| cdn.xsportbox.com/embed77/?event=stack.html&link=1&domain=&force=https://streambtw.com/iframe/ch2.php&ask=1714834800&lgt=3&noplayer=1 | 188.114.97.1 | 200 OK | 0 B |
URL User Request GET HTTP/2cdn.xsportbox.com/embed77/?event=stack.html&link=1&domain=&force=https://streambtw.com/iframe/ch2.php&ask=1714834800&lgt=3&noplayer=1 IP188.114.97.1:443
CertificateIssuerLet's Encrypt Subjectxsportbox.com Fingerprint26:37:30:3E:D3:36:0C:80:9E:E5:AC:9B:48:2B:AD:61:B7:03:5A:46 ValidityThu, 28 Mar 2024 08:02:25 GMT - Wed, 26 Jun 2024 08:02:24 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /embed77/?event=stack.html&link=1&domain=&force=https://streambtw.com/iframe/ch2.php&ask=1714834800&lgt=3&noplayer=1 HTTP/1.1
Host: cdn.xsportbox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.xsportbox.com/embed77/?event=stack.html&link=1&domain=&force=https://streambtw.com/iframe/ch2.php&ask=1714834800&lgt=3&noplayer=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 14:48:06 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UvKexwJTfrFyLQE%2B9AcVrhSZnleumHjSMWpIUmxvGHy%2FUsfwSDwkitaTqb20VjrIcCcm1tvyZrFpPMs5OCO2FHZQdRLD6VHZhMt%2B3ynb6AdqJbCmbrKnb2MWg8PcnIyeUmsQ4A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e94a2edf5d56c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ptaixout.net/tag.min.js | 139.45.197.244 | 200 OK | 28 kB |
IP139.45.197.244:443
Requested byhttps://cdn.xsportbox.com/embed77/?event=stack.html&link=1&domain=&force=https://streambtw.com/iframe/ch2.php&ask=1714834800&lgt=3&noplayer=1 CertificateIssuerLet's Encrypt Subjectptaixout.net Fingerprint68:9C:78:69:60:28:90:FB:1C:BD:D0:98:14:FB:F6:C2:C7:45:CD:5C ValidityMon, 18 Mar 2024 05:39:00 GMT - Sun, 16 Jun 2024 05:38:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash6161cd5b16afc637789c8a29da15ed13 04f9e513c05079726b06b2154995c4c5c7c09b08 562a877675f8c3df7e1be8c3b2999127466ca8784a0a556810ec018ab6c86e34
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /tag.min.js HTTP/1.1
Host: ptaixout.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.xsportbox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 14:48:06 GMT
content-type: text/javascript; charset=utf-8
content-length: 28333
content-encoding: br
x-trace-id: 9ca4f7b15a60b7be803137afbb4a3087
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Fri, 03 May 2024 05:52:07 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| streambtw.com/iframe/ch2.php | 188.114.97.1 | 200 OK | 0 B |
URL HEAD HTTP/3streambtw.com/iframe/ch2.php IP188.114.97.1:443
Requested byhttps://streambtw.com/iframe/ch2.php CertificateIssuerGoogle Trust Services LLC Subjectstreambtw.com FingerprintD8:97:8E:55:E7:91:FA:80:DF:3A:35:36:D3:6C:CC:D6:6B:27:D9:3E ValiditySun, 31 Mar 2024 23:25:29 GMT - Sat, 29 Jun 2024 23:25:28 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /iframe/ch2.php HTTP/1.1
Host: streambtw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://streambtw.com/iframe/ch2.php
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 14:48:06 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FHa8%2F18BPWSlyA4r4FN0EV6eXIFhHpD6R4j4Qa6rF1umpG7zPshlBiGk4czMH1fyZCSQNgmI%2BTj9pw2819wccC%2FTyxN5r6sQksEe%2FmkJOveylPxhJQAziYCLe6FNlAR7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e94a307bed0afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| streambtw.com/z-7102142 | 188.114.97.1 | 200 OK | 162 kB |
IP188.114.97.1:443
Requested byhttps://streambtw.com/iframe/ch2.php CertificateIssuerGoogle Trust Services LLC Subjectstreambtw.com FingerprintD8:97:8E:55:E7:91:FA:80:DF:3A:35:36:D3:6C:CC:D6:6B:27:D9:3E ValiditySun, 31 Mar 2024 23:25:29 GMT - Sat, 29 Jun 2024 23:25:28 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (40957), with NEL line terminators Size162 kB (161596 bytes) Hashd0c9b82cf77dd67fd97853dbb654844c 7649259f012f3d64504cdf4dea6bb568e9ef5c09 991ad3b6bbc30ce9cc52a029bbc0b5ed56967becd2ffe4852107ef454e606012
GET /z-7102142 HTTP/1.1
Host: streambtw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://streambtw.com/iframe/ch2.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 14:48:06 GMT
content-type: application/octet-stream
content-length: 161596
last-modified: Sat, 04 May 2024 14:17:10 GMT
etag: "66364366-2773c"
cache-control: no-cache
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WEFRbcG2dbG5Kv%2BRhAVj0HiVkObLQ%2FxTx%2F9MzgRanewT2ia7cApkM6zRe1GmZWU4YYPcT8Zhz7dl2bYDagWvcZrs%2BhpPagxon%2Ff35z%2Fl%2Fd6zXcTRt9PUy6op%2Bicch4Iq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e94a309c0d0afa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| streambtw.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js | 188.114.97.1 | 200 OK | 4.4 kB |
URL GET HTTP/3streambtw.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js IP188.114.97.1:443
Requested byhttps://streambtw.com/iframe/ch2.php CertificateIssuerGoogle Trust Services LLC Subjectstreambtw.com FingerprintD8:97:8E:55:E7:91:FA:80:DF:3A:35:36:D3:6C:CC:D6:6B:27:D9:3E ValiditySun, 31 Mar 2024 23:25:29 GMT - Sat, 29 Jun 2024 23:25:28 GMT
File typegzip compressed data, from Unix Hashe5305bea3d13fcfd51ab7e9d4aaaa016 b5d3342c73997bcd6f3c617dde174e2f03fec5f7 3086923f9c6efabf3cfd98d040abe09bcfdbabb0f3e56ab4b478bb2de046587d
GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: streambtw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://streambtw.com/iframe/ch2.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 14:48:06 GMT
content-type: application/javascript
last-modified: Tue, 30 Apr 2024 15:20:25 GMT
etag: W/"66310c39-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MIVjv9cb6mThdPZlLdXpa9CsiTH7okwuGvuVpAanzAa2QbNcr0hg%2FAwsLaVzRJrw7vEMofEuOrw94m2OD9FceWfNtOth8B0vOUAu%2B2reIavQBmR2jo25lW5eZDqST4%2Fp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e94a2fcb470afa-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Mon, 06 May 2024 14:48:06 GMT
cache-control: max-age=172800, public
content-encoding: gzip
|
|
| cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/level-selector.min.js | 151.101.65.229 | 200 OK | 11 kB |
URL GET HTTP/2cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/level-selector.min.js IP151.101.65.229:443
Requested byhttps://streambtw.com/iframe/ch2.php CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeJavaScript source, ASCII text, with very long lines (30387) Hash1b142ebaf5f868c4c11a73ffe9175afb aa8b49bab8e92ff04d17a5a2c7c0dafc426e2fe9 df86557c0f11c06f425dab021ec5a970b22b6fa8b9651af3d26f137fb30c3702
GET /gh/clappr/clappr-level-selector-plugin@latest/dist/level-selector.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://streambtw.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 0.3.0
x-jsd-version-type: version
etag: W/"76e2-qotJurjpL/BNF6Wix8Da/EJuL+k"
content-encoding: br
accept-ranges: bytes
date: Sat, 04 May 2024 14:48:06 GMT
age: 33769
x-served-by: cache-fra-eddf8230055-FRA, cache-hel1410028-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 10804
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/npm/@clappr/player@latest/dist/clappr.min.js | 151.101.65.229 | 200 OK | 169 kB |
URL GET HTTP/2cdn.jsdelivr.net/npm/@clappr/player@latest/dist/clappr.min.js IP151.101.65.229:443
Requested byhttps://streambtw.com/iframe/ch2.php CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size169 kB (169275 bytes) Hash3dbf1ad3535560c4e487d88012784f29 6fd8110083e0c387d8fb49a4d6a5264b28c755f8 0445a4b98a570af2253cd291c241a2e716e4105ffeec79628e058a8fe77aaedd
GET /npm/@clappr/player@latest/dist/clappr.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://streambtw.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 0.5.0
x-jsd-version-type: version
etag: W/"9749e-b9gRAIPgw4fY+0mk1qUmSyjHVfg"
content-encoding: br
accept-ranges: bytes
date: Sat, 04 May 2024 14:48:06 GMT
age: 23740
x-served-by: cache-fra-eddf8230062-FRA, cache-hel1410028-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 169275
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-PQ1PJ56MMF | 142.250.74.168 | 200 OK | 102 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=G-PQ1PJ56MMF IP142.250.74.168:443
Requested byhttps://streambtw.com/iframe/ch2.php CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (5955) Size102 kB (101612 bytes) Hash5eb87cccba6a8cb51fa579bae50dd1c6 4299b91a3c6163beca298cca1da6b16e040d6fcf f6716014a4a8355f0746d39a6884cc5f99f9328c8ca5ee78cd147a6b985cec31
GET /gtag/js?id=G-PQ1PJ56MMF HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://streambtw.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 04 May 2024 14:48:06 GMT
expires: Sat, 04 May 2024 14:48:06 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 101612
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| my.rtmark.net/gid.js?userId=0080529bef8346dfeed735e4e7587407 | 139.45.195.8 | 200 OK | 65 B |
URL GET HTTP/2my.rtmark.net/gid.js?userId=0080529bef8346dfeed735e4e7587407 IP139.45.195.8:443
Requested byhttps://cdn.xsportbox.com/embed77/?event=stack.html&link=1&domain=&force=https://streambtw.com/iframe/ch2.php&ask=1714834800&lgt=3&noplayer=1 CertificateIssuerLet's Encrypt Subjectrtmark.net FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT
Hash9d6c92eba25bdca1aecd9c22b8d512bf 8248a7bac3a4dc7da5a3adc7e06bde65293dcfbe a80e04135531763020fe955102edcc531a773951cb8ffd36854943fed29076d5
GET /gid.js?userId=0080529bef8346dfeed735e4e7587407 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cdn.xsportbox.com
DNT: 1
Connection: keep-alive
Referer: https://cdn.xsportbox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 14:48:06 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://cdn.xsportbox.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=0080529bef8346dfeed735e4e7587407; expires=Sun, 04 May 2025 14:48:06 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| phomoach.net/tag.min.js | 139.45.197.245 | 200 OK | 28 kB |
IP139.45.197.245:443
