Report - cdn.xsportbox.com/embed77/?event=stack.html&link=1&domain=&force=https://streambtw.com/iframe/ch3.php&ask=1715284800&lgt=3&noplayer=0

Report Overview

Submitted URL
cdn.xsportbox.com/embed77/?event=stack.html&link=1&domain=&force=https://streambtw.com/iframe/ch3.php&ask=1715284800&lgt=3&noplayer=0
IP
188.114.96.1
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-09 19:15:42
Access
public
Website Title
Vipbox
Final URL
cdn.xsportbox.com/embed77/?event=stack.html&link=1&domain=&force=https://streambtw.com/iframe/ch3.php&ask=1715284800&lgt=3&noplayer=0
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
14

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
chulhawakened.com	unknown	2023-07-20	2023-07-20	2024-03-26	411 B	1.5 kB	23.109.170.224
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2024-05-08	894 B	182 kB	151.101.1.229
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-05-09	871 B	204 kB	142.250.74.168
phomoach.net	unknown	2023-07-18	2023-07-19	2024-05-02	2.0 kB	37 kB	139.45.197.245
www.gettvfree.online	unknown	unknown	No data	No data	450 B	745 B	0.0.0.0
youradexchange.com	273384	2012-11-09	2013-02-04	2024-05-09	784 B	1.7 kB	104.21.91.188
tuskhautein.com	unknown	2024-02-17	2024-02-17	2024-03-18	415 B	1.5 kB	23.109.170.224
cdn.xsportbox.com	unknown	2019-07-24	2023-09-30	2024-03-18	1.2 kB	1.7 kB	188.114.96.1
streambtw.com	unknown	2023-10-06	2023-10-08	2024-04-20	1.3 kB	176 kB	104.21.5.234
ptaixout.net	unknown	2023-12-29	2023-12-29	2024-05-02	842 B	34 kB	139.45.197.244
perf.cdnads.com	153748	2014-09-10	2017-01-29	2023-12-24	421 B	321 B	139.45.195.3
sportsleading.online	unknown	2023-09-22	2023-09-22	2024-04-12	904 B	15 kB	172.67.217.130
my.rtmark.net	9054	2014-10-29	2015-02-04	2024-05-09	926 B	1.5 kB	139.45.195.8
kzzwi.com	unknown	unknown	No data	No data	413 B	64 kB	172.67.196.211

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-09	medium	chulhawakened.com	Sinkholed
2024-05-09	medium	tuskhautein.com	Sinkholed
2024-05-09	medium	ptaixout.net	Sinkholed
2024-05-09	medium	phomoach.net	Sinkholed
2024-05-09	medium	phomoach.net	Sinkholed
2024-05-09	medium	phomoach.net	Sinkholed
2024-05-09	medium	ptaixout.net	Sinkholed

ThreatFox

No alerts detected

JavaScript (58)

	URL	Size	First Seen	Last Seen
	streambtw.com/z-7102142	162 kB	2024-05-09	2024-05-09
Pretty URL streambtw.com/z-7102142 IP 104.21.5.234 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-09 21:15:49 Last Seen2024-05-09 21:15:50 Times Seen2 Hash b9ec27ef204ef7bdbb137196528fdd74 20a5513b57f37b59a30dd47742e53b95d3b4375a 5661b2c4878fa1259fb250742c4831d7e4b5f0262c30fad360fcbc82e14fc3c6 Loading...

	streambtw.com/microtemplates/source[5]	1.0 kB	2023-04-13	2024-05-19
Pretty URL streambtw.com/microtemplates/source[5] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-04-13 17:29:45 Last Seen2024-05-19 16:59:22 Times Seen243 Hash 69c2e174b203cc6927bb67ed966503e1 45fd454a7731e181fc07f0103ef5316a963f048b 081101b241d33b439d67a5985cb6f1e38d99d903f52d31524ec251f9ce1236c4 Loading...

	streambtw.com/microtemplates/source[28]	421 B	2023-04-16	2024-05-19
Pretty URL streambtw.com/microtemplates/source[28] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-04-16 08:37:18 Last Seen2024-05-19 16:59:22 Times Seen147 Hash e7a52234fac12ee7df0912cf171f2de0 6d29ee2eea0a5c3f04e18a7b0d1609b9085f16ff b4a375aef7efb26e6bd67efd10d5d9eabbe0972c1f575742958823e99932da8d Loading...

	streambtw.com/microtemplates/source[34]	265 B	2023-04-15	2024-05-20
Pretty URL streambtw.com/microtemplates/source[34] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-04-15 15:46:19 Last Seen2024-05-20 01:16:21 Times Seen147 Hash 39e724566d9f0a91f3396ff5be25595b dcf909a3627031272ecbcdf9c244cd5e6ed841c4 e83e595ad5f8223a1fa4cec530d911b4c69ca146ce43f48564c7d5a1794b6272 Loading...

	cdn.xsportbox.com/embed77/?event=stack.html&link=1&domain=&force=https://streambtw.com/iframe/ch3.php&ask=1715284800&lgt=3&noplayer=0	538 B	2023-03-12	2024-05-19
Pretty URL cdn.xsportbox.com/embed77/?event=stack.html&link=1&domain=&force=https://streambtw.com/iframe/ch3.php&ask=1715284800&lgt=3&noplayer=0 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 20:58:39 Last Seen2024-05-19 18:11:12 Times Seen118 Hash 23f14ae712b847828254481b2c5a0069 0a7c5d70eacdb3e6f896855847bc1ab49656e466 6e28a139e5cde2bd01006e4ed5ef2f3c88b2fa2b2b2519a5f6a5714f205ffeed Loading...

	streambtw.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js	12 kB	2023-03-07	2024-05-20
Pretty URL streambtw.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js IP 104.21.5.234 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-05-20 11:05:06 Times Seen44514 Hash 88a769d2fe35899fd45a332a0a032cc0 514c6c1d8475d17e412849a4c90159517d0fa10a ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Loading...

	ptaixout.net/tag.min.js	90 kB	2024-05-09	2024-05-10
Pretty URL ptaixout.net/tag.min.js IP 139.45.197.244 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-09 17:00:47 Last Seen2024-05-10 04:52:04 Times Seen17 Hash c9a49fd9519e543d8aba5751c8620ac4 fe219e2cadc1aafa9b30db2e859b6fc0370382c7 d47154039646eef027253c3016c612cb2db3fa5a7b8fbd38873a99c1d2cf3f46 Loading...

	streambtw.com/microtemplates/source[17]	1.5 kB	2023-04-13	2024-05-19
Pretty URL streambtw.com/microtemplates/source[17] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-04-13 17:29:45 Last Seen2024-05-19 16:59:22 Times Seen221 Hash c8a1fa4de07a4ee5744b88bf3243034b 695bf56fa4c73b5e316cb97727018f41aaaa15f1 b72c1d237c0e1d148fae25d5648691b7d4d485c6cde2cfea65236680208c2ac5 Loading...

	streambtw.com/microtemplates/source[18]	791 B	2023-04-13	2024-05-19
Pretty URL streambtw.com/microtemplates/source[18] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-04-13 17:29:45 Last Seen2024-05-19 16:59:22 Times Seen240 Hash f1d04d242cbea86f97aa5e1c5e1e460e a766ce4a8824caf9a59b204963ad4b5c6ee4478f ebc28b0271fc555eb502c694ddc64f7efc9a75d45a03d44e5f5269dcc84387da Loading...

	unknown	19 kB	2024-05-01	2024-05-18
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-01 03:23:28 Last Seen2024-05-18 17:40:18 Times Seen4 Hash a258b6b7c0fa9dfbc32d7daa41f5f37c 71efd02932978a47f7ba52899c7b5585feb8f2c9 20de344d368fe20a28f17c4042d8384a4d6287b1bace5f98e7ac054da9b36ee9 Loading...

	unknown	153 B	2024-05-01	2024-05-18
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-01 03:23:28 Last Seen2024-05-18 17:40:18 Times Seen4 Hash da59ba3745288547a49878fb7e483c7a 993ed8cff1d0a25a443669c062fb797486838c01 109ad5d51ab4d28f037a16b7eb1d5937c200ef2801720dbcf916994e03148423 Loading...

	streambtw.com/microtemplates/source[15]	1.0 kB	2023-04-13	2024-05-19
Pretty URL streambtw.com/microtemplates/source[15] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-04-13 17:29:45 Last Seen2024-05-19 16:59:21 Times Seen222 Hash 7714f2e1bdc951dd60161694190a90a8 8a69b70fef1732d7937c07180df1442b34ca68bb dacd591b9a7aacb25b9b39135b936aa16483a0fbfb835522879bd9970a6bdef4 Loading...

