Report - futbollibre.futbol/tv8/en-vivo/tnt-sports/

Report Overview

Submitted URL
futbollibre.futbol/tv8/en-vivo/tnt-sports/
IP
104.21.80.144
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-08 19:24:26
Access
public
Website Title
Ver Canal TNT Sports Premium online en VIVO y en directo. Futbol Libre TV
Final URL
futbollibre.futbol/tv8/en-vivo/tnt-sports/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
t.dtscout.com	11951	2013-11-01	2017-01-30	2024-05-07	998 B	3.7 kB	141.101.120.11
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2024-05-07	403 B	3.5 kB	104.18.186.31
waust.at	38137	unknown	2016-01-28	2024-05-07	392 B	9.3 kB	104.26.4.7
futbollibre.futbol	unknown	2023-07-09	2020-04-04	2024-02-13	7.0 kB	267 kB	104.21.80.144
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2024-05-08	842 B	63 kB	142.250.74.138
km.toffiesoxgall.com	unknown	unknown	No data	No data	1.3 kB	2.1 kB	23.109.170.94
wq.gawainshirty.com	unknown	unknown	No data	No data	377 B	1.4 kB	23.109.170.27

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-08	medium	toffiesoxgall.com	Sinkholed
2024-05-08	medium	toffiesoxgall.com	Sinkholed
2024-05-08	medium	gawainshirty.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (22)

	URL	Size	First Seen	Last Seen
	ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js	87 kB	2023-03-07	2024-05-20
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js IP 142.250.74.138 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-05-20 02:06:24 Times Seen115135 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

	futbollibre.futbol/tv8/en-vivo/tnt-sports/	130 B	2024-05-08	2024-05-08
Pretty URL futbollibre.futbol/tv8/en-vivo/tnt-sports/ IP 104.21.80.144 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-08 21:24:32 Last Seen2024-05-08 21:24:32 Times Seen1 Hash 7cafa25d59f0a103c32e44187b413e79 438fe0903830b276983e0dc445f405bcc7da1dcb c11d07f3b7563b316fb9ded8c5f3a8ff5d27cda5e3d2c2cd2ce6f6454459b67b Loading...

	waust.at/s.js	8.6 kB	2023-03-08	2024-05-19
Pretty URL waust.at/s.js IP 104.26.4.7 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:29:44 Last Seen2024-05-19 18:54:03 Times Seen2614 Hash a41caf5294227669425cd5135a26b2a0 a26a13f88c51c37b58fbd8a6b444e9b9150fae16 2052a227c361a7e99ea70f5bdcf54cd9e6c6b493dd4d20b73b376d94ce0dc0d1 Loading...

	futbollibre.futbol/tv8/html/fl.php?get=VE5UX1Nwb3J0c19IRA	59 B	2024-05-08	2024-05-08
Pretty URL futbollibre.futbol/tv8/html/fl.php?get=VE5UX1Nwb3J0c19IRA IP 104.21.80.144 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-08 21:24:33 Last Seen2024-05-08 21:24:33 Times Seen1 Hash 2bdcccef81f42292c2b2822d4cc15d67 68f65797627c9ff02fdf3fb3819db350be459eb6 8b52388c460ef294c57ee9b0a1e9eb9feb18526c14b4f13c9345bf0935e1ec4c Loading...

	futbollibre.futbol/tv8/html/fl.php?get=VE5UX1Nwb3J0c19IRA	141 B	2024-05-08	2024-05-08
Pretty URL futbollibre.futbol/tv8/html/fl.php?get=VE5UX1Nwb3J0c19IRA IP 104.21.80.144 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-08 21:24:33 Last Seen2024-05-08 21:24:33 Times Seen1 Hash 866c44081cddb3abac4537fc56ff3427 c472abd6f9b6868369a63524db8dc0b928bf97ca 85f99e4ce138c85a3b6349a3d1e098627707bb2c42246b2d6d2eed115dac4440 Loading...

	futbollibre.futbol/tv8/html/fl.php?get=VE5UX1Nwb3J0c19IRA	421 B	2024-05-08	2024-05-08
Pretty URL futbollibre.futbol/tv8/html/fl.php?get=VE5UX1Nwb3J0c19IRA IP 104.21.80.144 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-08 21:24:33 Last Seen2024-05-08 21:24:33 Times Seen1 Hash b2d70f72c78d679e5231b872d294b693 545d13cdb524bdb4e433d47c0c2de22ae0131d0e 083074a37f80df6f220d6402cbdf2770fe4af293fcdb917f36276e29d0d1643d Loading...

	cdn.jsdelivr.net/npm/console-ban@4.1.0/dist/console-ban.min.js	2.4 kB	2023-03-07	2024-05-08
Pretty URL cdn.jsdelivr.net/npm/console-ban@4.1.0/dist/console-ban.min.js IP 104.18.186.31 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:45 Last Seen2024-05-08 21:24:33 Times Seen85 Hash cf47acbe3349c00e89193b1ff852d043 c761584c511b50350c95c995fedac85bbd354a38 0a637e8d49894e4211bdf5d4f7326a3aaab7b8be4386575820159b8c67b8ffbf Loading...

	futbollibre.futbol/tv8/en-vivo/tnt-sports/	130 B	2024-05-08	2024-05-08
Pretty URL futbollibre.futbol/tv8/en-vivo/tnt-sports/ IP 104.21.80.144 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-08 21:24:33 Last Seen2024-05-08 21:24:33 Times Seen1 Hash 4cadaab30535ccf4801f13b42292ee5b 281cafcb75fdc71a6eb613b86d33eebe32c3ab34 c0fbe24769ea4cc39f550fcc9ed288d060f91d38709f7c33eb35e3f6256aa39d Loading...

	futbollibre.futbol/tv8/html/fl.php?get=VE5UX1Nwb3J0c19IRA	150 B	2024-05-08	2024-05-08
Pretty URL futbollibre.futbol/tv8/html/fl.php?get=VE5UX1Nwb3J0c19IRA IP 104.21.80.144 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-08 21:24:33 Last Seen2024-05-08 21:24:33 Times Seen1 Hash 32f62a4e77b7e47b55e66400ce9ea12b 46db3661604728d418fa7a2a60aee27a0036813c fd5a9d095bda4d665e7567499abba51ba80627c67ac1dd68537c10eb19efc58c Loading...