Requested byhttps://streambtw.com/iframe/ch2.php CertificateIssuerLet's Encrypt Subjectphomoach.net Fingerprint4D:5D:41:54:2C:98:6F:5D:8D:BC:45:87:4B:76:9B:E0:30:B6:88:BF ValidityFri, 15 Mar 2024 06:26:26 GMT - Thu, 13 Jun 2024 06:26:25 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash6161cd5b16afc637789c8a29da15ed13 04f9e513c05079726b06b2154995c4c5c7c09b08 562a877675f8c3df7e1be8c3b2999127466ca8784a0a556810ec018ab6c86e34
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /tag.min.js HTTP/1.1
Host: phomoach.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://streambtw.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 14:48:06 GMT
content-type: text/javascript; charset=utf-8
content-length: 28333
content-encoding: br
x-trace-id: 640ad2fe1965281bf472b581a5284c16
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Fri, 03 May 2024 05:45:49 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| youradexchange.com/script/suurl5.php?r=7102142&cbur=0.3309029921163642&cbiframe=1&cbWidth=1100&cbHeight=619&cbtitle=&cbpage=https%3A%2F%2Fcdn.xsportbox.com%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=eyhcervzexp.com&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse1280x10240en-USunknown4824%20bits&ts=1714834086644&srs=467341bc9a04504f4239a9899cc15ec6&atv=48.1&abtg=1&adbv=3-swat3-swf2 | 172.67.177.214 | 200 OK | 102 kB |
URL GET HTTP/2youradexchange.com/script/suurl5.php?r=7102142&cbur=0.3309029921163642&cbiframe=1&cbWidth=1100&cbHeight=619&cbtitle=&cbpage=https%3A%2F%2Fcdn.xsportbox.com%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=eyhcervzexp.com&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse1280x10240en-USunknown4824%20bits&ts=1714834086644&srs=467341bc9a04504f4239a9899cc15ec6&atv=48.1&abtg=1&adbv=3-swat3-swf2 IP172.67.177.214:443
Requested byhttps://streambtw.com/iframe/ch2.php CertificateIssuerGoogle Trust Services LLC Subjectyouradexchange.com FingerprintD5:0B:42:43:E8:69:FA:76:AA:C8:B3:28:9A:EB:33:C4:6F:62:7A:2B ValiditySun, 14 Apr 2024 01:48:20 GMT - Sat, 13 Jul 2024 01:48:19 GMT
Size102 kB (102379 bytes) Hash359fae29fa6820841097889d4bd61f90 6de0fbcddeb11157c5d25ca5936a4a752da20cda 2c44ac0ce5c2287d16d122d2efa14f031408472a92a793e00117322d9c60a1b5
GET /script/suurl5.php?r=7102142&cbur=0.3309029921163642&cbiframe=1&cbWidth=1100&cbHeight=619&cbtitle=&cbpage=https%3A%2F%2Fcdn.xsportbox.com%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=eyhcervzexp.com&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse1280x10240en-USunknown4824%20bits&ts=1714834086644&srs=467341bc9a04504f4239a9899cc15ec6&atv=48.1&abtg=1&adbv=3-swat3-swf2 HTTP/1.1
Host: youradexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://streambtw.com/
Origin: https://streambtw.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 14:48:06 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, OPTIONS
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1Y%2BIGc9S4OBFR7z7D1ASWIINWjEeODP%2FTS%2FibGeX%2FCi1N01xKCWjTfuLC%2FqBTJmFVJp4pZ%2FlvMcuvOVu%2BTNLxG4FGco20%2FqIwV%2BwFGyr0g8SUtWwdo%2FBQTUJRc9dvgZyuVNmciw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e94a328cbf0b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| latentpebble.com/e9/2c/ff/e92cff90263e690389103e528cff0eba.js | 192.243.59.20 | 200 OK | 31 kB |
URL GET HTTP/1.1latentpebble.com/e9/2c/ff/e92cff90263e690389103e528cff0eba.js IP192.243.59.20:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://cdn.xsportbox.com/embed77/?event=stack.html&link=1&domain=&force=https://streambtw.com/iframe/ch2.php&ask=1714834800&lgt=3&noplayer=1 CertificateIssuerLet's Encrypt Subjectlatentpebble.com Fingerprint00:B3:C6:8D:D2:39:23:1C:58:F0:A3:39:FE:4B:1C:4F:91:D9:48:3D ValidityWed, 24 Apr 2024 07:03:02 GMT - Tue, 23 Jul 2024 07:03:01 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash1c70f9d66a298c12242dc22fa7a07a75 41bc4a5f57e5118215f92566f014775682143d2d fe48e14c0e6111dd248e6963ae03eab000ce3baee2d4e9ff064159a2bb2acae5
GET /e9/2c/ff/e92cff90263e690389103e528cff0eba.js HTTP/1.1
Host: latentpebble.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.xsportbox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 14:48:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d909e46cf6055a475b253df3ceea8271
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| www.gettvfree.online/static/stream_2_366_359.js | 172.67.163.224 | 200 OK | 2.9 MB |
URL GET HTTP/2www.gettvfree.online/static/stream_2_366_359.js IP172.67.163.224:443
Requested byhttps://streambtw.com/iframe/ch2.php CertificateIssuerLet's Encrypt Subjectgettvfree.online Fingerprint6D:07:2C:5B:85:2A:06:46:37:1A:B2:79:5A:F6:23:8B:9D:7D:B6:AF ValidityWed, 17 Apr 2024 20:39:48 GMT - Tue, 16 Jul 2024 20:39:47 GMT
Size2.9 MB (2913209 bytes) Hash0fa41360ab5f895b80e88045cec50db5 5caf2303d4ffb191fda529aa652f227fc9b050d4 a5957f6ae3f027f2aefbf2ff6052095c9c6f5d49d52fc1ffb411ed79d4a043b1
GET /static/stream_2_366_359.js HTTP/1.1
Host: www.gettvfree.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://streambtw.com
DNT: 1
Connection: keep-alive
Referer: https://streambtw.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 14:48:07 GMT
content-type: application/javascript
last-modified: Sat, 04 May 2024 14:47:41 GMT
etag: W/"66364a8d-2cfbbc"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 25
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XFkOwBdGUhtIvBjSVVvOFxyzh0YH%2BzK8fGXaQZ6lx0rXp7gmeKx9%2Bvfu880kfSavPfRRYG%2FR3tOodZLYIv13dLbAFF0fPcxa6gHO7BywYKJMp2eOGc%2B%2BUovXzXAO0lD5UTed35KqsA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e94a34ef880b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| my.rtmark.net/gid.js?userId=0080523f77c742c2e4f1af2f9382b463 | 139.45.195.8 | 200 OK | 65 B |
URL GET HTTP/2my.rtmark.net/gid.js?userId=0080523f77c742c2e4f1af2f9382b463 IP139.45.195.8:443
Requested byhttps://streambtw.com/iframe/ch2.php CertificateIssuerLet's Encrypt Subjectrtmark.net FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT
Hash9d6c92eba25bdca1aecd9c22b8d512bf 8248a7bac3a4dc7da5a3adc7e06bde65293dcfbe a80e04135531763020fe955102edcc531a773951cb8ffd36854943fed29076d5
GET /gid.js?userId=0080523f77c742c2e4f1af2f9382b463 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://streambtw.com
DNT: 1
Connection: keep-alive
Referer: https://streambtw.com/
Cookie: ID=0080529bef8346dfeed735e4e7587407
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 14:48:07 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://streambtw.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=0080529bef8346dfeed735e4e7587407; expires=Sun, 04 May 2025 14:48:07 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| proftrafficcounter.com/stats | 52.29.105.35 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP52.29.105.35:443
Requested byhttps://cdn.xsportbox.com/embed77/?event=stack.html&link=1&domain=&force=https://streambtw.com/iframe/ch2.php&ask=1714834800&lgt=3&noplayer=1 CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hashf0bef7686a0711f120084b1d7e27cc35 cd2431d754ccb4e8ce99e8b2939c8d924ccc89e9 7d43d42a4a2c562df3b710958181a44edefac12f5c51ba07d5466d9d376b78a2
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cdn.xsportbox.com
DNT: 1
Connection: keep-alive
Referer: https://cdn.xsportbox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 14:48:07 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://cdn.xsportbox.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=403642d3-48d7-47c0-a601-5d3714217024:1:1; expires=Tue, 02 May 2034 14:48:07 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| phomoach.net/5/6869446/?oo=1&aab=1 | 139.45.197.245 | 200 OK | 1.9 kB |
URL GET HTTP/2phomoach.net/5/6869446/?oo=1&aab=1 IP139.45.197.245:443
Requested byhttps://streambtw.com/iframe/ch2.php CertificateIssuerLet's Encrypt Subjectphomoach.net Fingerprint4D:5D:41:54:2C:98:6F:5D:8D:BC:45:87:4B:76:9B:E0:30:B6:88:BF ValidityFri, 15 Mar 2024 06:26:26 GMT - Thu, 13 Jun 2024 06:26:25 GMT
File typegzip compressed data, max speed, from Unix Hash90ef97b4ba7a4302d22578edab04bee2 0562c1b37a719d65cdd7084a83cca68d590d44b2 9decfb0d5a962b79e5ca8c09eb33c9293ae9a3fd6c54c1b3f964d49256546b82
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /5/6869446/?oo=1&aab=1 HTTP/1.1
Host: phomoach.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://streambtw.com
DNT: 1
Connection: keep-alive
Referer: https://streambtw.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 14:48:06 GMT
content-type: application/json
x-trace-id: 27ffab1560a2a06eb3ea483c5e9a185b
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://streambtw.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=0080523f77c742c2e4f1af2f9382b463; expires=Sun, 04 May 2025 14:48:06 GMT; path=/; secure; SameSite=None
oaidts=1714834086; expires=Sun, 04 May 2025 14:48:06 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| ptaixout.net/5/6320745/?oo=1&aab=1 | 139.45.197.244 | 200 OK | 1.9 kB |
URL GET HTTP/2ptaixout.net/5/6320745/?oo=1&aab=1 IP139.45.197.244:443
Requested byhttps://cdn.xsportbox.com/embed77/?event=stack.html&link=1&domain=&force=https://streambtw.com/iframe/ch2.php&ask=1714834800&lgt=3&noplayer=1 CertificateIssuerLet's Encrypt Subjectptaixout.net Fingerprint68:9C:78:69:60:28:90:FB:1C:BD:D0:98:14:FB:F6:C2:C7:45:CD:5C ValidityMon, 18 Mar 2024 05:39:00 GMT - Sun, 16 Jun 2024 05:38:59 GMT
File typegzip compressed data, max speed, from Unix Hash8cc9f970d26877f63dba65a3f4d78bb6 a25b6c7df10bf213d6c4f2648a3093d95df7c428 42aef526ca92522d986cb169265b3d88bb2c64222968cfd8ec796c0e21705de0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /5/6320745/?oo=1&aab=1 HTTP/1.1
Host: ptaixout.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cdn.xsportbox.com
DNT: 1
Connection: keep-alive
Referer: https://cdn.xsportbox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 14:48:06 GMT
content-type: application/json
x-trace-id: a68e1b25b4b30670abb23cc94e2ea264
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://cdn.xsportbox.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=0080529bef8346dfeed735e4e7587407; expires=Sun, 04 May 2025 14:48:06 GMT; path=/; secure; SameSite=None
oaidts=1714834086; expires=Sun, 04 May 2025 14:48:06 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| capaciousdrewreligion.com/advertisers.js | 172.240.127.234 | 200 OK | 0 B |
URL GET HTTP/1.1capaciousdrewreligion.com/advertisers.js IP172.240.127.234:443
Requested byhttps://cdn.xsportbox.com/embed77/?event=stack.html&link=1&domain=&force=https://streambtw.com/iframe/ch2.php&ask=1714834800&lgt=3&noplayer=1 CertificateIssuerLet's Encrypt Subjectcapaciousdrewreligion.com Fingerprint53:B6:ED:C6:B5:B6:60:3E:6D:02:5A:92:2E:C3:12:74:64:A1:23:DC ValidityWed, 06 Mar 2024 11:57:32 GMT - Tue, 04 Jun 2024 11:57:31 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /advertisers.js HTTP/1.1
Host: capaciousdrewreligion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.xsportbox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 14:48:08 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c9e3ff68ba42db4bef1cd838b9da0ee2
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| stiflepowerless.com/pixel/purst?dl=0&th=0&sc=0&rs=1491&rd=1491&fd=1034&bv=24.5.6485&tmpl=70 | 192.243.61.225 | 200 OK | 0 B |
URL GET HTTP/1.1stiflepowerless.com/pixel/purst?dl=0&th=0&sc=0&rs=1491&rd=1491&fd=1034&bv=24.5.6485&tmpl=70 IP192.243.61.225:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://cdn.xsportbox.com/embed77/?event=stack.html&link=1&domain=&force=https://streambtw.com/iframe/ch2.php&ask=1714834800&lgt=3&noplayer=1 CertificateIssuerLet's Encrypt Subjectstiflepowerless.com Fingerprint53:F8:A4:39:E5:76:60:B0:A3:94:D0:87:66:3E:90:E5:F4:2A:72:2D ValidityMon, 29 Apr 2024 13:09:50 GMT - Sun, 28 Jul 2024 13:09:49 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/purst?dl=0&th=0&sc=0&rs=1491&rd=1491&fd=1034&bv=24.5.6485&tmpl=70 HTTP/1.1
Host: stiflepowerless.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.xsportbox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 14:48:08 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| unseenreport.com/pxf.gif?uuid=403642d3-48d7-47c0-a601-5d3714217024&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=e92cff90263e690389103e528cff0eba&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=14 | 192.243.61.227 | 200 OK | 1 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=403642d3-48d7-47c0-a601-5d3714217024&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=e92cff90263e690389103e528cff0eba&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=14 IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://cdn.xsportbox.com/embed77/?event=stack.html&link=1&domain=&force=https://streambtw.com/iframe/ch2.php&ask=1714834800&lgt=3&noplayer=1 CertificateIssuerLet's Encrypt Subject*.unseenreport.com Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13 ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=403642d3-48d7-47c0-a601-5d3714217024&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=e92cff90263e690389103e528cff0eba&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=14 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.xsportbox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 14:48:09 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6be3896e2ed704b6963d5e50a1cf4aae
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| cdn.xsportbox.com/favicon.ico | 188.114.97.1 | 404 Not Found | 555 B |
URL GET HTTP/3cdn.xsportbox.com/favicon.ico IP188.114.97.1:443
Requested byhttps://cdn.xsportbox.com/embed77/?event=stack.html&link=1&domain=&force=https://streambtw.com/iframe/ch2.php&ask=1714834800&lgt=3&noplayer=1 CertificateIssuerLet's Encrypt Subjectxsportbox.com Fingerprint26:37:30:3E:D3:36:0C:80:9E:E5:AC:9B:48:2B:AD:61:B7:03:5A:46 ValidityThu, 28 Mar 2024 08:02:25 GMT - Wed, 26 Jun 2024 08:02:24 GMT
File typeHTML document, ASCII text, with very long lines (581), with no line terminators Hashe9e4f9c9480bb14ad8343f37e3fb9b99 628fcbc6080fd3e684d1def2e5f67e98133ffa3b 85e4b614933e56b4531289e0bc3d2665db1f2b9d04d2c756a4a72b867c059594
GET /favicon.ico HTTP/1.1
Host: cdn.xsportbox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.xsportbox.com/embed77/?event=stack.html&link=1&domain=&force=https://streambtw.com/iframe/ch2.php&ask=1714834800&lgt=3&noplayer=1
Cookie: prefetchAd_6320745=true; pp_show_on_e92cff90263e690389103e528cff0eba=1; dom3ic8zudi28v8lr6fgphwffqoz0j6c=403642d3-48d7-47c0-a601-5d3714217024%3A1%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Sat, 04 May 2024 14:48:08 GMT
content-type: text/html
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 142
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5eGbNezIuM%2BibyWlY9hkhLkwnmkIqu758YQzu9tyFS7TDvsODpJb3mqtsn8CdxwiwKoe9xchL3oCySWordbUpM4IQbVty28C7igQ3fN3BmyBHQzQ1ztyzmdygbKJh8PbE2kWHg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e94a3d3a8b56c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| downstairsnegotiatebarren.com/sfp.js | 172.67.180.87 | 200 OK | 86 kB |
URL GET HTTP/2downstairsnegotiatebarren.com/sfp.js IP172.67.180.87:443
Requested byhttps://cdn.xsportbox.com/embed77/?event=stack.html&link=1&domain=&force=https://streambtw.com/iframe/ch2.php&ask=1714834800&lgt=3&noplayer=1 CertificateIssuerLet's Encrypt Subjectdownstairsnegotiatebarren.com Fingerprint5D:DB:CB:C6:CE:2A:8B:34:7D:BC:43:74:33:1D:5F:77:48:F7:BC:1B ValidityThu, 02 May 2024 21:26:34 GMT - Wed, 31 Jul 2024 21:26:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.xsportbox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 14:48:07 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 1dc7f69aca0f2e3bd27e6a07f385a603
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sat, 04 May 2024 14:48:06 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zx0oZAAJ7NJxHOJFjytiPFyWmxlEA%2FrIi97bRV4D%2BrJF7nd8xPukbEqUIsJaLS2f3M4cjCC41qY5hm4tsHGwIivioL87ieJF4xcU7AiptkfY%2Ff13NXWjEU1b6OTjTMObmTUbyTC7%2BAL%2BhefGIMZ0PQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e94a354a24b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| sportsleading.online/live/stream_2.m3u8 | 104.21.67.72 | 200 OK | 815 B |
URL GET HTTP/2sportsleading.online/live/stream_2.m3u8 IP104.21.67.72:443
Requested byhttps://streambtw.com/iframe/ch2.php CertificateIssuerLet's Encrypt Subjectsportsleading.online Fingerprint61:D8:D9:11:C4:3A:9D:80:A2:3A:A8:E9:EB:75:4A:83:4C:9B:D6:36 ValiditySun, 17 Mar 2024 10:39:55 GMT - Sat, 15 Jun 2024 10:39:54 GMT
File typeM3U playlist, ASCII text, with very long lines (839), with no line terminators Hashc5cc5d993fca4af30e157e247b453fe6 dd78141edf1b55b461f8d5a6a02217422f885393 ab3ea4e03048008d017785d9eb2bf11267faab2eacb5bfd08c3df7104db2ceed
GET /live/stream_2.m3u8 HTTP/1.1
Host: sportsleading.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://streambtw.com
DNT: 1
Connection: keep-alive
Referer: https://streambtw.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 14:48:07 GMT
content-type: application/vnd.apple.mpegurl
last-modified: Sat, 04 May 2024 14:48:05 GMT
etag: W/"66364aa5-32f"
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XsYAnS1LZ714Pd00QnH6N09BKEDx5wyNDBgqmiU4syD%2FSbeZyCSj%2FUHk%2F7tapfdKIVxj%2FH7oj2iTvpuQPPKbKA3lFTkTpbK%2BbJviaWbt51rucPBxAUsIOjSb%2FLgaLnDp0xIEX1JxsA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e94a339c3d0b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.gettvfree.online/static/stream_2_366_360.js | 0.0.0.0 | | 0 B |
URL GET www.gettvfree.online/static/stream_2_366_360.js IP0.0.0.0:0
Requested byhttps://streambtw.com/iframe/ch2.php CertificateIssuerLet's Encrypt Subjectgettvfree.online Fingerprint6D:07:2C:5B:85:2A:06:46:37:1A:B2:79:5A:F6:23:8B:9D:7D:B6:AF ValidityWed, 17 Apr 2024 20:39:48 GMT - Tue, 16 Jul 2024 20:39:47 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /static/stream_2_366_360.js HTTP/1.1
Host: www.gettvfree.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://streambtw.com
DNT: 1
Connection: keep-alive
Referer: https://streambtw.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| eyhcervzexp.com/script/ut.js?cb=1714834086640 | 104.21.57.20 | 200 OK | 63 kB |
URL GET HTTP/2eyhcervzexp.com/script/ut.js?cb=1714834086640 IP104.21.57.20:443
Requested byhttps://streambtw.com/iframe/ch2.php CertificateIssuerGoogle Trust Services LLC Subjecteyhcervzexp.com FingerprintA5:4E:EF:DF:2C:BD:5B:F2:4C:1C:1E:0F:B9:E8:1E:38:78:EE:03:E8 ValidityTue, 30 Apr 2024 15:36:09 GMT - Mon, 29 Jul 2024 15:36:08 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /script/ut.js?cb=1714834086640 HTTP/1.1
Host: eyhcervzexp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://streambtw.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 14:48:06 GMT
content-type: text/javascript
x-guploader-uploadid: ABPtcPpGTPfj02_nQPItZmMyXVAoCs2jHKwVdUv-Fcncl8DWAyk9P-GmoXGTFU0azyQLGed5DA
x-goog-generation: 1714053300452258
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 62975
x-goog-hash: crc32c=f8d0YQ==, md5=vEgeNFwEtFNOCk5UoPLBxg==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Sat, 04 May 2024 14:32:48 GMT
cache-control: public, max-age=14400
age: 1981
last-modified: Thu, 25 Apr 2024 13:55:00 GMT
etag: W/"bc481e345c04b4534e0a4e54a0f2c1c6"
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rk4ELm2CsKM4i%2BOUzFItl3wvtqasYfVA9ik1zKYoB3aBWlpo%2FGQ2cjYEXmjxOMRubh0kqJoENWVQVcadhAOsaGJK610gjLnHdUlLIssKSDQZQzYACjzadtk2sEEJb15uPzU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e94a3289ca56bf-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ptaixout.net/?rb=fnZ443eRC0Uzm2We_xj3upAn4kQgIqcSMRD-MNDm_d2C_Tys6BAh61P47s-0jtJcw5mImvXoqi6bBTyyj5d-1H1h1Xq24Mk4D5QjWVp6WD_CUENKyvwFpeizT_hPpD6OSKHzDgBur-zBfoocDloqG2x7bzGXxSoTignD_Y7yghtJ4HPi40Vc8zSuu8HEjVyj10Soikd8lg_JY4O5wIzXsdRrc9Bw5rCLncgtBs6jOJelfeOY_brOCpgpErtF_-bl_cmO_C-3Ao-vVgr7&request_ab2=0&zoneid=6320745&js_build=iclick-v1.788.6-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=2&pl=https%3A%2F%2Fcdn.xsportbox.com%2Fembed77%2F%3Fevent%3Dstack.html%26link%3D1%26domain%3D%26force%3Dhttps%3A%2F%2Fstreambtw.com%2Fiframe%2Fch2.php%26ask%3D1714834800%26lgt%3D3%26noplayer%3D1&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.788.6-auto&navlng=en-US&pnt=0&pnrc=0&bs=e18e8c62-d45d-4a28-b947-35b75a21f805&wasm=1&userId=0080529bef8346dfeed735e4e7587407&m=link | 139.45.197.244 | 200 OK | 2.5 kB |
URL GET HTTP/2ptaixout.net/?rb=fnZ443eRC0Uzm2We_xj3upAn4kQgIqcSMRD-MNDm_d2C_Tys6BAh61P47s-0jtJcw5mImvXoqi6bBTyyj5d-1H1h1Xq24Mk4D5QjWVp6WD_CUENKyvwFpeizT_hPpD6OSKHzDgBur-zBfoocDloqG2x7bzGXxSoTignD_Y7yghtJ4HPi40Vc8zSuu8HEjVyj10Soikd8lg_JY4O5wIzXsdRrc9Bw5rCLncgtBs6jOJelfeOY_brOCpgpErtF_-bl_cmO_C-3Ao-vVgr7&request_ab2=0&zoneid=6320745&js_build=iclick-v1.788.6-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=2&pl=https%3A%2F%2Fcdn.xsportbox.com%2Fembed77%2F%3Fevent%3Dstack.html%26link%3D1%26domain%3D%26force%3Dhttps%3A%2F%2Fstreambtw.com%2Fiframe%2Fch2.php%26ask%3D1714834800%26lgt%3D3%26noplayer%3D1&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.788.6-auto&navlng=en-US&pnt=0&pnrc=0&bs=e18e8c62-d45d-4a28-b947-35b75a21f805&wasm=1&userId=0080529bef8346dfeed735e4e7587407&m=link IP139.45.197.244:443
Requested byhttps://cdn.xsportbox.com/embed77/?event=stack.html&link=1&domain=&force=https://streambtw.com/iframe/ch2.php&ask=1714834800&lgt=3&noplayer=1 CertificateIssuerLet's Encrypt Subjectptaixout.net Fingerprint68:9C:78:69:60:28:90:FB:1C:BD:D0:98:14:FB:F6:C2:C7:45:CD:5C ValidityMon, 18 Mar 2024 05:39:00 GMT - Sun, 16 Jun 2024 05:38:59 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (2488), with no line terminators Hash587d7714436460ae81082caf6f585742 8744e7de83e64a7b0c57fc5670936da4f6b7c1b2 725c18a2eb1c8350009207c3bbb7b7fe7e9e32634854737996f7e6627cb678c6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /?rb=fnZ443eRC0Uzm2We_xj3upAn4kQgIqcSMRD-MNDm_d2C_Tys6BAh61P47s-0jtJcw5mImvXoqi6bBTyyj5d-1H1h1Xq24Mk4D5QjWVp6WD_CUENKyvwFpeizT_hPpD6OSKHzDgBur-zBfoocDloqG2x7bzGXxSoTignD_Y7yghtJ4HPi40Vc8zSuu8HEjVyj10Soikd8lg_JY4O5wIzXsdRrc9Bw5rCLncgtBs6jOJelfeOY_brOCpgpErtF_-bl_cmO_C-3Ao-vVgr7&request_ab2=0&zoneid=6320745&js_build=iclick-v1.788.6-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=2&pl=https%3A%2F%2Fcdn.xsportbox.com%2Fembed77%2F%3Fevent%3Dstack.html%26link%3D1%26domain%3D%26force%3Dhttps%3A%2F%2Fstreambtw.com%2Fiframe%2Fch2.php%26ask%3D1714834800%26lgt%3D3%26noplayer%3D1&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.788.6-auto&navlng=en-US&pnt=0&pnrc=0&bs=e18e8c62-d45d-4a28-b947-35b75a21f805&wasm=1&userId=0080529bef8346dfeed735e4e7587407&m=link HTTP/1.1
Host: ptaixout.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cdn.xsportbox.com/
Origin: https://cdn.xsportbox.com
DNT: 1
Connection: keep-alive
Cookie: OAID=0080529bef8346dfeed735e4e7587407; oaidts=1714834086
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 14:48:07 GMT
content-type: application/json
x-trace-id: b90900d8b9a1d431f4bfc822cbac48de
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://cdn.xsportbox.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=0080529bef8346dfeed735e4e7587407; expires=Sun, 04 May 2025 14:48:06 GMT; path=/; secure; SameSite=None
oaidts=1714834086; expires=Sun, 04 May 2025 14:48:06 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Sat, 11 May 2024 14:48:06 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| phomoach.net/?rb=qkaW_sf4XB-XE9Hfi1kuj13F_ILfVf7s5vKUEN9CmjyETN1VxFg9Tr5LwmgivVFtSK2Sqc4dZVP1ErgMiWCDkowgYgObx-3iGt4rStGUxPL8XfNA2Bie3RwH_jPdb2BgOgX2c2F14qEMqINd5V0rI0ZVSngQvDP8iYc2f89MuSyuo467tLLo-BL80HS1W_tiMd1xfgogRE2QY7GWD11IUROL2xx3ofo6s4yyBfVCc1de_PqVdSwZsExly2rCLBeA4cZsbFyXrgc%3D&request_ab2=0&zoneid=6869446&js_build=iclick-v1.788.6-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=619&wiw=1100&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1100&wfc=2&pl=https%3A%2F%2Fstreambtw.com%2Fiframe%2Fch2.php&drf=https%3A%2F%2Fcdn.xsportbox.com%2F&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.788.6-auto&navlng=en-US&pnt=0&pnrc=0&bs=e9751f3f-1d53-46f3-bf0b-f37830b60d65&wasm=1&userId=0080529bef8346dfeed735e4e7587407&m=link | 139.45.197.245 | 200 OK | 2.4 kB |
URL GET HTTP/2phomoach.net/?rb=qkaW_sf4XB-XE9Hfi1kuj13F_ILfVf7s5vKUEN9CmjyETN1VxFg9Tr5LwmgivVFtSK2Sqc4dZVP1ErgMiWCDkowgYgObx-3iGt4rStGUxPL8XfNA2Bie3RwH_jPdb2BgOgX2c2F14qEMqINd5V0rI0ZVSngQvDP8iYc2f89MuSyuo467tLLo-BL80HS1W_tiMd1xfgogRE2QY7GWD11IUROL2xx3ofo6s4yyBfVCc1de_PqVdSwZsExly2rCLBeA4cZsbFyXrgc%3D&request_ab2=0&zoneid=6869446&js_build=iclick-v1.788.6-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=619&wiw=1100&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1100&wfc=2&pl=https%3A%2F%2Fstreambtw.com%2Fiframe%2Fch2.php&drf=https%3A%2F%2Fcdn.xsportbox.com%2F&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.788.6-auto&navlng=en-US&pnt=0&pnrc=0&bs=e9751f3f-1d53-46f3-bf0b-f37830b60d65&wasm=1&userId=0080529bef8346dfeed735e4e7587407&m=link IP139.45.197.245:443
Requested byhttps://streambtw.com/iframe/ch2.php CertificateIssuerLet's Encrypt Subjectphomoach.net Fingerprint4D:5D:41:54:2C:98:6F:5D:8D:BC:45:87:4B:76:9B:E0:30:B6:88:BF ValidityFri, 15 Mar 2024 06:26:26 GMT - Thu, 13 Jun 2024 06:26:25 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (2392), with no line terminators Hash5384a0687ab08458ae2f0d3f96f62aab 35a170ed6abd8fbb9e7e248e359525afc4192662 295b0493cc302d2662932c2371d1c83073b113a2aaa26fbd298b0872fbba6151
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /?rb=qkaW_sf4XB-XE9Hfi1kuj13F_ILfVf7s5vKUEN9CmjyETN1VxFg9Tr5LwmgivVFtSK2Sqc4dZVP1ErgMiWCDkowgYgObx-3iGt4rStGUxPL8XfNA2Bie3RwH_jPdb2BgOgX2c2F14qEMqINd5V0rI0ZVSngQvDP8iYc2f89MuSyuo467tLLo-BL80HS1W_tiMd1xfgogRE2QY7GWD11IUROL2xx3ofo6s4yyBfVCc1de_PqVdSwZsExly2rCLBeA4cZsbFyXrgc%3D&request_ab2=0&zoneid=6869446&js_build=iclick-v1.788.6-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=619&wiw=1100&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1100&wfc=2&pl=https%3A%2F%2Fstreambtw.com%2Fiframe%2Fch2.php&drf=https%3A%2F%2Fcdn.xsportbox.com%2F&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.788.6-auto&navlng=en-US&pnt=0&pnrc=0&bs=e9751f3f-1d53-46f3-bf0b-f37830b60d65&wasm=1&userId=0080529bef8346dfeed735e4e7587407&m=link HTTP/1.1
Host: phomoach.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://streambtw.com/
Origin: https://streambtw.com
DNT: 1
Connection: keep-alive
Cookie: OAID=0080523f77c742c2e4f1af2f9382b463; oaidts=1714834086
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 14:48:07 GMT
content-type: application/json
x-trace-id: 1b149e50b7ef0a974e3155d2183d03d1
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://streambtw.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=0080529bef8346dfeed735e4e7587407; expires=Sun, 04 May 2025 14:48:07 GMT; path=/; secure; SameSite=None
oaidts=1714834087; expires=Sun, 04 May 2025 14:48:07 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Sat, 11 May 2024 14:48:07 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-G15KG2JMS2&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 306 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=G-G15KG2JMS2&l=dataLayer&cx=c IP142.250.74.168:443
Requested byhttps://streambtw.com/iframe/ch2.php CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (5955) Size306 kB (305695 bytes) Hash3411f91adbc16d973816a7314d786207 3425377bafa6bd25ca1e769ce97aea5ad3d72be5 47794e2d6fd721850d90d2751636a3e50acdea11c9bfe9e73228313b2a4a6d4d
GET /gtag/js?id=G-G15KG2JMS2&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://streambtw.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 04 May 2024 14:48:07 GMT
expires: Sat, 04 May 2024 14:48:07 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 101545
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| sportsleading.online/live/stream_2.m3u8 | 104.21.67.72 | 200 OK | 815 B |
URL GET HTTP/2sportsleading.online/live/stream_2.m3u8 IP104.21.67.72:443
Requested byhttps://streambtw.com/iframe/ch2.php CertificateIssuerLet's Encrypt Subjectsportsleading.online Fingerprint61:D8:D9:11:C4:3A:9D:80:A2:3A:A8:E9:EB:75:4A:83:4C:9B:D6:36 ValiditySun, 17 Mar 2024 10:39:55 GMT - Sat, 15 Jun 2024 10:39:54 GMT
File typeM3U playlist, ASCII text, with very long lines (839), with no line terminators Hashc5cc5d993fca4af30e157e247b453fe6 dd78141edf1b55b461f8d5a6a02217422f885393 ab3ea4e03048008d017785d9eb2bf11267faab2eacb5bfd08c3df7104db2ceed
GET /live/stream_2.m3u8 HTTP/1.1
Host: sportsleading.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://streambtw.com
DNT: 1
Connection: keep-alive
Referer: https://streambtw.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 14:48:07 GMT
content-type: application/vnd.apple.mpegurl
last-modified: Sat, 04 May 2024 14:48:05 GMT
etag: W/"66364aa5-32f"
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cmRfZOURzpedN1NT68HjbTOcqe3XWD7UcDxH3uhszS3ZBE9z4VcgSOO4maR4L2LUvbNxktA3zduilqJSTmmYnSYL63vDxvEju2aCO7G8xNFxZ3rfvn1uzFE6TpVTkkPwLDLIMuXOWw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e94a347d460b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| sportsleading.online/live/stream_2.m3u8 | 104.21.67.72 | 200 OK | 815 B |
URL GET HTTP/3sportsleading.online/live/stream_2.m3u8 IP104.21.67.72:443
Requested byhttps://streambtw.com/iframe/ch2.php CertificateIssuerLet's Encrypt Subjectsportsleading.online Fingerprint61:D8:D9:11:C4:3A:9D:80:A2:3A:A8:E9:EB:75:4A:83:4C:9B:D6:36 ValiditySun, 17 Mar 2024 10:39:55 GMT - Sat, 15 Jun 2024 10:39:54 GMT
File typeM3U playlist, ASCII text, with very long lines (839), with no line terminators Hashb6cd06d53dfed2d73cc4499c1e8beb83 99663ca7efcaac14c55d7c4656df80c9230ff747 8992f506e6ccbc2894ab9005570c697b9f94ebb7d2864ee980c983257c73d09c
GET /live/stream_2.m3u8 HTTP/1.1
Host: sportsleading.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://streambtw.com
DNT: 1
Connection: keep-alive
Referer: https://streambtw.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 14:48:07 GMT
content-type: application/vnd.apple.mpegurl
last-modified: Sat, 04 May 2024 14:48:07 GMT
etag: W/"66364aa7-32f"
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2526HZUxFQ%2BBg5RWKnijR1JzrubQu2SvDo3QxOM9B79SINUQhD3GggvY8Qw%2F6618PXhOYBjYNqz%2FPrHyNjywsJPeTKX%2Bvvij%2BOq9vpBkqSHMGDaL0QcH4YPo4PEw5WJ7Qb8%2FZ%2FkdIw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e94a36ab9d1c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|