	streambtw.com/microtemplates/source[12]	305 B	2023-04-13	2024-05-19
Pretty URL streambtw.com/microtemplates/source[12] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-04-13 17:29:45 Last Seen2024-05-19 16:59:22 Times Seen224 Hash 51b5641aaec7bf63ee43321963b69a9a 79490c0ae8ddadaf9b0d584f5ddbc07e99bf5955 a17a70a6eb7bcae18f14a1da75e740c82c36ae1af9c183d4a1f93067f00c6c4d Loading...

	streambtw.com/microtemplates/source[16]	265 B	2023-04-13	2024-05-19
Pretty URL streambtw.com/microtemplates/source[16] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-04-13 17:29:45 Last Seen2024-05-19 16:59:22 Times Seen293 Hash bf9620c080385c4190d481970b97f451 c338fb77d77e634c51755c220a11f84864fcf88b 66094161d62295d9d0e3b2c232d0f9c1007a297b0435d1049ab18252e6895051 Loading...

	www.googletagmanager.com/gtag/js?id=G-PQ1PJ56MMF	306 kB	2024-05-09	2024-05-09
Pretty URL www.googletagmanager.com/gtag/js?id=G-PQ1PJ56MMF IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-09 21:15:49 Last Seen2024-05-09 21:15:50 Times Seen2 Hash eee661fe932f8b72314f3e10dc4117c5 1ff1c9b4b14ac7e7a3533f9b44dc2985e2692b2a 2e5d2edd446c81f8be83c271975f526af52c867dff3758517e631948fd0bb0c7 Loading...

	streambtw.com/microtemplates/source[14]	15 kB	2023-05-27	2024-05-09
Pretty URL streambtw.com/microtemplates/source[14] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-05-27 21:55:35 Last Seen2024-05-09 21:15:49 Times Seen88 Hash 77bcd8a1f4725a3658221d430032b9d6 acb15f6adad154ffbcd6b77f8f607d924845ae19 18b776af5cdeee3cb04e8a91ab0165215054b0b471591e56158a312a77eac77d Loading...

	streambtw.com/microtemplates/source[21]	3.5 kB	2023-04-16	2024-05-19
Pretty URL streambtw.com/microtemplates/source[21] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-04-16 08:37:18 Last Seen2024-05-19 16:59:22 Times Seen226 Hash 8f7d8f20a7732f0c7b0346ac8cc5a3b1 e759f484c4dad54d86df7d82789263bfa49e13bf 7be4a2cbabbf34688cf19a92144e0fff8359516d8e8420c26af4cfa1f1f856b5 Loading...

	streambtw.com/microtemplates/source[27]	2.3 kB	2023-04-16	2024-05-19
Pretty URL streambtw.com/microtemplates/source[27] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-04-16 08:37:18 Last Seen2024-05-19 16:59:22 Times Seen147 Hash b3b341ac401362f7251af5bfe64b218d f5989bf80cd3afbc97bf86158f5d6ccc2ec70a4e ccd0023c6c3f9331c5725686e31062db21b8ef4db1a0c4714e1ca2fa26c6c4fc Loading...

	streambtw.com/microtemplates/source[2]	2.3 kB	2023-04-13	2024-05-19
Pretty URL streambtw.com/microtemplates/source[2] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-04-13 17:29:45 Last Seen2024-05-19 16:59:22 Times Seen242 Hash 802eb34ff58dc7c705f3e864ef98c945 801fd9cd1a2fd8ced641ae19422182057ba6ff5a b1d729a0bbe3e73c3590c607bc3704184115cda68ab355fd7feaf8f0bce7c71b Loading...

	streambtw.com/microtemplates/source[9]	279 B	2023-04-13	2024-05-19
Pretty URL streambtw.com/microtemplates/source[9] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-04-13 17:29:45 Last Seen2024-05-19 16:59:22 Times Seen287 Hash 020ef45dc126b5d78e9885ba8c0e8895 c21ea8c7b9827e7232e62d89db29d414771d2855 d7875335946dec91d6e6cb18b204a2c5f9306319416ca311c04970483b4b0356 Loading...

	streambtw.com/microtemplates/source[11]	526 B	2023-04-13	2024-05-19
Pretty URL streambtw.com/microtemplates/source[11] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-04-13 17:29:45 Last Seen2024-05-19 16:59:22 Times Seen223 Hash bb1191112e52272bde802d80749d1b9c a57c542d3f972968c70c0a16e7b8016b878e284d e0cba6e029fec740108a7ad86a5461ee9e4959937fa4ff27ce356e04c35e5850 Loading...

	streambtw.com/microtemplates/source[32]	791 B	2023-04-16	2024-05-19
Pretty URL streambtw.com/microtemplates/source[32] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-04-16 08:37:18 Last Seen2024-05-19 16:59:22 Times Seen145 Hash 80154efca6a8aefc71f5ea5ed572ed8b 798352580dd2a2e01398c0bb0c3398264bc97bf7 8b42b2aafbd0c916b0245bb12a005aea76fd18b6e300111d5a92de181296b9f8 Loading...

	streambtw.com/iframe/ch3.php	59 kB	2024-01-31	2024-05-18
Pretty URL streambtw.com/iframe/ch3.php IP 104.21.5.234 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-31 02:32:21 Last Seen2024-05-18 17:40:18 Times Seen33 Hash fa2b6cd49b36afbd85248ad398e01b61 cf5e578276c64be74e866de3aa49198da83201b9 e88f1563b20a74ee7182114b3355a1eadb948fd21ec6384a9fecd30ff267e233 Loading...

	streambtw.com/microtemplates/source[24]	791 B	2023-04-16	2024-05-19
Pretty URL streambtw.com/microtemplates/source[24] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-04-16 08:37:18 Last Seen2024-05-19 16:59:21 Times Seen210 Hash 60d712708b983f5789f2a8aaa1870dbe 5e0ad9bd5d3e98d4afa868c9a7fbee38d2e7b0e3 9cd6d70f9cda4f328223ee7fd22021f2ffa2196b314a383cfa187ae7cce6f16a Loading...

	streambtw.com/microtemplates/source[31]	1.5 kB	2023-04-16	2024-05-19
Pretty URL streambtw.com/microtemplates/source[31] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-04-16 08:37:18 Last Seen2024-05-19 16:59:22 Times Seen143 Hash 6446316f1a33217612cd194bd79aa9b4 a938a2792026e7cb801fb63d5b1c25e020abc167 1332726fad3ab6c160c898f8deb6a305332f1e2cabcadda591d232292a2e73fc Loading...

	streambtw.com/microtemplates/source[3]	420 B	2023-04-13	2024-05-20
Pretty URL streambtw.com/microtemplates/source[3] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-04-13 17:29:45 Last Seen2024-05-20 01:16:21 Times Seen276 Hash f40933e603a05e3c1f59b8b335ff9a02 8bdf38370eab8e6c148cfc2f9f3b6858882ece80 eae854849ff9fe52b79b43b513b33644249e07c3db14c00377dda3840b913747 Loading...

	streambtw.com/microtemplates/source[7]	1.0 kB	2023-04-13	2024-05-19
Pretty URL streambtw.com/microtemplates/source[7] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-04-13 17:29:45 Last Seen2024-05-19 16:59:22 Times Seen226 Hash 2f83c1d07ad4ff904142ff0e2603d4de 03b211f488d5076c0fae8527823689f5fa4c2baa 4f818be92004a6e0fa9fdcf60480269aab421e9ba0afcc5e85f6d07324ccb7a1 Loading...

	streambtw.com/microtemplates/source[35]	2.3 kB	2023-04-18	2024-05-19
Pretty URL streambtw.com/microtemplates/source[35] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-04-18 20:25:43 Last Seen2024-05-19 16:35:52 Times Seen141 Hash 0219bf5610a61230c758d65e3600b599 7b5e4f7000f15b7ce25fbd2e8e8d918abc0cbb94 ac2d4773305d5a6aae87f52ee592169153cb02d2501029291b5d0bed0934b877 Loading...

	streambtw.com/microtemplates/source[13]	3.5 kB	2023-04-13	2024-05-19
Pretty URL streambtw.com/microtemplates/source[13] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-04-13 17:29:45 Last Seen2024-05-19 16:59:22 Times Seen260 Hash d2e0aa749903250349b071362de696bd d4486ac2045ae74933ad5a1c05fbe30b39eee4cb 246aa71e2a226caa935b209d8862a0e4716c636e01495898ec20b17ba838119e Loading...

	streambtw.com/microtemplates/source[25]	1.0 kB	2023-04-16	2024-05-19
Pretty URL streambtw.com/microtemplates/source[25] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-04-16 08:37:18 Last Seen2024-05-19 16:59:22 Times Seen159 Hash 6d58f0e6396b2706f39269a2af796bcc 45f38bf9eaa9873bc8de0ebe4400a838c3c2e220 0000c42c5dd1b2cc72f59daf434a8474db045cfedc2163773e36c4a2b5a3bdf4 Loading...

	chulhawakened.com/rmxWWDcqKHA/71505	0 B	2023-03-07	2024-05-20
Pretty URL chulhawakened.com/rmxWWDcqKHA/71505 IP 23.109.170.224 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-20 11:11:11 Times Seen37869171 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/level-selector.min.js	30 kB	2023-03-07	2024-05-19
Pretty URL cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/level-selector.min.js IP 151.101.1.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:23:38 Last Seen2024-05-19 21:00:19 Times Seen758 Hash 1b142ebaf5f868c4c11a73ffe9175afb aa8b49bab8e92ff04d17a5a2c7c0dafc426e2fe9 df86557c0f11c06f425dab021ec5a970b22b6fa8b9651af3d26f137fb30c3702 Loading...

	streambtw.com/microtemplates/source[10]	1.1 kB	2023-05-27	2024-05-09
Pretty URL streambtw.com/microtemplates/source[10] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-05-27 21:55:35 Last Seen2024-05-09 21:15:49 Times Seen90 Hash ec1e8f92a63a7e752b9845f024a56cb0 8e2dca2a34443bb4e7d012a34af4e6cce4adde0a 6e38d26061a6bcc18d40b6267f87e12a54b14de0648c3e1418c8fca822b4dcd7 Loading...

	unknown	446 B	2024-01-31	2024-05-18
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-31 02:32:21 Last Seen2024-05-18 17:40:18 Times Seen33 Hash 1f33491e2717ff422bff1fe662a18299 7234981326e13a07dc22d9ceb6ee7cf1f43d14b5 38f08c3cb9cf0d38463b43739ae6e24d43a036ef1697d2608bfaad98d03d1b20 Loading...

	streambtw.com/microtemplates/source[6]	264 B	2023-04-13	2024-05-19
Pretty URL streambtw.com/microtemplates/source[6] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-04-13 17:29:45 Last Seen2024-05-19 16:59:22 Times Seen269 Hash 0fef0cfef9acd9068f428da4adfc868d e04a20aca5ac9bf6b4a15128882153326525c6c7 2c4d4a81081cd404eed42504e246cc951e5dc5b9b2772d75ee1bc3e4eef51b87 Loading...

	streambtw.com/microtemplates/source[38]	421 B	2023-04-18	2024-05-19
Pretty URL streambtw.com/microtemplates/source[38] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-04-18 20:25:43 Last Seen2024-05-19 16:35:52 Times Seen121 Hash b6d3274bf0413ea729ce145e9b4a83e2 a25ebfb77b11a6aa2f37c765a652b2bb192977ab e505122c82bd9d2343b9a38b28f03d44a8ae3707179e25954f0ca05e8f0c73e9 Loading...

	cdn.xsportbox.com/embed77/?event=stack.html&link=1&domain=&force=https://streambtw.com/iframe/ch3.php&ask=1715284800&lgt=3&noplayer=0	58 kB	2024-03-02	2024-05-19
Pretty URL cdn.xsportbox.com/embed77/?event=stack.html&link=1&domain=&force=https://streambtw.com/iframe/ch3.php&ask=1715284800&lgt=3&noplayer=0 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-03-02 18:33:32 Last Seen2024-05-19 18:11:12 Times Seen23 Hash 442bbf420891666ab1ddf289fa9f00f4 6a68254c2ee844425bb535798fe4e959f3fed8d3 9ac456bebae6c065dffb8c8a2a798070000c248f081dfab9b2bdb66e7ac77b37 Loading...

	cdn.xsportbox.com/embed77/?event=stack.html&link=1&domain=&force=https://streambtw.com/iframe/ch3.php&ask=1715284800&lgt=3&noplayer=0	444 B	2024-03-02	2024-05-19
Pretty URL cdn.xsportbox.com/embed77/?event=stack.html&link=1&domain=&force=https://streambtw.com/iframe/ch3.php&ask=1715284800&lgt=3&noplayer=0 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-03-02 18:33:33 Last Seen2024-05-19 18:11:12 Times Seen23 Hash f022889803b87a9b11191e64f3b015ff 68b93d2eb3a9a660180f7420394d0c95a3163c29 f987cddb8c432a94c404efd65b7deba5216bae496ab375859f5e317860893298 Loading...

	streambtw.com/microtemplates/source[4]	15 kB	2023-05-27	2024-05-19
Pretty URL streambtw.com/microtemplates/source[4] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-05-27 21:55:35 Last Seen2024-05-19 16:38:13 Times Seen105 Hash 264468ecc510b214524caac850a5a816 1d42802acd1534a8d965212fd4bc512639ac1ecc 05692a592943c76f6d76fca12928fcf366c094f33e16fba77d4f431c6a2718f4 Loading...

	streambtw.com/microtemplates/source[30]	15 kB	2023-05-27	2024-05-09
Pretty URL streambtw.com/microtemplates/source[30] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-05-27 21:55:35 Last Seen2024-05-09 21:15:49 Times Seen66 Hash c79266f55f57e95a67b0ea8d725f9d13 bd9b9e302ffdbcc3e4afe1e77285b31c01cf388f f4807bcb715f27cb42dbc62f902a190bb8de2fb50670636b16e25275aa7544d9 Loading...

	streambtw.com/microtemplates/source[8]	251 B	2023-04-13	2024-05-19
Pretty URL streambtw.com/microtemplates/source[8] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-04-13 17:29:45 Last Seen2024-05-19 16:59:22 Times Seen227 Hash 7fc9ba20cae0848cf3a946374da072d2 d697e65a6ec0f44b5745a1d1a2f26886413d8819 63d509f07a5692ddb41099673c767f50ed4f99f1c3c01e7e298629ff22edcbdd Loading...

	kzzwi.com/script/ut.js?cb=1715282116169	63 kB	2024-04-25	2024-05-20
Pretty URL kzzwi.com/script/ut.js?cb=1715282116169 IP 172.67.196.211 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 17:58:25 Last Seen2024-05-20 11:00:38 Times Seen368 Hash bc481e345c04b4534e0a4e54a0f2c1c6 2be428035dd37b2722891c200f35449c5893df33 04d8cc0aacc3f172f638e608d3f08e8457d849290ae553090cb951d4b3f1b97b Loading...

	www.googletagmanager.com/gtag/js?id=G-G15KG2JMS2&l=dataLayer&cx=c	306 kB	2024-05-09	2024-05-09
Pretty URL www.googletagmanager.com/gtag/js?id=G-G15KG2JMS2&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-09 21:15:50 Last Seen2024-05-09 21:15:50 Times Seen2 Hash fdb1c0fb631b103d3a6bfef05c9c7b44 f311d792a81f8330f91a915b78f4145dfb3ff825 cff265573f339a7aa92c0dbdc6dc921336d1b40fbc9bcf2a633bbf684491530c Loading...

	streambtw.com/microtemplates/source[33]	1.0 kB	2023-04-18	2024-05-19
Pretty URL streambtw.com/microtemplates/source[33] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-04-18 20:25:43 Last Seen2024-05-19 16:35:52 Times Seen140 Hash 8e0b2688b7912b68b8bdd9c42e6553aa b7bf52d1ae02f4a21fad6548253e10c827df8905 229e569d17d5e282b8409fc802028f8f06d540ecf6f4e833b04703b4033aeda9 Loading...

	streambtw.com/microtemplates/source[36]	421 B	2023-04-18	2024-05-19
Pretty URL streambtw.com/microtemplates/source[36] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-04-18 20:25:43 Last Seen2024-05-19 16:35:52 Times Seen149 Hash 60d01b8464eea26e59e2b778b9d8f6f8 dbb521a844502244d0411de45c87615fafa34158 e7f672f5dd286f2af6700408701172f78645af298a69e41b6e851984941cf1f1 Loading...

	streambtw.com/microtemplates/source[37]	2.3 kB	2023-04-18	2024-05-19
Pretty URL streambtw.com/microtemplates/source[37] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-04-18 20:25:43 Last Seen2024-05-19 16:35:52 Times Seen120 Hash 206233e26fa3351b71a98173551c5ee8 3ddd7aeae73135d89212433eb861654e8baa9f65 42dac6ba84e060d334071bf69fd8ba362f1c2c0d6efd57ae8a08d5ee1590d6a6 Loading...