	unknown	37 B	2023-04-11	2024-05-20
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:31:25 Last Seen2024-05-20 01:59:43 Times Seen238403 Hash 29d0c84b9d1d8da446a6062c6a840ad9 6d6b3a6065667c7c50d92f3889c85ed65a9ad784 3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1 Loading...

	futbollibre.futbol/cdn-cgi/challenge-platform/scripts/jsd/main.js	7.8 kB	2024-05-08	2024-05-08
Pretty URL futbollibre.futbol/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 104.21.80.144 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 21:24:33 Last Seen2024-05-08 21:24:33 Times Seen2 Hash 982b9566c23363ed3a6fec2fed6ef079 3f651e92d86828a60c0cb211b00d49eb693988b8 075de6fc4326722f0e84431f97cd2ffc1bd040991670435f1187b745733b9054 Loading...

	unknown	34 B	2023-04-11	2024-05-20
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:16:40 Last Seen2024-05-20 01:50:11 Times Seen77717 Hash 572cb94037fffc2a0a53b465972e15f1 0d679b041a7c1ca45cc99e2d229fc2b86762838d 6487e4bdd0f51bbfd9105810a41755847fdae2c274e2fc325cd22356d7707e35 Loading...

	t.dtscout.com/i/?l=https%3A%2F%2Ffutbollibre.futbol%2Ftv8%2Fen-vivo%2Ftnt-sports%2F&j=	2.1 kB	2023-03-07	2024-05-19
Pretty URL t.dtscout.com/i/?l=https%3A%2F%2Ffutbollibre.futbol%2Ftv8%2Fen-vivo%2Ftnt-sports%2F&j= IP 141.101.120.11 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:00 Last Seen2024-05-19 22:50:51 Times Seen4621 Hash 51bd741af3fcc4984d1a753eebfa1141 534664acf69cbbb5c9b97c96b63dd37bdc580da2 3e9c8e5dcf3cbff9e1b7211551a31fe388f1b8e607fd78a0a34855be65da721c Loading...

	t.dtscout.com/pv/?_a=v&_h=futbollibre.futbol&_ss=3v4xsa29q8&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=47lf&_cb=_dtspv.c	51 B	2024-05-08	2024-05-08
Pretty URL t.dtscout.com/pv/?_a=v&_h=futbollibre.futbol&_ss=3v4xsa29q8&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=47lf&_cb=_dtspv.c IP 141.101.120.11 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 21:24:33 Last Seen2024-05-08 21:24:33 Times Seen1 Hash e4af413796addb9c6bf73ed4a15a8d05 b593e492bd5a73fbc53ad23c883e3376daaa0d91 54d013f5367db1b43c472b189d3e955e4c9970cdc9979f450aa78cb3f488268a Loading...

	km.toffiesoxgall.com/reEEZ1htc0p15pQ/59321	0 B	2023-03-07	2024-05-20
Pretty URL km.toffiesoxgall.com/reEEZ1htc0p15pQ/59321 IP 23.109.170.94 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-20 02:07:40 Times Seen37851810 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	futbollibre.futbol/tv8/html/fl.php?get=VE5UX1Nwb3J0c19IRA	1.1 kB	2024-05-08	2024-05-08
Pretty URL futbollibre.futbol/tv8/html/fl.php?get=VE5UX1Nwb3J0c19IRA IP 104.21.80.144 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-08 21:24:33 Last Seen2024-05-08 21:24:33 Times Seen1 Hash c3c6db02d9af49075fa8ae0f985cfda6 6e58f2c513e6032141bb08e80673623e9f532e40 fec7bea5a7f4cc772be25d9942aef922d669bf87bf1eb1c76d8803fdcf4054d3 Loading...

	unknown	247 B	2024-05-08	2024-05-08
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 21:24:33 Last Seen2024-05-08 21:24:33 Times Seen1 Hash ba956020f6a88d68523bf541e3f4551f a26f2ac701770d664f0c837b5b184b39dbe9c0bc 46af28c8a36a1dbbdf45a09dc68ae6a7f302977f73eef6683fbd2cff73d106a5 Loading...

	unknown	79 B	2023-04-11	2024-05-20
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:38:58 Last Seen2024-05-20 01:56:06 Times Seen126669 Hash aa049e2749b8531cb8f233c2f64fc2b2 b611a5a62c1813ae5b4763378b3a4a565556530a e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2 Loading...

	futbollibre.futbol/tv8/en-vivo/tnt-sports/	65 B	2024-05-08	2024-05-08
Pretty URL futbollibre.futbol/tv8/en-vivo/tnt-sports/ IP 104.21.80.144 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-08 21:24:33 Last Seen2024-05-08 21:24:33 Times Seen1 Hash f7a520d3d78a2c6d28335712fd2a13ba ea4127c607e76f4c7c6d315d1dfa559ba7e16a01 ca4c381277fb6589abe264d16c380442603434ad9b8e495daad1221bfd855bc6 Loading...

	futbollibre.futbol/tv8/en-vivo/tnt-sports/	1.1 kB	2024-05-08	2024-05-08
Pretty URL futbollibre.futbol/tv8/en-vivo/tnt-sports/ IP 104.21.80.144 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-08 21:24:33 Last Seen2024-05-08 21:24:33 Times Seen1 Hash 3236ca982580f35250c045238b775c15 8befc16c51360493b8c7c191e0981d5e2c9b2308 c6361fd95ff7612265271680932d4a9541619889be32f6626b304d74e9312ccb Loading...

	futbollibre.futbol/tv8/html/fl.php?get=VE5UX1Nwb3J0c19IRA	2.3 kB	2024-05-08	2024-05-08
Pretty URL futbollibre.futbol/tv8/html/fl.php?get=VE5UX1Nwb3J0c19IRA IP 104.21.80.144 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-08 21:24:33 Last Seen2024-05-08 21:24:33 Times Seen1 Hash db78d6d80fc8321146fc670111247341 50b649f293acadd594f2afd8dea3c5a6a59710ab f3a52c1c4f22d9ddc645e18af4c7db1861482f5161ccf434f2f544bea467d92c Loading...

		Size	First Seen	Last Seen
	#1 Write - 02c15d3b508a4e2bf12947639bc9e1c1	127 B	2023-10-18	2024-05-08
Pretty Observations First Seen2023-10-18 04:20:04 Last Seen2024-05-08 21:24:33 Times Seen5 Hash 02c15d3b508a4e2bf12947639bc9e1c1 eb6eb0786fcd1ce9291a7de9f55445305a809897 4f7be4ae7768af87953daac303645c492a7a5dafe70bb536ca2995a0b967cec9 Loading...

HTTP Transactions (23)

URL IP Response Size

futbollibre.futbol/tv8/img/logo-canal/TNT_Sports.png

104.21.80.144

200 OK

36 kB

URL GET HTTP/3
futbollibre.futbol/tv8/img/logo-canal/TNT_Sports.png
IP
104.21.80.144:443
ASN
#13335 CLOUDFLARENET

Requested by
https://futbollibre.futbol/tv8/en-vivo/tnt-sports/
Certificate
IssuerGoogle Trust Services LLC
Subjectfutbollibre.futbol
Fingerprint07:E8:BF:1D:BD:33:29:81:84:38:9C:5C:0D:A4:9F:EA:55:AB:D3:36
ValidityTue, 30 Apr 2024 04:19:06 GMT - Mon, 29 Jul 2024 04:19:05 GMT

File type
PNG image data, 320 x 236, 8-bit/color RGBA, non-interlaced
Size
36 kB (36198 bytes)
Hash
45877ba771c39782810d887931d5be6f
1c407516edf5cef4323fdc0196da1c2e06b61a36
2b4fd27f834127f4588b00fd3df8424b5921f862f60371e8d9f0d0522b46078b

HTTP Headers

GET /tv8/img/logo-canal/TNT_Sports.png HTTP/1.1
Host: futbollibre.futbol
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://futbollibre.futbol/tv8/en-vivo/tnt-sports/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 19:23:51 GMT
content-type: image/png
content-length: 36198
cache-control: public, max-age=43200
expires: Wed, 01 May 2024 08:12:38 GMT
etag: "8d66-63846512-8ea4f2;;;"
last-modified: Mon, 28 Nov 2022 07:36:50 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 3690
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rJBpEW91OWu1aiV1yL1ut3Oey0aRbIZnHOwvR%2Bc2lwz41mdgf8Ww0qTRbSLHuK%2BwAvwZ3SNQTc8uhDt7xDar8VyBhBUEVYy1Zrv%2BAvmmW6gUAHucCjCRkxb%2FtzF5hrEctsJ5mcM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880bd39eff5b56b7-OSL
alt-svc: h3=":443"; ma=86400

ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

142.250.74.138

200 OK

30 kB

URL GET HTTP/3
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP
142.250.74.138:443
ASN
#15169 GOOGLE

Requested by
https://futbollibre.futbol/tv8/html/fl.php?get=VE5UX1Nwb3J0c19IRA
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
30 kB (30399 bytes)
Hash
a09e13ee94d51c524b7e2a728c7d4039
0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

HTTP Headers

GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://futbollibre.futbol/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 00:40:41 GMT
expires: Sat, 03 May 2025 00:40:41 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 499390
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

km.toffiesoxgall.com/reEEZ1htc0p15pQ/59321

23.109.170.94

200 OK

20 B

URL GET HTTP/1.1
km.toffiesoxgall.com/reEEZ1htc0p15pQ/59321
IP
23.109.170.94:443
ASN
#7979 SERVERS-COM

Requested by
https://futbollibre.futbol/tv8/html/fl.php?get=VE5UX1Nwb3J0c19IRA
Certificate
IssuerLet's Encrypt
Subjectkm.toffiesoxgall.com
Fingerprint90:44:0D:BB:4D:9A:85:06:4B:4D:33:F1:61:7D:5B:08:1A:87:87:BE
ValiditySat, 27 Apr 2024 08:44:00 GMT - Fri, 26 Jul 2024 08:43:59 GMT

File type
gzip compressed data, from Unix
Size
20 B (20 bytes)
Hash
7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /reEEZ1htc0p15pQ/59321 HTTP/1.1
Host: km.toffiesoxgall.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://futbollibre.futbol/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 May 2024 19:23:51 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://futbollibre.futbol
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Thu, 09-May-2024 19:23:51 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Thu, 09-May-2024 19:23:51 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

futbollibre.futbol/cdn-cgi/challenge-platform/scripts/jsd/main.js

104.21.80.144

302 Found

0 B

URL GET HTTP/3
futbollibre.futbol/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP
104.21.80.144:443
ASN
#13335 CLOUDFLARENET

Requested by
https://futbollibre.futbol/tv8/en-vivo/tnt-sports/
Certificate
IssuerGoogle Trust Services LLC
Subjectfutbollibre.futbol
Fingerprint07:E8:BF:1D:BD:33:29:81:84:38:9C:5C:0D:A4:9F:EA:55:AB:D3:36
ValidityTue, 30 Apr 2024 04:19:06 GMT - Mon, 29 Jul 2024 04:19:05 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: futbollibre.futbol
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Wed, 08 May 2024 19:23:51 GMT
content-length: 0
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js
cache-control: max-age=300, public
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2YHgYMsvr6mBE1I0Xut5I77XcnIpnEG6rA7m0Fj6wlBOupCD2rVoohqMStSnT8X9d9Vh7O9FKDD86Kpd%2BJUd2VhkxKZBoaAn4SX2GErG48GLTDyrp%2BEbPkn%2BdRkC%2FtAbL02Wuao%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880bd3a0ebb856b7-OSL
alt-svc: h3=":443"; ma=86400

futbollibre.futbol/tv8/favicon/android-icon-192x192.png

104.21.80.144

200 OK

24 kB

URL GET HTTP/3
futbollibre.futbol/tv8/favicon/android-icon-192x192.png
IP
104.21.80.144:443
ASN
#13335 CLOUDFLARENET

Requested by
https://futbollibre.futbol/tv8/en-vivo/tnt-sports/
Certificate
IssuerGoogle Trust Services LLC
Subjectfutbollibre.futbol
Fingerprint07:E8:BF:1D:BD:33:29:81:84:38:9C:5C:0D:A4:9F:EA:55:AB:D3:36
ValidityTue, 30 Apr 2024 04:19:06 GMT - Mon, 29 Jul 2024 04:19:05 GMT

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced
Size
24 kB (24429 bytes)
Hash
234463aa948ffa09a305cb1cbdcba713
01a6c6298c9f8023fe773ef98c927f0a170cadfc
1791b0ffd5ca3deed177e780f1e3657e5d70cc553cf0f3cdaaa3a1762bd4904a

HTTP Headers

GET /tv8/favicon/android-icon-192x192.png HTTP/1.1
Host: futbollibre.futbol
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://futbollibre.futbol/tv8/en-vivo/tnt-sports/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 19:23:51 GMT
content-type: image/png
content-length: 24429
cache-control: public, max-age=43200
expires: Wed, 01 May 2024 08:13:19 GMT
etag: "5f6d-63846910-8ea4ca;;;"
last-modified: Mon, 28 Nov 2022 07:53:52 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 2811
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RMUQjsvArtDCgIqRnzDinPccpG0D9PMhBBBGDSNAIAnSEejzZsUWc2L2tN5PRM6BEfcmR0guzY0VWnQ3p1%2B4s8yUoSnAX4%2BItt0rJKvYrSN%2BV%2BSLgXKwFI99OUu7mJQKD4ZVWII%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880bd3a1dda456b7-OSL
alt-svc: h3=":443"; ma=86400

futbollibre.futbol/tv8/favicon/favicon-16x16.png

104.21.80.144

200 OK

1.4 kB

URL GET HTTP/3
futbollibre.futbol/tv8/favicon/favicon-16x16.png
IP
104.21.80.144:443
ASN
#13335 CLOUDFLARENET

Requested by
https://futbollibre.futbol/tv8/en-vivo/tnt-sports/
Certificate
IssuerGoogle Trust Services LLC
Subjectfutbollibre.futbol
Fingerprint07:E8:BF:1D:BD:33:29:81:84:38:9C:5C:0D:A4:9F:EA:55:AB:D3:36
ValidityTue, 30 Apr 2024 04:19:06 GMT - Mon, 29 Jul 2024 04:19:05 GMT

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced
Size
1.4 kB (1385 bytes)
Hash
0cc60b9e0d9457f372d057844c0fd608
2fd78f4c2154bd6ddd024e7979b22b9f44b83e8a
0e43ec5113e7fbd03e55492ad763131a07e02094c5a89cc08da3b11fa8a2a456

HTTP Headers

GET /tv8/favicon/favicon-16x16.png HTTP/1.1
Host: futbollibre.futbol
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://futbollibre.futbol/tv8/en-vivo/tnt-sports/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 19:23:51 GMT
content-type: image/png
content-length: 1385
cache-control: public, max-age=43200
expires: Wed, 01 May 2024 06:43:18 GMT
etag: "569-6384691c-8ea4d2;;;"
last-modified: Mon, 28 Nov 2022 07:54:04 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 2811
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R2Vg4pVzvoQ6IzCivdq8qC9ds1Q2p4NtXbp5ZXaIEzEi0hBgK%2BsBlQNVgbVKxBWviKE71XL8zOzC0yXvgdpVKkHBFOK9wNpl9zL1YQ%2FYZDH%2FpbX1r0YuTnFi2Al3inBykdzYwpo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880bd3a1ddae56b7-OSL
alt-svc: h3=":443"; ma=86400

ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

142.250.74.138

200 OK

30 kB

URL GET HTTP/3
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP
142.250.74.138:443
ASN
#15169 GOOGLE

Requested by
https://futbollibre.futbol/tv8/html/fl.php?get=VE5UX1Nwb3J0c19IRA
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
30 kB (30399 bytes)
Hash
a09e13ee94d51c524b7e2a728c7d4039
0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

HTTP Headers

GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 00:40:41 GMT
expires: Sat, 03 May 2025 00:40:41 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 499391
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

km.toffiesoxgall.com/reEEZ1htc0p15pQ/59321

23.109.170.94

200 OK

20 B

URL GET HTTP/1.1
km.toffiesoxgall.com/reEEZ1htc0p15pQ/59321
IP
23.109.170.94:443
ASN
#7979 SERVERS-COM

Requested by
https://futbollibre.futbol/tv8/html/fl.php?get=VE5UX1Nwb3J0c19IRA
Certificate
IssuerLet's Encrypt
Subjectkm.toffiesoxgall.com
Fingerprint90:44:0D:BB:4D:9A:85:06:4B:4D:33:F1:61:7D:5B:08:1A:87:87:BE
ValiditySat, 27 Apr 2024 08:44:00 GMT - Fri, 26 Jul 2024 08:43:59 GMT

File type
gzip compressed data, from Unix
Size
20 B (20 bytes)
Hash
7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /reEEZ1htc0p15pQ/59321 HTTP/1.1
Host: km.toffiesoxgall.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 May 2024 19:23:52 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

futbollibre.futbol/cdn-cgi/challenge-platform/h/g/jsd/r/880bd39a2c23569f

104.21.80.144

200 OK

0 B

URL POST HTTP/3
futbollibre.futbol/cdn-cgi/challenge-platform/h/g/jsd/r/880bd39a2c23569f
IP
104.21.80.144:443
ASN
#13335 CLOUDFLARENET

Requested by
https://futbollibre.futbol/tv8/en-vivo/tnt-sports/
Certificate
IssuerGoogle Trust Services LLC
Subjectfutbollibre.futbol
Fingerprint07:E8:BF:1D:BD:33:29:81:84:38:9C:5C:0D:A4:9F:EA:55:AB:D3:36
ValidityTue, 30 Apr 2024 04:19:06 GMT - Mon, 29 Jul 2024 04:19:05 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/jsd/r/880bd39a2c23569f HTTP/1.1
Host: futbollibre.futbol
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12183
Origin: https://futbollibre.futbol
DNT: 1
Connection: keep-alive
Referer: https://futbollibre.futbol/tv8/en-vivo/tnt-sports/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 19:23:52 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
set-cookie: cf_clearance=IF.h6sU74ermKey6bY2z1wn9D8TcOEWy9a1UJDZn5_o-1715196232-1.0.1.1-G_gqNeybUN50M5T_IdahpkEvnk3Lk70Ezefs.X4LnusM.pWA1yrrKLxcl0ugQyylD5SOeR9gYBlbAenOhvlwNA; Path=/; Expires=Thu, 08-May-25 19:23:52 GMT; Domain=.futbollibre.futbol; HttpOnly; Secure; SameSite=None; Partitioned
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fHSxLi0csI9ItgPk1KJ%2BuuVxaqJodJ%2FtAEcqfml5BnH99GxZYMNxDeWvtvsbNXP1M%2FhwCCrIm65VjouohNlAEvZH2wTT%2FzeTe1jfESoLdtfVyn9OqSGustow7JbTAGEoi54FvF4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880bd3a26eb656b7-OSL
alt-svc: h3=":443"; ma=86400

futbollibre.futbol/tv8/img/logo-futbolLibre.webp

104.21.80.144

200 OK

6.5 kB

URL GET HTTP/3
futbollibre.futbol/tv8/img/logo-futbolLibre.webp
IP
104.21.80.144:443
ASN
#13335 CLOUDFLARENET

Requested by
https://futbollibre.futbol/tv8/en-vivo/tnt-sports/
Certificate
IssuerGoogle Trust Services LLC
Subjectfutbollibre.futbol
Fingerprint07:E8:BF:1D:BD:33:29:81:84:38:9C:5C:0D:A4:9F:EA:55:AB:D3:36
ValidityTue, 30 Apr 2024 04:19:06 GMT - Mon, 29 Jul 2024 04:19:05 GMT

File type
RIFF (little-endian) data, Web/P image
Size
6.5 kB (6526 bytes)
Hash
1234d6a63266ad04d30eb5a3808f0c76
fe6675385d68e7ccf859e16ae6a445a417787530
2ac74a71cad5d52e339a61edbd2031213cfd14c5872d830656aeca9904902fbb

HTTP Headers

GET /tv8/img/logo-futbolLibre.webp HTTP/1.1
Host: futbollibre.futbol
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://futbollibre.futbol/tv8/en-vivo/tnt-sports/
Cookie: cf_clearance=IF.h6sU74ermKey6bY2z1wn9D8TcOEWy9a1UJDZn5_o-1715196232-1.0.1.1-G_gqNeybUN50M5T_IdahpkEvnk3Lk70Ezefs.X4LnusM.pWA1yrrKLxcl0ugQyylD5SOeR9gYBlbAenOhvlwNA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 19:23:52 GMT
content-type: image/webp
content-length: 6526
cache-control: public, max-age=43200
expires: Wed, 01 May 2024 05:36:52 GMT
etag: "197e-638465be-8ea502;;;"
last-modified: Mon, 28 Nov 2022 07:39:42 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 3691
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ShSSNpMQvKafLyJHo0tsko%2BCJsC1cenqhY5TXFgmba64lHTAHvqzAIXbYwEneXg6PE9M66QemsuAEbh34H7WQogZsueUZmltMBnTFn4ie7ELjB6njaxaDnmfIljkw9KEkK0Cph4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880bd3a57cb156b7-OSL
alt-svc: h3=":443"; ma=86400

wq.gawainshirty.com/rek7S5WHNgcu/59321

23.109.170.27

200 OK

20 B

URL GET HTTP/1.1
wq.gawainshirty.com/rek7S5WHNgcu/59321
IP
23.109.170.27:443
ASN
#7979 SERVERS-COM

Requested by
https://futbollibre.futbol/tv8/html/fl.php?get=VE5UX1Nwb3J0c19IRA
Certificate
IssuerLet's Encrypt
Subjectwq.gawainshirty.com
Fingerprint66:3B:6E:1F:51:B0:69:C7:C6:EC:7A:9A:3E:50:D1:D1:EF:E0:74:2D
ValidityWed, 17 Apr 2024 23:33:44 GMT - Tue, 16 Jul 2024 23:33:43 GMT

File type
gzip compressed data, from Unix
Size
20 B (20 bytes)
Hash
7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /rek7S5WHNgcu/59321 HTTP/1.1
Host: wq.gawainshirty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 May 2024 19:23:52 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Thu, 09-May-2024 19:23:52 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Thu, 09-May-2024 19:23:52 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

futbollibre.futbol/tv8/html/fl.php?get=VE5UX1Nwb3J0c19IRA

104.21.80.144

200 OK

28 kB

URL GET HTTP/3
futbollibre.futbol/tv8/html/fl.php?get=VE5UX1Nwb3J0c19IRA
IP
104.21.80.144:443
ASN
#13335 CLOUDFLARENET

Requested by
https://futbollibre.futbol/tv8/en-vivo/tnt-sports/
Certificate
IssuerGoogle Trust Services LLC
Subjectfutbollibre.futbol
Fingerprint07:E8:BF:1D:BD:33:29:81:84:38:9C:5C:0D:A4:9F:EA:55:AB:D3:36
ValidityTue, 30 Apr 2024 04:19:06 GMT - Mon, 29 Jul 2024 04:19:05 GMT

File type

Size
28 kB (27849 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tv8/html/fl.php?get=VE5UX1Nwb3J0c19IRA HTTP/1.1
Host: futbollibre.futbol
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://futbollibre.futbol/tv8/en-vivo/tnt-sports/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 08 May 2024 19:23:52 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZkHRlda4wqIrTpYjP3zXXTEymG7g4JS5r8Nz75SrW4%2BKaHyYBzDcybkmC89YfiUbbDNC3vPy0SJU2je49428d5Y6YAv7olNjqgBLXIEv418k8iNyrcpcjZv9tFfc%2B%2Br7yKI4Fwg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880bd3a07a6456b7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

t.dtscout.com/i/?l=https%3A%2F%2Ffutbollibre.futbol%2Ftv8%2Fen-vivo%2Ftnt-sports%2F&j=

141.101.120.11

200 OK

2.1 kB

URL GET HTTP/2
t.dtscout.com/i/?l=https%3A%2F%2Ffutbollibre.futbol%2Ftv8%2Fen-vivo%2Ftnt-sports%2F&j=
IP
141.101.120.11:443
ASN
#13335 CLOUDFLARENET

Requested by
https://futbollibre.futbol/tv8/en-vivo/tnt-sports/
Certificate
IssuerGoogle Trust Services LLC
Subjectdtscout.com
Fingerprint69:9E:FB:2A:E2:0B:6B:60:8A:15:AF:4F:5A:3D:94:5B:68:70:F4:21
ValiditySun, 17 Mar 2024 14:35:30 GMT - Sat, 15 Jun 2024 14:35:29 GMT

File type
ASCII text, with very long lines (2163), with no line terminators
Size
2.1 kB (2079 bytes)
Hash
8811c1da7d7cd9a89cf1c9d88cf153c1
5dd7a95e6eee435a18d261757a4aa4aeea7ae472
0c72ec693d21a33e6c802f2648030af0433badc9a020325a82550115cf5044cc

HTTP Headers

GET /i/?l=https%3A%2F%2Ffutbollibre.futbol%2Ftv8%2Fen-vivo%2Ftnt-sports%2F&j= HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://futbollibre.futbol/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 19:23:52 GMT
content-type: application/javascript
x-s: mtl1
set-cookie: m=1; Domain=dtscout.com; Expires=Wed, 08-May-2024 20:47:12 GMT; Max-Age=5000; Path=/; SameSite=None; Secure
oa=1; Domain=dtscout.com; Expires=Wed, 08-May-2024 23:23:52 GMT; Max-Age=14400; Path=/; SameSite=None; Secure
df=1715196232; Domain=dtscout.com; Expires=Fri, 16-Aug-2024 19:23:52 GMT; Max-Age=8640000; Path=/; SameSite=None; Secure
x-t: 0.281
expires: Wed, 08 May 2024 19:23:51 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2EYry3w9EJXLQmg0emcgI9fDqRdZBKox%2FFki7pkOP12Gqd1eb9gCwtwRCLLVfXlRZVlIYCuaGeXzMYGNh5Aak7lI6q6X4MFbyv5z3q90WiJfhQonItGNUUpAwmnUNXo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880bd3a1ed618d7e-HEL
content-encoding: br
X-Firefox-Spdy: h2

futbollibre.futbol/tv8/css/bootstrap.css

104.21.80.144

200 OK

141 kB

URL GET HTTP/3
futbollibre.futbol/tv8/css/bootstrap.css
IP
104.21.80.144:443
ASN
#13335 CLOUDFLARENET

Requested by
https://futbollibre.futbol/tv8/en-vivo/tnt-sports/
Certificate
IssuerGoogle Trust Services LLC
Subjectfutbollibre.futbol
Fingerprint07:E8:BF:1D:BD:33:29:81:84:38:9C:5C:0D:A4:9F:EA:55:AB:D3:36
ValidityTue, 30 Apr 2024 04:19:06 GMT - Mon, 29 Jul 2024 04:19:05 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
141 kB (141043 bytes)
Hash
a916af83fb83318f11a46d7b85f36876
e438f2f6ebd8730de08c0897d26df02aaa5e041f
4b64148d9b3eb58e3907facf1de6a15de22f6a484619b11b22248467fedee06d

HTTP Headers

GET /tv8/css/bootstrap.css HTTP/1.1
Host: futbollibre.futbol
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://futbollibre.futbol/tv8/en-vivo/tnt-sports/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 08 May 2024 19:23:51 GMT
content-type: text/css
cache-control: public, max-age=43200
expires: Wed, 01 May 2024 06:38:24 GMT
etag: W/"226f3-63852074-8ea493;br"
last-modified: Mon, 28 Nov 2022 20:56:20 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 3690
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BNKGFMEyuVVyZLLIhZjDdoks1d4PLPG8SZVPhD%2FOKUa9akgVuAOw9IyoROJRAI4OI%2BwcwzFkNkNJSoXePyz%2BEc77JIF8mXSYTvIXpuzCKo5PQTQVIdBnKKSc5Y7Axk5Nemv44tc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880bd39eef4d56b7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

futbollibre.futbol/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js

104.21.80.144

200 OK

7.8 kB

URL GET HTTP/3
futbollibre.futbol/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js
IP
104.21.80.144:443
ASN
#13335 CLOUDFLARENET

Requested by
https://futbollibre.futbol/tv8/en-vivo/tnt-sports/
Certificate
IssuerGoogle Trust Services LLC
Subjectfutbollibre.futbol
Fingerprint07:E8:BF:1D:BD:33:29:81:84:38:9C:5C:0D:A4:9F:EA:55:AB:D3:36
ValidityTue, 30 Apr 2024 04:19:06 GMT - Mon, 29 Jul 2024 04:19:05 GMT

File type
JavaScript source, ASCII text, with very long lines (7802), with no line terminators
Size
7.8 kB (7802 bytes)
Hash
982b9566c23363ed3a6fec2fed6ef079
3f651e92d86828a60c0cb211b00d49eb693988b8
075de6fc4326722f0e84431f97cd2ffc1bd040991670435f1187b745733b9054

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js HTTP/1.1
Host: futbollibre.futbol
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 08 May 2024 19:23:51 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jy02zfaXYDMeWKr7LVNNuEcVsjY4aLB4Gr9QzIEaTqUIRQyQiAd5K9czGNbvhPiUu3Nonq6eS1OdhLr%2BiLqhwllQgTsGc%2FxxuACSD%2Bub%2FiecvqMSLs6B%2BP67f6dxi%2F2sq8E2hso%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880bd3a14c8156b7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

futbollibre.futbol/tv8/html/navbar.html

104.21.80.144

200 OK

452 B

URL GET HTTP/3
futbollibre.futbol/tv8/html/navbar.html
IP
104.21.80.144:443
ASN
#13335 CLOUDFLARENET

Requested by
https://futbollibre.futbol/tv8/en-vivo/tnt-sports/
Certificate
IssuerGoogle Trust Services LLC
Subjectfutbollibre.futbol
Fingerprint07:E8:BF:1D:BD:33:29:81:84:38:9C:5C:0D:A4:9F:EA:55:AB:D3:36
ValidityTue, 30 Apr 2024 04:19:06 GMT - Mon, 29 Jul 2024 04:19:05 GMT

File type
Unicode text, UTF-8 text, with very long lines (480), with no line terminators
Size
452 B (452 bytes)
Hash
e2e680178210527c7c5f50c8f20959a3
745a42c8fdef4b668f9dc157adef36d183efb7e8
6ea5420c4ddda1f615611c7758dc8bd200ef5c6df830e33cb7cfaf073eddc308

HTTP Headers

GET /tv8/html/navbar.html HTTP/1.1
Host: futbollibre.futbol
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://futbollibre.futbol/tv8/en-vivo/tnt-sports/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 08 May 2024 19:23:52 GMT
content-type: text/html
last-modified: Thu, 21 Dec 2023 22:42:12 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JQsSLpaiZHb1ePx6%2FzNoqXV6QEn9mSTOwHkhHdviDMCF%2BERdoEmp9mevofQNqxKPWscGtunvSPUEToG1bK02W0sZoYsl%2FApMHCgwoKr5oa6mM%2B5qGG3XdF9TvaIU8zg%2BOWbWYI4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880bd3a1ddb956b7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

futbollibre.futbol/tv8/css/portada.css

104.21.80.144

200 OK

381 B

URL GET HTTP/3
futbollibre.futbol/tv8/css/portada.css
IP
104.21.80.144:443
ASN
#13335 CLOUDFLARENET

Requested by
https://futbollibre.futbol/tv8/en-vivo/tnt-sports/
Certificate
IssuerGoogle Trust Services LLC
Subjectfutbollibre.futbol
Fingerprint07:E8:BF:1D:BD:33:29:81:84:38:9C:5C:0D:A4:9F:EA:55:AB:D3:36
ValidityTue, 30 Apr 2024 04:19:06 GMT - Mon, 29 Jul 2024 04:19:05 GMT

File type
ASCII text, with very long lines (381), with no line terminators
Size
381 B (381 bytes)
Hash
b49a9fdd6f95198b570efe324a20e7ef
7471b80e32868da22a15a461a13a2e06f769e2d3
97807c9a65b0b8a005fc258df070665409a3bee0a6a7be4b03d7e0f546c93a73

HTTP Headers

GET /tv8/css/portada.css HTTP/1.1
Host: futbollibre.futbol
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://futbollibre.futbol/tv8/en-vivo/tnt-sports/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 08 May 2024 19:23:51 GMT
content-type: text/css
cache-control: public, max-age=43200
expires: Wed, 01 May 2024 08:12:38 GMT
etag: W/"17d-63845fa0-8ea492;br"
last-modified: Mon, 28 Nov 2022 07:13:36 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 3690
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0fF3nLjefJxDFfO%2Bf%2FVW5WBndnooUBeRQHAlAiQPWwhBY8ddoBoMzYjOxxb9bEsNRNhaWVx1f1jTS0svhJWzPLDyXJwHlNun1avszZAYvex87pCRRjDCiGyzL5jVsh4%2BPET5qT4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880bd39eef5456b7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

futbollibre.futbol/html/cv.json?3912

0.0.0.0

0 B

URL GET
futbollibre.futbol/html/cv.json?3912
IP
0.0.0.0:0
ASN
#0

Requested by
https://futbollibre.futbol/tv8/html/fl.php?get=VE5UX1Nwb3J0c19IRA
Certificate
IssuerGoogle Trust Services LLC
Subjectfutbollibre.futbol
Fingerprint07:E8:BF:1D:BD:33:29:81:84:38:9C:5C:0D:A4:9F:EA:55:AB:D3:36
ValidityTue, 30 Apr 2024 04:19:06 GMT - Mon, 29 Jul 2024 04:19:05 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /html/cv.json?3912 HTTP/1.1
Host: futbollibre.futbol
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=IF.h6sU74ermKey6bY2z1wn9D8TcOEWy9a1UJDZn5_o-1715196232-1.0.1.1-G_gqNeybUN50M5T_IdahpkEvnk3Lk70Ezefs.X4LnusM.pWA1yrrKLxcl0ugQyylD5SOeR9gYBlbAenOhvlwNA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 301 Moved Permanently
date: Wed, 08 May 2024 19:23:52 GMT
content-type: text/html
location: https://futbollibre.futbol/tv8/html/cv.json?3912
x-turbo-charged-by: LiteSpeed
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7wDwnw7UzgVi3IeHz28g63TEzoOgHY0RbwOEwVcnQrX9oMtu6d2XAUODWozJWZ0TXCHTG5pe6eFa%2B9g8bbeY6PEhC%2B6yZ02greMiBIejL5CRy7LViT3krG6bHkgySPfK9NPtI7U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880bd3a30fed56b7-OSL
alt-svc: h3=":443"; ma=86400

futbollibre.futbol/tv8/en-vivo/tnt-sports/

104.21.80.144

200 OK

10 kB

URL User Request GET HTTP/2
futbollibre.futbol/tv8/en-vivo/tnt-sports/
IP
104.21.80.144:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectfutbollibre.futbol
Fingerprint07:E8:BF:1D:BD:33:29:81:84:38:9C:5C:0D:A4:9F:EA:55:AB:D3:36
ValidityTue, 30 Apr 2024 04:19:06 GMT - Mon, 29 Jul 2024 04:19:05 GMT

File type

Size
10 kB (10480 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tv8/en-vivo/tnt-sports/ HTTP/1.1
Host: futbollibre.futbol
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 19:23:51 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FrFsFjhfS5IMFLuFxZ3nr3t28NKd55n1LLl3mmIhlQfIzhsGj2ur4Zzv5WFHB13iPqdlLRJjyQywnMCfiFvZj%2BrCVD282RIVvUNO57YJgocWgqhNN2OJWutx1zOuRPZVSGsBVRk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880bd39a2c23569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

futbollibre.futbol/tv8/html/footer.html

104.21.80.144

200 OK

801 B

URL GET HTTP/3
futbollibre.futbol/tv8/html/footer.html
IP
104.21.80.144:443
ASN
#13335 CLOUDFLARENET

Requested by
https://futbollibre.futbol/tv8/en-vivo/tnt-sports/
Certificate
IssuerGoogle Trust Services LLC
Subjectfutbollibre.futbol
Fingerprint07:E8:BF:1D:BD:33:29:81:84:38:9C:5C:0D:A4:9F:EA:55:AB:D3:36
ValidityTue, 30 Apr 2024 04:19:06 GMT - Mon, 29 Jul 2024 04:19:05 GMT

File type
Unicode text, UTF-8 text, with very long lines (855), with no line terminators
Size
801 B (801 bytes)
Hash
14ff684e5716df19468b808e597cf99d
d4b54635573d173a04873382875610f093ea1457
5ab462fd6552e19b31e2700d6aa9a39bc7649ccbb23b406b1b9daca0449e38e7

HTTP Headers

GET /tv8/html/footer.html HTTP/1.1
Host: futbollibre.futbol
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://futbollibre.futbol/tv8/en-vivo/tnt-sports/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 08 May 2024 19:23:52 GMT
content-type: text/html
last-modified: Thu, 21 Dec 2023 22:42:10 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BElGwaMd2Jiqp5JGgctZdv8lm4DdwLVvpXc%2BgDlaLtockzF4Bgv5qhJKCP3I0jJIb9IhLPBirhNM4vQf0SGHs9M7HSLLfP7xY%2BEK2%2FXwqCUfkV0DdYmfM3pRfRuXxM5FVJ9jRpQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880bd3a1ddbd56b7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cdn.jsdelivr.net/npm/console-ban@4.1.0/dist/console-ban.min.js

104.18.186.31

200 OK

2.4 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/console-ban@4.1.0/dist/console-ban.min.js
IP
104.18.186.31:443
ASN
#13335 CLOUDFLARENET

Requested by
https://futbollibre.futbol/tv8/html/fl.php?get=VE5UX1Nwb3J0c19IRA
Certificate
IssuerSectigo Limited
Subject*.jsdelivr.net
Fingerprint74:7A:63:DF:06:27:1E:52:8C:E8:0D:AD:1F:89:98:B5:EB:2D:49:EE
ValiditySat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (2420), with no line terminators
Size
2.4 kB (2378 bytes)
Hash
eadc892a081961be1af9587373983860
3789b6fdc58802dde8ccb3def25d210a4b5aec76
7ca3f9eea2d801d097ae084d0d417b8724a655310ee0b548e9b75190c3af0dab

HTTP Headers

GET /npm/console-ban@4.1.0/dist/console-ban.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 19:23:52 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 4.1.0
x-jsd-version-type: version
etag: W/"94a-x2FYTFEbUDUMlcmV/trIW701Sjg"
x-served-by: cache-fra-etou8220103-FRA, cache-lga21967-LGA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 190497
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=su1dMVSzTtxh3Z44gZMDCCEdq5pDPvzHNWFFlRigg2bw4rjoJ%2FQyMoiZn6UPeynuclDBJwHjOAQLA16SkfRMK0TjQ3alL3HD8ZFK%2Fupbujyf%2BDthE1FA%2B4oL9IEnDL3lNyw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880bd3a29e4b0afa-OSL
content-encoding: br
X-Firefox-Spdy: h2

waust.at/s.js

104.26.4.7

200 OK

8.6 kB

URL GET HTTP/2
waust.at/s.js
IP
104.26.4.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://futbollibre.futbol/tv8/en-vivo/tnt-sports/
Certificate
IssuerGoogle Trust Services LLC
Subjectwaust.at
Fingerprint53:C9:86:25:AF:DA:1C:80:06:5F:64:B6:42:12:10:8C:33:EA:B2:37
ValiditySat, 04 May 2024 02:21:03 GMT - Fri, 02 Aug 2024 02:21:02 GMT

File type
JavaScript source, ASCII text, with very long lines (8826), with no line terminators
Size
8.6 kB (8560 bytes)
Hash
e035263c3e1d7ccd4168070e0954df82
8b47f35dfcada03dd10e1970081ca0b622bd94b9
3efdd12bf82a9d8985d85246e53a8150bc955948a5f0a4a2882ffc6242fdaa7c

HTTP Headers

GET /s.js HTTP/1.1
Host: waust.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://futbollibre.futbol/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 19:23:51 GMT
content-type: application/x-javascript
last-modified: Thu, 12 Jan 2023 17:19:30 GMT
etag: W/"63c04122-2170"
expires: Thu, 09 May 2024 18:42:33 GMT
cache-control: max-age=86400
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 2478
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UQteZsZfej5jX3VJUi0s%2BAm6yqsDuiJYPJzaSm9lWj%2B%2FMmsLDc59WPf%2BD0C09tEbmIlmK4881zusqumAkrEgi9UC0UbjNT0Zr80Jrly6ey%2B20QIIbOWBEGmz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880bd39f6f1c712b-OSL
content-encoding: br
X-Firefox-Spdy: h2

t.dtscout.com/pv/?_a=v&_h=futbollibre.futbol&_ss=3v4xsa29q8&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=47lf&_cb=_dtspv.c

141.101.120.11

200 OK

51 B

URL GET HTTP/2
t.dtscout.com/pv/?_a=v&_h=futbollibre.futbol&_ss=3v4xsa29q8&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=47lf&_cb=_dtspv.c
IP
141.101.120.11:443
ASN
#13335 CLOUDFLARENET

Requested by
https://futbollibre.futbol/tv8/en-vivo/tnt-sports/
Certificate
IssuerGoogle Trust Services LLC
Subjectdtscout.com
Fingerprint69:9E:FB:2A:E2:0B:6B:60:8A:15:AF:4F:5A:3D:94:5B:68:70:F4:21
ValiditySun, 17 Mar 2024 14:35:30 GMT - Sat, 15 Jun 2024 14:35:29 GMT

File type
ASCII text, with no line terminators
Size
51 B (51 bytes)
Hash
b6c449d9e279611732871bb36358df26
16948153746f8cd973dbad80c408ef9ccd21004f
cff511a0e32949ab8ce1dce7909ce67b30c71b62c101b35dd576740cd933b51f

HTTP Headers

GET /pv/?_a=v&_h=futbollibre.futbol&_ss=3v4xsa29q8&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=47lf&_cb=_dtspv.c HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://futbollibre.futbol/
Cookie: m=1; oa=1; df=1715196232
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 19:23:52 GMT
content-type: application/javascript
x-t: 0.188
x-c: 0
expires: Wed, 08 May 2024 19:23:51 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5V%2B20EZFAL66UO1qe1HILzjuVKcwh5TosnUojX8D6cjMKNHtrJYf2oq0AzPSrZ4rkkgT%2F86WwZ31HyeoRAGrnrajJNB55L70Tk%2BGlQVKNo2bKAececuo505qnl3myzo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880bd3a3be8f8d7e-HEL
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (22)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML