 70e5105d03a74cc00cd9a0386fde303e
ffcd4fbcd486825d0d31e41cada108335b012d81
baabca03d9695b9475d7d0b4d736fbb093d21f2c03228a7704097e2bfb8e583a
GET /genfiles/cms/1-285/desktop/footer/logos/caf-confederation-en.png HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:41:15 GMT
content-type: image/png
content-length: 14740
cache-control: public, max-age=120, s-maxage=600
etag: "70e5105d03a74cc00cd9a0386fde303e"
expires: Wed, 05 Oct 2022 18:39:25 GMT
last-modified: Fri, 07 May 2021 11:29:03 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 479
accept-ranges: bytes
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
216.239.32.178200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 216.239.32.178:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Wed, 05 Oct 2022 18:41:09 GMT
expires: Wed, 05 Oct 2022 20:41:09 GMT
cache-control: public, max-age=7200
age: 6
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lite-1x923400.top/static-promotion/e4ad5ef.js
178.253.49.7200 OK 3.5 kB URL HTTP/2 lite-1x923400.top/static-promotion/e4ad5ef.js
IP 178.253.49.7:0
File type ASCII text, with very long lines (6581), with no line terminators
Hash 8b5bdc3d041bf2512a0a1351b65e87e1
fe6a7794995f2d37456891843092019be228f362
906f65872b162775c968d4252b6c5f15f4a6b8a79fd204da8461fe01126850ce
Analyzer Verdict Alert quad9 Sinkholed
GET /static-promotion/e4ad5ef.js HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1280; che_g=51609ca2-ff42-c704-1ad3-9e664a1bde08
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:15 GMT
content-type: application/javascript; charset=utf-8
content-length: 3529
last-modified: Wed, 05 Oct 2022 15:31:18 GMT
vary: Accept-Encoding
etag: "633da346-dc9"
content-encoding: gzip
expires: Wed, 05 Oct 2022 19:41:15 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x923400.top/static-promotion/a5a5724.js
178.253.49.7200 OK 92 kB URL HTTP/2 lite-1x923400.top/static-promotion/a5a5724.js
IP 178.253.49.7:0
File type ASCII text, with very long lines (65485)
Hash 5b497fbcd1485e1d7e584e69836f4ad8
ed1175c495f90a2e5de70464cbd0b344ba38b7b8
3a15c9b91d7bbc1241db4f8a7cd27a20bc2653fb9aac24ab14f5df9b2cf101b6
Analyzer Verdict Alert quad9 Sinkholed
GET /static-promotion/a5a5724.js HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1280; che_g=51609ca2-ff42-c704-1ad3-9e664a1bde08
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:15 GMT
content-type: application/javascript; charset=utf-8
content-length: 91762
last-modified: Wed, 05 Oct 2022 15:31:18 GMT
vary: Accept-Encoding
etag: "633da346-16672"
content-encoding: gzip
expires: Wed, 05 Oct 2022 19:41:15 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x923400.top/static-promotion/d6b609b.js
178.253.49.7200 OK 101 kB URL HTTP/2 lite-1x923400.top/static-promotion/d6b609b.js
IP 178.253.49.7:0
File type Unicode text, UTF-8 text, with very long lines (65405)
Size 101 kB (100784 bytes)
Hash 7d2cc7f519695291ede56e692ba157ac
5bdaad41a21f9df3368ff0d94f70bdfcebd1590e
c44e9da4d5b14b825ba3402836ed8067a96b454fc88d5c3e412678e65f103b56
Analyzer Verdict Alert quad9 Sinkholed
GET /static-promotion/d6b609b.js HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1280; che_g=51609ca2-ff42-c704-1ad3-9e664a1bde08
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:15 GMT
content-type: application/javascript; charset=utf-8
content-length: 100784
last-modified: Wed, 05 Oct 2022 15:31:18 GMT
vary: Accept-Encoding
etag: "633da346-189b0"
content-encoding: gzip
expires: Wed, 05 Oct 2022 19:41:15 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x923400.top/static-promotion/fad08fe.js
178.253.49.7200 OK 131 kB URL HTTP/2 lite-1x923400.top/static-promotion/fad08fe.js
IP 178.253.49.7:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 131 kB (130959 bytes)
Hash 8a23b9e5647c978c86403fdc2cabf7ce
d589e8bec50ada738a1716dbafdb35753ba53e7e
dd417a56e41cbba09f962f0c4eae698312253997ade697dc809e475b3c597afe
Analyzer Verdict Alert quad9 Sinkholed
GET /static-promotion/fad08fe.js HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1280; che_g=51609ca2-ff42-c704-1ad3-9e664a1bde08
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:15 GMT
content-type: application/javascript; charset=utf-8
content-length: 130959
last-modified: Wed, 05 Oct 2022 15:31:18 GMT
vary: Accept-Encoding
etag: "633da346-1ff8f"
content-encoding: gzip
expires: Wed, 05 Oct 2022 19:41:15 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x923400.top/genfiles/cms/maintenance_mode/settings.json?timestamp=1664995275384
178.253.49.7200 OK 145 B URL HTTP/2 lite-1x923400.top/genfiles/cms/maintenance_mode/settings.json?timestamp=1664995275384
IP 178.253.49.7:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 81d90db48c09d6f764c4929c90eadfc1
6fe1a593e77cca8d9adff9fe5b5f40e19ccf7bd8
fa0a9c9d33937e1539ce6b9e44abf7ecd69f5032c6ba8b85308c6a388f8dc28c
Analyzer Verdict Alert quad9 Sinkholed
GET /genfiles/cms/maintenance_mode/settings.json?timestamp=1664995275384 HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x923400.top/us/promotions/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1280; che_g=51609ca2-ff42-c704-1ad3-9e664a1bde08; _ga_7JGWL9SV66=GS1.1.1664995275.1.0.1664995275.0.0.0; _ga=GA1.2.1394897679.1664995275; _gid=GA1.2.814743234.1664995275
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:15 GMT
content-type: application/json
content-length: 145
last-modified: Thu, 21 Apr 2022 06:40:33 GMT
x-rgw-object-type: Normal
etag: "81d90db48c09d6f764c4929c90eadfc1"
cache-control: public,max-age=60,s-maxage=60
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x923400.top/web-api/api/internal/v1/proof_of_age
178.253.49.7204 No Content 0 B URL HTTP/2 lite-1x923400.top/web-api/api/internal/v1/proof_of_age
IP 178.253.49.7:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /web-api/api/internal/v1/proof_of_age HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/vnd.api+json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x923400.top/us/promotions/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1280; che_g=51609ca2-ff42-c704-1ad3-9e664a1bde08; _ga_7JGWL9SV66=GS1.1.1664995275.1.0.1664995275.0.0.0; _ga=GA1.2.1394897679.1664995275; _gid=GA1.2.814743234.1664995275
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 05 Oct 2022 18:41:15 GMT
cache-control: no-cache, private
server-timing: p;dur=28, dt_285;dur=30
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eac86f868b3967f1946c7f5fc712b25f
e2ae8eb09715a0af0791c085eb35bf66e0548e30
bceb14e7a478c0e34a0f1d8286eb954566c62051e996bc36189de922a76a6e06
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 18:41:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-178408567-1&cid=1394897679.1664995275&jid=945789994&gjid=1360873492&_gid=814743234.1664995275&_u=aCDAAUACQAAAACAAI~&z=1042305308
108.177.14.157200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-178408567-1&cid=1394897679.1664995275&jid=945789994&gjid=1360873492&_gid=814743234.1664995275&_u=aCDAAUACQAAAACAAI~&z=1042305308
IP 108.177.14.157:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-178408567-1&cid=1394897679.1664995275&jid=945789994&gjid=1360873492&_gid=814743234.1664995275&_u=aCDAAUACQAAAACAAI~&z=1042305308 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://lite-1x923400.top
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://lite-1x923400.top
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 05 Oct 2022 18:41:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lite-1x923400.top/web-api/external-api/getColorTheme
178.253.49.7200 OK 528 B URL HTTP/2 lite-1x923400.top/web-api/external-api/getColorTheme
IP 178.253.49.7:0
Hash 0d290473c3265391a2203f57c4f20fd0
ea93848d7978835886ad84566ca05f13218c5844
5fcc3be4233d5a634a10e77af2d771fe99dea17d9d677e1f87e073474ab9918e
Analyzer Verdict Alert quad9 Sinkholed
GET /web-api/external-api/getColorTheme HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1280; che_g=51609ca2-ff42-c704-1ad3-9e664a1bde08; _ga_7JGWL9SV66=GS1.1.1664995275.1.0.1664995275.0.0.0; _ga=GA1.2.1394897679.1664995275; _gid=GA1.2.814743234.1664995275; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:15 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=35, dt_285;dur=36
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x923400.top/web-api/external-api/config/all
178.253.49.7200 OK 12 kB URL HTTP/2 lite-1x923400.top/web-api/external-api/config/all
IP 178.253.49.7:0
File type Unicode text, UTF-8 text, with very long lines (49384), with no line terminators
Hash a7f3bd577955035a2ab728b52c8c9a62
7d9173a9edc78244a11e2cbe69d182ef973dc0ab
ffb74968f993b605e7c14c9e1a7a8882a5ea29b0770a2e762a3832aade17f4a0
Analyzer Verdict Alert quad9 Sinkholed
POST /web-api/external-api/config/all HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Origin: https://lite-1x923400.top
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1280; che_g=51609ca2-ff42-c704-1ad3-9e664a1bde08; _ga_7JGWL9SV66=GS1.1.1664995275.1.0.1664995275.0.0.0; _ga=GA1.2.1394897679.1664995275; _gid=GA1.2.814743234.1664995275
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:15 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=164, dt_285;dur=167
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x923400.top/web-api/external-api/config/getLangs
178.253.49.7200 OK 88 kB URL HTTP/2 lite-1x923400.top/web-api/external-api/config/getLangs
IP 178.253.49.7:0
Hash 5270c6828a411bd204965aaf31f30ed0
6c07eab3ac3346b8706d36f1dba85f984651da6e
d8db167239bfe204ef5c1b5b3c4773ca72e5578a604e90a3ed6e1ee5d5fa4797
Analyzer Verdict Alert quad9 Sinkholed
GET /web-api/external-api/config/getLangs HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1280; che_g=51609ca2-ff42-c704-1ad3-9e664a1bde08; _ga_7JGWL9SV66=GS1.1.1664995275.1.0.1664995275.0.0.0; _ga=GA1.2.1394897679.1664995275; _gid=GA1.2.814743234.1664995275; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:15 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=23, dt_285;dur=26
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x923400.top/genfiles/cms/1-285/desktop/errorsPage/ball.webp
178.253.49.7200 OK 2.0 kB URL HTTP/2 lite-1x923400.top/genfiles/cms/1-285/desktop/errorsPage/ball.webp
IP 178.253.49.7:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash b2e135d916673e6f1be84800198490d4
60db6095350e4b9e618aab6666650eb13a941745
3b2e95cba675bc9bdeae9308d00f629d586a6ae7e55aa60a971027cbf9ed7682
Analyzer Verdict Alert quad9 Sinkholed
GET /genfiles/cms/1-285/desktop/errorsPage/ball.webp HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/403
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1280; che_g=51609ca2-ff42-c704-1ad3-9e664a1bde08; _ga_7JGWL9SV66=GS1.1.1664995275.1.0.1664995275.0.0.0; _ga=GA1.2.1394897679.1664995275; _gid=GA1.2.814743234.1664995275; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:16 GMT
content-type: application/octet-stream
content-length: 2010
last-modified: Tue, 26 Jan 2021 08:32:04 GMT
x-rgw-object-type: Normal
etag: "b2e135d916673e6f1be84800198490d4"
access-control-allow-origin: *
cache-control: public,max-age=120,s-maxage=600
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x923400.top/web-api/external-api/promotions/campeonato-brasileiro
178.253.49.7403 Forbidden 79 kB URL HTTP/2 lite-1x923400.top/web-api/external-api/promotions/campeonato-brasileiro
IP 178.253.49.7:0
Hash 9ba7ee0b7faf403a106e71036a6310d4
220f2f7fefcb9c2c230adf18341ba0a429484ba5
3213ef0a529233ceba187a4d9f3bcf6f898272648bb9fd0cf1bb3408df80ecf8
Analyzer Verdict Alert quad9 Sinkholed
GET /web-api/external-api/promotions/campeonato-brasileiro HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1280; che_g=51609ca2-ff42-c704-1ad3-9e664a1bde08; _ga_7JGWL9SV66=GS1.1.1664995275.1.0.1664995275.0.0.0; _ga=GA1.2.1394897679.1664995275; _gid=GA1.2.814743234.1664995275; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
server: nginx
date: Wed, 05 Oct 2022 18:41:16 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=28, dt_285;dur=29
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x923400.top/genfiles/cms/1-285/desktop/errorsPage/sprite-football-men.png
178.253.49.7200 OK 212 kB URL HTTP/2 lite-1x923400.top/genfiles/cms/1-285/desktop/errorsPage/sprite-football-men.png
IP 178.253.49.7:0
File type PNG image data, 7336 x 587, 8-bit colormap, non-interlaced\012- data
Size 212 kB (212062 bytes)
Hash 8270a8ed37510c1d081ca47895bed81f
a88857250443b9b93e41a1fbdc46017737db5a72
70d2d3a884d1588eb40e4066fa2c4362194b48c4b805ec75fb963bcdeabf24da
Analyzer Verdict Alert quad9 Sinkholed
GET /genfiles/cms/1-285/desktop/errorsPage/sprite-football-men.png HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/403
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1280; che_g=51609ca2-ff42-c704-1ad3-9e664a1bde08; _ga_7JGWL9SV66=GS1.1.1664995275.1.0.1664995275.0.0.0; _ga=GA1.2.1394897679.1664995275; _gid=GA1.2.814743234.1664995275; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:16 GMT
content-type: image/png
content-length: 212062
last-modified: Thu, 18 Mar 2021 14:54:24 GMT
x-rgw-object-type: Normal
etag: "8270a8ed37510c1d081ca47895bed81f"
access-control-allow-origin: *
cache-control: public,max-age=120,s-maxage=600
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x923400.top/promotions/campeonato-brasileiro/
178.253.49.7302 Found 0 B URL HTTP/2 lite-1x923400.top/promotions/campeonato-brasileiro/
IP 178.253.49.7:0
Analyzer Verdict Alert quad9 Sinkholed
GET /promotions/campeonato-brasileiro/ HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Wed, 05 Oct 2022 18:41:11 GMT
location: /us/promotions/campeonato-brasileiro
server-timing: total;dur=0;desc="Nuxt Server Time", dt_285;dur=1
x-frame-options: SAMEORIGIN
x-reason: empty_lang
strict-transport-security: max-age=63072000; includeSubDomains; preload
set-cookie: platform_type=desktop; Path=/; Expires=Sat, 08 Oct 2022 18:41:11 GMT
auid=sv0xB2M9z8cL56mNA8+hAg==; expires=Thu, 05-Oct-23 18:41:11 GMT; path=/
X-Firefox-Spdy: h2
lite-1x923400.top/web-api/external-api/config/getLangs
178.253.49.7200 OK 0 B URL HTTP/2 lite-1x923400.top/web-api/external-api/config/getLangs
IP 178.253.49.7:0
Analyzer Verdict Alert quad9 Sinkholed
GET /web-api/external-api/config/getLangs HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:13 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=17, dt_285;dur=18
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
178.253.49.7200 OK 0 B URL HTTP/2 lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
IP 178.253.49.7:0
Analyzer Verdict Alert quad9 Sinkholed
GET /promo-frame/us/promotion/campeonato-brasileiro HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/us/promotions/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1920
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
If-None-Match: "130d-qmh9KADSIBd7TqcbHKKtjTY6A+0"
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:14 GMT
content-type: text/html; charset=utf-8
content-encoding: gzip
etag: "12d9-ZZ8kQn5he6+EHPQlikirlOG+znY"
server-timing: dt_285;dur=4
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x923400.top/web-api/g/04ed4f7c801c1f2fdfd99bae45fb0d075b231f6c
178.253.49.7200 OK 0 B URL HTTP/2 lite-1x923400.top/web-api/g/04ed4f7c801c1f2fdfd99bae45fb0d075b231f6c
IP 178.253.49.7:0
Analyzer Verdict Alert quad9 Sinkholed
POST /web-api/g/04ed4f7c801c1f2fdfd99bae45fb0d075b231f6c HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lite-1x923400.top/us/promotions/campeonato-brasileiro
X-Requested-With: XMLHttpRequest
Content-Type: application/json
Origin: https://lite-1x923400.top
Content-Length: 31240
Connection: keep-alive
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1280; che_g=51609ca2-ff42-c704-1ad3-9e664a1bde08; _ga_7JGWL9SV66=GS1.1.1664995275.1.0.1664995275.0.0.0; _ga=GA1.2.1394897679.1664995275; _gid=GA1.2.814743234.1664995275; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:16 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=49, dt_285;dur=51
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1x-xredbet478860.top/promotions/campeonato-brasileiro/
178.253.48.30307 Temporary Redirect 0 B URL HTTP/2 1x-xredbet478860.top/promotions/campeonato-brasileiro/
IP 178.253.48.30:0
Analyzer Verdict Alert quad9 Sinkholed
GET /promotions/campeonato-brasileiro/ HTTP/1.1
Host: 1x-xredbet478860.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 307 Temporary Redirect
server: nginx
date: Wed, 05 Oct 2022 18:41:11 GMT
content-type: text/html; charset=utf-8
location: https://lite-1x923400.top/promotions/campeonato-brasileiro/
x-frame-options: SAMEORIGIN
set-cookie: SESSION=583d9926ddebf2389a52b6106a3d8464; path=/; secure; HttpOnly; SameSite=Lax
lng=en; expires=Fri, 04-Nov-2022 18:41:11 GMT; Max-Age=2592000; path=/
ua=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
flaglng=en; expires=Fri, 04-Nov-2022 18:41:11 GMT; Max-Age=2592000; path=/
auid=sv0wHmM9z8eyfwKJBRh/Ag==; expires=Thu, 05-Oct-23 18:41:11 GMT; path=/
x-reason: 1080,1078,1074,1015,1021
cache-control: no-cache, private
server-timing: p;dur=72
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x923400.top/web-api/external-api/getFirstDepositBonus
178.253.49.7200 OK 0 B URL HTTP/2 lite-1x923400.top/web-api/external-api/getFirstDepositBonus
IP 178.253.49.7:0
Analyzer Verdict Alert quad9 Sinkholed
GET /web-api/external-api/getFirstDepositBonus HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x923400.top/us/promotions/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:14 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=34, dt_285;dur=36
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Righteous&family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Righteous&family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
IP 142.250.74.10:0
GET /css2?family=Righteous&family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 05 Oct 2022 18:41:12 GMT
date: Wed, 05 Oct 2022 18:41:12 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lite-1x923400.top/web-api/external-api/getFirstDepositBonus
178.253.49.7200 OK 0 B URL HTTP/2 lite-1x923400.top/web-api/external-api/getFirstDepositBonus
IP 178.253.49.7:0
Analyzer Verdict Alert quad9 Sinkholed
GET /web-api/external-api/getFirstDepositBonus HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x923400.top/us/promotions/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:14 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=32, dt_285;dur=33
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x923400.top/translation-api/by-lang/us
178.253.49.7200 OK 0 B URL HTTP/2 lite-1x923400.top/translation-api/by-lang/us
IP 178.253.49.7:0
Analyzer Verdict Alert quad9 Sinkholed
GET /translation-api/by-lang/us HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1920; che_g=51609ca2-ff42-c704-1ad3-9e664a1bde08; _ga_7JGWL9SV66=GS1.1.1664995275.1.0.1664995275.0.0.0; _ga=GA1.2.1394897679.1664995275; _gid=GA1.2.814743234.1664995275; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:15 GMT
content-type: application/vnd.api+json
cache-control: no-cache, private
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-max-age: 1728000
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x923400.top/translation-api/by-lang/us
178.253.49.7200 OK 0 B URL HTTP/2 lite-1x923400.top/translation-api/by-lang/us
IP 178.253.49.7:0
Analyzer Verdict Alert quad9 Sinkholed
GET /translation-api/by-lang/us HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us; tzo=0; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:13 GMT
content-type: application/vnd.api+json
cache-control: no-cache, private
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-max-age: 1728000
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
radar.cedexis.com/1593429750/radar.js
35.241.57.45200 OK 0 B URL HTTP/2 radar.cedexis.com/1593429750/radar.js
IP 35.241.57.45:0
GET /1593429750/radar.js HTTP/1.1
Host: radar.cedexis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:14 GMT
content-type: application/javascript
last-modified: Mon, 29 Jun 2020 11:30:29 GMT
vary: Accept-Encoding
etag: W/"5ef9d0d5-af5c"
expires: Wed, 19 Oct 2022 18:41:14 GMT
cache-control: max-age=1209600, public
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lite-1x923400.top/web-api/external-api/getColorTheme
178.253.49.7200 OK 0 B URL HTTP/2 lite-1x923400.top/web-api/external-api/getColorTheme
IP 178.253.49.7:0
Analyzer Verdict Alert quad9 Sinkholed
GET /web-api/external-api/getColorTheme HTTP/1.1
Host: lite-1x923400.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://lite-1x923400.top/promo-frame/us/promotion/campeonato-brasileiro
Cookie: platform_type=desktop; auid=sv0xB2M9z8cL56mNA8+hAg==; SESSION=9bb99aea59c1d81fc59dfbe962c450b6; lng=us
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:41:13 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=27, dt_285;dur=28
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/og_red_bull.png
8.254.252.212200 OK 0 B URL HTTP/2 v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/og_red_bull.png
IP 8.254.252.212:0
GET /genfiles/cms/1-285/desktop/footer/logos/og_red_bull.png HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x923400.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:41:15 GMT
content-type: image/png
content-length: 149244
cache-control: public, max-age=120, s-maxage=600
etag: "ab837a9cb89291146ad8b371c052fe8d"
expires: Wed, 05 Oct 2022 18:37:37 GMT
last-modified: Wed, 25 May 2022 11:38:09 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 371
accept-ranges: bytes
X-Firefox-Spdy: h2