	streambtw.com/microtemplates/source[19]	1.2 kB	2023-05-27	2024-05-09
Pretty URL streambtw.com/microtemplates/source[19] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-05-27 21:55:35 Last Seen2024-05-09 21:15:50 Times Seen88 Hash 09b2ee12355ca16350b383fb0253a2c1 ec51e028f4d1cd9337160bac617afeb55df50d9a bb31fabf4e031706dfdb477a31b4645296ac881c072216e0d5fd81c04365b5b4 Loading...

	cdn.xsportbox.com/embed77/?event=stack.html&link=1&domain=&force=https://streambtw.com/iframe/ch3.php&ask=1715284800&lgt=3&noplayer=0	1.4 kB	2023-05-21	2024-05-19
Pretty URL cdn.xsportbox.com/embed77/?event=stack.html&link=1&domain=&force=https://streambtw.com/iframe/ch3.php&ask=1715284800&lgt=3&noplayer=0 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-21 19:45:26 Last Seen2024-05-19 18:11:12 Times Seen113 Hash 9dc26956b3af9c5c1d866267c7b2eb8d 497c98086b37e029f85b9969b54a3c497f2c88d7 7be6becfe5575e1849b8ac25b05b1a6e3e3afc0b9adeeef521a5bd0a17fa154c Loading...

	streambtw.com/microtemplates/source[0]	1.5 kB	2023-04-13	2024-05-19
Pretty URL streambtw.com/microtemplates/source[0] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-04-13 17:29:45 Last Seen2024-05-19 16:59:22 Times Seen242 Hash 173b70b85a9658eab15a9110e0b04568 3b21823d0aa94ae751cbc7bd0e214f2f7bc3d503 c3572efe5f3a33f021ceae7a845d8aac508e2ba4357b40c9d8a05608aff7863b Loading...

	streambtw.com/microtemplates/source[20]	2.4 kB	2023-04-13	2024-05-19
Pretty URL streambtw.com/microtemplates/source[20] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-04-13 17:29:45 Last Seen2024-05-19 16:59:22 Times Seen222 Hash 75e79108a32d8198e9c8fdc380beab6d 1705219b86d194f203dfdd000140342d51d5b7f1 fbc4489a0e2c84fb17f43a773522b9d26508befa7b827af3f46918fec5b5404c Loading...

	streambtw.com/microtemplates/source[26]	265 B	2023-04-16	2024-05-19
Pretty URL streambtw.com/microtemplates/source[26] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-04-16 08:37:18 Last Seen2024-05-19 16:59:22 Times Seen161 Hash b18d1c3eb98082481114d55d1d30250c b962ddd745e64f9867d93ad73619b15098a91c14 60fd9710e89a2dd65ef34872ba829bf83f2743836e69088bca1a60ab1c266917 Loading...

	streambtw.com/microtemplates/source[29]	3.5 kB	2023-04-18	2024-05-19
Pretty URL streambtw.com/microtemplates/source[29] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-04-18 20:25:43 Last Seen2024-05-19 16:35:52 Times Seen142 Hash 4116cf333a72b1646045ae7bc7986cec b4291b06cd9914173429bb8d3271c28fb993f417 337d64c3166b2489ac14216dee71e6638cbb422ff274f72498c234ce49b4fa94 Loading...

	unknown	476 B	2024-05-09	2024-05-09
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-09 21:15:50 Last Seen2024-05-09 21:15:50 Times Seen1 Hash acd9b8e53a4b60ea6c6ea15fa4abd01b 93590afa353d696602f193a8204607426876642c 16037a3b500a8366a40446b4cd18c7e942ecf36cf0244b9c30d5bb2622722f3c Loading...

	streambtw.com/microtemplates/source[22]	15 kB	2023-05-27	2024-05-09
Pretty URL streambtw.com/microtemplates/source[22] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-05-27 21:55:35 Last Seen2024-05-09 21:15:50 Times Seen80 Hash 830ece2ecf3b3d785d541fc83922164d 2614c5f5e24ebc6c0945f3f43750eab6463290f2 9ff569fb4d30e581ad914b32f200bf2d52c0105e913fd7e4491ddaf211dcc5f3 Loading...

	streambtw.com/microtemplates/source[23]	1.5 kB	2023-04-16	2024-05-19
Pretty URL streambtw.com/microtemplates/source[23] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-04-16 08:37:18 Last Seen2024-05-19 16:59:22 Times Seen188 Hash c6420a63caeab46fa6e03dc58135f555 dd17e9bd15d7e3fb3f8e00ddb23214059ad89b88 574f6245fe4b61aeccca439b2a454d5ddfa91452e16b1f2a2c6ff1fc5c291700 Loading...

	unknown	153 B	2024-05-01	2024-05-18
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-01 03:23:28 Last Seen2024-05-18 17:40:18 Times Seen4 Hash 110f2b146ee554a710168348b348374f 943f0942383900f97bdc469a2929dbae47c29246 0070346af0f522f52a52ccca1f75b5dd64b624496eb2ae447280d0618975e31f Loading...

	cdn.jsdelivr.net/npm/@clappr/player@latest/dist/clappr.min.js	624 kB	2024-05-09	2024-05-20
Pretty URL cdn.jsdelivr.net/npm/@clappr/player@latest/dist/clappr.min.js IP 151.101.1.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-09 21:15:50 Last Seen2024-05-20 01:16:22 Times Seen8 Hash dab2d64437710247c214acc3b9330c41 bd540e94b5d09675672c524fb018902bd6a1a388 d2fbcb1544ff003e2c11bf04bb7d97c44d32442fd55d7a9df324c2133ae1648b Loading...

	streambtw.com/microtemplates/source[1]	790 B	2023-04-13	2024-05-19
Pretty URL streambtw.com/microtemplates/source[1] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-04-13 17:29:45 Last Seen2024-05-19 21:00:18 Times Seen399 Hash e22017c2e9c001bce109bfe2fe68c380 e5a75a55df382896aa8aff43bc37e72566edf401 0852bba61d02a2d08e06f623e1934f3c17d6d1e84b53d9ffcdc4524402733a54 Loading...

HTTP Transactions (24)

URL IP Response Size

cdn.xsportbox.com/embed77/?event=stack.html&link=1&domain=&force=https://streambtw.com/iframe/ch3.php&ask=1715284800&lgt=3&noplayer=0

188.114.96.1

200 OK

0 B

URL User Request GET HTTP/2
cdn.xsportbox.com/embed77/?event=stack.html&link=1&domain=&force=https://streambtw.com/iframe/ch3.php&ask=1715284800&lgt=3&noplayer=0
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectxsportbox.com
Fingerprint26:37:30:3E:D3:36:0C:80:9E:E5:AC:9B:48:2B:AD:61:B7:03:5A:46
ValidityThu, 28 Mar 2024 08:02:25 GMT - Wed, 26 Jun 2024 08:02:24 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /embed77/?event=stack.html&link=1&domain=&force=https://streambtw.com/iframe/ch3.php&ask=1715284800&lgt=3&noplayer=0 HTTP/1.1
Host: cdn.xsportbox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.xsportbox.com/embed77/?event=stack.html&link=1&domain=&force=https://streambtw.com/iframe/ch3.php&ask=1715284800&lgt=3&noplayer=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 19:15:15 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=apRx6ULGlIlgT5q6w%2FGkZvQ4A4hDOtzMx7yRGR1dZXUQ7bxKYgHt%2BAchj%2BHRrvySXJmQURlCgeItFUbpKnvVtonlQYJHne7lO%2FbPQs23p0cMNIg7ycmgG5ypHsc1WzOlywvGlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88140466efb0b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

chulhawakened.com/rmxWWDcqKHA/71505

23.109.170.224

200 OK

20 B

URL GET HTTP/1.1
chulhawakened.com/rmxWWDcqKHA/71505
IP
23.109.170.224:443
ASN
#7979 SERVERS-COM

Requested by
https://cdn.xsportbox.com/embed77/?event=stack.html&link=1&domain=&force=https://streambtw.com/iframe/ch3.php&ask=1715284800&lgt=3&noplayer=0
Certificate
IssuerLet's Encrypt
Subjectchulhawakened.com
Fingerprint89:5A:CB:99:4E:7A:3B:18:51:2E:3D:3D:31:FE:A2:66:B5:0B:3D:23
ValiditySun, 21 Apr 2024 23:19:52 GMT - Sat, 20 Jul 2024 23:19:51 GMT

