{"report_id":"2a623b32-b500-4895-b6c9-c0b3da186d24","version":6,"status":"done","tags":[],"date":"2026-01-07T17:46:25Z","url":{"schema":"http","addr":"walalix.fr/tvlive","fqdn":"walalix.fr","domain":"walalix.fr","tld":"fr"},"ip":{"addr":"216.24.57.1","port":0,"asn":397273,"as":"RENDER","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"walalix.fr/tvlive","fqdn":"walalix.fr","domain":"walalix.fr","tld":"fr"},"title":"tvlive | Walalix","dom":{"size":27434,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (22529)","md5":"4d6dece75613f369c7a8cad699ea2c79","sha1":"b872e2d76f9a556a00955102bdd198a04041fd90","sha256":"b86e92843b6ed21f955b02fa3011f70f678bd6247bc087c6f5c55c78b0b37759","sha512":"bca5a2e5bb4920e7ad265f13f72c037c0c0fd8b81343e36b8f86ee5ae694d1e9b261cea4cf8386c009417142d492bfec54c8f16767f6bc348495e4d38eaec30f","ssdeep":"768:cDPomWr5TaYvAX7pKVcNO9myZJ6vf6HytB4xwcB6:RU4YuU","tlshash":"89c2c82062800e3e5617c6d8f2d5f73dd16dd18acb1f985cf2ac02625bc6d95d8633e8","dom_hash":"domhashdb2744c019871d5c94bbc241c9b843f0","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"walalix.fr/tvlive","fqdn":"walalix.fr","domain":"walalix.fr","tld":"fr"},"ip":{"addr":"216.24.57.1","port":0,"asn":397273,"as":"RENDER","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-11T17:46:25Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":2,"urlquery":0,"analyzer":14}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-01-07T17:46:03Z","timestamp":1767807963,"ip_dst":{"addr":"104.18.38.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":49542,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Online Application Hosting Domain (supabase .co in TLS SNI)","source":"{\"timestamp\":\"2026-01-07T17:46:03.812880+0000\",\"flow_id\":608354667546615,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.47\",\"src_port\":49542,\"dest_ip\":\"104.18.38.10\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2050130,\"rev\":1,\"signature\":\"ET INFO Observed Online Application Hosting Domain (supabase .co in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_01_17\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_01_17\"]}},\"tls\":{\"sni\":\"qtrypzzcjebvfcihiynt.supabase.co\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":934,\"bytes_toclient\":3518,\"start\":\"2026-01-07T17:46:03.804855+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-01-07T17:46:05Z","timestamp":1767807965,"ip_dst":{"addr":"104.26.1.100","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":42776,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO External IP Address Lookup Domain (get .geojs .io) in TLS SNI","source":"{\"timestamp\":\"2026-01-07T17:46:05.657457+0000\",\"flow_id\":76397198308614,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.47\",\"src_port\":42776,\"dest_ip\":\"104.26.1.100\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2039595,\"rev\":1,\"signature\":\"ET INFO External IP Address Lookup Domain (get .geojs .io) in TLS SNI\",\"category\":\"Device Retrieving External IP Address Detected\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_10_28\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"reviewed_at\":[\"2025_04_17\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_10_28\"]}},\"tls\":{\"sni\":\"get.geojs.io\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":914,\"bytes_toclient\":3509,\"start\":\"2026-01-07T17:46:05.652550+0000\"}}"}],"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"walalix.fr","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"walalix.fr","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"xalalix.fun","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"reclinecostumepessimistic.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"reclinecostumepessimistic.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"preferencenail.com","ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-07-01","domain_rank":20606,"first_seen":"2025-07-08T12:55:47.271261Z","last_seen":"2025-12-31T21:55:03.360474Z","alert_count":3,"request_count":1,"received_data":85956,"sent_data":408,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"qtrypzzcjebvfcihiynt.supabase.co","ip":{"addr":"104.18.38.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2020-01-11","domain_rank":3297674,"first_seen":"2025-03-20T08:46:18.354414Z","last_seen":"2026-01-03T00:21:41.581596Z","alert_count":0,"request_count":3,"received_data":57475,"sent_data":1620,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}]},{"fqdn":"base44.app","ip":{"addr":"216.24.57.7","port":443,"asn":397273,"as":"RENDER","country":"United States","country_code":"US"},"domain_registered":"2025-02-09","domain_rank":90306,"first_seen":"2025-03-20T08:46:18.355413Z","last_seen":"2026-01-01T12:23:22.714336Z","alert_count":0,"request_count":10,"received_data":11762,"sent_data":5793,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"wayfarerorthodox.com","ip":{"addr":"172.240.127.242","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2024-09-03","domain_rank":0,"first_seen":"2025-08-08T11:06:50.216151Z","last_seen":"2026-01-06T11:04:25.151742Z","alert_count":6,"request_count":2,"received_data":7818,"sent_data":944,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}]},{"fqdn":"reclinecostumepessimistic.com","ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2025-11-16","domain_rank":0,"first_seen":"2025-11-23T02:39:15.92312Z","last_seen":"2025-12-28T21:30:19.066549Z","alert_count":4,"request_count":2,"received_data":215397,"sent_data":914,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"protrafficinspector.com","ip":{"addr":"63.180.128.110","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"domain_registered":"2025-06-18","domain_rank":614186,"first_seen":"2025-07-25T22:45:21.95813Z","last_seen":"2026-01-06T22:19:32.329944Z","alert_count":0,"request_count":1,"received_data":419,"sent_data":436,"comment":"","tags":null,"fingerprints":null},{"fqdn":"api.open-meteo.com","ip":{"addr":"94.130.142.35","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2021-04-27","domain_rank":344510,"first_seen":"2021-04-28T21:05:40Z","last_seen":"2026-01-05T02:57:37.894726Z","alert_count":0,"request_count":1,"received_data":749,"sent_data":495,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.leparisien.fr","ip":{"addr":"23.36.77.99","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2009-02-09","domain_rank":2593,"first_seen":"2012-08-03T10:33:38Z","last_seen":"2025-11-28T06:55:54.47491Z","alert_count":0,"request_count":2,"received_data":23084,"sent_data":1124,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}]},{"fqdn":"walalix.fr","ip":{"addr":"216.24.57.1","port":443,"asn":397273,"as":"RENDER","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":6,"request_count":3,"received_data":2346962,"sent_data":1344,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"encrypted-tbn0.gstatic.com","ip":{"addr":"142.251.142.238","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2013-05-31T02:32:18Z","last_seen":"2026-01-05T09:59:13.326891Z","alert_count":0,"request_count":3,"received_data":24673,"sent_data":1504,"comment":"","tags":null,"fingerprints":null},{"fqdn":"xalalix.fun","ip":{"addr":"51.15.9.186","port":443,"asn":12876,"as":"Scaleway S.a.s.","country":"France","country_code":"FR"},"domain_registered":"2025-10-26","domain_rank":0,"first_seen":"2026-01-07T17:46:27.408623Z","last_seen":"2026-01-07T17:46:27.408623Z","alert_count":1,"request_count":1,"received_data":3309568,"sent_data":583,"comment":"","tags":null,"fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"weirdopt.com","ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-07-01","domain_rank":37519,"first_seen":"2025-07-08T12:55:47.272157Z","last_seen":"2026-01-01T07:47:27.133157Z","alert_count":3,"request_count":1,"received_data":377,"sent_data":413,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"get.geojs.io","ip":{"addr":"104.26.1.100","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2017-02-18","domain_rank":99948,"first_seen":"2017-03-30T18:44:25Z","last_seen":"2026-01-06T05:26:04.810928Z","alert_count":0,"request_count":1,"received_data":1211,"sent_data":434,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"wayfarerorthodox.com/9c/5d/14/9c5d14453d6b11cdec5b98e5ce5af0dc.js","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"172.240.127.242","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"81c010ddfde2faeaf1c598844287df5a","sha1":"cd0fb06af4d1e8878a8c2c8d0311892ef13ff47b","sha256":"44442357bcab05b20364ed17aae2a3ae173b906529612b0e2f7d2217a76e51ab","sha512":"0acadda1dc3bba9f6178ba54356f2aed3dba23fbaf3b53b683fc5dd78eeff47a63ec7815ffbdb1e07041b274646eaa0a71ada2500f181775833f40761fc7cac8","ssdeep":"96:A9+XCx+8Ixmzn2ySej3zqIDNcxE6204l4sNm+E/0NK4Amfnqkk7lDAP2CwU6:A6Cg/S2yPXXWxW04fNPw6K4Amf4DAPA","tlshash":"13d1859c3e80b0a057b26077b97fa019b3696c50657fd80cd012b1a03e7562ad9bbba5","size":6454,"data":"","first_seen":"2025-12-01T12:09:20.892186Z","last_seen":"2026-01-29T12:50:40.978548Z","times_seen":4063,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"walalix.fr/assets/index-B9oHQyne.js","fqdn":"walalix.fr","domain":"walalix.fr","tld":"fr"},"ip":{"addr":"216.24.57.1","port":443,"asn":397273,"as":"RENDER","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"f5d7b29ae6e242c09a99f6a524448a00","sha1":"a402be68b4245f64755b8393e0437fab20e340db","sha256":"5cb56bf6a25acd0fb2d16d4a09aa871003d7d817308189b20356fe89a3ba2306","sha512":"e0187b14b63b8fbaaaace92d6d68cc417d5d2ed2bb622d09ce4db280798ea5dd5940b8376519f2e709e31a545abefd4022020549f17f7db869fad855e6247d33","ssdeep":"49152:yMAk1LsqMPhuFB3kQuVklzVj5lHk6FcwZ1PBufidMnBaqinhWItyh8mcKrCk+zKI:3BOD92Z","tlshash":"66a55c5cb150adad9aa244d0bc7f800a713e5a49f80ecce8f17cecd61a64509b567bfc","size":2224920,"data":"","first_seen":"2026-01-07T17:46:33.809055Z","last_seen":"2026-01-07T17:46:33.809055Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"reclinecostumepessimistic.com/7d/47/39/7d4739f66e4929d6ad0e46fd6044dd57.js","fqdn":"reclinecostumepessimistic.com","domain":"reclinecostumepessimistic.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"195eadbeab0a2f2327735d583c1dcc61","sha1":"799d0b4b07f77915c8cc9f135b7325ad1b300793","sha256":"d58a3ecd3fa4adda7db480065062d3f4efdfe13d95cdb685968842ccef6a9c3f","sha512":"5ce2026b0a304effca78f278443f7e5883aa1cd8f431d3105e9886b48ccba571b1f4d38b987214cea9d5638339abf408410c9654bf2c93628b291cf74c37e1f0","ssdeep":"3072:EZz17aMWZ44SXdVY4lDKVVbZ4i3/9j9y1UglGewsg:EZzw194Lwsg","tlshash":"c9a3c788bfd0f06d129a6473223f950ff11a4e42505ce558e907f8e66abc32af47db64","size":106859,"data":"","first_seen":"2026-01-07T17:46:33.802248Z","last_seen":"2026-01-07T17:46:33.802248Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"reclinecostumepessimistic.com/74/ab/ac/74abac2dcba944b01d4aee7696c5fa4b.js","fqdn":"reclinecostumepessimistic.com","domain":"reclinecostumepessimistic.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"37a0156ef4896bcdf8812e47acb2d122","sha1":"60596415f73e7caa09a85604d91c6bad8fcf12e4","sha256":"9aff3fda2dc3be394f7ef86ac75efea4afa0acde20a1dd3c5ec66d57097a302b","sha512":"e28e5e7c8653f40432aa96742ebd71d2853b798dc8703c52001012ebd150a62e7fe86b4d88161a6eaaacb5aa0e01e713d9637e84b5536a1cd1ffe8786d391710","ssdeep":"3072:E6l17aMWZ44SXdVY4lDKVVbZ4i3/9j9y1UglGewsV:E6lw194LwsV","tlshash":"61a3c788bfd0f06d129a6473223f950ff11a4e42505ce558e907f8e66abc32af47db64","size":106828,"data":"","first_seen":"2026-01-07T17:46:33.795077Z","last_seen":"2026-01-07T17:46:33.795077Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"b3a5ba94d627e64a77c0e11eaffc96ed","sha1":"f7358693b31e44211dd98b5aa0dc2a3f423286aa","sha256":"600f01dd96f043e58e0e70a82afbba6ffe0923d836f6293c1e6fc1cb5b074d34","sha512":"64800bcce3e1a65638dfedfe22f205b51725865db3332be95a142e39e4cb40f57358d0c4c01ebb366b8da56aa978b6c7ee992e2c27563bac76c3998014c3d64b","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRC:nPncLBSUBULGVTfGpucE5foM","tlshash":"488395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","size":85379,"data":"","first_seen":"2025-11-18T17:36:30.149277Z","last_seen":"2026-05-05T16:15:53.068976Z","times_seen":15412,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://walalix.fr/tvlive","date":"2026-01-07T17:46:06.951Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"preferencenail.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Dec 2025 23:36:36 GMT","end":"Sat, 28 Mar 2026 23:36:35 GMT"},"fingerprint":{"sha1":"0E:EE:1D:ED:80:5A:CA:0C:1E:93:89:94:78:B7:34:91:38:D4:89:51","sha256":"CF:77:1B:FB:04:67:32:02:DF:D9:38:24:27:3D:A5:98:54:0C:4D:BA:C5:1B:62:FD:C1:E1:17:57:6F:63:B3:BF"}}},"request":{"raw":"GET /sfp.js HTTP/1.1\r\nHost: preferencenail.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://walalix.fr/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 07 Jan 2026 17:46:07 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 32181\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nVary: Accept-Encoding\r\nHost: preferencenail.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 9fc48ca3848a3c3d7500551f75ed6b56\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":85379,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators","md5":"b3a5ba94d627e64a77c0e11eaffc96ed","sha1":"f7358693b31e44211dd98b5aa0dc2a3f423286aa","sha256":"600f01dd96f043e58e0e70a82afbba6ffe0923d836f6293c1e6fc1cb5b074d34","sha512":"64800bcce3e1a65638dfedfe22f205b51725865db3332be95a142e39e4cb40f57358d0c4c01ebb366b8da56aa978b6c7ee992e2c27563bac76c3998014c3d64b","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRC:nPncLBSUBULGVTfGpucE5foM","tlshash":"488395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","first_seen":"2025-11-18T17:36:30.149277Z","last_seen":"2026-05-05T16:15:53.068976Z","times_seen":15412,"resource_available":true,"data":null}},"time_used":276,"timings":{"blocked":115,"dns":55,"connect":22,"send":0,"wait":22,"receive":18,"ssl":40},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"qtrypzzcjebvfcihiynt.supabase.co/storage/v1/object/public/base44-prod/public/68fc31d504af3cb9b2bb45e2/ca7262f06_logo.png","fqdn":"qtrypzzcjebvfcihiynt.supabase.co","domain":"qtrypzzcjebvfcihiynt.supabase.co","tld":"supabase.co"},"ip":{"addr":"104.18.38.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walalix.fr/tvlive","date":"2026-01-07T17:46:03.771Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"supabase.co","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 02 Jan 2026 06:20:04 GMT","end":"Thu, 02 Apr 2026 07:19:59 GMT"},"fingerprint":{"sha1":"53:7B:EA:AA:0A:13:9A:C5:94:1F:F6:35:89:F3:54:70:C4:08:C0:1D","sha256":"2F:FE:D0:12:7B:AB:9D:42:41:69:23:1F:06:96:BF:8E:3C:AB:2F:00:05:7D:6D:EE:4A:C0:18:C3:82:92:61:B4"}}},"request":{"raw":"GET /storage/v1/object/public/base44-prod/public/68fc31d504af3cb9b2bb45e2/ca7262f06_logo.png HTTP/1.1\r\nHost: qtrypzzcjebvfcihiynt.supabase.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://walalix.fr/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 07 Jan 2026 17:46:03 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 46371\r\nserver: cloudflare\r\ncf-ray: 9ba545bde9995689-OSL\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: no-cache\r\netag: \"ef57eea390d9b0a91d0a25a51412e475\"\r\nlast-modified: Sat, 22 Nov 2025 00:20:23 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nsb-gateway-mode: direct\r\nsb-gateway-version: 1\r\nsb-project-ref: qtrypzzcjebvfcihiynt\r\nsb-request-id: 019b9990-d2c3-7cd8-96a3-044e9efda8a9\r\nx-robots-tag: none\r\nx-smart-cdn: true\r\nset-cookie: __cf_bm=QhtMdAA7sAiCnXOmK48.FoCyzv.WcTWHjkfwGwwzt0U-1767807963-1.0.1.1-IhmZsavtT9J58Sw9VczhKsgjA69YNRt5w3ey7Hi5BWgRaL9VPSq0.kIc0whq49R.OxPoLJNzZri_xc6YCI8w6eCHooYgI3EubBx2LC3tAc0; path=/; expires=Wed, 07-Jan-26 18:16:03 GMT; domain=.supabase.co; HttpOnly; Secure; SameSite=None\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":46371,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x480, components 3","md5":"ef57eea390d9b0a91d0a25a51412e475","sha1":"53d30547d05ab02287f4b1bf1ea5bfd88f73355c","sha256":"e681ff4829486f607a4d39450ae960fc6e574c37f84d718f0886b41c3714cec0","sha512":"6923bf59969a1b9104b66d5913ccb5173825ef075bd119117cd1a60b0605f833dbf5957517b00c2e6cf6079bc9d244f956af84f2c0daa3271703f7bf7f20e126","ssdeep":"768:/Xs0gJk3hecNyV+UkUh1lLYeBQLUb9x6TTvHoDvuqj7BeduEqYrWuSh36Mr70hfD:/XAxcNWdrYmQ29xUvwvuq3JElWuShqMg","tlshash":"6523025aed81a169d6e602bb5012cf88c1c0a758b68f170c89757cde848a1efef8478d","first_seen":"2026-01-07T17:46:33.785794Z","last_seen":"2026-01-07T17:46:33.785794Z","times_seen":1,"resource_available":false,"data":null}},"time_used":157,"timings":{"blocked":0,"dns":34,"connect":1,"send":0,"wait":95,"receive":3,"ssl":23},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"base44.app/api/apps/public/prod/public-settings/by-id/68fc31d504af3cb9b2bb45e2","fqdn":"base44.app","domain":"base44.app","tld":""},"ip":{"addr":"216.24.57.7","port":443,"asn":397273,"as":"RENDER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://walalix.fr/tvlive","date":"2026-01-07T17:46:04.087Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.base44.app","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 16 Nov 2025 17:52:28 GMT","end":"Sat, 14 Feb 2026 17:52:27 GMT"},"fingerprint":{"sha1":"E0:4B:86:40:79:04:D2:D0:CA:6B:BE:FD:82:58:F4:89:51:10:EA:35","sha256":"C4:08:78:FA:0D:EB:5C:F9:8D:E5:90:C6:FA:8E:23:54:55:65:6E:3B:7F:FF:BD:F4:F5:F0:F0:07:8F:E9:2D:80"}}},"request":{"raw":"GET /api/apps/public/prod/public-settings/by-id/68fc31d504af3cb9b2bb45e2 HTTP/1.1\r\nHost: base44.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-App-Id: 68fc31d504af3cb9b2bb45e2\r\nX-Origin-URL: https://walalix.fr/tvlive\r\nOrigin: https://walalix.fr\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://walalix.fr/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 07 Jan 2026 17:46:05 GMT\r\ncontent-type: application/json\r\ncontent-length: 63\r\ncf-ray: 9ba545bf6bdc56b1-OSL\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: *\r\ncontent-encoding: br\r\nrndr-id: 31fe715f-ec4b-4909\r\nvary: Accept-Encoding\r\nx-render-origin-server: uvicorn\r\ncf-cache-status: DYNAMIC\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":74,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"0725174c10f7f5cdccda132721069805","sha1":"57d9c31c780ba5eac877295853dfadcd110b865b","sha256":"6d69360042b217b6d186e2124b747e691f18d401484ba2e3c54c9975b6bd82b3","sha512":"63355881e75f1388bafe08e7ec8809d3d456dac7115a21dbbb96ee0c2b1b59be462bf25b541eebb0d4d8e6db4bbddf01f40494a33957af9ac2ded7a2bed3e679","ssdeep":"","tlshash":"cca0222302380e2cc28888a00c800233c00a00302cefcbfe20fef02008c00aa8302bf3","first_seen":"2026-01-07T17:46:33.78685Z","last_seen":"2026-01-07T17:46:33.78685Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1411,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1411,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"base44.app/api/apps/68fc31d504af3cb9b2bb45e2/entities/SiteSettings?q=%7B%22setting_key%22:%22adsterra_enabled%22%7D","fqdn":"base44.app","domain":"base44.app","tld":""},"ip":{"addr":"216.24.57.7","port":443,"asn":397273,"as":"RENDER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://walalix.fr/tvlive","date":"2026-01-07T17:46:05.694Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.base44.app","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 16 Nov 2025 17:52:28 GMT","end":"Sat, 14 Feb 2026 17:52:27 GMT"},"fingerprint":{"sha1":"E0:4B:86:40:79:04:D2:D0:CA:6B:BE:FD:82:58:F4:89:51:10:EA:35","sha256":"C4:08:78:FA:0D:EB:5C:F9:8D:E5:90:C6:FA:8E:23:54:55:65:6E:3B:7F:FF:BD:F4:F5:F0:F0:07:8F:E9:2D:80"}}},"request":{"raw":"OPTIONS /api/apps/68fc31d504af3cb9b2bb45e2/entities/SiteSettings?q=%7B%22setting_key%22:%22adsterra_enabled%22%7D HTTP/1.1\r\nHost: base44.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: x-app-id,x-origin-url\r\nReferer: https://walalix.fr/\r\nOrigin: https://walalix.fr\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 07 Jan 2026 17:46:05 GMT\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 6\r\ncf-ray: 9ba545c99f0456b1-OSL\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: x-app-id,x-origin-url\r\naccess-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT\r\naccess-control-allow-origin: https://walalix.fr\r\naccess-control-max-age: 600\r\ncontent-encoding: br\r\nrndr-id: d34a39b5-1882-4700\r\nvary: Origin, Accept-Encoding\r\nx-render-origin-server: uvicorn\r\ncf-cache-status: DYNAMIC\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"e0aa021e21dddbd6d8cecec71e9cf564","sha1":"9ce3bd4224c8c1780db56b4125ecf3f24bf748b7","sha256":"565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3","sha512":"900110c951560eff857b440e89cc29f529416e0e3b3d7f0ad51651bfdbd8025b91768c5ed7db5352d1a5523354ce06ced2c42047e33a3e958a1bba5f742db874","ssdeep":"","tlshash":"c710000000000000000000030000000030000000000000000c000000c0000000000000","first_seen":"2023-03-09T09:04:49Z","last_seen":"2026-05-05T16:10:48.125697Z","times_seen":286915,"resource_available":true,"data":null}},"time_used":245,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":245,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"base44.app/api/apps/68fc31d504af3cb9b2bb45e2/entities/User/me","fqdn":"base44.app","domain":"base44.app","tld":""},"ip":{"addr":"216.24.57.7","port":443,"asn":397273,"as":"RENDER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://walalix.fr/tvlive","date":"2026-01-07T17:46:05.700Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.base44.app","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 16 Nov 2025 17:52:28 GMT","end":"Sat, 14 Feb 2026 17:52:27 GMT"},"fingerprint":{"sha1":"E0:4B:86:40:79:04:D2:D0:CA:6B:BE:FD:82:58:F4:89:51:10:EA:35","sha256":"C4:08:78:FA:0D:EB:5C:F9:8D:E5:90:C6:FA:8E:23:54:55:65:6E:3B:7F:FF:BD:F4:F5:F0:F0:07:8F:E9:2D:80"}}},"request":{"raw":"OPTIONS /api/apps/68fc31d504af3cb9b2bb45e2/entities/User/me HTTP/1.1\r\nHost: base44.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: x-app-id,x-origin-url\r\nReferer: https://walalix.fr/\r\nOrigin: https://walalix.fr\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 07 Jan 2026 17:46:05 GMT\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 6\r\ncf-ray: 9ba545c99f1956b1-OSL\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: x-app-id,x-origin-url\r\naccess-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT\r\naccess-control-allow-origin: https://walalix.fr\r\naccess-control-max-age: 600\r\ncontent-encoding: br\r\nrndr-id: 76d8b13d-dfcb-4252\r\nvary: Origin, Accept-Encoding\r\nx-render-origin-server: uvicorn\r\ncf-cache-status: DYNAMIC\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"e0aa021e21dddbd6d8cecec71e9cf564","sha1":"9ce3bd4224c8c1780db56b4125ecf3f24bf748b7","sha256":"565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3","sha512":"900110c951560eff857b440e89cc29f529416e0e3b3d7f0ad51651bfdbd8025b91768c5ed7db5352d1a5523354ce06ced2c42047e33a3e958a1bba5f742db874","ssdeep":"","tlshash":"c710000000000000000000030000000030000000000000000c000000c0000000000000","first_seen":"2023-03-09T09:04:49Z","last_seen":"2026-05-05T16:10:48.125697Z","times_seen":286915,"resource_available":true,"data":null}},"time_used":216,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":216,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"base44.app/api/apps/68fc31d504af3cb9b2bb45e2/entities/User/me","fqdn":"base44.app","domain":"base44.app","tld":""},"ip":{"addr":"216.24.57.7","port":443,"asn":397273,"as":"RENDER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://walalix.fr/tvlive","date":"2026-01-07T17:46:05.921Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.base44.app","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 16 Nov 2025 17:52:28 GMT","end":"Sat, 14 Feb 2026 17:52:27 GMT"},"fingerprint":{"sha1":"E0:4B:86:40:79:04:D2:D0:CA:6B:BE:FD:82:58:F4:89:51:10:EA:35","sha256":"C4:08:78:FA:0D:EB:5C:F9:8D:E5:90:C6:FA:8E:23:54:55:65:6E:3B:7F:FF:BD:F4:F5:F0:F0:07:8F:E9:2D:80"}}},"request":{"raw":"GET /api/apps/68fc31d504af3cb9b2bb45e2/entities/User/me HTTP/1.1\r\nHost: base44.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-App-Id: 68fc31d504af3cb9b2bb45e2\r\nX-Origin-URL: https://walalix.fr/tvlive\r\nOrigin: https://walalix.fr\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://walalix.fr/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 401 Unauthorized\r\ndate: Wed, 07 Jan 2026 17:46:06 GMT\r\ncontent-type: application/json\r\ncontent-length: 114\r\ncf-ray: 9ba545caff3323eb-OSL\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: *\r\ncontent-encoding: br\r\nrndr-id: 04ef9096-2372-483d\r\nvary: Accept-Encoding\r\nx-render-origin-server: uvicorn\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"401","status_text":"Unauthorized","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":146,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"845802cafc3fec625bf46fdd1cf7fb11","sha1":"b7bffa4bc2eb47d8b59320e97e3ccd50d0bd2da6","sha256":"1ae943518116eb07b8eee66b2a283d1d4d3d0ee48e48f539e295c39220797319","sha512":"cb5f8627881d42c8fb3737f0679cab260bc8e7f994adcfbedb6c3964f20f2780841eba10d0db6e687b463a405cd752c114933afbea23c90eee7c31ebd781fbf3","ssdeep":"","tlshash":"cfc08cd4a2c81c060e23238275506a4023adf42b014058022159fa2822d912c92ab2a4","first_seen":"2025-10-06T01:12:49.070066Z","last_seen":"2026-02-25T12:45:14.043034Z","times_seen":362,"resource_available":false,"data":null}},"time_used":317,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":317,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"base44.app/api/apps/68fc31d504af3cb9b2bb45e2/entities/User/me","fqdn":"base44.app","domain":"base44.app","tld":""},"ip":{"addr":"216.24.57.7","port":443,"asn":397273,"as":"RENDER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://walalix.fr/tvlive","date":"2026-01-07T17:46:05.937Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.base44.app","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 16 Nov 2025 17:52:28 GMT","end":"Sat, 14 Feb 2026 17:52:27 GMT"},"fingerprint":{"sha1":"E0:4B:86:40:79:04:D2:D0:CA:6B:BE:FD:82:58:F4:89:51:10:EA:35","sha256":"C4:08:78:FA:0D:EB:5C:F9:8D:E5:90:C6:FA:8E:23:54:55:65:6E:3B:7F:FF:BD:F4:F5:F0:F0:07:8F:E9:2D:80"}}},"request":{"raw":"GET /api/apps/68fc31d504af3cb9b2bb45e2/entities/User/me HTTP/1.1\r\nHost: base44.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-App-Id: 68fc31d504af3cb9b2bb45e2\r\nX-Origin-URL: https://walalix.fr/tvlive\r\nOrigin: https://walalix.fr\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://walalix.fr/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 401 Unauthorized\r\ndate: Wed, 07 Jan 2026 17:46:06 GMT\r\ncontent-type: application/json\r\ncontent-length: 114\r\ncf-ray: 9ba545cb1f8423eb-OSL\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: *\r\ncontent-encoding: br\r\nrndr-id: 6bd51961-d93d-4a57\r\nvary: Accept-Encoding\r\nx-render-origin-server: uvicorn\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"401","status_text":"Unauthorized","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":146,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"845802cafc3fec625bf46fdd1cf7fb11","sha1":"b7bffa4bc2eb47d8b59320e97e3ccd50d0bd2da6","sha256":"1ae943518116eb07b8eee66b2a283d1d4d3d0ee48e48f539e295c39220797319","sha512":"cb5f8627881d42c8fb3737f0679cab260bc8e7f994adcfbedb6c3964f20f2780841eba10d0db6e687b463a405cd752c114933afbea23c90eee7c31ebd781fbf3","ssdeep":"","tlshash":"cfc08cd4a2c81c060e23238275506a4023adf42b014058022159fa2822d912c92ab2a4","first_seen":"2025-10-06T01:12:49.070066Z","last_seen":"2026-02-25T12:45:14.043034Z","times_seen":362,"resource_available":false,"data":null}},"time_used":300,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":300,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.leparisien.fr/resizer/i14l0fvCLHgNPh41yq9ZoGMzO-o=/932x582/cloudfront-eu-central-1.images.arcpublishing.com/lpguideshopping/XOVNWBDWIGXL54HDJGADWFRVA4.jpg","fqdn":"www.leparisien.fr","domain":"leparisien.fr","tld":"fr"},"ip":{"addr":"23.36.77.99","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walalix.fr/tvlive","date":"2026-01-07T17:46:06.306Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"leparisien.web.arc-cdn.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 11 Dec 2025 10:18:08 GMT","end":"Wed, 11 Mar 2026 10:18:07 GMT"},"fingerprint":{"sha1":"26:FE:74:5C:3C:5E:22:30:C6:8B:58:33:2D:FF:E7:0C:BB:A2:53:21","sha256":"99:38:F3:25:42:F6:4F:08:C6:98:E2:77:D9:29:F6:95:2F:E3:AD:64:7A:4D:77:0B:36:2F:24:C3:F0:B0:03:97"}}},"request":{"raw":"GET /resizer/i14l0fvCLHgNPh41yq9ZoGMzO-o=/932x582/cloudfront-eu-central-1.images.arcpublishing.com/lpguideshopping/XOVNWBDWIGXL54HDJGADWFRVA4.jpg HTTP/1.1\r\nHost: www.leparisien.fr\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://walalix.fr/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/jpeg\r\ncontent-length: 22642\r\nserver: openresty\r\netag: \"24d6b6e3b50159275efa39965bacb39b94758f2f\"\r\ncache-control: private, max-age=31536000\r\nexpires: Thu, 07 Jan 2027 17:46:06 GMT\r\ndate: Wed, 07 Jan 2026 17:46:06 GMT\r\ncontent-security-policy: upgrade-insecure-requests\r\nstrict-transport-security: max-age=31536000\r\nx-arc-ttl: 31536000\r\nx-arc-request-id: 0.5f4d2417.1767807966.785cf116\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":22642,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80\", progressive, precision 8, 932x582, components 3","md5":"f86b3f7acdeebeea94508c6b7af00b30","sha1":"24d6b6e3b50159275efa39965bacb39b94758f2f","sha256":"c405075519fd9377f271e6d92f34a6efd91be4d53f486f8e202a11dc4975a85f","sha512":"aecf477deb49f16359e8bdf02fe91eddf508079d7708686182ad7c7118454c2b764e8816fa795d3aa270bd55a470d4b2d0d443e927860982f470d040f5cdbc71","ssdeep":"384:VC8tyibzPEi65V/YpAcB+BLjdvVvcJgicvX/BFO/VdtKM6L:VZXU3upAcBMdGJtcf/7O/Vdth6L","tlshash":"d3a2d0c7eac203aae890e0753a3d55132769d98affa93dcf0ce19c845ca41767dd640d","first_seen":"2026-01-07T17:46:33.789468Z","last_seen":"2026-01-07T17:46:33.789468Z","times_seen":1,"resource_available":false,"data":null}},"time_used":452,"timings":{"blocked":127,"dns":105,"connect":1,"send":0,"wait":189,"receive":1,"ssl":23},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/9c/5d/14/9c5d14453d6b11cdec5b98e5ce5af0dc.js","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"172.240.127.242","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://walalix.fr/tvlive","date":"2026-01-07T17:46:06.946Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 00:50:13 GMT","end":"Sun, 29 Mar 2026 00:50:12 GMT"},"fingerprint":{"sha1":"B6:89:38:EE:EF:1E:F1:A0:93:51:BB:7A:F2:13:F5:DF:8C:9B:8F:F7","sha256":"74:22:2C:3F:1E:A6:04:C8:AD:7C:D8:B4:13:57:A5:95:EF:83:FA:28:18:BC:F3:BD:38:93:CB:DA:4B:30:3F:8A"}}},"request":{"raw":"GET /9c/5d/14/9c5d14453d6b11cdec5b98e5ce5af0dc.js HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://walalix.fr/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 07 Jan 2026 17:46:07 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 3403\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 1\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 7bb58d0a3529dbfcf52ca6900d637197\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":6454,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (6454), with no line terminators","md5":"81c010ddfde2faeaf1c598844287df5a","sha1":"cd0fb06af4d1e8878a8c2c8d0311892ef13ff47b","sha256":"44442357bcab05b20364ed17aae2a3ae173b906529612b0e2f7d2217a76e51ab","sha512":"0acadda1dc3bba9f6178ba54356f2aed3dba23fbaf3b53b683fc5dd78eeff47a63ec7815ffbdb1e07041b274646eaa0a71ada2500f181775833f40761fc7cac8","ssdeep":"96:A9+XCx+8Ixmzn2ySej3zqIDNcxE6204l4sNm+E/0NK4Amfnqkk7lDAP2CwU6:A6Cg/S2yPXXWxW04fNPw6K4Amf4DAPA","tlshash":"13d1859c3e80b0a057b26077b97fa019b3696c50657fd80cd012b1a03e7562ad9bbba5","first_seen":"2025-12-01T12:09:20.892186Z","last_seen":"2026-01-29T12:50:40.978548Z","times_seen":4063,"resource_available":true,"data":null}},"time_used":690,"timings":{"blocked":294,"dns":19,"connect":91,"send":0,"wait":97,"receive":0,"ssl":185},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"walalix.fr/tvlive","fqdn":"walalix.fr","domain":"walalix.fr","tld":"fr"},"ip":{"addr":"216.24.57.1","port":443,"asn":397273,"as":"RENDER","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-07T17:46:02.118Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"walalix.fr","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 13:50:53 GMT","end":"Wed, 25 Mar 2026 14:50:45 GMT"},"fingerprint":{"sha1":"4D:A6:13:B2:B7:3E:10:E9:C0:C4:8D:ED:D5:57:3B:C2:BD:F3:8F:A1","sha256":"6C:97:15:BD:B8:E0:A3:47:9B:61:A9:DC:D3:FB:8A:A7:9C:D4:DC:72:AD:97:2F:DD:85:4F:C3:9E:19:EA:4B:49"}}},"request":{"raw":"GET /tvlive HTTP/1.1\r\nHost: walalix.fr\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 07 Jan 2026 17:46:02 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 592\r\ncf-ray: 9ba545b3983876ef-OSL\r\ncontent-encoding: br\r\nrndr-id: 3eb64fce-9a5d-46c4\r\nvary: Accept-Encoding\r\nx-render-origin-server: uvicorn\r\nlast-modified: Wed, 07 Jan 2026 17:45:53 GMT\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1806,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"7b9180df0e04959d29e24f19326ad683","sha1":"bc5586e6081fb58de92fccce099c4885ebb40749","sha256":"c6988b37295e8a7eb428a32f56432f864cef4f1fe6d0c5f74c7efbeb8d8334f1","sha512":"a441d2377368472061b222ebb45d6d704d5aa6d8dc29d1fe237a9f541369391319d50249196e72b3bf991c317fa5d818d9cf92c3fa6c437ac9f2b3a1b7493dfe","ssdeep":"","tlshash":"c13122a7db004921c754c3502dc2b08dd677c4d3d28dd800a2eeaade54e1ba4c2f73ac","first_seen":"2026-01-07T17:46:33.791329Z","last_seen":"2026-01-07T17:46:33.791329Z","times_seen":1,"resource_available":false,"data":null}},"time_used":373,"timings":{"blocked":61,"dns":37,"connect":1,"send":0,"wait":250,"receive":1,"ssl":20},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"walalix.fr","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"walalix.fr","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"base44.app/api/apps/68fc31d504af3cb9b2bb45e2/entities/TVChannel?sort=order\u0026limit=200","fqdn":"base44.app","domain":"base44.app","tld":""},"ip":{"addr":"216.24.57.7","port":443,"asn":397273,"as":"RENDER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://walalix.fr/tvlive","date":"2026-01-07T17:46:05.707Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.base44.app","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 16 Nov 2025 17:52:28 GMT","end":"Sat, 14 Feb 2026 17:52:27 GMT"},"fingerprint":{"sha1":"E0:4B:86:40:79:04:D2:D0:CA:6B:BE:FD:82:58:F4:89:51:10:EA:35","sha256":"C4:08:78:FA:0D:EB:5C:F9:8D:E5:90:C6:FA:8E:23:54:55:65:6E:3B:7F:FF:BD:F4:F5:F0:F0:07:8F:E9:2D:80"}}},"request":{"raw":"OPTIONS /api/apps/68fc31d504af3cb9b2bb45e2/entities/TVChannel?sort=order\u0026limit=200 HTTP/1.1\r\nHost: base44.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: x-app-id,x-origin-url\r\nReferer: https://walalix.fr/\r\nOrigin: https://walalix.fr\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 07 Jan 2026 17:46:05 GMT\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 6\r\ncf-ray: 9ba545c9ab1223eb-OSL\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: x-app-id,x-origin-url\r\naccess-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT\r\naccess-control-allow-origin: https://walalix.fr\r\naccess-control-max-age: 600\r\ncontent-encoding: br\r\nrndr-id: 502c47f6-8997-4a13\r\nvary: Origin, Accept-Encoding\r\nx-render-origin-server: uvicorn\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"e0aa021e21dddbd6d8cecec71e9cf564","sha1":"9ce3bd4224c8c1780db56b4125ecf3f24bf748b7","sha256":"565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3","sha512":"900110c951560eff857b440e89cc29f529416e0e3b3d7f0ad51651bfdbd8025b91768c5ed7db5352d1a5523354ce06ced2c42047e33a3e958a1bba5f742db874","ssdeep":"","tlshash":"c710000000000000000000030000000030000000000000000c000000c0000000000000","first_seen":"2023-03-09T09:04:49Z","last_seen":"2026-05-05T16:10:48.125697Z","times_seen":286915,"resource_available":true,"data":null}},"time_used":181,"timings":{"blocked":-1,"dns":1,"connect":0,"send":0,"wait":180,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"base44.app/api/apps/68fc31d504af3cb9b2bb45e2/entities/User/me","fqdn":"base44.app","domain":"base44.app","tld":""},"ip":{"addr":"216.24.57.7","port":443,"asn":397273,"as":"RENDER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://walalix.fr/tvlive","date":"2026-01-07T17:46:05.709Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.base44.app","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 16 Nov 2025 17:52:28 GMT","end":"Sat, 14 Feb 2026 17:52:27 GMT"},"fingerprint":{"sha1":"E0:4B:86:40:79:04:D2:D0:CA:6B:BE:FD:82:58:F4:89:51:10:EA:35","sha256":"C4:08:78:FA:0D:EB:5C:F9:8D:E5:90:C6:FA:8E:23:54:55:65:6E:3B:7F:FF:BD:F4:F5:F0:F0:07:8F:E9:2D:80"}}},"request":{"raw":"OPTIONS /api/apps/68fc31d504af3cb9b2bb45e2/entities/User/me HTTP/1.1\r\nHost: base44.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: x-app-id,x-origin-url\r\nReferer: https://walalix.fr/\r\nOrigin: https://walalix.fr\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 07 Jan 2026 17:46:05 GMT\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 6\r\ncf-ray: 9ba545c9ab1923eb-OSL\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: x-app-id,x-origin-url\r\naccess-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT\r\naccess-control-allow-origin: https://walalix.fr\r\naccess-control-max-age: 600\r\ncontent-encoding: br\r\nrndr-id: 44485aa5-b071-4c6d\r\nvary: Origin, Accept-Encoding\r\nx-render-origin-server: uvicorn\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"e0aa021e21dddbd6d8cecec71e9cf564","sha1":"9ce3bd4224c8c1780db56b4125ecf3f24bf748b7","sha256":"565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3","sha512":"900110c951560eff857b440e89cc29f529416e0e3b3d7f0ad51651bfdbd8025b91768c5ed7db5352d1a5523354ce06ced2c42047e33a3e958a1bba5f742db874","ssdeep":"","tlshash":"c710000000000000000000030000000030000000000000000c000000c0000000000000","first_seen":"2023-03-09T09:04:49Z","last_seen":"2026-05-05T16:10:48.125697Z","times_seen":286915,"resource_available":true,"data":null}},"time_used":227,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":227,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQQjIUHBtuRf3SxJkgPFKjcWmtR3zjCqXIunYCt0ksy3kVHfbmnVTHQLZL7isWozxiBgvU\u0026usqp=CAU","fqdn":"encrypted-tbn0.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.251.142.238","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walalix.fr/tvlive","date":"2026-01-07T17:46:06.859Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /images?q=tbn:ANd9GcQQjIUHBtuRf3SxJkgPFKjcWmtR3zjCqXIunYCt0ksy3kVHfbmnVTHQLZL7isWozxiBgvU\u0026usqp=CAU HTTP/1.1\r\nHost: encrypted-tbn0.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://walalix.fr/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-type: image/jpeg\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"images-tbn\"\r\nreport-to: {\"group\":\"images-tbn\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/images-tbn\"}]}\r\ncontent-length: 9646\r\ndate: Wed, 07 Jan 2026 17:46:07 GMT\r\nexpires: Thu, 07 Jan 2027 17:46:07 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 23 Aug 2022 08:38:56 GMT\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9646,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x168, components 3","md5":"9a897266271334443fe0bb5b33b2b1ca","sha1":"47b1e15f65fdce145e8c7e181b805f90dbf9827c","sha256":"e7106a01d9e2571ea4ad2ea401f3687ef605dad11a2b98137fe9b346d7bafa6d","sha512":"5eddb8685e9fa4b9fb9aa9aded2f3f55f8c51f6f0a338661036b728eb981e1bfd25eb9beeaa6d7be82016e2344e7a968e7fd4a3bff49d95662f276ba0b63764a","ssdeep":"192:qjGlmYdX44EzTdqHL6r6MdGecMS15jKAh1uats+UrYNBTbg2:GGnjEc2r6McF15jKJRDrYTM2","tlshash":"6b12af1fd955e5e3cb9d08e6194cf920aa08a6a563b483bb02c47950cc498357fadb6c","first_seen":"2026-01-07T17:46:33.792322Z","last_seen":"2026-01-07T17:46:33.792322Z","times_seen":1,"resource_available":false,"data":null}},"time_used":528,"timings":{"blocked":228,"dns":3,"connect":22,"send":0,"wait":63,"receive":4,"ssl":204},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/pixel/purst?dl=0\u0026th=0\u0026sc=0\u0026rs=4794\u0026rd=4794\u0026fd=517\u0026bv=25.12.4806\u0026tmpl=70","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"172.240.127.242","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walalix.fr/tvlive","date":"2026-01-07T17:46:06.932Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 00:50:13 GMT","end":"Sun, 29 Mar 2026 00:50:12 GMT"},"fingerprint":{"sha1":"B6:89:38:EE:EF:1E:F1:A0:93:51:BB:7A:F2:13:F5:DF:8C:9B:8F:F7","sha256":"74:22:2C:3F:1E:A6:04:C8:AD:7C:D8:B4:13:57:A5:95:EF:83:FA:28:18:BC:F3:BD:38:93:CB:DA:4B:30:3F:8A"}}},"request":{"raw":"GET /pixel/purst?dl=0\u0026th=0\u0026sc=0\u0026rs=4794\u0026rd=4794\u0026fd=517\u0026bv=25.12.4806\u0026tmpl=70 HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://walalix.fr/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 07 Jan 2026 17:46:07 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-05T16:09:50.836081Z","times_seen":14695563,"resource_available":true,"data":null}},"time_used":724,"timings":{"blocked":314,"dns":27,"connect":96,"send":0,"wait":96,"receive":0,"ssl":188},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"base44.app/api/apps/public/prod/public-settings/by-id/68fc31d504af3cb9b2bb45e2","fqdn":"base44.app","domain":"base44.app","tld":""},"ip":{"addr":"216.24.57.7","port":443,"asn":397273,"as":"RENDER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://walalix.fr/tvlive","date":"2026-01-07T17:46:03.786Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.base44.app","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 16 Nov 2025 17:52:28 GMT","end":"Sat, 14 Feb 2026 17:52:27 GMT"},"fingerprint":{"sha1":"E0:4B:86:40:79:04:D2:D0:CA:6B:BE:FD:82:58:F4:89:51:10:EA:35","sha256":"C4:08:78:FA:0D:EB:5C:F9:8D:E5:90:C6:FA:8E:23:54:55:65:6E:3B:7F:FF:BD:F4:F5:F0:F0:07:8F:E9:2D:80"}}},"request":{"raw":"OPTIONS /api/apps/public/prod/public-settings/by-id/68fc31d504af3cb9b2bb45e2 HTTP/1.1\r\nHost: base44.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: x-app-id,x-origin-url\r\nReferer: https://walalix.fr/\r\nOrigin: https://walalix.fr\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 07 Jan 2026 17:46:04 GMT\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 6\r\ncf-ray: 9ba545bdea5956b1-OSL\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: x-app-id,x-origin-url\r\naccess-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT\r\naccess-control-allow-origin: https://walalix.fr\r\naccess-control-max-age: 600\r\ncontent-encoding: br\r\nrndr-id: b2cb25d2-726a-47fd\r\nvary: Origin, Accept-Encoding\r\nx-render-origin-server: uvicorn\r\ncf-cache-status: DYNAMIC\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"e0aa021e21dddbd6d8cecec71e9cf564","sha1":"9ce3bd4224c8c1780db56b4125ecf3f24bf748b7","sha256":"565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3","sha512":"900110c951560eff857b440e89cc29f529416e0e3b3d7f0ad51651bfdbd8025b91768c5ed7db5352d1a5523354ce06ced2c42047e33a3e958a1bba5f742db874","ssdeep":"","tlshash":"c710000000000000000000030000000030000000000000000c000000c0000000000000","first_seen":"2023-03-09T09:04:49Z","last_seen":"2026-05-05T16:10:48.125697Z","times_seen":286915,"resource_available":true,"data":null}},"time_used":314,"timings":{"blocked":42,"dns":19,"connect":4,"send":0,"wait":230,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xalalix.fun/films/FRANCE/music/veneno-lento-house-background-music-for-vlog-video-stories-short-430676.mp3","fqdn":"xalalix.fun","domain":"xalalix.fun","tld":"fun"},"ip":{"addr":"51.15.9.186","port":443,"asn":12876,"as":"Scaleway S.a.s.","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://walalix.fr/tvlive","date":"2026-01-07T17:46:05.761Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xalalix.fun","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 25 Dec 2025 22:17:28 GMT","end":"Wed, 25 Mar 2026 22:17:27 GMT"},"fingerprint":{"sha1":"46:BE:39:98:C8:B0:A3:F7:E5:9F:3A:07:E1:8B:B5:64:5C:9E:BE:61","sha256":"99:C1:98:81:0A:49:49:1A:70:1E:6E:8F:7D:64:0B:EC:2F:C4:7B:96:AA:89:8F:B1:C8:E9:4A:51:6F:7F:55:CD"}}},"request":{"raw":"GET /films/FRANCE/music/veneno-lento-house-background-music-for-vlog-video-stories-short-430676.mp3 HTTP/1.1\r\nHost: xalalix.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://walalix.fr/\r\nSec-Fetch-Dest: audio\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 206 Partial Content\r\nServer: nginx/1.18.0 (Ubuntu)\r\nDate: Wed, 07 Jan 2026 17:46:05 GMT\r\nContent-Type: audio/mpeg\r\nContent-Length: 3312744\r\nLast-Modified: Thu, 20 Nov 2025 15:23:59 GMT\r\nConnection: keep-alive\r\nETag: \"691f328f-328c68\"\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, OPTIONS\r\nAccess-Control-Allow-Headers: *\r\nContent-Range: bytes 0-3312743/3312744\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3309173,"size_decoded":0,"mime_type":"audio/mpeg","magic":"MPEG ADTS, layer III, v1, 256 kbps, 44.1 kHz, JntStereo","md5":"b8ca4d598d3baa7223cb410a9101b274","sha1":"d64858a393ce7e01520da58acfa3a2daa0533113","sha256":"32f32c796ac058a0fd88cad9ea2fe751da52358778e9fc429d43b428a329bb9a","sha512":"b80fbff94f61e964ffea54c2504af95745407ca274f6de2895139cb217b7b54daba411cce22187eedfbfab416cf352a6e1016c800febc2d7471d7083ad317c88","ssdeep":"24576:tODgZxh1Yk4YcWgynCQWsWPx6j9iglVKlMyCLa:tqgZxh2QcW/CQIcAxlRp","tlshash":"46252383a32c9159f55b6b349eefa1acd6563c047a1060cc85e8ff857633e06bf1258e","first_seen":"2026-01-07T17:46:33.793946Z","last_seen":"2026-01-07T17:46:33.793946Z","times_seen":1,"resource_available":false,"data":null}},"time_used":633,"timings":{"blocked":160,"dns":109,"connect":17,"send":0,"wait":35,"receive":277,"ssl":30},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"xalalix.fun","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"reclinecostumepessimistic.com/74/ab/ac/74abac2dcba944b01d4aee7696c5fa4b.js","fqdn":"reclinecostumepessimistic.com","domain":"reclinecostumepessimistic.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://walalix.fr/tvlive","date":"2026-01-07T17:46:06.374Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"reclinecostumepessimistic.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 16 Nov 2025 07:35:48 GMT","end":"Sat, 14 Feb 2026 07:35:47 GMT"},"fingerprint":{"sha1":"85:0D:6C:B5:F1:21:51:96:64:1D:EC:7B:7B:1D:9E:36:B3:5F:5A:70","sha256":"39:89:DB:10:68:07:21:0A:A9:DF:6A:66:A1:B8:81:82:E8:E6:89:D7:CC:39:BA:C7:B7:56:2E:E8:F6:BC:3F:C6"}}},"request":{"raw":"GET /74/ab/ac/74abac2dcba944b01d4aee7696c5fa4b.js HTTP/1.1\r\nHost: reclinecostumepessimistic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://walalix.fr/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 07 Jan 2026 17:46:06 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 38082\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 5\r\nHost: reclinecostumepessimistic.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 3f576aa8c779491baff731a8a65b5491\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":106828,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"37a0156ef4896bcdf8812e47acb2d122","sha1":"60596415f73e7caa09a85604d91c6bad8fcf12e4","sha256":"9aff3fda2dc3be394f7ef86ac75efea4afa0acde20a1dd3c5ec66d57097a302b","sha512":"e28e5e7c8653f40432aa96742ebd71d2853b798dc8703c52001012ebd150a62e7fe86b4d88161a6eaaacb5aa0e01e713d9637e84b5536a1cd1ffe8786d391710","ssdeep":"3072:E6l17aMWZ44SXdVY4lDKVVbZ4i3/9j9y1UglGewsV:E6lw194LwsV","tlshash":"61a3c788bfd0f06d129a6473223f950ff11a4e42505ce558e907f8e66abc32af47db64","first_seen":"2026-01-07T17:46:33.795077Z","last_seen":"2026-01-07T17:46:33.795077Z","times_seen":1,"resource_available":true,"data":null}},"time_used":857,"timings":{"blocked":322,"dns":41,"connect":94,"send":0,"wait":102,"receive":110,"ssl":185},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"reclinecostumepessimistic.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"reclinecostumepessimistic.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQhMKMmeC0u0I1KoCNDSn-tMgQnFGsWY74vjA\u0026s","fqdn":"encrypted-tbn0.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.251.142.238","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walalix.fr/tvlive","date":"2026-01-07T17:46:06.857Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /images?q=tbn:ANd9GcQhMKMmeC0u0I1KoCNDSn-tMgQnFGsWY74vjA\u0026s HTTP/1.1\r\nHost: encrypted-tbn0.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://walalix.fr/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-type: image/png\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"images-tbn\"\r\nreport-to: {\"group\":\"images-tbn\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/images-tbn\"}]}\r\ncontent-length: 2754\r\ndate: Wed, 07 Jan 2026 17:46:07 GMT\r\nexpires: Thu, 07 Jan 2027 17:46:07 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Fri, 11 Jul 2025 03:34:10 GMT\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2754,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 259 x 194, 8-bit colormap, non-interlaced","md5":"2e1fb6c4504b8de5902c5250afab9ffd","sha1":"54b12ebbaeb7f8d902dcc70ef6805e7c0988f059","sha256":"a084aaa256c9eb5d5a59e1234ed44d7ec88932a64c7831434e6e15b2e80bd52e","sha512":"a3c8ca7a0873766777340638117f367ef79b58ba76b719dd4317e197925def50116ac54d3cd1a6f3d6a565b67de736991f451897dce3fe5b6f145dc319f1bd4c","ssdeep":"","tlshash":"5e514c584276de69127664f324ac60f0f2b60e176969938f8ccfb30553392b883d80f7","first_seen":"2026-01-07T17:46:33.796224Z","last_seen":"2026-01-07T17:46:33.796224Z","times_seen":1,"resource_available":false,"data":null}},"time_used":445,"timings":{"blocked":202,"dns":8,"connect":8,"send":0,"wait":33,"receive":1,"ssl":188},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"walalix.fr/assets/index-DkRHE44W.css","fqdn":"walalix.fr","domain":"walalix.fr","tld":"fr"},"ip":{"addr":"216.24.57.1","port":443,"asn":397273,"as":"RENDER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://walalix.fr/tvlive","date":"2026-01-07T17:46:02.657Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"walalix.fr","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 13:50:53 GMT","end":"Wed, 25 Mar 2026 14:50:45 GMT"},"fingerprint":{"sha1":"4D:A6:13:B2:B7:3E:10:E9:C0:C4:8D:ED:D5:57:3B:C2:BD:F3:8F:A1","sha256":"6C:97:15:BD:B8:E0:A3:47:9B:61:A9:DC:D3:FB:8A:A7:9C:D4:DC:72:AD:97:2F:DD:85:4F:C3:9E:19:EA:4B:49"}}},"request":{"raw":"GET /assets/index-DkRHE44W.css HTTP/1.1\r\nHost: walalix.fr\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://walalix.fr/tvlive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 07 Jan 2026 17:46:03 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncf-ray: 9ba545b6896c35a6-OSL\r\ncache-control: public, max-age=3600\r\ncontent-encoding: br\r\nrndr-id: 6a5bff4c-f45e-403f\r\nvary: Accept-Encoding\r\nx-render-origin-server: uvicorn\r\nlast-modified: Wed, 07 Jan 2026 17:46:03 GMT\r\ncf-cache-status: MISS\r\npriority: u=2,i=?0\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":118963,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"faa0cfd750d2d09ca13e24eed90512a6","sha1":"9ef18389fffffb0641c58e8cbc5785e4848b945b","sha256":"b2dc76cf18006e9cb9f6223695f5427c72b62420952f5b6dc97ddc115c80ff9a","sha512":"d2ad784d28d6f9ffbfe2526c7d5313226949c90e29322725af481dc0be5407f8b54d86efc4e0fe0a63b440796aecdb0b288f7bc2d5f39dd17e993b0818f7b3c7","ssdeep":"3072:6DJhPQq7RYW9hkleM0redG9QJ378VQZkt5FfH+Kz:6DJhPQq7RYW9hk4QJ378VQZkt5FfH+Kz","tlshash":"79c385396aa4503f7c17a1f4d3ccb96ce51af1c0de3a06b9bc96422467e23f65c6b904","first_seen":"2026-01-07T17:46:33.797127Z","last_seen":"2026-01-07T17:46:33.797127Z","times_seen":1,"resource_available":false,"data":null}},"time_used":944,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":942,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"walalix.fr","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"walalix.fr","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"qtrypzzcjebvfcihiynt.supabase.co/storage/v1/object/public/base44-prod/public/68fc31d504af3cb9b2bb45e2/00134eaf5_Capturedcran2025-11-05032057.jpg","fqdn":"qtrypzzcjebvfcihiynt.supabase.co","domain":"qtrypzzcjebvfcihiynt.supabase.co","tld":"supabase.co"},"ip":{"addr":"104.18.38.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walalix.fr/tvlive","date":"2026-01-07T17:46:05.632Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"supabase.co","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 02 Jan 2026 06:20:04 GMT","end":"Thu, 02 Apr 2026 07:19:59 GMT"},"fingerprint":{"sha1":"53:7B:EA:AA:0A:13:9A:C5:94:1F:F6:35:89:F3:54:70:C4:08:C0:1D","sha256":"2F:FE:D0:12:7B:AB:9D:42:41:69:23:1F:06:96:BF:8E:3C:AB:2F:00:05:7D:6D:EE:4A:C0:18:C3:82:92:61:B4"}}},"request":{"raw":"GET /storage/v1/object/public/base44-prod/public/68fc31d504af3cb9b2bb45e2/00134eaf5_Capturedcran2025-11-05032057.jpg HTTP/1.1\r\nHost: qtrypzzcjebvfcihiynt.supabase.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://walalix.fr/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 07 Jan 2026 17:46:05 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 9158\r\nserver: cloudflare\r\ncf-ray: 9ba545c93ce1b4ee-OSL\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: no-cache\r\netag: \"3136a168a4f1e5199ea5f59cf8980467\"\r\nlast-modified: Wed, 05 Nov 2025 02:21:30 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nsb-gateway-mode: direct\r\nsb-gateway-version: 1\r\nsb-project-ref: qtrypzzcjebvfcihiynt\r\nsb-request-id: 019b9990-d9ca-7af2-b4f6-704447a777bc\r\nx-smart-cdn: true\r\npriority: u=4,i=?0\r\nset-cookie: __cf_bm=XsBybn0GIOBKkSthaQJ9UKYeXKDW9fYBB9SATFpMXkk-1767807965-1.0.1.1-_x8VruJT.4aDhvEcZ6qdGdvKJSNnVKp9OTr.lDPOesLcqA.sC2iSNKKHREnEqnwGP7OCmf5kOc94Al928rzsunjxYDJ99dGDBp2kC9uW47U; path=/; expires=Wed, 07-Jan-26 18:16:05 GMT; domain=.supabase.co; HttpOnly; Secure; SameSite=None\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":9158,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 192x192, segment length 16, baseline, precision 8, 448x80, components 3","md5":"3136a168a4f1e5199ea5f59cf8980467","sha1":"93c40c5c6483bce392100120b31053cea566a5fa","sha256":"5e7331ffc1094b2e5606b2846d8c84e20e98b2bf261579d9b11bc61a59d104f5","sha512":"fea5799b9cc0b62169505e43d07f172b716c2f9f22e7f0724955913fcde5c9e3396be0a571f5bbdc2ed87857004b6626b6c81938be4754b48587fd9378c143e7","ssdeep":"192:4EDS3MmxNnlxB81Su08Mxr1h5jmo/2VkJuEW:41VDBmLbMfh5jLOL","tlshash":"24129f4312414bcd341bc7827d0b4e6e7bd0fd28b4d06961bfd50589eda074dea39e99","first_seen":"2026-01-07T17:46:33.798126Z","last_seen":"2026-01-07T17:46:33.798126Z","times_seen":1,"resource_available":false,"data":null}},"time_used":52,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":51,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"base44.app/api/apps/68fc31d504af3cb9b2bb45e2/entities/SiteSettings?q=%7B%22setting_key%22:%22adsterra_enabled%22%7D","fqdn":"base44.app","domain":"base44.app","tld":""},"ip":{"addr":"216.24.57.7","port":443,"asn":397273,"as":"RENDER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://walalix.fr/tvlive","date":"2026-01-07T17:46:05.941Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.base44.app","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 16 Nov 2025 17:52:28 GMT","end":"Sat, 14 Feb 2026 17:52:27 GMT"},"fingerprint":{"sha1":"E0:4B:86:40:79:04:D2:D0:CA:6B:BE:FD:82:58:F4:89:51:10:EA:35","sha256":"C4:08:78:FA:0D:EB:5C:F9:8D:E5:90:C6:FA:8E:23:54:55:65:6E:3B:7F:FF:BD:F4:F5:F0:F0:07:8F:E9:2D:80"}}},"request":{"raw":"GET /api/apps/68fc31d504af3cb9b2bb45e2/entities/SiteSettings?q=%7B%22setting_key%22:%22adsterra_enabled%22%7D HTTP/1.1\r\nHost: base44.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-App-Id: 68fc31d504af3cb9b2bb45e2\r\nX-Origin-URL: https://walalix.fr/tvlive\r\nOrigin: https://walalix.fr\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://walalix.fr/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 07 Jan 2026 17:46:06 GMT\r\ncontent-type: application/json\r\ncontent-length: 242\r\ncf-ray: 9ba545cb1f9f23eb-OSL\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: *\r\ncontent-encoding: br\r\nrndr-id: 4decd9c7-cbb1-4583\r\nvary: Accept-Encoding\r\nx-render-origin-server: uvicorn\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":343,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"4cc2d22575a64b672c7528f879c5ef61","sha1":"024e087299d583bc29f8d59ac94457bc25642a25","sha256":"6a3c53abb74ec9c0784bcf0abf80e8ae9124e55d211e1f49ded112fee8e8635a","sha512":"ff81d8bad9cd8bb082d1ead9ebdc7adf1ae12712671109127117313f0da60eea9f83c1a7b45b7cf8761f9cf4f376b88cbd4e1f210bc3d3c1776a03d054a75cfe","ssdeep":"","tlshash":"35e02071b75c9c7880dbd0577523f3c5a552619128aaecf81bd6c1049126db00506fbb","first_seen":"2026-01-07T17:46:33.799205Z","last_seen":"2026-01-07T17:46:33.799205Z","times_seen":1,"resource_available":false,"data":null}},"time_used":424,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":424,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.leparisien.fr/resizer/i14l0fvCLHgNPh41yq9ZoGMzO-o=/932x582/cloudfront-eu-central-1.images.arcpublishing.com/lpguideshopping/XOVNWBDWIGXL54HDJGADWFRVA4.jpg","fqdn":"www.leparisien.fr","domain":"leparisien.fr","tld":"fr"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walalix.fr/tvlive","date":"2026-01-07T17:46:06.269Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /resizer/i14l0fvCLHgNPh41yq9ZoGMzO-o=/932x582/cloudfront-eu-central-1.images.arcpublishing.com/lpguideshopping/XOVNWBDWIGXL54HDJGADWFRVA4.jpg HTTP/1.1\r\nHost: www.leparisien.fr\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://walalix.fr/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-05T16:09:50.836081Z","times_seen":14695563,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"protrafficinspector.com/stats","fqdn":"protrafficinspector.com","domain":"protrafficinspector.com","tld":"com"},"ip":{"addr":"63.180.128.110","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://walalix.fr/tvlive","date":"2026-01-07T17:46:06.954Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"traffinspector.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 19 Nov 2025 00:00:00 GMT","end":"Fri, 18 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"11:9F:BE:35:27:7B:7B:85:C9:B3:FF:0E:CA:F6:0D:13:B0:A9:A0:BB","sha256":"81:A4:38:32:0D:BC:66:C8:7B:6D:08:BC:93:91:76:73:A2:BD:D0:53:3C:BF:2F:FD:B8:87:00:C6:EC:3B:6C:77"}}},"request":{"raw":"GET /stats HTTP/1.1\r\nHost: protrafficinspector.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://walalix.fr\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://walalix.fr/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 07 Jan 2026 17:46:07 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 40\r\nserver: fasthttp\r\naccess-control-allow-origin: https://walalix.fr\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nset-cookie: uid_id2=f072ff0e-726f-4c7a-ac1d-a90672ee4e9d:3:1; expires=Sat, 05 Jan 2036 17:46:07 GMT; secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"12bd48b4386533c9d12838a4715ebc4e","sha1":"c89131e26cbad86138d4f7cc718d2f624e22c04d","sha256":"fad42e143e7574959a554705fd4daf8f7bf7fc08f06976e381b49cc344cead32","sha512":"cc062635bbb535114c474c4b13a0f4a055a11864d45d22b5639bd561fb53a8d11dac1992e496039babea9eb722ef2615d44fb5c45fb97db248106e78f08614af","ssdeep":"","tlshash":"2a9004443117173f0401041145011c40144f411d03704141d035c051077173d117051d","first_seen":"2026-01-07T17:46:33.800137Z","last_seen":"2026-01-07T17:46:33.800137Z","times_seen":1,"resource_available":false,"data":null}},"time_used":162,"timings":{"blocked":-1,"dns":20,"connect":21,"send":0,"wait":22,"receive":0,"ssl":99},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"walalix.fr/assets/index-B9oHQyne.js","fqdn":"walalix.fr","domain":"walalix.fr","tld":"fr"},"ip":{"addr":"216.24.57.1","port":443,"asn":397273,"as":"RENDER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://walalix.fr/tvlive","date":"2026-01-07T17:46:02.654Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"walalix.fr","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 13:50:53 GMT","end":"Wed, 25 Mar 2026 14:50:45 GMT"},"fingerprint":{"sha1":"4D:A6:13:B2:B7:3E:10:E9:C0:C4:8D:ED:D5:57:3B:C2:BD:F3:8F:A1","sha256":"6C:97:15:BD:B8:E0:A3:47:9B:61:A9:DC:D3:FB:8A:A7:9C:D4:DC:72:AD:97:2F:DD:85:4F:C3:9E:19:EA:4B:49"}}},"request":{"raw":"GET /assets/index-B9oHQyne.js HTTP/1.1\r\nHost: walalix.fr\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://walalix.fr/tvlive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 07 Jan 2026 17:46:03 GMT\r\ncontent-type: application/javascript\r\ncf-ray: 9ba545b6896535a6-OSL\r\ncache-control: public, max-age=3600\r\ncontent-encoding: br\r\nrndr-id: 354cf076-65b4-41dc\r\nvary: Accept-Encoding\r\nx-render-origin-server: uvicorn\r\nlast-modified: Wed, 07 Jan 2026 17:46:02 GMT\r\ncf-cache-status: MISS\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2224920,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (37948)","md5":"4857e596c103aaa779c67dfdd35e3a1b","sha1":"1b043d33f83de7c46ff569ac49674f24b048d484","sha256":"144671cd44bce88f977bad8c8b075c4c5da7f80d12a9a817fbb6cc0042c5a0ae","sha512":"81b73a1e65cedd9e28a9da47679c07dbede4ff1b097310f18d8a75e101612b14731ba84794cb4d4ca1548e164a7034fddc0e5aa69ecc3ff10d5ce8e9c335b9d8","ssdeep":"24576:yMAk1LsqM2khuFB3kQuVklzzxj5lHk6FcwZ1PBufin:yMAk1LsqMPhuFB3kQuVklzVj5lHk6FcS","tlshash":"6d254b9cb081aead9b7749e06c7f4009713e1a59f40e8ce0f07cac962660549b5a7ffd","first_seen":"2026-01-07T17:46:33.801117Z","last_seen":"2026-01-07T17:46:33.801117Z","times_seen":1,"resource_available":false,"data":null}},"time_used":786,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":497,"receive":289,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"walalix.fr","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"walalix.fr","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"reclinecostumepessimistic.com/7d/47/39/7d4739f66e4929d6ad0e46fd6044dd57.js","fqdn":"reclinecostumepessimistic.com","domain":"reclinecostumepessimistic.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://walalix.fr/tvlive","date":"2026-01-07T17:46:06.377Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"reclinecostumepessimistic.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 16 Nov 2025 07:35:48 GMT","end":"Sat, 14 Feb 2026 07:35:47 GMT"},"fingerprint":{"sha1":"85:0D:6C:B5:F1:21:51:96:64:1D:EC:7B:7B:1D:9E:36:B3:5F:5A:70","sha256":"39:89:DB:10:68:07:21:0A:A9:DF:6A:66:A1:B8:81:82:E8:E6:89:D7:CC:39:BA:C7:B7:56:2E:E8:F6:BC:3F:C6"}}},"request":{"raw":"GET /7d/47/39/7d4739f66e4929d6ad0e46fd6044dd57.js HTTP/1.1\r\nHost: reclinecostumepessimistic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://walalix.fr/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 07 Jan 2026 17:46:06 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 38097\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 6\r\nHost: reclinecostumepessimistic.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 23be1f208669070187917b65042b0f99\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":106859,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"195eadbeab0a2f2327735d583c1dcc61","sha1":"799d0b4b07f77915c8cc9f135b7325ad1b300793","sha256":"d58a3ecd3fa4adda7db480065062d3f4efdfe13d95cdb685968842ccef6a9c3f","sha512":"5ce2026b0a304effca78f278443f7e5883aa1cd8f431d3105e9886b48ccba571b1f4d38b987214cea9d5638339abf408410c9654bf2c93628b291cf74c37e1f0","ssdeep":"3072:EZz17aMWZ44SXdVY4lDKVVbZ4i3/9j9y1UglGewsg:EZzw194Lwsg","tlshash":"c9a3c788bfd0f06d129a6473223f950ff11a4e42505ce558e907f8e66abc32af47db64","first_seen":"2026-01-07T17:46:33.802248Z","last_seen":"2026-01-07T17:46:33.802248Z","times_seen":1,"resource_available":true,"data":null}},"time_used":830,"timings":{"blocked":318,"dns":38,"connect":91,"send":0,"wait":101,"receive":93,"ssl":186},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"reclinecostumepessimistic.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"reclinecostumepessimistic.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"qtrypzzcjebvfcihiynt.supabase.co/storage/v1/object/public/base44-prod/public/68fc31d504af3cb9b2bb45e2/00134eaf5_Capturedcran2025-11-05032057.jpg","fqdn":"qtrypzzcjebvfcihiynt.supabase.co","domain":"qtrypzzcjebvfcihiynt.supabase.co","tld":"supabase.co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walalix.fr/tvlive","date":"2026-01-07T17:46:05.583Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"supabase.co","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 02 Jan 2026 06:20:04 GMT","end":"Thu, 02 Apr 2026 07:19:59 GMT"},"fingerprint":{"sha1":"53:7B:EA:AA:0A:13:9A:C5:94:1F:F6:35:89:F3:54:70:C4:08:C0:1D","sha256":"2F:FE:D0:12:7B:AB:9D:42:41:69:23:1F:06:96:BF:8E:3C:AB:2F:00:05:7D:6D:EE:4A:C0:18:C3:82:92:61:B4"}}},"request":{"raw":"GET /storage/v1/object/public/base44-prod/public/68fc31d504af3cb9b2bb45e2/00134eaf5_Capturedcran2025-11-05032057.jpg HTTP/1.1\r\nHost: qtrypzzcjebvfcihiynt.supabase.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://walalix.fr/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-05T16:09:50.836081Z","times_seen":14695563,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.open-meteo.com/v1/forecast?latitude=59.8903\u0026longitude=10.5705\u0026current=temperature_2m","fqdn":"api.open-meteo.com","domain":"open-meteo.com","tld":"com"},"ip":{"addr":"94.130.142.35","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://walalix.fr/tvlive","date":"2026-01-07T17:46:05.829Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"open-meteo.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 18 Nov 2025 02:32:53 GMT","end":"Mon, 16 Feb 2026 02:32:52 GMT"},"fingerprint":{"sha1":"F1:FC:FD:AC:3A:F2:C1:C0:AF:A9:1F:47:3B:04:18:7C:E8:6D:64:E4","sha256":"D9:18:87:46:B8:24:76:0B:7B:40:C1:8F:F4:97:F4:4A:66:57:80:50:24:00:68:15:74:A4:36:CB:D5:A5:D6:0A"}}},"request":{"raw":"GET /v1/forecast?latitude=59.8903\u0026longitude=10.5705\u0026current=temperature_2m HTTP/1.1\r\nHost: api.open-meteo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://walalix.fr/\r\nOrigin: https://walalix.fr\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 07 Jan 2026 17:46:05 GMT\r\nContent-Type: application/json; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: accept, authorization, content-type, origin, x-requested-with, user-agent, access-control-allow-origin\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-max-age: 600\r\nContent-Encoding: deflate\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":322,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"a61a7e3f74f0b95490eeaafd2fc6fd39","sha1":"728896b7b00dfd6ddba088d7680eb955083b1047","sha256":"3afbcfe2d158b133eb74cd8d96de53ce0965ea536b97f38b647678c04416d1c1","sha512":"5f4ac8d1d30ab1b53ae625ed4af89c591a398bb82aab5cbc7522bbe181ac2bbf56b7c2e44099fd31298c6ad223ca8b390b72f04dc81336af7bb566ce2d8fc719","ssdeep":"","tlshash":"22e07d2916fa0c3b5d3bd7f2d516acf90231201b1482a41026ec0d7ae0c2cba8b4b689","first_seen":"2026-01-07T17:46:33.803321Z","last_seen":"2026-01-07T17:46:33.803321Z","times_seen":1,"resource_available":false,"data":null}},"time_used":230,"timings":{"blocked":102,"dns":19,"connect":26,"send":0,"wait":26,"receive":0,"ssl":53},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weirdopt.com/ad/advertisers.js","fqdn":"weirdopt.com","domain":"weirdopt.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://walalix.fr/tvlive","date":"2026-01-07T17:46:06.942Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"weirdopt.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 00:51:40 GMT","end":"Sun, 29 Mar 2026 00:51:39 GMT"},"fingerprint":{"sha1":"F3:CE:FF:C9:F8:70:23:18:40:13:70:96:1A:D1:FD:34:D3:CD:66:FC","sha256":"07:8C:A3:3F:1D:F1:E0:75:3D:26:20:F5:D5:75:64:CE:F7:40:6E:B7:BB:B9:EC:79:33:27:5F:51:2E:B0:12:E7"}}},"request":{"raw":"GET /ad/advertisers.js HTTP/1.1\r\nHost: weirdopt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://walalix.fr/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 07 Jan 2026 17:46:07 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 0\r\nConnection: keep-alive\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: d98bea4a4472356e15ebcc6a5aef924d\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-05T16:09:50.836081Z","times_seen":14695563,"resource_available":true,"data":null}},"time_used":253,"timings":{"blocked":116,"dns":54,"connect":17,"send":0,"wait":18,"receive":0,"ssl":41},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"get.geojs.io/v1/ip/geo.json","fqdn":"get.geojs.io","domain":"geojs.io","tld":"io"},"ip":{"addr":"104.26.1.100","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://walalix.fr/tvlive","date":"2026-01-07T17:46:05.634Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"geojs.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Dec 2025 07:02:11 GMT","end":"Fri, 20 Mar 2026 08:01:51 GMT"},"fingerprint":{"sha1":"F4:8D:8C:72:A7:FB:69:EE:A0:1B:5C:4A:E2:9A:C8:CA:AB:CF:FC:89","sha256":"73:1F:89:F1:C4:D1:9A:B2:77:40:EB:E3:55:1F:ED:42:62:C3:86:7B:7E:EE:E3:F3:5E:A1:27:A8:7F:80:24:72"}}},"request":{"raw":"GET /v1/ip/geo.json HTTP/1.1\r\nHost: get.geojs.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://walalix.fr/\r\nOrigin: https://walalix.fr\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 07 Jan 2026 17:46:05 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nx-request-id: 52025561778c2f7ccda1c3aad6e36eee-ASH\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET\r\npragma: no-cache\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\ngeojs-backend: ash-01\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FAGpJCCDHhKhYYkI%2FejUhFZpIK%2BxHcBYeKduDHBO9z4NcizbpdZqcuZJlSStIfjBq6rh5CI6xRgF12oH0fDemRES9MXLOk3bpA%3D%3D\"}]}\r\ncontent-encoding: br\r\ncf-ray: 9ba545c96f714e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":341,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"2cdd5829aa059bcee8e83448d0f3a0c9","sha1":"341ae3ed1fb56178de6e8553f5055a82f8f8cc17","sha256":"18a7b33f539407ed4106b9fed012ea3c148c9a59b26a754a545cf8e6c82bbada","sha512":"691e97b650c370c0ea699e049544fc465580d879aa0489ad72fb6e5b908e356f5442905d4592f3f4cc11825f732f5a646fd995506a7a383b9403fc73b2d183b7","ssdeep":"","tlshash":"3ae0c05a40fc5f25ec3bd2ce563d0a8b26fd500183c920024df93f08c3804ad2001713","first_seen":"2026-01-07T17:46:33.804331Z","last_seen":"2026-01-07T17:47:34.211158Z","times_seen":2,"resource_available":false,"data":null}},"time_used":192,"timings":{"blocked":35,"dns":21,"connect":1,"send":0,"wait":120,"receive":0,"ssl":12},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"base44.app/api/apps/68fc31d504af3cb9b2bb45e2/entities/TVChannel?sort=order\u0026limit=200","fqdn":"base44.app","domain":"base44.app","tld":""},"ip":{"addr":"216.24.57.7","port":443,"asn":397273,"as":"RENDER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://walalix.fr/tvlive","date":"2026-01-07T17:46:05.893Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.base44.app","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 16 Nov 2025 17:52:28 GMT","end":"Sat, 14 Feb 2026 17:52:27 GMT"},"fingerprint":{"sha1":"E0:4B:86:40:79:04:D2:D0:CA:6B:BE:FD:82:58:F4:89:51:10:EA:35","sha256":"C4:08:78:FA:0D:EB:5C:F9:8D:E5:90:C6:FA:8E:23:54:55:65:6E:3B:7F:FF:BD:F4:F5:F0:F0:07:8F:E9:2D:80"}}},"request":{"raw":"GET /api/apps/68fc31d504af3cb9b2bb45e2/entities/TVChannel?sort=order\u0026limit=200 HTTP/1.1\r\nHost: base44.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-App-Id: 68fc31d504af3cb9b2bb45e2\r\nX-Origin-URL: https://walalix.fr/tvlive\r\nOrigin: https://walalix.fr\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://walalix.fr/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 07 Jan 2026 17:46:06 GMT\r\ncontent-type: application/json\r\ncontent-length: 1487\r\ncf-ray: 9ba545cadea223eb-OSL\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: *\r\ncontent-encoding: br\r\nrndr-id: c2c98e2f-9190-4d39\r\nvary: Accept-Encoding\r\nx-render-origin-server: uvicorn\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5803,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"a1176fb86c0f834fab4449485e12fbe4","sha1":"72c22af8688c0b14f00740e914ea999abee97e54","sha256":"a05e7340c4519a1d223504546f96101296f5dfa5dd5160883b7bb1defa11fc2e","sha512":"1a492897d660712b974b49a131b66859b1fa425c09193be4c2c100e3af4efbf4a40daf6656bc0bbcf58dde598e128a1960f4505d4d629813ba23863561c1d119","ssdeep":"96:86rhrFgvSUMiwrLiNm5Iwpso8miK1ivyHhX+Cs:YvnMBrLyIWodSAX+t","tlshash":"98c162be5beccc4a832f52ca1d6f7a19e0c5205255d1acf9a7e9cf0c40614f1422ee1a","first_seen":"2026-01-07T17:46:33.805414Z","last_seen":"2026-01-07T17:46:33.805414Z","times_seen":1,"resource_available":false,"data":null}},"time_used":344,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":343,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcTOYiBuDK17_pCc81ta8LhHfXCR8UWHJxx3oQ\u0026s","fqdn":"encrypted-tbn0.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.251.142.238","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walalix.fr/tvlive","date":"2026-01-07T17:46:06.858Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /images?q=tbn:ANd9GcTOYiBuDK17_pCc81ta8LhHfXCR8UWHJxx3oQ\u0026s HTTP/1.1\r\nHost: encrypted-tbn0.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://walalix.fr/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-type: image/png\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"images-tbn\"\r\nreport-to: {\"group\":\"images-tbn\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/images-tbn\"}]}\r\ncontent-length: 9860\r\ndate: Wed, 07 Jan 2026 17:46:07 GMT\r\nexpires: Thu, 07 Jan 2027 17:46:07 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Sat, 11 Apr 2026 20:50:21 GMT\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9860,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 300 x 168, 8-bit colormap, non-interlaced","md5":"57b4e62bbd5730ffd80d968f6a4c5c6c","sha1":"7ee157d5c1de073e3deebdcc2d3253e224963a4e","sha256":"73d59fc385c9bf6b2844647da49cb43f2e2ed7a8c3ff20c979c3db64d9d2cb99","sha512":"0262cabc9061d5e311778b3ceb2b5fcf15a357d0bff859eee879eff1cba220c442b78e79c493081e92ffdbbd16875a2e78570204ba0594e4ce9bac3b8dcfff44","ssdeep":"192:ZOBnx+tJFMg4BJqlvQey4ID2jeZoSm5pWzxTabY0pC53bfjj:u0Hlvry4ezqWzJ6Y0pirfn","tlshash":"6512aebd309a1238cacb950f91d3236355a4ad1b2e44f55d4aa3c6721c2aef19ecf44f","first_seen":"2026-01-07T17:46:33.806463Z","last_seen":"2026-01-07T17:46:33.806463Z","times_seen":1,"resource_available":false,"data":null}},"time_used":351,"timings":{"blocked":141,"dns":4,"connect":22,"send":0,"wait":61,"receive":3,"ssl":113},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}