File type
gzip compressed data, from Unix
Size
20 B (20 bytes)
Hash
7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /rmxWWDcqKHA/71505 HTTP/1.1
Host: chulhawakened.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.xsportbox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 09 May 2024 19:15:15 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://cdn.xsportbox.com
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Fri, 10-May-2024 19:15:15 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Fri, 10-May-2024 19:15:15 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

tuskhautein.com/r7838fFXOj9CwcDJw/77025

23.109.170.224

200 OK

20 B

URL GET HTTP/1.1
tuskhautein.com/r7838fFXOj9CwcDJw/77025
IP
23.109.170.224:443
ASN
#7979 SERVERS-COM

Requested by
https://cdn.xsportbox.com/embed77/?event=stack.html&link=1&domain=&force=https://streambtw.com/iframe/ch3.php&ask=1715284800&lgt=3&noplayer=0
Certificate
IssuerLet's Encrypt
Subjecttuskhautein.com
FingerprintFD:4C:A9:74:FE:61:4C:0F:18:42:BF:D0:1F:A3:68:FE:9F:D5:ED:83
ValidityFri, 26 Apr 2024 23:32:03 GMT - Thu, 25 Jul 2024 23:32:02 GMT

File type
gzip compressed data, from Unix
Size
20 B (20 bytes)
Hash
7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /r7838fFXOj9CwcDJw/77025 HTTP/1.1
Host: tuskhautein.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.xsportbox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 09 May 2024 19:15:15 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://cdn.xsportbox.com
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Fri, 10-May-2024 19:15:15 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Fri, 10-May-2024 19:15:15 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

streambtw.com/iframe/ch3.php

104.21.5.234

200 OK

0 B

URL HEAD HTTP/3
streambtw.com/iframe/ch3.php
IP
104.21.5.234:443
ASN
#13335 CLOUDFLARENET

Requested by
https://streambtw.com/iframe/ch3.php
Certificate
IssuerGoogle Trust Services LLC
Subjectstreambtw.com
FingerprintD8:97:8E:55:E7:91:FA:80:DF:3A:35:36:D3:6C:CC:D6:6B:27:D9:3E
ValiditySun, 31 Mar 2024 23:25:29 GMT - Sat, 29 Jun 2024 23:25:28 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /iframe/ch3.php HTTP/1.1
Host: streambtw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://streambtw.com/iframe/ch3.php
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 19:15:15 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FM9Iqm1OQMbaOsyxGw%2F3oAgyXqnG%2F5ustCjqIPzI273zgrL8cUaueViRTFVCs%2F44W4l4f9vm4FV8fG%2BokcRwXloXAy1PBphUcg%2BGe4YdEU%2FD6xFYHVF%2Bg%2BRmhwrO0UBX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881404689a18712a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ptaixout.net/tag.min.js

139.45.197.244

200 OK

28 kB

URL GET HTTP/2
ptaixout.net/tag.min.js
IP
139.45.197.244:443
ASN
#9002 RETN Limited

Requested by
https://cdn.xsportbox.com/embed77/?event=stack.html&link=1&domain=&force=https://streambtw.com/iframe/ch3.php&ask=1715284800&lgt=3&noplayer=0
Certificate
IssuerLet's Encrypt
Subjectptaixout.net
Fingerprint68:9C:78:69:60:28:90:FB:1C:BD:D0:98:14:FB:F6:C2:C7:45:CD:5C
ValidityMon, 18 Mar 2024 05:39:00 GMT - Sun, 16 Jun 2024 05:38:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
28 kB (28440 bytes)
Hash
c9a49fd9519e543d8aba5751c8620ac4
fe219e2cadc1aafa9b30db2e859b6fc0370382c7
d47154039646eef027253c3016c612cb2db3fa5a7b8fbd38873a99c1d2cf3f46

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /tag.min.js HTTP/1.1
Host: ptaixout.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.xsportbox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 09 May 2024 19:15:15 GMT
content-type: text/javascript; charset=utf-8
content-length: 28440
content-encoding: br
x-trace-id: 23de7fabb51c4b668d096d16fceb0692
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Thu, 09 May 2024 10:33:14 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

streambtw.com/z-7102142

104.21.5.234

200 OK

162 kB

URL GET HTTP/3
streambtw.com/z-7102142
IP
104.21.5.234:443
ASN
#13335 CLOUDFLARENET

Requested by
https://streambtw.com/iframe/ch3.php
Certificate
IssuerGoogle Trust Services LLC
Subjectstreambtw.com
FingerprintD8:97:8E:55:E7:91:FA:80:DF:3A:35:36:D3:6C:CC:D6:6B:27:D9:3E
ValiditySun, 31 Mar 2024 23:25:29 GMT - Sat, 29 Jun 2024 23:25:28 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (40952), with NEL line terminators
Size
162 kB (161591 bytes)
Hash
b9ec27ef204ef7bdbb137196528fdd74
20a5513b57f37b59a30dd47742e53b95d3b4375a
5661b2c4878fa1259fb250742c4831d7e4b5f0262c30fad360fcbc82e14fc3c6

HTTP Headers

GET /z-7102142 HTTP/1.1
Host: streambtw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://streambtw.com/iframe/ch3.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 19:15:15 GMT
content-type: application/octet-stream
content-length: 161591
last-modified: Thu, 09 May 2024 18:17:01 GMT
etag: "663d131d-27737"
cache-control: no-cache
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UAY8gtZCBI6gCGItXbEVJN9eBMTec%2FQ3py8gHy2Lje6EiI3KwOLZcduQfMS4l5tiUIvEi4XCnpbn9fqCc2pxSIzY0miHdiHYQ7n5depxzzNU5mUxoIJx9C9WT3%2FlXEmO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88140468ba49712a-OSL
alt-svc: h3=":443"; ma=86400

cdn.jsdelivr.net/npm/@clappr/player@latest/dist/clappr.min.js

151.101.1.229

200 OK

170 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/@clappr/player@latest/dist/clappr.min.js
IP
151.101.1.229:443
ASN
#54113 FASTLY

Requested by
https://streambtw.com/iframe/ch3.php
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
170 kB (169818 bytes)
Hash
dab2d64437710247c214acc3b9330c41
bd540e94b5d09675672c524fb018902bd6a1a388
d2fbcb1544ff003e2c11bf04bb7d97c44d32442fd55d7a9df324c2133ae1648b

HTTP Headers

GET /npm/@clappr/player@latest/dist/clappr.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://streambtw.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 0.6.0
x-jsd-version-type: version
etag: W/"9871a-vVQOlLXQlnVnLFJPsBiQK9aho4g"
content-encoding: br
accept-ranges: bytes
date: Thu, 09 May 2024 19:15:16 GMT
age: 39761
x-served-by: cache-fra-eddf8230062-FRA, cache-hel1410033-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 169818
X-Firefox-Spdy: h2

cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/level-selector.min.js

151.101.1.229

200 OK

11 kB

URL GET HTTP/2
cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/level-selector.min.js
IP
151.101.1.229:443
ASN
#54113 FASTLY

Requested by
https://streambtw.com/iframe/ch3.php
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
JavaScript source, ASCII text, with very long lines (30387)
Size
11 kB (10804 bytes)
Hash
1b142ebaf5f868c4c11a73ffe9175afb
aa8b49bab8e92ff04d17a5a2c7c0dafc426e2fe9
df86557c0f11c06f425dab021ec5a970b22b6fa8b9651af3d26f137fb30c3702

HTTP Headers

GET /gh/clappr/clappr-level-selector-plugin@latest/dist/level-selector.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://streambtw.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 0.3.0
x-jsd-version-type: version
etag: W/"76e2-qotJurjpL/BNF6Wix8Da/EJuL+k"
content-encoding: br
accept-ranges: bytes
date: Thu, 09 May 2024 19:15:16 GMT
age: 6592
x-served-by: cache-fra-eddf8230055-FRA, cache-hel1410033-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 10804
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-PQ1PJ56MMF

142.250.74.168

200 OK

102 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-PQ1PJ56MMF
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://streambtw.com/iframe/ch3.php
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (5955)
Size
102 kB (101648 bytes)
Hash
eee661fe932f8b72314f3e10dc4117c5
1ff1c9b4b14ac7e7a3533f9b44dc2985e2692b2a
2e5d2edd446c81f8be83c271975f526af52c867dff3758517e631948fd0bb0c7

HTTP Headers

GET /gtag/js?id=G-PQ1PJ56MMF HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://streambtw.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 09 May 2024 19:15:16 GMT
expires: Thu, 09 May 2024 19:15:16 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 101648
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

phomoach.net/tag.min.js

139.45.197.245

200 OK

28 kB

URL GET HTTP/2
phomoach.net/tag.min.js
IP
139.45.197.245:443
ASN
#9002 RETN Limited

Requested by
https://streambtw.com/iframe/ch3.php
Certificate
IssuerLet's Encrypt
Subjectphomoach.net
Fingerprint4D:5D:41:54:2C:98:6F:5D:8D:BC:45:87:4B:76:9B:E0:30:B6:88:BF
ValidityFri, 15 Mar 2024 06:26:26 GMT - Thu, 13 Jun 2024 06:26:25 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
28 kB (28440 bytes)
Hash
c9a49fd9519e543d8aba5751c8620ac4
fe219e2cadc1aafa9b30db2e859b6fc0370382c7
d47154039646eef027253c3016c612cb2db3fa5a7b8fbd38873a99c1d2cf3f46

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /tag.min.js HTTP/1.1
Host: phomoach.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://streambtw.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 09 May 2024 19:15:16 GMT
content-type: text/javascript; charset=utf-8
content-length: 28440
content-encoding: br
x-trace-id: efa8d02192fbfdff5e046dcdfe2c8a08
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Thu, 09 May 2024 10:30:10 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

my.rtmark.net/gid.js?userId=0080573eed224f8fe858a522d248bb3d

139.45.195.8

200 OK

65 B

URL GET HTTP/2
my.rtmark.net/gid.js?userId=0080573eed224f8fe858a522d248bb3d
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://cdn.xsportbox.com/embed77/?event=stack.html&link=1&domain=&force=https://streambtw.com/iframe/ch3.php&ask=1715284800&lgt=3&noplayer=0
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC
ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT

File type
JSON text data
Size
65 B (65 bytes)
Hash
eb384e27d593098dfe13028b1a4e0e72
083edf57a8c7d83f46c20ad53df450b12d06e125
8b747f4b70173837dcc4802b85b81ebcb6e4f39fc153e6f759f771c0809be38c

HTTP Headers

GET /gid.js?userId=0080573eed224f8fe858a522d248bb3d HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cdn.xsportbox.com
DNT: 1
Connection: keep-alive
Referer: https://cdn.xsportbox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 09 May 2024 19:15:16 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://cdn.xsportbox.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=0080573eed224f8fe858a522d248bb3d; expires=Fri, 09 May 2025 19:15:16 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

perf.cdnads.com/perf.gif

139.45.195.3

200 OK

43 B

URL GET HTTP/1.1
perf.cdnads.com/perf.gif
IP
139.45.195.3:443
ASN
#9002 RETN Limited

Requested by
https://cdn.xsportbox.com/embed77/?event=stack.html&link=1&domain=&force=https://streambtw.com/iframe/ch3.php&ask=1715284800&lgt=3&noplayer=0
Certificate
IssuerLet's Encrypt
Subjectcdnads.com
Fingerprint6B:69:44:79:74:8D:FF:F3:A1:82:F8:38:E1:18:24:99:82:28:0C:9A
ValiditySun, 05 May 2024 19:02:24 GMT - Sat, 03 Aug 2024 19:02:23 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /perf.gif HTTP/1.1
Host: perf.cdnads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.xsportbox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 09 May 2024 19:15:12 GMT
Content-Type: image/gif
Content-Length: 43
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Connection: keep-alive
Expires: Fri, 10 May 2024 19:15:12 GMT
Cache-Control: max-age=86400
Timing-Allow-Origin: *

my.rtmark.net/gid.js?userId=0080570ccbda4cb4eac6a180dc1e4e11

139.45.195.8

200 OK

65 B

URL GET HTTP/2
my.rtmark.net/gid.js?userId=0080570ccbda4cb4eac6a180dc1e4e11
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://streambtw.com/iframe/ch3.php
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC
ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT

File type
JSON text data
Size
65 B (65 bytes)
Hash
6ab04c7b86abaecb151420f2918aab5e
d8650a7dedc6ccc2bebb23f459d6b7ead55234c7
12173375d1ff70bd24ffcde5f9049b6b48bf8f041e57adeb8f63d1255ea18be6

HTTP Headers

GET /gid.js?userId=0080570ccbda4cb4eac6a180dc1e4e11 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://streambtw.com
DNT: 1
Connection: keep-alive
Referer: https://streambtw.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 09 May 2024 19:15:16 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://streambtw.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=0080570ccbda4cb4eac6a180dc1e4e11; expires=Fri, 09 May 2025 19:15:16 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-G15KG2JMS2&l=dataLayer&cx=c

142.250.74.168

200 OK

102 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-G15KG2JMS2&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://streambtw.com/iframe/ch3.php
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (5955)
Size
102 kB (101524 bytes)
Hash
fdb1c0fb631b103d3a6bfef05c9c7b44
f311d792a81f8330f91a915b78f4145dfb3ff825
cff265573f339a7aa92c0dbdc6dc921336d1b40fbc9bcf2a633bbf684491530c

HTTP Headers

GET /gtag/js?id=G-G15KG2JMS2&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://streambtw.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 09 May 2024 19:15:16 GMT
expires: Thu, 09 May 2024 19:15:16 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 101524
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

sportsleading.online/live/stream_3.m3u8

172.67.217.130

200 OK

7.1 kB

URL GET HTTP/3
sportsleading.online/live/stream_3.m3u8
IP
172.67.217.130:443
ASN
#13335 CLOUDFLARENET

Requested by
https://streambtw.com/iframe/ch3.php
Certificate
IssuerLet's Encrypt
Subjectsportsleading.online
Fingerprint61:D8:D9:11:C4:3A:9D:80:A2:3A:A8:E9:EB:75:4A:83:4C:9B:D6:36
ValiditySun, 17 Mar 2024 10:39:55 GMT - Sat, 15 Jun 2024 10:39:54 GMT

File type
M3U playlist, ASCII text
Size
7.1 kB (7123 bytes)
Hash
137840d2ea09cd953437d8e0b384604e
4fdfb3ac0bd85926f592cafc97942fc5f54cde8a
bc78f410c174891cb7720ae0477000a5bcc4376cebf2731a8580f037c0cad809

HTTP Headers

GET /live/stream_3.m3u8 HTTP/1.1
Host: sportsleading.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://streambtw.com
DNT: 1
Connection: keep-alive
Referer: https://streambtw.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 19:15:19 GMT
content-type: application/vnd.apple.mpegurl
last-modified: Thu, 09 May 2024 19:15:18 GMT
etag: W/"663d20c6-343"
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R5z4alxHZDRmOZpwj9LJE84bMnNoitlTnheTH%2F5IAasbJ5XC%2FNvyMG7GtLpu7eRb2NPQcKSS7ma%2B5Sg5uPADZefS24vRae%2BP7pXSgSXPfwey%2BRXhY97%2BYTbhdbwimL6E5jrWuu%2BIPA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8814047df9595684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

sportsleading.online/live/stream_3.m3u8

172.67.217.130

200 OK

6.6 kB

URL GET HTTP/3
sportsleading.online/live/stream_3.m3u8
IP
172.67.217.130:443
ASN
#13335 CLOUDFLARENET

Requested by
https://streambtw.com/iframe/ch3.php
Certificate
IssuerLet's Encrypt
Subjectsportsleading.online
Fingerprint61:D8:D9:11:C4:3A:9D:80:A2:3A:A8:E9:EB:75:4A:83:4C:9B:D6:36
ValiditySun, 17 Mar 2024 10:39:55 GMT - Sat, 15 Jun 2024 10:39:54 GMT

File type
M3U playlist, ASCII text
Size
6.6 kB (6603 bytes)
Hash
af25802ede90afc28a88d1b7fe4ba677
bbabcc7b52038388b8a55e4717a4df1274b2e464
075c33757b3b631f9869dac1c4ea54f79a7b883723ce02463de59a0c62dcd1b6

HTTP Headers

GET /live/stream_3.m3u8 HTTP/1.1
Host: sportsleading.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://streambtw.com
DNT: 1
Connection: keep-alive
Referer: https://streambtw.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 19:15:29 GMT
content-type: application/vnd.apple.mpegurl
last-modified: Thu, 09 May 2024 19:15:28 GMT
etag: W/"663d20d0-343"
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qVv8dF0BUjJ50VhiR4hEYZ4CWkFRUMLSztGJd1PBXQWsvBJQ%2FYXyyLaso0M4tlYL0HMMs2CvGv6WU9aE9LbezZG%2F8c90%2FJwE76VE4vJIdDSOi%2B7w6NO7OjnlRFXeB0Q%2BOt2LPbL8Aw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881404bb8f365684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

phomoach.net/5/6869446/?oo=1&aab=1

139.45.197.245

200 OK

2.9 kB

URL GET HTTP/2
phomoach.net/5/6869446/?oo=1&aab=1
IP
139.45.197.245:443
ASN
#9002 RETN Limited

Requested by
https://streambtw.com/iframe/ch3.php
Certificate
IssuerLet's Encrypt
Subjectphomoach.net
Fingerprint4D:5D:41:54:2C:98:6F:5D:8D:BC:45:87:4B:76:9B:E0:30:B6:88:BF
ValidityFri, 15 Mar 2024 06:26:26 GMT - Thu, 13 Jun 2024 06:26:25 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (3096), with no line terminators
Size
2.9 kB (2852 bytes)
Hash
34b87da64d3c69323ccfbdea8f05b4d3
46c65c14d732768ca41d0c01a39fc6aefacede2b
62aed6c54dd09812d949d00341a8285f5567e3ca257a939233e2c9c5cbb4b20d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /5/6869446/?oo=1&aab=1 HTTP/1.1
Host: phomoach.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://streambtw.com
DNT: 1
Connection: keep-alive
Referer: https://streambtw.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 09 May 2024 19:15:16 GMT
content-type: application/json
x-trace-id: f78ae20c9f09dba6a165d538e83ad2da
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://streambtw.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=0080570ccbda4cb4eac6a180dc1e4e11; expires=Fri, 09 May 2025 19:15:16 GMT; path=/; secure; SameSite=None
oaidts=1715282116; expires=Fri, 09 May 2025 19:15:16 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

www.gettvfree.online/static/stream_3_2903_787.png

0.0.0.0

0 B

URL GET
www.gettvfree.online/static/stream_3_2903_787.png
IP
0.0.0.0:0
ASN
#0

Requested by
https://streambtw.com/iframe/ch3.php
Certificate
IssuerLet's Encrypt
Subjectgettvfree.online
Fingerprint6D:07:2C:5B:85:2A:06:46:37:1A:B2:79:5A:F6:23:8B:9D:7D:B6:AF
ValidityWed, 17 Apr 2024 20:39:48 GMT - Tue, 16 Jul 2024 20:39:47 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /static/stream_3_2903_787.png HTTP/1.1
Host: www.gettvfree.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://streambtw.com
DNT: 1
Connection: keep-alive
Referer: https://streambtw.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 19:15:22 GMT
content-type: image/png
content-length: 7064100
last-modified: Thu, 09 May 2024 19:14:59 GMT
etag: "663d20b3-6bca24"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BYnMhAVJWCVXkTt9OIjY7r%2BUa8OPRxvl8aVJHQxRm2eHL4E13ab0lvRB26FMKyRF1%2BAMq2Y2F7IIaebEaYboZwaS2Z%2Bvc%2BfanItUmdL1iMKvmPu6jNucHYHfzC%2Ff1jzVpmUwKVvzwA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8814046d4d1db515-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.xsportbox.com/favicon.ico

188.114.96.1

404 Not Found

555 B

URL GET HTTP/3
cdn.xsportbox.com/favicon.ico
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cdn.xsportbox.com/embed77/?event=stack.html&link=1&domain=&force=https://streambtw.com/iframe/ch3.php&ask=1715284800&lgt=3&noplayer=0
Certificate
IssuerLet's Encrypt
Subjectxsportbox.com
Fingerprint26:37:30:3E:D3:36:0C:80:9E:E5:AC:9B:48:2B:AD:61:B7:03:5A:46
ValidityThu, 28 Mar 2024 08:02:25 GMT - Wed, 26 Jun 2024 08:02:24 GMT

File type
HTML document, ASCII text, with very long lines (581), with no line terminators
Size
555 B (555 bytes)
Hash
e9e4f9c9480bb14ad8343f37e3fb9b99
628fcbc6080fd3e684d1def2e5f67e98133ffa3b
85e4b614933e56b4531289e0bc3d2665db1f2b9d04d2c756a4a72b867c059594

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: cdn.xsportbox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.xsportbox.com/embed77/?event=stack.html&link=1&domain=&force=https://streambtw.com/iframe/ch3.php&ask=1715284800&lgt=3&noplayer=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Thu, 09 May 2024 19:15:16 GMT
content-type: text/html
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fwv1towx68QuKDzwY2ndMw7zduknm30buKHixgGtny4mb%2B6K%2F7QOCyiKpCBRPT%2FGdK%2FrAzzxqHH28TMBpDWjOuI9iyaYFLdywVWgybiev3TtsHwotrwZxKZIu9mQwF4scnrLnA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8814046a2cbab52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

streambtw.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

104.21.5.234

200 OK

12 kB

URL GET HTTP/3
streambtw.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP
104.21.5.234:443
ASN
#13335 CLOUDFLARENET

Requested by
https://streambtw.com/iframe/ch3.php
Certificate
IssuerGoogle Trust Services LLC
Subjectstreambtw.com
FingerprintD8:97:8E:55:E7:91:FA:80:DF:3A:35:36:D3:6C:CC:D6:6B:27:D9:3E
ValiditySun, 31 Mar 2024 23:25:29 GMT - Sat, 29 Jun 2024 23:25:28 GMT

File type
JavaScript source, ASCII text, with very long lines (12331)
Size
12 kB (12332 bytes)
Hash
88a769d2fe35899fd45a332a0a032cc0
514c6c1d8475d17e412849a4c90159517d0fa10a
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

HTTP Headers

GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: streambtw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://streambtw.com/iframe/ch3.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 19:15:15 GMT
content-type: application/javascript
last-modified: Wed, 08 May 2024 09:31:53 GMT
etag: W/"663b4689-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NRRcttUQb5lMMKQHQXspxhcJ3yRzQZyoHTPesyIRPPLY5csi8gzIIzu4JsiO%2B43NhYZneVMvS9bs8plB%2B2FbOgauKIvyXcBDfAtXOpt2%2FNRIjDIUSzI2QDSMgeaLfuH0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88140468399b712a-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sat, 11 May 2024 19:15:15 GMT
cache-control: max-age=172800, public
content-encoding: gzip

youradexchange.com/script/suurl5.php?r=7102142&cbur=0.381736237401062&cbiframe=1&cbWidth=1100&cbHeight=619&cbtitle=&cbpage=https%3A%2F%2Fcdn.xsportbox.com%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=kzzwi.com&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse1280x10240en-USunknown4824%20bits&ts=1715282116175&srs=0ce07e3c6859e04d6598e21f97a51468&atv=48.1&abtg=1&adbv=3-swat3-swf2

104.21.91.188

200 OK

959 B

URL GET HTTP/2
youradexchange.com/script/suurl5.php?r=7102142&cbur=0.381736237401062&cbiframe=1&cbWidth=1100&cbHeight=619&cbtitle=&cbpage=https%3A%2F%2Fcdn.xsportbox.com%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=kzzwi.com&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse1280x10240en-USunknown4824%20bits&ts=1715282116175&srs=0ce07e3c6859e04d6598e21f97a51468&atv=48.1&abtg=1&adbv=3-swat3-swf2
IP
104.21.91.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://streambtw.com/iframe/ch3.php
Certificate
IssuerGoogle Trust Services LLC
Subjectyouradexchange.com
FingerprintD5:0B:42:43:E8:69:FA:76:AA:C8:B3:28:9A:EB:33:C4:6F:62:7A:2B
ValiditySun, 14 Apr 2024 01:48:20 GMT - Sat, 13 Jul 2024 01:48:19 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (985), with no line terminators
Size
959 B (959 bytes)
Hash
5e7b0a1bab66d944f0db5d97fbe29ccb
d5011e3606c15a3499fd96e43b619f262d7a3f68
595a3985cd2f1dfb7cb9391465274d64c509e131b10f9f5ff936c898ba0e2138

HTTP Headers

GET /script/suurl5.php?r=7102142&cbur=0.381736237401062&cbiframe=1&cbWidth=1100&cbHeight=619&cbtitle=&cbpage=https%3A%2F%2Fcdn.xsportbox.com%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=kzzwi.com&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse1280x10240en-USunknown4824%20bits&ts=1715282116175&srs=0ce07e3c6859e04d6598e21f97a51468&atv=48.1&abtg=1&adbv=3-swat3-swf2 HTTP/1.1
Host: youradexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://streambtw.com/
Origin: https://streambtw.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 19:15:16 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
content-encoding: gzip
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wYS0im9Qs%2BPCs7hWhrFLZ%2BLD5YTbePdMbKXngel3dORkf4UQqjWzqjrX3l%2BclsbsTqxsnz%2B1ga0zwqcF47OOgHi4QG6Q9LcSyuDRyme7juC%2FpKjaZfN%2FfhFnw9i1CzMm%2F%2Be2LdQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8814046b0960b511-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

phomoach.net/?rb=8hgyhN-A4rqE45lLqysljYUocW2Dj5xUYH3_E7ir0arOu3pZeFa1JJgdSQb9kPFyc8aq9oKo_A_pkk95oFkunuM0GyZ-iSCN0P0NCySRThxm_PJcjmA4eFLfn1WZhu6ngu091XIfFUrYm4tBxqKd4FGHNsmwyUdv4VHvUfkZRugwuXqRUQVDMSYLKUgZHOF4Wtf9JvxxwwS9xO5gSZAhuJPXMn06JPn94-KjAqQr9I85sqwHpSqqJ5c28iZ50R1AApCKGpRzxMo%3D&request_ab2=0&zoneid=6869446&js_build=iclick-v1.792.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=619&wiw=1100&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1100&wfc=2&pl=https%3A%2F%2Fstreambtw.com%2Fiframe%2Fch3.php&drf=https%3A%2F%2Fcdn.xsportbox.com%2F&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.792.0&navlng=en-US&pnt=0&pnrc=0&bs=1d2bac7b-c8b6-4f4b-9bcc-dbe3f25526a0&wasm=1&userId=0080570ccbda4cb4eac6a180dc1e4e11&m=link

139.45.197.245

200 OK

2.4 kB

URL GET HTTP/2
phomoach.net/?rb=8hgyhN-A4rqE45lLqysljYUocW2Dj5xUYH3_E7ir0arOu3pZeFa1JJgdSQb9kPFyc8aq9oKo_A_pkk95oFkunuM0GyZ-iSCN0P0NCySRThxm_PJcjmA4eFLfn1WZhu6ngu091XIfFUrYm4tBxqKd4FGHNsmwyUdv4VHvUfkZRugwuXqRUQVDMSYLKUgZHOF4Wtf9JvxxwwS9xO5gSZAhuJPXMn06JPn94-KjAqQr9I85sqwHpSqqJ5c28iZ50R1AApCKGpRzxMo%3D&request_ab2=0&zoneid=6869446&js_build=iclick-v1.792.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=619&wiw=1100&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1100&wfc=2&pl=https%3A%2F%2Fstreambtw.com%2Fiframe%2Fch3.php&drf=https%3A%2F%2Fcdn.xsportbox.com%2F&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.792.0&navlng=en-US&pnt=0&pnrc=0&bs=1d2bac7b-c8b6-4f4b-9bcc-dbe3f25526a0&wasm=1&userId=0080570ccbda4cb4eac6a180dc1e4e11&m=link
IP
139.45.197.245:443
ASN
#9002 RETN Limited

Requested by
https://streambtw.com/iframe/ch3.php
Certificate
IssuerLet's Encrypt
Subjectphomoach.net
Fingerprint4D:5D:41:54:2C:98:6F:5D:8D:BC:45:87:4B:76:9B:E0:30:B6:88:BF
ValidityFri, 15 Mar 2024 06:26:26 GMT - Thu, 13 Jun 2024 06:26:25 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (2392), with no line terminators
Size
2.4 kB (2369 bytes)
Hash
0262984388a7c21c6c3cea73752e8205
056113a1413e8214d61e869d75b478e668cb5164
9960bfe935db4dd7be1d8bed9b95fa4ca73bb37b8c6813ed1c66b77e7acc9132

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?rb=8hgyhN-A4rqE45lLqysljYUocW2Dj5xUYH3_E7ir0arOu3pZeFa1JJgdSQb9kPFyc8aq9oKo_A_pkk95oFkunuM0GyZ-iSCN0P0NCySRThxm_PJcjmA4eFLfn1WZhu6ngu091XIfFUrYm4tBxqKd4FGHNsmwyUdv4VHvUfkZRugwuXqRUQVDMSYLKUgZHOF4Wtf9JvxxwwS9xO5gSZAhuJPXMn06JPn94-KjAqQr9I85sqwHpSqqJ5c28iZ50R1AApCKGpRzxMo%3D&request_ab2=0&zoneid=6869446&js_build=iclick-v1.792.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=619&wiw=1100&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1100&wfc=2&pl=https%3A%2F%2Fstreambtw.com%2Fiframe%2Fch3.php&drf=https%3A%2F%2Fcdn.xsportbox.com%2F&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.792.0&navlng=en-US&pnt=0&pnrc=0&bs=1d2bac7b-c8b6-4f4b-9bcc-dbe3f25526a0&wasm=1&userId=0080570ccbda4cb4eac6a180dc1e4e11&m=link HTTP/1.1
Host: phomoach.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://streambtw.com/
Origin: https://streambtw.com
DNT: 1
Connection: keep-alive
Cookie: OAID=0080570ccbda4cb4eac6a180dc1e4e11; oaidts=1715282116
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 09 May 2024 19:15:16 GMT
content-type: application/json
x-trace-id: 467f2dfc18165a423238af8e95f0690d
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://streambtw.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=0080570ccbda4cb4eac6a180dc1e4e11; expires=Fri, 09 May 2025 19:15:16 GMT; path=/; secure; SameSite=None
oaidts=1715282116; expires=Fri, 09 May 2025 19:15:16 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Thu, 16 May 2024 19:15:16 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

kzzwi.com/script/ut.js?cb=1715282116169

172.67.196.211

200 OK

63 kB

URL GET HTTP/2
kzzwi.com/script/ut.js?cb=1715282116169
IP
172.67.196.211:443
ASN
#13335 CLOUDFLARENET

Requested by
https://streambtw.com/iframe/ch3.php
Certificate
IssuerLet's Encrypt
Subjectkzzwi.com
Fingerprint93:79:DA:4F:31:4A:0C:F8:01:59:7F:2A:4B:E2:DB:69:CF:3C:65:67
ValiditySun, 05 May 2024 23:44:54 GMT - Sat, 03 Aug 2024 23:44:53 GMT

File type

Size
63 kB (62975 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /script/ut.js?cb=1715282116169 HTTP/1.1
Host: kzzwi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://streambtw.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 19:15:16 GMT
content-type: text/javascript
x-guploader-uploadid: ABPtcPrCjHGSc70U-nR0__MuMvVZmgf4KgvUyCpFVSFEKMDEDZh19A4Nx4-amK5iP0RUzfZMNWI
x-goog-generation: 1714053300452258
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 62975
x-goog-hash: crc32c=f8d0YQ==, md5=vEgeNFwEtFNOCk5UoPLBxg==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Thu, 09 May 2024 18:48:57 GMT
cache-control: public, max-age=14400
age: 3592
last-modified: Thu, 25 Apr 2024 13:55:00 GMT
etag: W/"bc481e345c04b4534e0a4e54a0f2c1c6"
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L7m4PU0uy17kla8L58ZnLO0tEgBlOOn4rMI2r66UOMK623CKW0z9dC0g13Kr11XVgfenOXXOoVQ1%2FuD7yGAbN%2BTxGJGxAEh%2BlzsPSvQpU6cbEXLs%2FnD6tZdR18I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8814046b180156b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ptaixout.net/5/6320745/?oo=1&aab=1

139.45.197.244

200 OK

2.9 kB

URL GET HTTP/2
ptaixout.net/5/6320745/?oo=1&aab=1
IP
139.45.197.244:443
ASN
#9002 RETN Limited

Requested by
https://cdn.xsportbox.com/embed77/?event=stack.html&link=1&domain=&force=https://streambtw.com/iframe/ch3.php&ask=1715284800&lgt=3&noplayer=0
Certificate
IssuerLet's Encrypt
Subjectptaixout.net
Fingerprint68:9C:78:69:60:28:90:FB:1C:BD:D0:98:14:FB:F6:C2:C7:45:CD:5C
ValidityMon, 18 Mar 2024 05:39:00 GMT - Sun, 16 Jun 2024 05:38:59 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (3096), with no line terminators
Size
2.9 kB (2852 bytes)
Hash
92f15a0d7dfb77c967a24461f350a87e
37dfecaf8e1834dc311d99f890247248be8f679a
f014c5ae678b879f6b8fae01fb7456745e6d412d69de2f85ec5a01409b603584

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /5/6320745/?oo=1&aab=1 HTTP/1.1
Host: ptaixout.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cdn.xsportbox.com
DNT: 1
Connection: keep-alive
Referer: https://cdn.xsportbox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 09 May 2024 19:15:16 GMT
content-type: application/json
x-trace-id: 67135e4288f54535dacf9de7a9b85833
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://cdn.xsportbox.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=0080573eed224f8fe858a522d248bb3d; expires=Fri, 09 May 2025 19:15:16 GMT; path=/; secure; SameSite=None
oaidts=1715282116; expires=Fri, 09 May 2025 19:15:16 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (58)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML